mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-31 11:41:32 +01:00
Comment changes.
Changed --learn-card.
This commit is contained in:
parent
f64a746f47
commit
2c7a03d54b
@ -54,7 +54,7 @@
|
|||||||
|
|
||||||
* keygen.c (keygen_set_std_prefs): Remove RMD-160 from the list.
|
* keygen.c (keygen_set_std_prefs): Remove RMD-160 from the list.
|
||||||
Change order to SHA-256, SHA-1, SHA-384, SHA-512, SHA-224.
|
Change order to SHA-256, SHA-1, SHA-384, SHA-512, SHA-224.
|
||||||
(gen_dsa): Use a 256 bit Q for 2048 bit P. Runt to FIPS allowed
|
(gen_dsa): Use a 256 bit Q for 2048 bit P. Round to FIPS allowed
|
||||||
values in non-expert mode.
|
values in non-expert mode.
|
||||||
|
|
||||||
2009-07-07 Werner Koch <wk@g10code.com>
|
2009-07-07 Werner Koch <wk@g10code.com>
|
||||||
|
@ -88,6 +88,10 @@ hash_passphrase ( DEK *dek, char *pw, STRING2KEY *s2k)
|
|||||||
count = len2;
|
count = len2;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Fixme: To avoid DoS attacks by sending an sym-encrypted
|
||||||
|
packet with a very high S2K count, we should either cap
|
||||||
|
the iteration count or CPU seconds based timeout. */
|
||||||
|
|
||||||
/* A little bit complicated because we need a ulong for count. */
|
/* A little bit complicated because we need a ulong for count. */
|
||||||
while ( count > len2 ) /* maybe iterated+salted */
|
while ( count > len2 ) /* maybe iterated+salted */
|
||||||
{
|
{
|
||||||
|
@ -1,3 +1,7 @@
|
|||||||
|
2009-07-30 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* call-agent.c (learn_cb): Do not store as ephemeral.
|
||||||
|
|
||||||
2009-07-29 Marcus Brinkmann <marcus@g10code.com>
|
2009-07-29 Marcus Brinkmann <marcus@g10code.com>
|
||||||
|
|
||||||
* keylist.c (print_capabilities): Print a trailing colon.
|
* keylist.c (print_capabilities): Print a trailing colon.
|
||||||
|
@ -875,13 +875,11 @@ learn_cb (void *opaque, const void *buffer, size_t length)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* We do not store a certifciate with missing issuers as ephemeral
|
||||||
|
because we can assume that the --learn-card command has been used
|
||||||
|
on purpose. */
|
||||||
rc = gpgsm_basic_cert_check (parm->ctrl, cert);
|
rc = gpgsm_basic_cert_check (parm->ctrl, cert);
|
||||||
if (gpg_err_code (rc) == GPG_ERR_MISSING_CERT)
|
if (rc && gpg_err_code (rc) != GPG_ERR_MISSING_CERT)
|
||||||
{ /* For later use we store it in the ephemeral database. */
|
|
||||||
log_info ("issuer certificate missing - storing as ephemeral\n");
|
|
||||||
keydb_store_cert (cert, 1, NULL);
|
|
||||||
}
|
|
||||||
else if (rc)
|
|
||||||
log_error ("invalid certificate: %s\n", gpg_strerror (rc));
|
log_error ("invalid certificate: %s\n", gpg_strerror (rc));
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
Loading…
x
Reference in New Issue
Block a user