security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

agent: Use SHA-256 for SSH fingerprint by default 

* agent/gpg-agent.c (parse_rereadable_options): Change default ssh
fingerprint digest.
(main): Ditto.
--

Co-authored-by: Jakub Jelen <jjelen@redhat.com>
GnuPG-bug-id: 5434
Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2021-05-12 08:55:51 +02:00
parent 965bb0693c
commit 310b064f52
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
agent/gpg-agent.c
View File

@ -869,7 +869,7 @@ parse_rereadable_options (gpgrt_argparse_t *pargs, int reread)
memset (opt.disable_daemon, 0, sizeof opt.disable_daemon);
disable_check_own_socket = 0;
/* Note: When changing the next line, change also gpgconf_list. */
opt.ssh_fingerprint_digest = GCRY_MD_MD5;
opt.ssh_fingerprint_digest = GCRY_MD_SHA256;
opt.s2k_count = 0;
set_s2k_calibration_time (0); /* Set to default. */
return 1;
@ -1436,7 +1436,7 @@ main (int argc, char **argv)
es_printf ("max-passphrase-days:%lu:%d:\n",
GC_OPT_FLAG_DEFAULT, MAX_PASSPHRASE_DAYS);
es_printf ("ssh-fingerprint-digest:%lu:\"%s:\n",
GC_OPT_FLAG_DEFAULT, "md5");
GC_OPT_FLAG_DEFAULT, "sha256");
agent_exit (0);
}