mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-10 13:04:23 +01:00
bug fixes
This commit is contained in:
parent
bab40b52cd
commit
3f465d5d7a
10
NEWS
10
NEWS
@ -24,11 +24,15 @@
|
|||||||
* Merged Stefan's patches for RISC OS in. See comments in
|
* Merged Stefan's patches for RISC OS in. See comments in
|
||||||
scripts/build-riscos.
|
scripts/build-riscos.
|
||||||
|
|
||||||
* It is now possible to sign and convenional encrypt a message (-cs).
|
* It is now possible to sign and conventional encrypt a message (-cs).
|
||||||
|
|
||||||
* The MDC feature flag is supported and can be set by using
|
* The MDC feature flag is supported and can be set by using
|
||||||
the "updpref" edit command.
|
the "updpref" edit command.
|
||||||
|
|
||||||
|
* The status messages GOODSIG and BADSIG are now returning the primary
|
||||||
|
UID, encoded using %XX escaping (but with spaces left as spaces,
|
||||||
|
so that it should not break too much)
|
||||||
|
|
||||||
|
|
||||||
Noteworthy changes in version 1.0.6 (2001-05-29)
|
Noteworthy changes in version 1.0.6 (2001-05-29)
|
||||||
------------------------------------------------
|
------------------------------------------------
|
||||||
@ -96,8 +100,8 @@ Noteworthy changes in version 1.0.5 (2001-04-29)
|
|||||||
* The verification status of self-signatures are now cached. To
|
* The verification status of self-signatures are now cached. To
|
||||||
increase the speed of key list operations for existing keys you
|
increase the speed of key list operations for existing keys you
|
||||||
can do the following in your GnuPG homedir (~/.gnupg):
|
can do the following in your GnuPG homedir (~/.gnupg):
|
||||||
$ cp pubring.gpg pubring.gpg.save && $ gpg --export-all >x && \
|
cp pubring.gpg pubring.gpg.save && gpg --export-all >x && \
|
||||||
rm pubring.gpg && gpg --import x
|
rm pubring.gpg && gpg --import x
|
||||||
Only v4 keys (i.e not the old RSA keys) benefit from this caching.
|
Only v4 keys (i.e not the old RSA keys) benefit from this caching.
|
||||||
|
|
||||||
* New translations: Estonian, Turkish.
|
* New translations: Estonian, Turkish.
|
||||||
|
9
TODO
9
TODO
@ -1,6 +1,4 @@
|
|||||||
|
|
||||||
* need a BAD_PASSPHRASE status for -c
|
|
||||||
|
|
||||||
* add listing of notation data
|
* add listing of notation data
|
||||||
|
|
||||||
* Check the changes to the gpg random gatherer on all W32 platforms.
|
* Check the changes to the gpg random gatherer on all W32 platforms.
|
||||||
@ -12,8 +10,6 @@
|
|||||||
|
|
||||||
* set default charset from nl_langinfo.
|
* set default charset from nl_langinfo.
|
||||||
|
|
||||||
* check all mpi_read() for error returns.
|
|
||||||
|
|
||||||
* Check that no secret temporary results are stored in the result parameter
|
* Check that no secret temporary results are stored in the result parameter
|
||||||
of the mpi functions. We have already done this for mpi-mul.c
|
of the mpi functions. We have already done this for mpi-mul.c
|
||||||
|
|
||||||
@ -82,11 +78,6 @@
|
|||||||
* Add option to put the list of recipients (from the encryption
|
* Add option to put the list of recipients (from the encryption
|
||||||
layer) into the signatures notation data.
|
layer) into the signatures notation data.
|
||||||
|
|
||||||
* v3 RSA keys do work but the user IDs are shown as [?] which
|
|
||||||
cheking the signatures. Reported by Dave Dykstra. Print
|
|
||||||
"[uncertain]" + user ID
|
|
||||||
|
|
||||||
|
|
||||||
Scheduled for 1.1
|
Scheduled for 1.1
|
||||||
-----------------
|
-----------------
|
||||||
* export by user-IDs does only export the first matching name which leads
|
* export by user-IDs does only export the first matching name which leads
|
||||||
|
11
doc/DETAILS
11
doc/DETAILS
@ -83,13 +83,16 @@ more arguments in future versions.
|
|||||||
|
|
||||||
|
|
||||||
GOODSIG <long keyid> <username>
|
GOODSIG <long keyid> <username>
|
||||||
The signature with the keyid is good.
|
The signature with the keyid is good. For each signature only
|
||||||
For each signature only one of the three codes GOODSIG, BADSIG
|
one of the three codes GOODSIG, BADSIG or ERRSIG will be
|
||||||
or ERRSIG will be emitted and they may be used as a marker for
|
emitted and they may be used as a marker for a new signature.
|
||||||
a new signature.
|
The username is the primary one encoded in UTF-8 and %XX
|
||||||
|
escaped.
|
||||||
|
|
||||||
BADSIG <long keyid> <username>
|
BADSIG <long keyid> <username>
|
||||||
The signature with the keyid has not been verified okay.
|
The signature with the keyid has not been verified okay.
|
||||||
|
The username is the primary one encoded in UTF-8 and %XX
|
||||||
|
escaped.
|
||||||
|
|
||||||
ERRSIG <long keyid> <pubkey_algo> <hash_algo> \
|
ERRSIG <long keyid> <pubkey_algo> <hash_algo> \
|
||||||
<sig_class> <timestamp> <rc>
|
<sig_class> <timestamp> <rc>
|
||||||
|
@ -788,7 +788,10 @@ Assume "yes" on most questions.
|
|||||||
<term>--always-trust</term>
|
<term>--always-trust</term>
|
||||||
<listitem><para>
|
<listitem><para>
|
||||||
Skip key validation and assume that used keys are always fully trusted.
|
Skip key validation and assume that used keys are always fully trusted.
|
||||||
You won't use this unless you have installed some external validation scheme.
|
You won't use this unless you have installed some external validation
|
||||||
|
scheme. This option also suppresses the "[uncertain]" tag printed
|
||||||
|
with signature checks when there is no evidence that the user ID
|
||||||
|
is bound to the key.
|
||||||
</para></listitem></varlistentry>
|
</para></listitem></varlistentry>
|
||||||
|
|
||||||
|
|
||||||
|
@ -1,3 +1,13 @@
|
|||||||
|
2001-08-31 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
|
* parse-packet.c (parse_key,parse_pubkeyenc)
|
||||||
|
(parse_signature): Return error on reading bad MPIs.
|
||||||
|
|
||||||
|
* mainproc.c (check_sig_and_print): Always print the user ID even
|
||||||
|
if it is not bound by a signature. Use the primary UID in the
|
||||||
|
status messages and encode them in UTF-8
|
||||||
|
* status.c (write_status_text_and_buffer): New.
|
||||||
|
|
||||||
2001-08-30 Werner Koch <wk@gnupg.org>
|
2001-08-30 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
* packet.h (sigsubpkttype_t): Add SIGSUBPKT_FEATURES.
|
* packet.h (sigsubpkttype_t): Add SIGSUBPKT_FEATURES.
|
||||||
|
@ -1275,14 +1275,13 @@ check_sig_and_print( CTX c, KBNODE node )
|
|||||||
}
|
}
|
||||||
if( !rc || rc == G10ERR_BAD_SIGN ) {
|
if( !rc || rc == G10ERR_BAD_SIGN ) {
|
||||||
KBNODE un, keyblock;
|
KBNODE un, keyblock;
|
||||||
char *us;
|
|
||||||
int count=0;
|
int count=0;
|
||||||
|
char keyid_str[50];
|
||||||
|
|
||||||
keyblock = get_pubkeyblock( sig->keyid );
|
keyblock = get_pubkeyblock( sig->keyid );
|
||||||
|
|
||||||
us = get_long_user_id_string( sig->keyid );
|
sprintf (keyid_str, "%08lX%08lX [uncertain] ",
|
||||||
write_status_text( rc? STATUS_BADSIG : STATUS_GOODSIG, us );
|
(ulong)sig->keyid[0], (ulong)sig->keyid[1]);
|
||||||
m_free(us);
|
|
||||||
|
|
||||||
/* find and print the primary user ID */
|
/* find and print the primary user ID */
|
||||||
for( un=keyblock; un; un = un->next ) {
|
for( un=keyblock; un; un = un->next ) {
|
||||||
@ -1293,6 +1292,13 @@ check_sig_and_print( CTX c, KBNODE node )
|
|||||||
if ( !un->pkt->pkt.user_id->is_primary )
|
if ( !un->pkt->pkt.user_id->is_primary )
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
|
keyid_str[17] = 0; /* cut off the "[uncertain]" part */
|
||||||
|
write_status_text_and_buffer (rc? STATUS_BADSIG:STATUS_GOODSIG,
|
||||||
|
keyid_str,
|
||||||
|
un->pkt->pkt.user_id->name,
|
||||||
|
un->pkt->pkt.user_id->len,
|
||||||
|
-1 );
|
||||||
|
|
||||||
log_info(rc? _("BAD signature from \"")
|
log_info(rc? _("BAD signature from \"")
|
||||||
: _("Good signature from \""));
|
: _("Good signature from \""));
|
||||||
print_utf8_string( log_stream(), un->pkt->pkt.user_id->name,
|
print_utf8_string( log_stream(), un->pkt->pkt.user_id->name,
|
||||||
@ -1301,9 +1307,30 @@ check_sig_and_print( CTX c, KBNODE node )
|
|||||||
count++;
|
count++;
|
||||||
}
|
}
|
||||||
if( !count ) { /* just in case that we have no userid */
|
if( !count ) { /* just in case that we have no userid */
|
||||||
|
for( un=keyblock; un; un = un->next ) {
|
||||||
|
if( un->pkt->pkttype == PKT_USER_ID )
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (opt.always_trust || !un)
|
||||||
|
keyid_str[17] = 0; /* cut off the "[uncertain]" part */
|
||||||
|
|
||||||
|
write_status_text_and_buffer (rc? STATUS_BADSIG:STATUS_GOODSIG,
|
||||||
|
keyid_str,
|
||||||
|
un? un->pkt->pkt.user_id->name:"[?]",
|
||||||
|
un? un->pkt->pkt.user_id->len:3,
|
||||||
|
-1 );
|
||||||
|
|
||||||
log_info(rc? _("BAD signature from \"")
|
log_info(rc? _("BAD signature from \"")
|
||||||
: _("Good signature from \""));
|
: _("Good signature from \""));
|
||||||
fputs("[?]\"\n", log_stream() );
|
if (!opt.always_trust && un) {
|
||||||
|
fputs(_("[uncertain]"), log_stream() );
|
||||||
|
putc(' ', log_stream() );
|
||||||
|
}
|
||||||
|
print_utf8_string( log_stream(),
|
||||||
|
un? un->pkt->pkt.user_id->name:"[?]",
|
||||||
|
un? un->pkt->pkt.user_id->len:3 );
|
||||||
|
fputs("\"\n", log_stream() );
|
||||||
}
|
}
|
||||||
|
|
||||||
/* If we have a good signature and already printed
|
/* If we have a good signature and already printed
|
||||||
|
@ -703,6 +703,8 @@ parse_pubkeyenc( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
|
|||||||
mpi_print(stdout, k->data[i], mpi_print_mode );
|
mpi_print(stdout, k->data[i], mpi_print_mode );
|
||||||
putchar('\n');
|
putchar('\n');
|
||||||
}
|
}
|
||||||
|
if (!k->data[i])
|
||||||
|
rc = G10ERR_INVALID_PACKET;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1237,6 +1239,8 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
|
|||||||
mpi_print(stdout, sig->data[i], mpi_print_mode );
|
mpi_print(stdout, sig->data[i], mpi_print_mode );
|
||||||
putchar('\n');
|
putchar('\n');
|
||||||
}
|
}
|
||||||
|
if (!sig->data[i])
|
||||||
|
rc = G10ERR_INVALID_PACKET;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1404,7 +1408,11 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
|
|||||||
mpi_print(stdout, sk->skey[i], mpi_print_mode );
|
mpi_print(stdout, sk->skey[i], mpi_print_mode );
|
||||||
putchar('\n');
|
putchar('\n');
|
||||||
}
|
}
|
||||||
|
if (!sk->skey[i])
|
||||||
|
rc = G10ERR_INVALID_PACKET;
|
||||||
}
|
}
|
||||||
|
if (rc) /* one of the MPIs were bad */
|
||||||
|
goto leave;
|
||||||
sk->protect.algo = iobuf_get_noeof(inp); pktlen--;
|
sk->protect.algo = iobuf_get_noeof(inp); pktlen--;
|
||||||
if( sk->protect.algo ) {
|
if( sk->protect.algo ) {
|
||||||
sk->is_protected = 1;
|
sk->is_protected = 1;
|
||||||
@ -1551,7 +1559,7 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
|
|||||||
else { /* v3 method: the mpi length is not encrypted */
|
else { /* v3 method: the mpi length is not encrypted */
|
||||||
for(i=npkey; i < nskey; i++ ) {
|
for(i=npkey; i < nskey; i++ ) {
|
||||||
n = pktlen; sk->skey[i] = mpi_read(inp, &n, 0 ); pktlen -=n;
|
n = pktlen; sk->skey[i] = mpi_read(inp, &n, 0 ); pktlen -=n;
|
||||||
if( sk->is_protected )
|
if( sk->is_protected && sk->skey[i] )
|
||||||
mpi_set_protect_flag(sk->skey[i]);
|
mpi_set_protect_flag(sk->skey[i]);
|
||||||
if( list_mode ) {
|
if( list_mode ) {
|
||||||
printf( "\tskey[%d]: ", i);
|
printf( "\tskey[%d]: ", i);
|
||||||
@ -1562,7 +1570,11 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
|
|||||||
putchar('\n');
|
putchar('\n');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if (!sk->skey[i])
|
||||||
|
rc = G10ERR_INVALID_PACKET;
|
||||||
}
|
}
|
||||||
|
if (rc)
|
||||||
|
goto leave;
|
||||||
|
|
||||||
sk->csum = read_16(inp); pktlen -= 2;
|
sk->csum = read_16(inp); pktlen -= 2;
|
||||||
if( list_mode ) {
|
if( list_mode ) {
|
||||||
@ -1587,7 +1599,11 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
|
|||||||
mpi_print(stdout, pk->pkey[i], mpi_print_mode );
|
mpi_print(stdout, pk->pkey[i], mpi_print_mode );
|
||||||
putchar('\n');
|
putchar('\n');
|
||||||
}
|
}
|
||||||
|
if (!pk->pkey[i])
|
||||||
|
rc = G10ERR_INVALID_PACKET;
|
||||||
}
|
}
|
||||||
|
if (rc)
|
||||||
|
goto leave;
|
||||||
}
|
}
|
||||||
|
|
||||||
leave:
|
leave:
|
||||||
|
34
g10/status.c
34
g10/status.c
@ -212,28 +212,43 @@ write_status_text ( int no, const char *text)
|
|||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Write a status line with a buffer using %XX escapes.
|
* Write a status line with a buffer using %XX escapes. If WRAP is >
|
||||||
* If WRAP is > 0 wrap the line after this length.
|
* 0 wrap the line after this length. If STRING is not NULL it will
|
||||||
|
* be prepended to the buffer, no escaping is done for string.
|
||||||
|
* A wrap of -1 forces spaces not to be encoded as %20.
|
||||||
*/
|
*/
|
||||||
void
|
void
|
||||||
write_status_buffer ( int no, const char *buffer, size_t len, int wrap )
|
write_status_text_and_buffer ( int no, const char *string,
|
||||||
|
const char *buffer, size_t len, int wrap )
|
||||||
{
|
{
|
||||||
const char *s, *text;
|
const char *s, *text;
|
||||||
int esc;
|
int esc, first;
|
||||||
|
int lower_limit = ' ';
|
||||||
size_t n, count, dowrap;
|
size_t n, count, dowrap;
|
||||||
|
|
||||||
if( !statusfp )
|
if( !statusfp )
|
||||||
return; /* not enabled */
|
return; /* not enabled */
|
||||||
|
|
||||||
|
if (wrap == -1) {
|
||||||
|
lower_limit--;
|
||||||
|
wrap = 0;
|
||||||
|
}
|
||||||
|
|
||||||
text = get_status_string (no);
|
text = get_status_string (no);
|
||||||
count = dowrap = 1;
|
count = dowrap = first = 1;
|
||||||
do {
|
do {
|
||||||
if (dowrap) {
|
if (dowrap) {
|
||||||
fprintf (statusfp, "[GNUPG:] %s ", text );
|
fprintf (statusfp, "[GNUPG:] %s ", text );
|
||||||
count = dowrap = 0;
|
count = dowrap = 0;
|
||||||
|
if (first && string) {
|
||||||
|
fputs (string, statusfp);
|
||||||
|
count += strlen (string);
|
||||||
|
}
|
||||||
|
first = 0;
|
||||||
}
|
}
|
||||||
for (esc=0, s=buffer, n=len; n && !esc; s++, n-- ) {
|
for (esc=0, s=buffer, n=len; n && !esc; s++, n-- ) {
|
||||||
if ( *s == '%' || *(const byte*)s <= ' ' )
|
if ( *s == '%' || *(const byte*)s <= lower_limit
|
||||||
|
|| *(const byte*)s == 127 )
|
||||||
esc = 1;
|
esc = 1;
|
||||||
if ( wrap && ++count > wrap ) {
|
if ( wrap && ++count > wrap ) {
|
||||||
dowrap=1;
|
dowrap=1;
|
||||||
@ -259,6 +274,13 @@ write_status_buffer ( int no, const char *buffer, size_t len, int wrap )
|
|||||||
fflush (statusfp);
|
fflush (statusfp);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
write_status_buffer ( int no, const char *buffer, size_t len, int wrap )
|
||||||
|
{
|
||||||
|
write_status_text_and_buffer (no, NULL, buffer, len, wrap);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#ifdef USE_SHM_COPROCESSING
|
#ifdef USE_SHM_COPROCESSING
|
||||||
|
|
||||||
|
@ -98,6 +98,8 @@ void write_status ( int no );
|
|||||||
void write_status_text ( int no, const char *text );
|
void write_status_text ( int no, const char *text );
|
||||||
void write_status_buffer ( int no,
|
void write_status_buffer ( int no,
|
||||||
const char *buffer, size_t len, int wrap );
|
const char *buffer, size_t len, int wrap );
|
||||||
|
void write_status_text_and_buffer ( int no, const char *text,
|
||||||
|
const char *buffer, size_t len, int wrap );
|
||||||
|
|
||||||
#ifdef USE_SHM_COPROCESSING
|
#ifdef USE_SHM_COPROCESSING
|
||||||
void init_shm_coprocessing ( ulong requested_shm_size, int lock_mem );
|
void init_shm_coprocessing ( ulong requested_shm_size, int lock_mem );
|
||||||
|
Loading…
x
Reference in New Issue
Block a user