diff --git a/g10/ChangeLog b/g10/ChangeLog index 1a45c5fb8..b5626a77c 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,5 +1,18 @@ 2004-07-15 David Shaw + * keyedit.c (sign_uids): Properly handle remaking a self-sig on + revoked or expired user IDs. Also, once we've established that a + given uid cannot or will not be signed, don't continue to ask + about each sig. + + * mainproc.c (proc_symkey_enc), seckey-cert.c (do_check): Check + the S2K hash algorithm before we try to generate a passphrase + using it. This prevents hitting BUG() when generating a + passphrase using a hash that we don't have. + + * sign.c (sign_symencrypt_file): Allow using --force-mdc in --sign + --symmetric messages. + * g10.c (main): Alias --charset as --display-charset to help avoid the continuing confusion and make room for possible changes in devel. diff --git a/g10/keyedit.c b/g10/keyedit.c index 755e357bd..72688e22f 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -492,7 +492,9 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, { tty_printf(_("User ID \"%s\" is revoked."),user); - if(opt.expert) + if(selfsig) + tty_printf("\n"); + else if(opt.expert) { tty_printf("\n"); /* No, so remove the mark and continue */ @@ -500,11 +502,15 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, _("Are you sure you " "still want to sign " "it? (y/N) "))) - uidnode->flag &= ~NODFLG_MARK_A; + { + uidnode->flag &= ~NODFLG_MARK_A; + uidnode=NULL; + } } else { uidnode->flag &= ~NODFLG_MARK_A; + uidnode=NULL; tty_printf(_(" Unable to sign.\n")); } } @@ -512,7 +518,9 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, { tty_printf(_("User ID \"%s\" is expired."),user); - if(opt.expert) + if(selfsig) + tty_printf("\n"); + else if(opt.expert) { tty_printf("\n"); /* No, so remove the mark and continue */ @@ -520,11 +528,15 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, _("Are you sure you " "still want to sign " "it? (y/N) "))) - uidnode->flag &= ~NODFLG_MARK_A; + { + uidnode->flag &= ~NODFLG_MARK_A; + uidnode=NULL; + } } else { uidnode->flag &= ~NODFLG_MARK_A; + uidnode=NULL; tty_printf(_(" Unable to sign.\n")); } } @@ -541,11 +553,15 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, _("Are you sure you " "still want to sign " "it? (y/N) "))) - uidnode->flag &= ~NODFLG_MARK_A; + { + uidnode->flag &= ~NODFLG_MARK_A; + uidnode=NULL; + } } else { uidnode->flag &= ~NODFLG_MARK_A; + uidnode=NULL; tty_printf(_(" Unable to sign.\n")); } } diff --git a/g10/mainproc.c b/g10/mainproc.c index d2061e30e..5258d57ca 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -304,6 +304,13 @@ proc_symkey_enc( CTX c, PACKET *pkt ) else log_error(_("encrypted with unknown algorithm %d\n"), algo ); + if(check_digest_algo(enc->s2k.hash_algo)) + { + log_error(_("passphrase generated with unknown digest" + " algorithm %d\n"),enc->s2k.hash_algo); + s=NULL; + } + c->last_was_session_key = 2; if(!s || opt.list_only) goto leave; diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c index d0b57f14b..84533bd3e 100644 --- a/g10/seckey-cert.c +++ b/g10/seckey-cert.c @@ -66,6 +66,12 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode, } return G10ERR_CIPHER_ALGO; } + if(check_digest_algo(sk->protect.s2k.hash_algo)) + { + log_info(_("protection digest %d is not supported\n"), + sk->protect.s2k.hash_algo); + return G10ERR_DIGEST_ALGO; + } keyid_from_sk( sk, keyid ); keyid[2] = keyid[3] = 0; if( !sk->is_primary ) { diff --git a/g10/sign.c b/g10/sign.c index 7ca0eed66..efa936f0f 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -1145,6 +1145,13 @@ sign_symencrypt_file (const char *fname, STRLIST locusr) goto leave; } + /* We have no way to tell if the recipient can handle messages + with an MDC, so this defaults to no. Perhaps in a few years, + this can be defaulted to yes. Note that like regular + encrypting, --force-mdc overrides --disable-mdc. */ + if(opt.force_mdc) + cfx.dek->use_mdc=1; + /* now create the outfile */ rc = open_outfile (fname, opt.armor? 1:0, &out); if (rc)