security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-03-12 23:01:14 +01:00
Code Activity

See ChangeLog: Wed Feb 9 15:33:44 CET 2000 Werner Koch

Browse Source
This commit is contained in:
Werner Koch 2000-02-09 14:35:37 +00:00
parent 932049cbe4
commit 673a50de0f
13 changed files with 53 additions and 12 deletions

2
NEWS

@ -1,6 +1,8 @@
Noteworthy changes in the current test release Noteworthy changes in the current test release
---------------------------------------------- ----------------------------------------------
* New option --ignore-time-conflict.
* Some fixes for the W32 version * Some fixes for the W32 version
* Encryption is now much faster: About 2 times for 1k bit keys * Encryption is now much faster: About 2 times for 1k bit keys

2
THANKS

@ -40,7 +40,9 @@ Geoff Keating geoffk@ozemail.com.au
Harald Denker harry@hal.westfalen.de Harald Denker harry@hal.westfalen.de
Hendrik Buschkamp buschkamp@rheumanet.org Hendrik Buschkamp buschkamp@rheumanet.org
Holger Schurig holger@d.om.org Holger Schurig holger@d.om.org
Holger Trapp Holger.Trapp@informatik.tu-chemnitz.de
Hugh Daniel hugh@toad.com Hugh Daniel hugh@toad.com
Huy Le huyle@ugcs.caltech.edu
Ian McKellar imckellar@harvestroad.com.au Ian McKellar imckellar@harvestroad.com.au
Jan Krueger max@physics.otago.ac.nz Jan Krueger max@physics.otago.ac.nz
Janusz A. Urbanowicz alex@bofh.torun.pl Janusz A. Urbanowicz alex@bofh.torun.pl

6
doc/ChangeLog

@ -1,3 +1,9 @@
Wed Feb 9 15:33:44 CET 2000 Werner Koch <wk@gnupg.de>
* gpg.sgml: Describe --ignore-time-conflict.
* gpg.sgml: Fixed a few typos. Thanks to Holger Trapp.
Wed Jan 5 11:51:17 CET 2000 Werner Koch <wk@gnupg.de> Wed Jan 5 11:51:17 CET 2000 Werner Koch <wk@gnupg.de>
* FAQ: Enhanced answer for the 3des-s2k bug. * FAQ: Enhanced answer for the 3des-s2k bug.

18
doc/gpg.sgml

@ -1145,6 +1145,16 @@ and encryption keys.
</para></listitem></varlistentry> </para></listitem></varlistentry>
<varlistentry>
<term>--ignore-time-conflict</term>
<listitem><para>
GnuPG normally checks that the timestamps associated with keys and
signatures have plausible values. However, sometimes a signature seems to
be older than the key due to clock problems. This option makes these
checks just a warning.
</para></listitem></varlistentry>
<varlistentry> <varlistentry>
<term>--lock-once</term> <term>--lock-once</term>
<listitem><para> <listitem><para>
@ -1305,7 +1315,7 @@ Here the key ID is given in the long form as used by OpenPGP.
<listitem><para> <listitem><para>
The best way to specify a key ID is by using the fingerprint of The best way to specify a key ID is by using the fingerprint of
the key. This avoids any ambiguities in case that there are duplicated the key. This avoids any ambiguities in case that there are duplicated
kez IDs (which are really rare for the long key IDs). key IDs (which are really rare for the long key IDs).
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
@ -1348,7 +1358,7 @@ only a number.
<term>*Heine</term> <term>*Heine</term>
<listitem><para> <listitem><para>
By case insensitive substring matching. This is the default mode but By case insensitive substring matching. This is the default mode but
applications maz want to explicitely indicate this bz putting the asterisk applications may want to explicitely indicate this by putting the asterisk
in front. in front.
</para></listitem> </para></listitem>
</varlistentry> </varlistentry>
@ -1507,9 +1517,9 @@ is *very* easy to spy out your passphrase!
On many systems this program should be installed as setuid(root). This On many systems this program should be installed as setuid(root). This
is necessary to lock memory pages. Locking memory pages prevents the is necessary to lock memory pages. Locking memory pages prevents the
operating system from writing memory pages to disk. If you get no operating system from writing memory pages to disk. If you get no
warning message about insecure memory then your operating system supports warning message about insecure memory 3our operating system supports
locking without being root. The program drops root privileges as soon locking without being root. The program drops root privileges as soon
as the locked memory is allocated. as locked memory is allocated.
</para> </para>
</refsect1> </refsect1>

11
g10/ChangeLog

@ -1,3 +1,14 @@
Wed Feb 9 15:33:44 CET 2000 Werner Koch <wk@gnupg.de>
* gpg.c: New option --ignore-time-conflict
* sig-check.c (do_check): Implemented this option.
* trustdb.c (check_trust): Ditto.
* sign.c (do_sign): Ditto.
* keygen.c (generate_subkeypair): Ditto.
* encode.c (encode_simple): use iobuf_cancel after open failure.
Reported by Huy Le.
Fri Jan 14 18:32:01 CET 2000 Werner Koch <wk@gnupg.de> Fri Jan 14 18:32:01 CET 2000 Werner Koch <wk@gnupg.de>
* packet.h (STRING2KEY): Changed mode from byte to int. * packet.h (STRING2KEY): Changed mode from byte to int.

2
g10/encode.c

@ -116,7 +116,7 @@ encode_simple( const char *filename, int mode )
} }
if( (rc = open_outfile( filename, opt.armor? 1:0, &out )) ) { if( (rc = open_outfile( filename, opt.armor? 1:0, &out )) ) {
iobuf_close(inp); iobuf_cancel(inp);
m_free(cfx.dek); m_free(cfx.dek);
m_free(s2k); m_free(s2k);
return rc; return rc;

3
g10/g10.c

@ -182,6 +182,7 @@ enum cmd_and_opt_values { aNull = 0,
oHonorHttpProxy, oHonorHttpProxy,
oFastListMode, oFastListMode,
oListOnly, oListOnly,
oIgnoreTimeConflict,
oEmu3DESS2KBug, /* will be removed in 1.1 */ oEmu3DESS2KBug, /* will be removed in 1.1 */
aTest }; aTest };
@ -354,6 +355,7 @@ static ARGPARSE_OPTS opts[] = {
{ oHonorHttpProxy,"honor-http-proxy", 0, "@" }, { oHonorHttpProxy,"honor-http-proxy", 0, "@" },
{ oFastListMode,"fast-list-mode", 0, "@" }, { oFastListMode,"fast-list-mode", 0, "@" },
{ oListOnly, "list-only", 0, "@"}, { oListOnly, "list-only", 0, "@"},
{ oIgnoreTimeConflict, "ignore-time-conflict", 0, "@" },
{ oEmu3DESS2KBug, "emulate-3des-s2k-bug", 0, "@"}, { oEmu3DESS2KBug, "emulate-3des-s2k-bug", 0, "@"},
{0} }; {0} };
@ -890,6 +892,7 @@ main( int argc, char **argv )
case oHonorHttpProxy: opt.honor_http_proxy = 1; break; case oHonorHttpProxy: opt.honor_http_proxy = 1; break;
case oFastListMode: opt.fast_list_mode = 1; break; case oFastListMode: opt.fast_list_mode = 1; break;
case oListOnly: opt.list_only=1; break; case oListOnly: opt.list_only=1; break;
case oIgnoreTimeConflict: opt.ignore_time_conflict = 1; break;
default : pargs.err = configfp? 1:2; break; default : pargs.err = configfp? 1:2; break;
} }

6
g10/keygen.c

@ -1023,8 +1023,10 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
"in future (time warp or clock problem)\n") "in future (time warp or clock problem)\n")
: _("key has been created %lu seconds " : _("key has been created %lu seconds "
"in future (time warp or clock problem)\n"), d ); "in future (time warp or clock problem)\n"), d );
rc = G10ERR_TIME_CONFLICT; if( !opt.ignore_time_conflict ) {
goto leave; rc = G10ERR_TIME_CONFLICT;
goto leave;
}
} }

1
g10/options.h

@ -87,6 +87,7 @@ struct {
ulong set_filesize; ulong set_filesize;
int honor_http_proxy; int honor_http_proxy;
int fast_list_mode; int fast_list_mode;
int ignore_time_conflict;
} opt; } opt;

6
g10/sig-check.c

@ -303,7 +303,8 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest )
? _("public key is %lu second newer than the signature\n") ? _("public key is %lu second newer than the signature\n")
: _("public key is %lu seconds newer than the signature\n"), : _("public key is %lu seconds newer than the signature\n"),
d ); d );
return G10ERR_TIME_CONFLICT; /* pubkey newer than signature */ if( !opt.ignore_time_conflict )
return G10ERR_TIME_CONFLICT; /* pubkey newer than signature */
} }
cur_time = make_timestamp(); cur_time = make_timestamp();
@ -313,7 +314,8 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest )
"in future (time warp or clock problem)\n") "in future (time warp or clock problem)\n")
: _("key has been created %lu seconds " : _("key has been created %lu seconds "
"in future (time warp or clock problem)\n"), d ); "in future (time warp or clock problem)\n"), d );
return G10ERR_TIME_CONFLICT; if( !opt.ignore_time_conflict )
return G10ERR_TIME_CONFLICT;
} }
if( pk->expiredate && pk->expiredate < cur_time ) { if( pk->expiredate && pk->expiredate < cur_time ) {

3
g10/sign.c

@ -112,7 +112,8 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
"in future (time warp or clock problem)\n") "in future (time warp or clock problem)\n")
: _("key has been created %lu seconds " : _("key has been created %lu seconds "
"in future (time warp or clock problem)\n"), d ); "in future (time warp or clock problem)\n"), d );
return G10ERR_TIME_CONFLICT; if( !opt.ignore_time_conflict )
return G10ERR_TIME_CONFLICT;
} }

3
g10/trustdb.c

@ -2326,7 +2326,8 @@ check_trust( PKT_public_key *pk, unsigned *r_trustlevel,
log_info(_("key %08lX.%lu: created in future " log_info(_("key %08lX.%lu: created in future "
"(time warp or clock problem)\n"), "(time warp or clock problem)\n"),
(ulong)keyid[1], pk->local_id ); (ulong)keyid[1], pk->local_id );
return G10ERR_TIME_CONFLICT; if( !opt.ignore_time_conflict )
return G10ERR_TIME_CONFLICT;
} }
if( !(rec.r.dir.dirflags & DIRF_CHECKED) ) if( !(rec.r.dir.dirflags & DIRF_CHECKED) )

2
scripts/commit

@ -59,5 +59,5 @@ for i in `find . -name cvs-add -print`; do
fi fi
done done
cvs commit -m "See ChangeLog: $date $name" $* cvs -z3 commit -m "See ChangeLog: $date $name" $*