From 96350c5d5afcbc7f66c535e38b9fcc7355622855 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 15 May 2018 12:19:40 +0200 Subject: [PATCH] gpg: Turn --no-mdc-warn into a NOP. * g10/gpg.c (oNoMDCWarn): Remove. (opts): Make --no-mdc-warn a NOP. (main): Don't set var. * g10/options.h (struct opt): Remove 'no_mdc_var'. * g10/cipher-cfb.c (write_header): Assume opt.no_mdc_warn is false. * g10/mainproc.c (proc_encrypted): Ditto. -- Users should not be allowed to suppress the warning that they are shooting into their foot. Signed-off-by: Werner Koch --- doc/gpg.texi | 4 ---- g10/cipher-cfb.c | 2 +- g10/gpg.c | 4 +--- g10/mainproc.c | 2 +- g10/options.h | 1 - 5 files changed, 3 insertions(+), 10 deletions(-) diff --git a/doc/gpg.texi b/doc/gpg.texi index 00ac03308..7b142cc19 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -2041,10 +2041,6 @@ place an unsafe gpg.conf file in place, and use this file to suppress warnings about itself. The @option{--homedir} permissions warning may only be suppressed on the command line. -@item --no-mdc-warning -@opindex no-mdc-warning -Suppress the warning about missing MDC integrity protection. - @item --require-secmem @itemx --no-require-secmem @opindex require-secmem diff --git a/g10/cipher-cfb.c b/g10/cipher-cfb.c index 79b21bd8a..48927c558 100644 --- a/g10/cipher-cfb.c +++ b/g10/cipher-cfb.c @@ -64,7 +64,7 @@ write_header (cipher_filter_context_t *cfx, iobuf_t a) if (DBG_HASHING) gcry_md_debug (cfx->mdc_hash, "creatmdc"); } - else if (!opt.no_mdc_warn) + else { log_info ("WARNING: " "encrypting without integrity protection is dangerous\n"); diff --git a/g10/gpg.c b/g10/gpg.c index 75eeceb13..e718fe45e 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -268,7 +268,6 @@ enum cmd_and_opt_values oRequireSecmem, oNoRequireSecmem, oNoPermissionWarn, - oNoMDCWarn, oNoArmor, oNoDefKeyring, oNoKeyring, @@ -738,7 +737,6 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oRequireSecmem, "require-secmem", "@"), ARGPARSE_s_n (oNoRequireSecmem, "no-require-secmem", "@"), ARGPARSE_s_n (oNoPermissionWarn, "no-permission-warning", "@"), - ARGPARSE_s_n (oNoMDCWarn, "no-mdc-warning", "@"), ARGPARSE_s_n (oNoArmor, "no-armor", "@"), ARGPARSE_s_n (oNoArmor, "no-armour", "@"), ARGPARSE_s_n (oNoDefKeyring, "no-default-keyring", "@"), @@ -925,6 +923,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oNoop, "no-force-v3-sigs", "@"), ARGPARSE_s_n (oNoop, "force-v4-certs", "@"), ARGPARSE_s_n (oNoop, "no-force-v4-certs", "@"), + ARGPARSE_s_n (oNoop, "no-mdc-warning", "@"), ARGPARSE_end () }; @@ -3221,7 +3220,6 @@ main (int argc, char **argv) case oRequireSecmem: require_secmem=1; break; case oNoRequireSecmem: require_secmem=0; break; case oNoPermissionWarn: opt.no_perm_warn=1; break; - case oNoMDCWarn: opt.no_mdc_warn=1; break; case oDisplayCharset: if( set_native_charset( pargs.r.ret_str ) ) log_error(_("'%s' is not a valid character set\n"), diff --git a/g10/mainproc.c b/g10/mainproc.c index 69de865e7..ea3721a4f 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -767,7 +767,7 @@ proc_encrypted (CTX c, PACKET *pkt) write_status (STATUS_GOODMDC); else if (pkt->pkt.encrypted->mdc_method && !result) write_status (STATUS_GOODMDC); - else if (!opt.no_mdc_warn) + else log_info (_("WARNING: message was not integrity protected\n")); } else if (gpg_err_code (result) == GPG_ERR_BAD_SIGNATURE diff --git a/g10/options.h b/g10/options.h index dab6e9f8b..09d4e4435 100644 --- a/g10/options.h +++ b/g10/options.h @@ -187,7 +187,6 @@ struct prefitem_t *personal_compress_prefs; struct weakhash *weak_digests; int no_perm_warn; - int no_mdc_warn; char *temp_dir; int no_encrypt_to; int encrypt_to_default_key;