1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-10 13:04:23 +01:00

* g10.c (add_notation_data): Disallow notation names that do not contain a

'@', unless --expert is set.  This is to help prevent people from
polluting the (as yet unused) IETF namespace.

* main.h: Comments about default algorithms.

* photoid.c (image_type_to_string): Comments about 3-letter file
extensions.
This commit is contained in:
David Shaw 2002-11-24 01:49:32 +00:00
parent 0cd879cd9c
commit a5b9770a8b
4 changed files with 37 additions and 8 deletions

View File

@ -1,5 +1,14 @@
2002-11-23 David Shaw <dshaw@jabberwocky.com> 2002-11-23 David Shaw <dshaw@jabberwocky.com>
* g10.c (add_notation_data): Disallow notation names that do not
contain a '@', unless --expert is set. This is to help prevent
people from polluting the (as yet unused) IETF namespace.
* main.h: Comments about default algorithms.
* photoid.c (image_type_to_string): Comments about 3-letter file
extensions.
* encode.c (encode_simple), passphrase.c (passphrase_to_dek), * encode.c (encode_simple), passphrase.c (passphrase_to_dek),
sign.c (sign_symencrypt_file): Use --s2k-digest-algo for sign.c (sign_symencrypt_file): Use --s2k-digest-algo for
passphrase mangling rather than --digest-algo. passphrase mangling rather than --digest-algo.

View File

@ -2812,6 +2812,7 @@ add_notation_data( const char *string, int which )
STRLIST sl,*notation_data; STRLIST sl,*notation_data;
int critical=0; int critical=0;
int highbit=0; int highbit=0;
int saw_at=0;
if(which) if(which)
notation_data=&opt.cert_notation_data; notation_data=&opt.cert_notation_data;
@ -2823,13 +2824,29 @@ add_notation_data( const char *string, int which )
string++; string++;
} }
for( s=string ; *s != '='; s++ ) { /* If and when the IETF assigns some official name tags, we'll
if( !*s || (*s & 0x80) || (!isgraph(*s) && !isspace(*s)) ) { have to add them here. */
for( s=string ; *s != '='; s++ )
{
if( *s=='@')
saw_at=0;
if( !*s || (*s & 0x80) || (!isgraph(*s) && !isspace(*s)) )
{
log_error(_("a notation name must have only printable characters " log_error(_("a notation name must have only printable characters "
"or spaces, and end with an '='\n") ); "or spaces, and end with an '='\n") );
return; return;
} }
} }
if(!saw_at && !opt.expert)
{
log_error(
_("a user notation name must contain the '@' character\n"));
return;
}
/* we only support printable text - therefore we enforce the use /* we only support printable text - therefore we enforce the use
* of only printable characters (an empty value is valid) */ * of only printable characters (an empty value is valid) */
for( s++; *s ; s++ ) { for( s++; *s ; s++ ) {

View File

@ -25,8 +25,10 @@
#include "cipher.h" #include "cipher.h"
#include "keydb.h" #include "keydb.h"
/* It could be argued that the default cipher should be 3DES rather
than CAST5, and the default compression should be 0
(i.e. uncompressed) rather than 1 (zip). */
#define DEFAULT_CIPHER_ALGO CIPHER_ALGO_CAST5 #define DEFAULT_CIPHER_ALGO CIPHER_ALGO_CAST5
#define DEFAULT_PUBKEY_ALGO PUBKEY_ALGO_ELGAMAL
#define DEFAULT_DIGEST_ALGO DIGEST_ALGO_SHA1 #define DEFAULT_DIGEST_ALGO DIGEST_ALGO_SHA1
#define DEFAULT_COMPRESS_ALGO 1 #define DEFAULT_COMPRESS_ALGO 1

View File

@ -189,8 +189,9 @@ int parse_image_header(const struct user_attribute *attr,byte *type,u32 *len)
/* style==0 for extension, 1 for name, 2 for MIME type. Remember that /* style==0 for extension, 1 for name, 2 for MIME type. Remember that
the "name" style string could be used in a user ID name field, so the "name" style string could be used in a user ID name field, so
make sure it is not too big (see make sure it is not too big (see parse-packet.c:parse_attribute).
parse-packet.c:parse_attribute). */ Extensions should be 3 characters long for the best cross-platform
compatibility. */
char *image_type_to_string(byte type,int style) char *image_type_to_string(byte type,int style)
{ {
char *string; char *string;
@ -288,7 +289,7 @@ void show_photos(const struct user_attribute *attrs,
/* Make the filename. Notice we are not using the image /* Make the filename. Notice we are not using the image
encoding type for more than cosmetics. Most external image encoding type for more than cosmetics. Most external image
viewers can handle a multitude of types, and even if one viewers can handle a multitude of types, and even if one
cannot understand a partcular type, we have no way to know cannot understand a particular type, we have no way to know
which. The spec permits this, by the way. -dms */ which. The spec permits this, by the way. -dms */
#ifdef USE_ONLY_8DOT3 #ifdef USE_ONLY_8DOT3