From b98939812abf6c643c752ce7c325f98039a1a9e2 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Mon, 19 Oct 2015 10:41:23 -0400
Subject: [PATCH] gpg: Print warning when rejecting weak digests

* g10/misc.c (print_md5_rejected_note): Rename to ..
(print_digest_rejected_note): this.  Parameterize function to take an
enum gcry_md_algos.
* g10/sig-check.c: Use print_digest_rejected_note() when rejecting
signatures.

--

76afaed65e3b0ddfa4923cb577ada43217dd4b18 allowed extra --weak-digests,
but removed the one call to print_md5_rejected_note().  This replaces
and generalizes that warning.

Signed-Off-By: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
---
 g10/main.h      |  2 +-
 g10/misc.c      |  4 ++--
 g10/sig-check.c | 10 ++++++++--
 3 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/g10/main.h b/g10/main.h
index 0226c6418..601a9526c 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -87,7 +87,7 @@ extern int g10_errors_seen;
 void print_pubkey_algo_note (pubkey_algo_t algo);
 void print_cipher_algo_note (cipher_algo_t algo);
 void print_digest_algo_note (digest_algo_t algo);
-void print_md5_rejected_note (void);
+void print_digest_rejected_note (enum gcry_md_algos algo);
 void additional_weak_digest (const char* digestname);
 
 /*-- armor.c --*/
diff --git a/g10/misc.c b/g10/misc.c
index c135059d8..93ddaa042 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -339,7 +339,7 @@ print_digest_algo_note (digest_algo_t algo)
 
 
 void
-print_md5_rejected_note (void)
+print_digest_rejected_note (enum gcry_md_algos algo)
 {
   static int shown;
 
@@ -348,7 +348,7 @@ print_md5_rejected_note (void)
       es_fflush (es_stdout);
       log_info
         (_("Note: signatures using the %s algorithm are rejected\n"),
-         "MD5");
+         gcry_md_algo_name(algo));
       shown = 1;
     }
 }
diff --git a/g10/sig-check.c b/g10/sig-check.c
index 84930d615..23f42b9cd 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -282,10 +282,16 @@ do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest,
     if (!opt.flags.allow_weak_digest_algos)
       {
         if (sig->digest_algo == GCRY_MD_MD5)
-          return GPG_ERR_DIGEST_ALGO;
+          {
+            print_digest_rejected_note(sig->digest_algo);
+            return GPG_ERR_DIGEST_ALGO;
+          }
         for (weak = opt.additional_weak_digests; weak; weak = weak->next)
           if (sig->digest_algo == weak->algo)
-            return GPG_ERR_DIGEST_ALGO;
+            {
+              print_digest_rejected_note(sig->digest_algo);
+              return GPG_ERR_DIGEST_ALGO;
+            }
       }
 
     /* Make sure the digest algo is enabled (in case of a detached