security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Activity

Add new SVN only file README.maint 

doc/
	* gpg.texi (GPG Configuration): Document envvar LANGUAGE.
	(GPG Configuration Options): Document show-primary-uid-only.
g10/
	* gpg.c (main): Add verify option show-primary-uid-only.
	* options.h (VERIFY_SHOW_PRIMARY_UID_ONLY): New.
	* mainproc.c (check_sig_and_print): Implement it.

	* encr-data.c (decrypt_data): Correctly test for unknown algorithm.
	* import.c (check_prefs): Ditto.
	* keyedit.c (show_prefs): Ditto.
	* mainproc.c (proc_symkey_enc): Ditto.
This commit is contained in:
Werner Koch 2007-02-26 20:24:29 +00:00
parent 1b302e1fdf
commit f6243073a8
14 changed files with 116 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
NEWS
View File

@ -1,3 +1,9 @@
Noteworthy changes in version 2.0.3
------------------------------------------------
* New --verify-option show-primary-uid-only.
Noteworthy changes in version 2.0.2 (2007-01-31) Noteworthy changes in version 2.0.2 (2007-01-31)
------------------------------------------------ ------------------------------------------------
@ -14,7 +20,7 @@ Noteworthy changes in version 2.0.2 (2007-01-31)
short. New option --min-passphrase-len defaults to 8. short. New option --min-passphrase-len defaults to 8.
* The status code BEGIN_SIGNING now shows the used hash algorithms. * The status code BEGIN_SIGNING now shows the used hash algorithms.
Noteworthy changes in version 2.0.1 (2006-11-28) Noteworthy changes in version 2.0.1 (2006-11-28)
------------------------------------------------ ------------------------------------------------

42
README.maint Normal file
View File

@ -0,0 +1,42 @@
Notes for the GnuPG maintainer (SVN only)
============================================
Here are some notes on how to maintain GnuPG.
Release process:
================
* Make sure that all new PO files are checked in.
* Decide whether you want to update the automake standard files
(Mainly config.guess and config.sub).
* [1.4 only] Update gpg.texi and gpgv.texi from the trunk.
* Run "make update-po".
* Write NEWS entries and set the release date in NEWS.
* In configure.ac set "my_issvn" to "no".
* Commit all changes to the SVN.
* Update the SVN then (to sync the release number of all files).
* Run "./autogen.sh --force"
(--force is required for the svn magic in configure.ac and a good
idea in any case)
* Run "make distcheck"
* Build and test the new tarball (best on a different machine).
* [1.4 only] Build and test the W32 vesion.
* Sign the tarball
* Get the previous tarball and run "mkdiff gnupg".
You might need to set a different signature key than mine. mkdiff
has an option for this.
* If you are satisied with the result tag the release. Use "svn
info" to get the current URL and use an svn cp command similar to
"svn cp svn+ssh://host/gnupg/trunk svn+ssh://host/gnupg/tags/2.n.m"
(for 1.4 you should see "branches/STABLE-BRANCH-1-4" instead of "trunk",
however tags are all below tags).
* Copy the files to the FTP server
* Update the webpages - at least the file swdb.wml needs an update.
* Add a new headline to NEWS.
* Bump "my_version" up and set "my_issvn" back to "yes" in configure.ac
* Write an announcement.

1
THANKS
View File

@ -17,6 +17,7 @@ Anthony Carrico acarrico at memebeam.org
Anthony Mulcahy anthony at kcn.ne.jp Anthony Mulcahy anthony at kcn.ne.jp
Ariel T Glenn ariel at columbia.edu Ariel T Glenn ariel at columbia.edu
ARIGA Seiji ariga at os.rim.or.jp ARIGA Seiji ariga at os.rim.or.jp
Benjamin Donnachie benjamin at py-soft.co.uk
Bernhard Herzog bh at intevation.de Bernhard Herzog bh at intevation.de
Bernhard Reiter bernhard at intevation.de Bernhard Reiter bernhard at intevation.de
Billy Halsey bshalsey at paxoo.com Billy Halsey bshalsey at paxoo.com

5
doc/ChangeLog
View File

@ -1,3 +1,8 @@
2007-02-26 Werner Koch <wk@g10code.com>
* gpg.texi (GPG Configuration): Document envvar LANGUAGE.
(GPG Configuration Options): Document show-primary-uid-only.
2007-02-18 Werner Koch <wk@g10code.com> 2007-02-18 Werner Koch <wk@g10code.com>
* gpg.texi (GPG Esoteric Options): No card reader options for gpg2. * gpg.texi (GPG Esoteric Options): No card reader options for gpg2.

12
doc/DETAILS
View File

@ -559,14 +559,14 @@ more arguments in future versions.
The output was truncated to MAXNO items. This status code is issued The output was truncated to MAXNO items. This status code is issued
for certain external requests for certain external requests
ERROR <error location> <error code> ERROR <error location> <error code> [<more>]
This is a generic error status message, it might be followed This is a generic error status message, it might be followed
by error location specific data. <error token> and by error location specific data. <error code> and
<error_location> should not contain a space. The error code <error_location> should not contain spaces. The error code is
is a either a string commencing with a letter or such string a either a string commencing with a letter or such a string
prefix with a numerical error code and an underscore; e.g.: prefixed with a numerical error code and an underscore; e.g.:
"151011327_EOF" "151011327_EOF".
ATTRIBUTE <fpr> <octets> <type> <index> <count> ATTRIBUTE <fpr> <octets> <type> <index> <count>
<timestamp> <expiredate> <flags> <timestamp> <expiredate> <flags>

15
doc/gpg.texi
View File

@ -1003,6 +1003,11 @@ the signature. Defaults to no.
Show revoked and expired user IDs during signature verification. Show revoked and expired user IDs during signature verification.
Defaults to no. Defaults to no.
@item show-primary-uid-only
Show only the primary user ID during signature verification. That is
all the AKA lines as well as photo Ids are not shown with the signature
verification status.
@item pka-lookups @item pka-lookups
Enable PKA lookups to verify sender addresses. Note that PKA is based Enable PKA lookups to verify sender addresses. Note that PKA is based
on DNS, and so enabling this option may disclose information on when on DNS, and so enabling this option may disclose information on when
@ -2581,6 +2586,16 @@ value. The option @option{--gpg-agent-info} can be used to override it.
@itemx LINES @itemx LINES
Used to size some displays to the full size of the screen. Used to size some displays to the full size of the screen.
@item LANGUAGE
Apart from its use by GNU, it is used in the W32 version to override the
language selection done through the Registry. If used and set to a a
valid and available language name (@var{langid}), the file with the
translation is loaded from
@code{@var{gpgdir}/gnupg.nls/@var{langid}.mo}. Here @var{gpgdir} is the
directory out of which the gpg binary has been laoded. If it can't be
loaded the Registry is tried as a fallback.
@end table @end table

13
g10/ChangeLog
View File

@ -1,3 +1,16 @@
2007-02-26 Werner Koch <wk@g10code.com>
* gpg.c (main): Add verify option show-primary-uid-only.
* options.h (VERIFY_SHOW_PRIMARY_UID_ONLY): New.
* mainproc.c (check_sig_and_print): Implement it.
2007-02-22 Werner Koch <wk@g10code.com>
* encr-data.c (decrypt_data): Correctly test for unknown algorithm.
* import.c (check_prefs): Ditto.
* keyedit.c (show_prefs): Ditto.
* mainproc.c (proc_symkey_enc): Ditto.
2007-02-06 Werner Koch <wk@g10code.com> 2007-02-06 Werner Koch <wk@g10code.com>
* export.c (do_export_stream): Allow reset-subkey-passwd along * export.c (do_export_stream): Allow reset-subkey-passwd along

7
g10/encr-data.c
View File

@ -90,11 +90,10 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
if ( opt.verbose && !dek->algo_info_printed ) if ( opt.verbose && !dek->algo_info_printed )
{ {
const char *s = gcry_cipher_algo_name (dek->algo); if (!gcry_cipher_test_algo (dek->algo))
if (s && *s) log_info (_("%s encrypted data\n"), gcry_cipher_algo_name (dek->algo));
log_info(_("%s encrypted data\n"), s );
else else
log_info(_("encrypted with unknown algorithm %d\n"), dek->algo ); log_info (_("encrypted with unknown algorithm %d\n"), dek->algo );
dek->algo_info_printed = 1; dek->algo_info_printed = 1;
} }
rc = openpgp_cipher_test_algo (dek->algo); rc = openpgp_cipher_test_algo (dek->algo);

2
g10/gpg.c
View File

@ -2601,6 +2601,8 @@ main (int argc, char **argv )
N_("show user ID validity during signature verification")}, N_("show user ID validity during signature verification")},
{"show-unusable-uids",VERIFY_SHOW_UNUSABLE_UIDS,NULL, {"show-unusable-uids",VERIFY_SHOW_UNUSABLE_UIDS,NULL,
N_("show revoked and expired user IDs in signature verification")}, N_("show revoked and expired user IDs in signature verification")},
{"show-primary-uid-only",VERIFY_SHOW_PRIMARY_UID_ONLY,NULL,
N_("show only the primary user ID in signature verification")},
{"pka-lookups",VERIFY_PKA_LOOKUPS,NULL, {"pka-lookups",VERIFY_PKA_LOOKUPS,NULL,
N_("validate signatures with PKA data")}, N_("validate signatures with PKA data")},
{"pka-trust-increase",VERIFY_PKA_TRUST_INCREASE,NULL, {"pka-trust-increase",VERIFY_PKA_TRUST_INCREASE,NULL,

14
g10/import.c
View File

@ -603,11 +603,14 @@ check_prefs(KBNODE keyblock)
{ {
if (openpgp_cipher_test_algo (prefs->value)) if (openpgp_cipher_test_algo (prefs->value))
{ {
const char *algo = gcry_cipher_algo_name (prefs->value); const char *algo =
(gcry_cipher_test_algo (prefs->value)
? num
: gcry_cipher_algo_name (prefs->value));
if(!problem) if(!problem)
check_prefs_warning(pk); check_prefs_warning(pk);
log_info(_(" \"%s\": preference for cipher" log_info(_(" \"%s\": preference for cipher"
" algorithm %s\n"),user,algo?algo:num); " algorithm %s\n"), user, algo);
problem=1; problem=1;
} }
} }
@ -615,11 +618,14 @@ check_prefs(KBNODE keyblock)
{ {
if(openpgp_md_test_algo(prefs->value)) if(openpgp_md_test_algo(prefs->value))
{ {
const char *algo = gcry_md_algo_name (prefs->value); const char *algo =
(gcry_md_test_algo (prefs->value)
? num
: gcry_md_algo_name (prefs->value));
if(!problem) if(!problem)
check_prefs_warning(pk); check_prefs_warning(pk);
log_info(_(" \"%s\": preference for digest" log_info(_(" \"%s\": preference for digest"
" algorithm %s\n"),user,algo?algo:num); " algorithm %s\n"), user, algo);
problem=1; problem=1;
} }
} }

14
g10/keyedit.c
View File

@ -2319,14 +2319,13 @@ show_prefs (PKT_user_id *uid, PKT_signature *selfsig, int verbose)
tty_printf (_("Cipher: ")); tty_printf (_("Cipher: "));
for(i=any=0; prefs[i].type; i++ ) { for(i=any=0; prefs[i].type; i++ ) {
if( prefs[i].type == PREFTYPE_SYM ) { if( prefs[i].type == PREFTYPE_SYM ) {
const char *s = gcry_cipher_algo_name (prefs[i].value);
if (any) if (any)
tty_printf (", "); tty_printf (", ");
any = 1; any = 1;
/* We don't want to display strings for experimental algos */ /* We don't want to display strings for experimental algos */
if (s && prefs[i].value < 100 ) if (!gcry_cipher_test_algo (prefs[i].value)
tty_printf ("%s", s ); && prefs[i].value < 100 )
tty_printf ("%s", gcry_cipher_algo_name (prefs[i].value));
else else
tty_printf ("[%d]", prefs[i].value); tty_printf ("[%d]", prefs[i].value);
if (prefs[i].value == CIPHER_ALGO_3DES ) if (prefs[i].value == CIPHER_ALGO_3DES )
@ -2342,14 +2341,13 @@ show_prefs (PKT_user_id *uid, PKT_signature *selfsig, int verbose)
tty_printf (_("Digest: ")); tty_printf (_("Digest: "));
for(i=any=0; prefs[i].type; i++ ) { for(i=any=0; prefs[i].type; i++ ) {
if( prefs[i].type == PREFTYPE_HASH ) { if( prefs[i].type == PREFTYPE_HASH ) {
const char *s = gcry_md_algo_name (prefs[i].value);
if (any) if (any)
tty_printf (", "); tty_printf (", ");
any = 1; any = 1;
/* We don't want to display strings for experimental algos */ /* We don't want to display strings for experimental algos */
if (s && prefs[i].value < 100 ) if (!gcry_md_test_algo (prefs[i].value)
tty_printf ("%s", s ); && prefs[i].value < 100 )
tty_printf ("%s", gcry_md_algo_name (prefs[i].value) );
else else
tty_printf ("[%d]", prefs[i].value); tty_printf ("[%d]", prefs[i].value);
if (prefs[i].value == DIGEST_ALGO_SHA1 ) if (prefs[i].value == DIGEST_ALGO_SHA1 )

5
g10/mainproc.c
View File

@ -273,7 +273,7 @@ proc_symkey_enc( CTX c, PACKET *pkt )
int algo = enc->cipher_algo; int algo = enc->cipher_algo;
const char *s = gcry_cipher_algo_name (algo); const char *s = gcry_cipher_algo_name (algo);
if(s) if (!gcry_cipher_test_algo (algo))
{ {
if(!opt.quiet) if(!opt.quiet)
{ {
@ -1768,7 +1768,8 @@ check_sig_and_print( CTX c, KBNODE node )
/* If we have a good signature and already printed /* If we have a good signature and already printed
* the primary user ID, print all the other user IDs */ * the primary user ID, print all the other user IDs */
if ( count && !rc ) { if ( count && !rc
&& !(opt.verify_options&VERIFY_SHOW_PRIMARY_UID_ONLY)) {
char *p; char *p;
for( un=keyblock; un; un = un->next ) { for( un=keyblock; un; un = un->next ) {
if( un->pkt->pkttype != PKT_USER_ID ) if( un->pkt->pkttype != PKT_USER_ID )

1
g10/options.h
View File

@ -341,6 +341,7 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode;
#define VERIFY_SHOW_UNUSABLE_UIDS (1<<6) #define VERIFY_SHOW_UNUSABLE_UIDS (1<<6)
#define VERIFY_PKA_LOOKUPS (1<<7) #define VERIFY_PKA_LOOKUPS (1<<7)
#define VERIFY_PKA_TRUST_INCREASE (1<<8) #define VERIFY_PKA_TRUST_INCREASE (1<<8)
#define VERIFY_SHOW_PRIMARY_UID_ONLY (1<<9)
#define KEYSERVER_USE_TEMP_FILES (1<<0) #define KEYSERVER_USE_TEMP_FILES (1<<0)
#define KEYSERVER_KEEP_TEMP_FILES (1<<1) #define KEYSERVER_KEEP_TEMP_FILES (1<<1)

4
sm/encrypt.c
View File

@ -76,8 +76,8 @@ init_dek (DEK dek)
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
} }
/* Extra check for algorithms we considere to be to weak for /* Extra check for algorithms we consider to be too weak for
encryption, qlthough we suppor them fro decryption. Note that encryption, although we support them for decryption. Note that
there is another check below discriminating on the key length. */ there is another check below discriminating on the key length. */
switch (dek->algo) switch (dek->algo)
{ {