1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-11 21:48:50 +01:00
Commit Graph

334 Commits

Author SHA1 Message Date
Werner Koch
20be8ab9fb
Post release updates.
--
2015-12-20 09:01:18 +01:00
Werner Koch
19549aec29
Release 1.4.20 2015-12-19 16:56:33 +01:00
Werner Koch
eb645a57e2
Post release updates
--
2015-02-27 10:01:08 +01:00
Werner Koch
bcf44e2d15
Release 1.4.19. 2015-02-27 09:33:58 +01:00
Werner Koch
ad30b2a4ae Allow use of --debug-level=LEVEL without '='.
* g10/gpg.c (opts): Fix "debug-level".
2014-09-29 11:29:52 +02:00
Werner Koch
c05918c1b9 Post release updates
--
2014-06-30 20:24:38 +02:00
Werner Koch
6a7b763e05 Release 1.4.18 2014-06-30 19:52:28 +02:00
Werner Koch
574b9ed28d Add CVE number
--
2014-06-30 18:48:27 +02:00
Werner Koch
ba50a00630 Post release changes.
--
2014-06-23 17:42:21 +02:00
Werner Koch
297f2ac645 Release 1.4.17 2014-06-23 17:15:09 +02:00
Werner Koch
9df639b684 Post release version number bump.
--
2013-12-13 10:03:19 +01:00
Werner Koch
7cdb86e0ad Release 1.4.16 2013-12-13 09:07:11 +01:00
Werner Koch
4466fdba7b Update config.{guess,sub} and some copyright notices.
* scripts/config.guess, scripts/config.sub: Update to version
2013-11-29.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-12-10 20:33:48 +01:00
Werner Koch
b135372176 gpg: Change armor Version header to emit only the major version.
* g10/options.h (opt): Rename field no_version to emit_version.
* g10/gpg.c (main): Init opt.emit_vesion to 1.  Change --emit-version
to bump up opt.emit_version.
* g10/armor.c (armor_filter): Implement different --emit-version
values.
--

GnuPG-bug-id: 1572
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit e951782e93)

Resolved conflicts:
	NEWS
	g10/armor.c
	g10/gpg.c
2013-11-27 11:00:55 +01:00
Werner Koch
2528178e7e gpg: Do not require a trustdb with --always-trust.
* g10/tdbio.c (tdbio_set_dbname): Add arg R_NOFILE.
* g10/trustdb.c (trustdb_args): Add field no_trustdb.
(init_trustdb): Set that field.
(revalidation_mark):  Take care of a nonexistent trustdb file.
(read_trust_options): Ditto.
(get_ownertrust): Ditto.
(get_min_ownertrust): Ditto.
(update_ownertrust): Ditto.
(update_min_ownertrust): Ditto.
(clear_ownertrusts): Ditto.
(cache_disabled_value): Ditto.
(check_trustdb_stale): Ditto.
(get_validity): Ditto.
* g10/gpg.c (main): Do not create a trustdb with most commands for
trust-model always.
--

This slightly changes the semantics of most commands in that they
won't create a trustdb if --trust-model=always is used.  It just does
not make sense to create a trustdb if there is no need for it.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 1a0eeaacd1)

Resolved conflicts:
	g10/gpg.c
	g10/tdbio.h
	g10/trustdb.c
 (indentation fixes)
2013-10-11 09:35:01 +02:00
Werner Koch
0a10f1f91e Post release updates.
--
2013-10-04 21:29:50 +02:00
Werner Koch
8707657fe6 Release 1.4.15 2013-10-04 21:10:52 +02:00
Werner Koch
d90a1d2340 gpg: Fix bug with deeply nested compressed packets.
* g10/mainproc.c (MAX_NESTING_DEPTH): New.
(proc_compressed): Return an error code.
(check_nesting): New.
(do_proc_packets): Check packet nesting depth.  Handle errors from
check_compressed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-02 09:29:47 +02:00
Werner Koch
6f634b0e08 Post release updates.
--
2013-07-25 11:00:04 +02:00
Werner Koch
fb5c9deaa5 Release 1.4.14. 2013-07-25 10:44:26 +02:00
Werner Koch
35646689f4 Mitigate a flush+reload cache attack on RSA secret exponents.
* mpi/mpi-pow.c (mpi_powm): Always perform the mpi_mul for exponents
hold in secure memory.
--

The attack is described in a paper to be pusblished at eprint.iacr.org:

Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel
Attack by Yuval Yarom and Katrina Falkner. 18 July 2013.

  Flush+Reload is a cache side-channel attack that monitors access to
  data in shared pages. In this paper we demonstrate how to use the
  attack to extract private encryption keys from GnuPG.  The high
  resolution and low noise of the Flush+Reload attack enables a spy
  program to recover over 98% of the bits of the private key in a
  single decryption or signing round. Unlike previous attacks, the
  attack targets the last level L3 cache. Consequently, the spy
  program and the victim do not need to share the execution core of
  the CPU. The attack is not limited to a traditional OS and can be
  used in a virtualised environment, where it can attack programs
  executing in a different VM.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-07-25 10:37:40 +02:00
Werner Koch
faf2174979 Post release updates
--
2012-12-20 21:25:07 +01:00
Werner Koch
0bd168bf8e Release 1.4.13. 2012-12-20 20:30:15 +01:00
Werner Koch
b1eac93431 Support the not anymore patented IDEA cipher algorithm.
* cipher/idea.c: New.  Take from Libgcrypt master and adjust for
direct use in GnuPG.
* cipher/idea-stub.c: Remove.
* cipher/Makefile.am: Add idea.c and remove idea-stub.c rules.
* configure.ac: Remove idea-stub code.
* g10/gpg.c (check_permissions): Remove code path for ITEM==2.
(main): Make --load-extension a dummy option.
* g10/keygen.c (keygen_set_std_prefs): Include IDEA only in PGP2
compatibility mode.
* g10/misc.c (idea_cipher_warn): Remove.  Also remove all callers.
* g10/seckey-cert.c (do_check): Remove emitting of STATUS_RSA_OR_IDEA.
* g10/status.c (get_status_string): Remove STATUS_RSA_OR_IDEA.
* g10/status.h (STATUS_RSA_OR_IDEA): Remove.

--

To keep the number of actually used algorithms low, we support IDEA
only in a basically read-only way (unless --pgp2 is used during key
generation).  It does not make sense to suggest the use of this old 64
bit blocksize algorithm.  However, there is old data available where
it might be helpful to have IDEA available.
2012-11-08 13:25:02 +01:00
Werner Koch
75b347a2a1 Release 1.4.12 2012-01-30 15:17:09 +01:00
Werner Koch
9b2a98ea14 Allow use of a standard space separated fingerprint.
We allow a single or a double space in the middle of the fingerprint
to help with c+p fingerprints from an HTML pages which are not being
enclosed in a "pre" tag.
* g10/getkey.c (classify_user_id): Check for space separated GPG
fingerprint.
--
This is a backport of commit 957fe72 and 372fb4f.
2012-01-10 15:34:02 +01:00
Werner Koch
3106aff2bc Post release updates 2010-10-18 10:28:58 +00:00
Werner Koch
27193bbd2c Prepare for 1.4.11 2010-10-18 09:24:48 +00:00
Werner Koch
a1fc3a5d9e Preparing a release candidate 2010-09-23 08:15:45 +00:00
Werner Koch
690dc98c6f Minor fixes 2010-08-31 08:42:38 +00:00
Werner Koch
9017b84423 Ignore some GnuPG-2 only options. 2010-06-01 12:13:31 +00:00
Werner Koch
198c5c5587 Fix bug 1179 2010-05-12 16:06:38 +00:00
Werner Koch
fb69c59202 Post release version number bump 2009-09-02 18:21:13 +00:00
Werner Koch
d890215d18 Preparing 1.4.10. 2009-09-02 15:02:01 +00:00
David Shaw
22039bfd3f * NEWS: Note Camellia and hkps. 2009-08-13 15:09:02 +00:00
Werner Koch
b8805ca724 2009-08-03 17:47:18 +00:00
Werner Koch
3459c6b015 First set of changes to backport the new card code from 2.0.
For compatibility reasons a few new files had to be added.
Also added estream-printf as this is now used in app-openpgp.c and provides
a better and generic asprintf implementation than the hack we used for the
W32 code in ttyio.c.  Card code is not yet finished.
2009-07-21 14:30:13 +00:00
Werner Koch
23ad4bd73b Fix for bug#1034. 2009-05-06 09:31:15 +00:00
Werner Koch
418e61a824 Improve dotlocking.
Implement locking for W32.
2009-05-05 15:32:16 +00:00
Werner Koch
3bd834c95e Change the SIG_ID computation to match 2.0.10. 2008-12-11 17:47:47 +00:00
Werner Koch
e850b7fc22 Ignore gpg2 introduced keywords for --auto-key-locate.
Minor W32 installer fix.
2008-04-30 11:46:35 +00:00
Werner Koch
c01847cf0a Post release version number bump. 2008-03-26 18:37:29 +00:00
Werner Koch
46e98d9486 prepare a release. 2008-03-26 17:53:04 +00:00
Werner Koch
3886468f75 Change default keyserver. 2008-03-25 08:34:02 +00:00
Werner Koch
537cada38e Improved AES performance. 2008-03-22 17:01:37 +00:00
Werner Koch
064d36486b Preparing a release 2007-12-20 08:06:39 +00:00
Werner Koch
f717f9661a Fixd a W32 problems with ldaps. 2007-12-17 10:49:08 +00:00
David Shaw
69bdef8a2b * NEWS: Note SHA-224 typo. 2007-12-13 21:11:05 +00:00
Werner Koch
81685cc799 Updated ZH po file.
Allow de/encryption using legacy type 20 keys.
Updated config.{sub,guess}
2007-12-12 18:26:25 +00:00
David Shaw
d9bf929ab4 * NEWS: Say a bit more about RFC-4880. Note some defaults changing. 2007-11-18 03:59:21 +00:00