security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-29 02:22:45 +02:00
Code Activity
2,514 Commits 100 Branches 301 Tags 70 MiB
b8d2740923
Commit Graph

2514 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Shaw
57591eb76f * keyedit.c (keyedit_menu): If we modify the keyblock (via 
fix_keyblock() or collapse_uids()) make sure we reprocess the keyblock
so the flags are correct.  Noted by Robin H. Johnson.

* getkey.c (fixup_uidnode): Properly clear flags that don't apply to
us (revoked, expired) so that we can reprocess a uid.
 2007-03-06 06:39:38 +00:00
Werner Koch
2a3946e0d1 Post release update 2007-03-05 10:46:33 +00:00
Werner Koch
7cb81bb3ef Preparing 1.4.7 2007-03-05 10:22:56 +00:00
Werner Koch
b87b1c9a93 Updated 2007-02-26 15:45:29 +00:00
Werner Koch
958c2a6f69 [W32] Make use of the LANGUAGE envvar. 2007-02-26 14:26:32 +00:00
David Shaw
6b086c1fe3 * parse-packet.c (parse_signature): It's hex. 
* getkey.c (merge_selfsigs_subkey): Avoid listing the contents of a
backsig when list mode is on.  Noted by Timo Schulz.
 2007-02-14 03:41:24 +00:00
Werner Koch
22be39dfac * secmem.c (ptr_into_pool_p): New. 
(m_is_secure): Implement in terms of above.  Also check that the
        pool has been initialized.
 2007-02-12 14:13:37 +00:00
David Shaw
1475939994 * gpgkeys_ldap.c (send_key): Missing a free(). 
* curl-shim.c (curl_easy_perform): Some debugging items that may be
handy.
 2007-02-11 03:56:59 +00:00
David Shaw
f6e12f4b46 * http.c (do_parse_uri): Remove the hkp port 11371 detection. We 
implement hkp in the keyserver handler, and the support here makes it
appear like a bad hkp request actually succeeded.
 2007-02-11 03:10:12 +00:00
Werner Koch
b4f553c1ca Fix for Debian bug 402592 2007-02-04 17:20:24 +00:00
David Shaw
e0dbc52cfc Missed one caller. 2007-02-01 20:51:15 +00:00
David Shaw
ef8f2e2f6f * main.h, keygen.c (ask_expire_interval, parse_expire_string): Pass in 
the time to use to calculate the expiration offset, rather than
querying it internally.  Change all callers.
 2007-02-01 19:32:16 +00:00
David Shaw
67c18b8c3c * ttyio.c (do_get): Assume that anything read from the user without 
echoing to the screen is sensitive and put it in secure memory.
Suggested by Benjamin Bennett.
 2007-02-01 04:21:07 +00:00
David Shaw
ef9e1b5fbc * keygen.c (do_generate_keypair, proc_parameter_file, 
generate_keypair, generate_subkeypair): Pass a timestamp through to
all the gen_xxx functions.
 2007-01-31 21:39:26 +00:00
David Shaw
9f3af9e24d * keyedit.c (sign_uids): Another multiple to single timestamp 
operation.
 2007-01-31 20:44:48 +00:00
David Shaw
5b34e0264e * sign.c (write_plaintext_packet): Take timestamp from outside. 
Change all callers.  (sign_file, clearsign_file,
sign_symencrypt_file): Calculate one timestamp for the whole
transaction.  Different timestamps for each step can leak performance
information.
 2007-01-31 20:23:45 +00:00
David Shaw
efef00aed3 * main.h, keygen.c (ask_expiredate), keyedit.c (menu_expire): Remove 
the need for ask_expiredate().
 2007-01-31 19:42:48 +00:00
David Shaw
e2fdff56fc * keygen.c (make_backsig, write_direct_sig, write_selfsigs) 
(write_keybinding): Have the various selfsigs created during key
generation use the timestamp of their parent key.  This helps avoid
leaking information about the performance of the machine where the
keys were generated.  Noted by Christian Danner.
 2007-01-30 21:19:45 +00:00
David Shaw
b8bd7b6186 * curl-shim.h, curl-shim.c, gpgkeys_hkp.c: Rename curl_escape() to 
curl_easy_escape() to match cURL.
 2007-01-16 18:12:43 +00:00
David Shaw
5af8d68211 * libcurl.m4: Check for curl_easy_escape() and curl_easy_unescape(). 
Replace with curl_escape() and curl_unescape() if libcurl doesn't have
it.
 2007-01-16 06:10:31 +00:00
David Shaw
e5f521db93 * config.links: powerpc64* needs to come before powerpc* or it will 
never match.  Reported by Alon Bar-Lev for libgcrypt, but relevant
here as well.
 2007-01-16 05:20:06 +00:00
David Shaw
a15b16a356 * gpgkeys_hkp.c (send_key): Allow GPG to send any armored key line 
length without problems.  Reported by Felix von Leitner.
 2007-01-16 04:31:49 +00:00
Werner Koch
9e4a5071a6 * parse-packet.c (read_protected_v3_mpi): Make sure to stop 
reading even for corrupted packets.
	* keygen.c (generate_user_id): Need to allocate one byte more.
	Reported by Felix von Leitner.
 2007-01-15 19:30:33 +00:00
Werner Koch
9a1d79f67f Installed revised translation. 2006-12-22 15:25:16 +00:00
David Shaw
6a0d191411 * configure.ac: Only check for libusb if we're building with card 
support.  Noted by Gilles Espinasse.
 2006-12-21 17:51:36 +00:00
David Shaw
68ea16cbfc * options.skel: Tweak some examples to match reality and update the 
RFC for CERT now that it is out of draft.
 2006-12-15 04:37:47 +00:00
Werner Koch
60044dd11b Fix bug#739 (proxy/shutdown) 2006-12-14 09:55:32 +00:00
David Shaw
ea5397943a * Makefile.am: Install options.skel via dist_pkgdata_DATA so that 
"make uninstall" works properly.
 2006-12-13 21:41:37 +00:00
Werner Koch
db8b1120a1 distribute gnupg1.info. Fixes bug#740. 2006-12-13 17:58:43 +00:00
Werner Koch
e810efc76f Removed references to removed g10defs.h file. 2006-12-13 12:09:44 +00:00
Werner Koch
9f433cccca Removed the use of g10defs.h. 
This required some code cleanups and the introduction of
a few accessor ducntions in mpi.
 2006-12-11 19:54:53 +00:00
David Shaw
d382fece03 * configure.ac: AM_CONDITIONAL must not be used inside an if/then. 2006-12-08 04:39:56 +00:00
Werner Koch
abfdbea116 / 
* configure.ac: Remove GNUPG_DATADIR for non-W32 systems.
g10/
	* Makefile.am (AM_CPPFLAGS): Define GNUPG_DATADIR.
	* openfile.c (copy_options_file): Use log_info and not log_error
	to avoid error returns in case of a missing skeleton file.
 2006-12-07 11:33:24 +00:00
Werner Koch
818f65f42a Post release updates 2006-12-06 10:48:55 +00:00
Werner Koch
d8ff6704c8 Preparing a release 2006-12-06 09:52:40 +00:00
Werner Koch
68629647f3 Changing the way man pages are build. 2006-12-04 13:51:18 +00:00
David Shaw
ede66f6fb5 * ksutil.c (classify_ks_search): Try and recognize a key ID even 
without the 0x prefix.  This isn't exact (it's possible that a user ID
string happens to be 8 or 16 digits of hex), but it's extremely
unlikely.  Plus GPG itself makes the same assumption.
 2006-12-04 01:20:55 +00:00
David Shaw
cfa0b50dc0 * keyedit.c (menu_clean): Show "already minimized" rather than 
"already clean" when a minimized key is minimized again.  From Dirk
Traulsen.
 2006-12-03 06:26:12 +00:00
David Shaw
928db7d34b * gpgkeys_hkp.c (search_key): HKP keyservers like the 0x to be present 
when searching by keyID.
 2006-12-03 05:57:57 +00:00
David Shaw
69f73dddd9 * NEWS: Note the CVE for bug#728, --s2k-count, --passphrase-repeat, 
and the OpenSSL exception.
 2006-12-03 04:54:21 +00:00
David Shaw
e0cd2d31a1 * options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add 
--passphrase-repeat option to control how many times gpg will
re-prompt for a passphrase to ensure the user has typed it correctly.
Defaults to 1.
 2006-12-03 04:38:53 +00:00
Werner Koch
29f48b5fdc Preparing an RC 2006-11-29 15:42:28 +00:00
Werner Koch
e1829a3d52 * openfile.c (ask_outfile_name): Fixed buffer overflow occurring 
if make_printable_string returns a longer string.  Fixes bug 728.
 2006-11-27 16:40:14 +00:00
David Shaw
55df654ea8 Missing changelog entry 2006-11-06 04:07:33 +00:00
David Shaw
d46be5e103 * configure.ac: --enable-minimal leaves out gettext and all resolver 
functions (SRV, PKA, & CERT).
 2006-11-06 03:59:02 +00:00
David Shaw
1b41117e2a * gpgkeys_hkp.c (curl_mrindex_writer): Revert previous change. 
Key-not-found still has a HTML response.
 2006-11-06 03:37:08 +00:00
Werner Koch
31cf39791e New command --gpgconf-test. 2006-10-23 14:21:41 +00:00
David Shaw
9e9214b944 * gpgkeys_hkp.c (curl_mrindex_writer): Print a warning if we see HTML 
coming back from a MR hkp query.
 2006-10-20 03:56:17 +00:00
David Shaw
4e07a84cb9 * parse-packet.c (parse_symkeyenc): Show the unpacked as well as the 
packed s2k iteration count.
	
* main.h, options.h, gpg.c (encode_s2k_iterations, main), passphrase.c
(hash_passphrase): Add --s2k-count option to specify the number of s2k
hash iterations.
 2006-10-13 03:44:34 +00:00
David Shaw
6174275c39 * keyserver.c (keyserver_spawn): Write the 16-digit keyid rather than 
whatever key selector the user used on the command line.
 2006-10-06 05:46:07 +00:00