1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

64 Commits

Author SHA1 Message Date
Werner Koch
69384568f6 gpg: Make the use of "--verify FILE" for detached sigs harder.
* g10/openfile.c (open_sigfile): Factor some code out to ...
(get_matching_datafile): new function.
* g10/plaintext.c (hash_datafiles): Do not try to find matching file
in batch mode.
* g10/mainproc.c (check_sig_and_print): Print a warning if a possibly
matching data file is not used by a standard signatures.
--

Allowing to use the abbreviated form for detached signatures is a long
standing bug which has only been noticed by the public with the
release of 2.1.0.  :-(

What we do is to remove the ability to check detached signature in
--batch using the one file abbreviated mode.  This should exhibit
problems in scripts which use this insecure practice.  We also print a
warning if a matching data file exists but was not considered because
the detached signature was actually a standard signature:

  gpgv: Good signature from "Werner Koch (dist sig)"
  gpgv: WARNING: not a detached signature; \
  file 'gnupg-2.1.0.tar.bz2' was NOT verified!

We can only print a warning because it is possible that a standard
signature is indeed to be verified but by coincidence a file with a
matching name is stored alongside the standard signature.

Reported-by: Simon Nicolussi (to gnupg-users on Nov 7)
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-13 17:39:31 +01:00
Werner Koch
096e7457ec Change all quotes in strings and comments to the new GNU standard.
The asymmetric quotes used by GNU in the past (`...') don't render
nicely on modern systems.  We now use two \x27 characters ('...').

The proper solution would be to use the correct Unicode symmetric
quotes here.  However this has the disadvantage that the system
requires Unicode support.  We don't want that today.  If Unicode is
available a generated po file can be used to output proper quotes.  A
simple sed script like the one used for en@quote is sufficient to
change them.

The changes have been done by applying

  sed -i "s/\`\([^'\`]*\)'/'\1'/g"

to most files and fixing obvious problems by hand.  The msgid strings in
the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
Werner Koch
b008274afd Nuked almost all trailing white space.
We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces.  In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much.  For future commits the pre-commit scripts
checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Werner Koch
b3f9e2130e Change stack size for Wince.
Allow for a longer agent atartup under wince.
Print gpg output via estream.
2010-11-23 18:46:41 +00:00
Werner Koch
bbe388b5db Add unfinished gpgtar.
Collected changes and ports of bug fixes from stable.
2010-06-07 13:33:02 +00:00
Werner Koch
f3839fe81d Use gpg_err_set_errno to assign values to ERRNO. 2010-04-01 13:24:55 +00:00
Werner Koch
fb2ba98963 Finished the bulk of changes to use estream in most places instead of
stdio.
2010-03-15 11:15:45 +00:00
Werner Koch
6216d33e8c Removed almost al dup calls. 2010-03-08 18:19:21 +00:00
Werner Koch
71625f56fd Implement the server comamnd DECRYPT.
Use int instead of gnupg_fd_t in the server.
Comment fixes.
Rename encr-data.c -> decrypt-data.c
2009-10-02 14:57:55 +00:00
Werner Koch
b432da7574 Re-indented. 2009-10-01 09:56:51 +00:00
Werner Koch
93d3811abc Changed to GPLv3.
Removed intl/.
2007-07-04 19:49:40 +00:00
Werner Koch
2c9791db55 First steps towards supporting W32.
This is mainly source code reorganization.
Update gnulib.
g10/ does currently not build.
2007-06-06 18:12:30 +00:00
Werner Koch
f7c1efc880 Add extra flushs 2007-03-08 12:11:58 +00:00
Werner Koch
12ca74c836 Started to code a --server mode.
It is far from being ready!
2006-12-21 19:40:00 +00:00
Werner Koch
0173cd5a98 Fixes for CVE-2006-6235 2006-12-06 10:16:50 +00:00
Werner Koch
4b48bcacc9 Fix for bug 537 2006-10-02 11:54:35 +00:00
Werner Koch
03d3322e5f Take advantage of newer gpg-error features. 2006-09-14 16:50:33 +00:00
Werner Koch
fbe4ac37f6 g10/ does build again. 2006-05-23 16:19:43 +00:00
Werner Koch
00ffc478de Merged recent changes from 1.4 2006-04-28 14:31:29 +00:00
Werner Koch
4459fcb032 Still merging 1.4.3 code back 2006-04-21 12:56:40 +00:00
Werner Koch
d0907e64f4 Continued with merging.
Still does not build.
2006-04-19 13:24:36 +00:00
Werner Koch
29b23dea97 Merged with gpg 1.4.3 code.
The gpg part does not yet build.
2006-04-19 11:26:11 +00:00
Werner Koch
c0c2c58054 Finished the bulk of changes for gnupg 1.9. This included switching
to libgcrypt functions, using shared error codes from libgpg-error,
replacing the old functions we used to have in ../util by those in
../jnlib and ../common, renaming the malloc functions and a couple of
types.  Note, that not all changes are listed below becuause they are
too similar and done at far too many places.  As of today the code
builds using the current libgcrypt from CVS but it is very unlikely
that it actually works.
2003-06-18 19:56:13 +00:00
Repo Admin
7250331472 This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
2003-06-05 07:14:21 +00:00
Repo Admin
82a17c9fb3 This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
2002-10-19 07:55:27 +00:00
David Shaw
3f51f7db3d Update head to match stable 1.0 2002-06-29 13:46:34 +00:00
Werner Koch
d81c3f733b See ChangeLog: Fri Jul 28 18:19:11 CEST 2000 Werner Koch 2000-07-28 16:19:07 +00:00
Werner Koch
92cd255508 See ChangeLog: Fri Jul 14 19:38:23 CEST 2000 Werner Koch 2000-07-14 17:34:53 +00:00
Werner Koch
baa30ad117 See ChangeLog: Thu Jan 27 18:00:44 CET 2000 Werner Koch 2000-01-27 16:50:45 +00:00
Werner Koch
0070faa0ff See ChangeLog: Mon Jan 24 13:04:28 CET 2000 Werner Koch 2000-01-24 11:55:49 +00:00
Werner Koch
cf70ca8d68 See ChangeLog: Tue Oct 26 14:10:21 CEST 1999 Werner Koch 1999-10-26 12:14:37 +00:00
Werner Koch
39fe1cbfde See ChangeLog: Fri Sep 3 10:06:06 CEST 1999 Werner Koch 1999-09-03 08:15:32 +00:00
Werner Koch
88a916cdd4 See ChangeLog: Tue Aug 31 17:20:44 CEST 1999 Werner Koch 1999-08-31 15:30:12 +00:00
Werner Koch
28eb86c006 See ChangeLog: Thu Jul 1 12:47:31 CEST 1999 Werner Koch 1999-07-01 10:53:35 +00:00
Werner Koch
3dddf602dd See ChangeLog: Tue Jun 1 16:01:46 CEST 1999 Werner Koch 1999-06-01 14:08:57 +00:00
Werner Koch
c34c676958 See ChangeLog: Mon May 31 19:41:10 CEST 1999 Werner Koch 1999-05-31 17:49:37 +00:00
Werner Koch
bfb32130e5 See ChangeLog: Wed May 19 16:04:30 CEST 1999 Werner Koch 1999-05-19 14:12:26 +00:00
Werner Koch
7debff3867 See ChangeLog: Wed Jan 20 18:59:49 CET 1999 Werner Koch 1999-01-20 18:10:35 +00:00
Werner Koch
29c08419db See ChangeLog: Sat Jan 16 09:27:30 CET 1999 Werner Koch 1999-01-16 08:29:29 +00:00
Werner Koch
002b1a8632 See ChangeLog: Sat Jan 9 16:02:23 CET 1999 Werner Koch 1999-01-09 15:06:59 +00:00
Werner Koch
7d0efec7cf See ChangeLog: Thu Jan 7 18:00:58 CET 1999 Werner Koch 1999-01-07 17:05:48 +00:00
Werner Koch
6e08b235cb See ChangeLog: Tue Dec 29 14:41:47 CET 1998 Werner Koch 1998-12-29 13:47:31 +00:00
Werner Koch
750d74333c See ChangeLog: Wed Dec 23 13:34:22 CET 1998 Werner Koch 1998-12-23 12:41:40 +00:00
Werner Koch
b1e5c79926 See ChangeLog: Thu Dec 17 18:31:15 CET 1998 Werner Koch 1998-12-17 17:36:05 +00:00
Werner Koch
a7d13c0d80 See ChangeLog: Fri Nov 27 12:39:29 CET 1998 Werner Koch 1998-11-27 11:42:49 +00:00
Werner Koch
b076ce3021 Some bug fixes of the last release 1998-11-10 12:59:59 +00:00
Werner Koch
9a854f1010 *** empty log message *** 1998-09-29 16:15:15 +00:00
Werner Koch
c07a88da5d New release 1998-09-14 15:49:56 +00:00
Werner Koch
6ccf4e0f80 ready for a new release 1998-08-08 19:27:00 +00:00
Werner Koch
0a76a4465b sync 1998-07-14 17:10:28 +00:00