1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

2933 Commits

Author SHA1 Message Date
David Shaw
91dbfce3b7 * parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes.
This prevents a memory allocation attack with a very large user ID.  A
very large packet length could even cause the allocation (a u32) to wrap
around to a small number.  Noted by Evgeny Legerov on full-disclosure.
2006-06-09 19:45:19 +00:00
Marcus Brinkmann
5a8770fc6c 2006-06-09 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am (gpgconf_LDADD): Add $(GPG_ERROR_LIBS).
	(gpgkey2ssh_LDADD): Add ../jnlib/libjnlib.a.
2006-06-09 11:32:22 +00:00
Marcus Brinkmann
aed46885ab 2006-06-09 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am (gpg_agent_LDADD): Add $(NETLIBS).
	(gpg_protect_tool_LDADD): Likewise.
	(gpg_preset_passphrase_LDADD): Likewise.
2006-06-09 10:28:26 +00:00
Marcus Brinkmann
55e3d83edf agent/
2006-06-09  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (gpg_agent_LDADD): Add $(NETLIBS).

scd/
2006-06-09  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (scdaemon_LDADD): Add $(NETLIBS).
2006-06-09 10:23:30 +00:00
Marcus Brinkmann
384cba431a 2006-06-08 Marcus Brinkmann <marcus@g10code.de>
* asschk.c (__func__) [__STDC_VERSION__ < 199901L && __GNUC__ >= 2]:
	Define macro to __FUNCTION__.
	(die): Use __func__ instead of __FUNCTION__.
2006-06-08 12:17:38 +00:00
Marcus Brinkmann
dcb7d90bc5 2006-06-08 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (PTH_LIBS): Add --all to pth-config invocation.
2006-06-08 11:57:18 +00:00
David Shaw
49c31957f0 Revert last. It is still wrong. 2006-05-27 02:07:05 +00:00
David Shaw
b9c2f44336 * exec.c (make_tempdir) [_WIN32]: Modified to properly handle
arbitrarily long temporary directory paths.
2006-05-27 01:38:54 +00:00
David Shaw
05a2a2f39a * keygen.c (gen_dsa): Allow generating DSA2 keys (allow specifying sizes >
1024 when --enable-dsa2 is set).  The size of q is set automatically based
on the key size. (ask_keysize, generate_keypair): Ask for DSA size when
--enable-dsa2 is set.
2006-05-25 19:39:03 +00:00
Werner Koch
e9bbf255a6 Added backsig to my key 2006-05-25 13:55:34 +00:00
David Shaw
5cef0cac5a * exec.c (make_tempdir): Fix bug with a temporary directory on Win32
that is over 256 bytes long.  Noted by Israel G. Lugo.
2006-05-25 03:02:51 +00:00
Werner Koch
b61df862a7 Still making gpg2 work.
At least the keyids are now correctly computed again.
2006-05-24 11:12:28 +00:00
David Shaw
071d362ba6 * mksamplekeys: Incorporate new package signature key and minimize keys
when generating samplekeys.asc.
2006-05-23 22:48:21 +00:00
David Shaw
782a70e522 * gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we are
called with them closed.  This is to protect our keyring/trustdb files
from corruption if they get attached to one of the standard fds.  Print a
warning if possible that this has happened, and fail completely if we
cannot reopen (should never happen). (main): Call it here.
2006-05-23 22:04:09 +00:00
Werner Koch
fbe4ac37f6 g10/ does build again. 2006-05-23 16:19:43 +00:00
David Shaw
8fa55e28fe * configure.ac: Add --disable-optimization. This is handy for debugging
so the compiler doesn't rearrange things and eliminate variables.
2006-05-23 15:32:57 +00:00
David Shaw
197c7a3e47 * parse-packet.c (dump_sig_subpkt, parse_signature), build-packet.c
(build_sig_subpkt_from_sig), getkey.c (fixup_uidnode,
merge_selfsigs_main, merge_selfsigs_subkey), keygen.c
(keygen_add_key_expire): Fix meaning of key expiration and sig
expiration subpackets - zero means "never expire" according to 2440,
not "expire instantly".
2006-05-23 03:58:53 +00:00
David Shaw
3bee120e15 * import.c (import_one): Fix bug when importing a new key from a file. 2006-05-22 21:38:13 +00:00
Marcus Brinkmann
a26d0ff496 2006-05-22 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Remove check for noexecstack and invoke
	CL_AS_NOEXECSTACK instead.

m4/
2006-05-22  Marcus Brinkmann  <marcus@g10code.de>

	* noexecstack.m4: New file.
2006-05-22 17:19:22 +00:00
David Shaw
7596ae1f6a * getkey.c (get_pubkey_byname), import.c (import_one): Fix key selection
problem when auto-key-locate returns a list of keys, not all of which are
usable (revoked, expired, etc).  Noted by Simon Josefsson.
2006-05-22 16:53:09 +00:00
Marcus Brinkmann
11544e7184 2006-05-19 Marcus Brinkmann <marcus@g10code.de>
* keydb.c (keydb_insert_cert): Do not lock here, but only check if
	it is locked.
	(keydb_store_cert): Lock here.

	* keydb.h (keydb_delete): Accept new argument UNLOCK.
	* keydb.c (keydb_delete): Likewise.  Only unlock if this is set.
	* delete.c (delete_one): Add new argument to invocation of
	keydb_delete.
2006-05-22 14:35:04 +00:00
Werner Koch
6089d7f5d8 Updated keys 2006-05-17 08:42:12 +00:00
Werner Koch
1918e6a5e2 Forgot to save the actual fix 2006-05-16 11:08:47 +00:00
Werner Koch
e09aa70c54 Fixed OSF5 warning suppression. 2006-05-16 11:06:28 +00:00
Werner Koch
61756ae3a7 Added sample certificates. 2006-05-16 09:54:41 +00:00
David Shaw
eda3d78130 * libcurl.m4: Fix mistaken AC_SUBST when curl is not found. 2006-05-10 02:09:27 +00:00
Werner Koch
b794bb683f Repackaged PKITS_data.tar.bz2 2006-05-02 08:19:59 +00:00
Werner Koch
c61489acbf Fix for sanitize string. Added SHA224 2006-04-28 14:32:13 +00:00
Werner Koch
00ffc478de Merged recent changes from 1.4 2006-04-28 14:31:29 +00:00
David Shaw
76d69cd56a * NEWS: Note SHA-224 and DSA2.
* configure.ac: Remove --enable-old-keyserver-helpers.  Comment out
--enable-m-guard for now.
2006-04-27 16:20:13 +00:00
David Shaw
bc81ce601f (keyserver_import_cert): Show warning if there is a CERT fingerprint,
but no --keyserver set.
2006-04-27 03:38:56 +00:00
David Shaw
034937c6d1 * keyserver.c (path_makes_direct): New. (keyserver_spawn): Used here
to add "_uri" to certain gpgkeys_xxx helpers when the meaning is
different if a path is provided (i.e. ldap).
2006-04-27 03:14:17 +00:00
David Shaw
f37dac88cb * gpgkeys_http.c, gpgkeys_oldhkp.c: Removed. 2006-04-26 21:49:43 +00:00
David Shaw
e87d36ccf6 * Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any longer as
this is done via curl or fake-curl.

* ksutil.h, ksutil.c, gpgkeys_hkp.c, gpgkeys_curl.c: Minor #include tweaks
as FAKE_CURL is no longer meaningful.
2006-04-26 21:48:29 +00:00
David Shaw
19c353232e * keyserver.c: Fix build problem with platforms that stick libcurl in
a place not in the regular include search path.
2006-04-22 14:15:50 +00:00
Werner Koch
4459fcb032 Still merging 1.4.3 code back 2006-04-21 12:56:40 +00:00
David Shaw
fcb3150564 * make-dns-cert.c (main): Small exit code tweak from Peter Palfrader. 2006-04-20 22:05:42 +00:00
David Shaw
0f1c0a9f28 * options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. Defaults
to disable.

* pkclist.c (algo_available): If --enable-dsa2 is set, we're allowed to
truncate hashes to fit DSA keys.

* sign.c (match_dsa_hash): New.  Return the best match hash for a given q
size. (do_sign, hash_for, sign_file): When signing with a DSA key, if it
has q==160, assume it is an old DSA key and don't allow truncation unless
--enable-dsa2 is also set.  q!=160 always allows truncation since they
must be DSA2 keys. (make_keysig_packet): If the user doesn't specify a
--cert-digest-algo, use match_dsa_hash to pick the best hash for key
signatures.
2006-04-20 21:32:42 +00:00
David Shaw
b625a6d1a9 (generate): Tweak to allow keys larger than 1024 bits. Enforce that the q
size doesn't end between byte boundaries.
2006-04-20 21:11:56 +00:00
David Shaw
2f94329422 The plumbing necessary to create DSA keys with variable sized q.
Not yet used (q==160).
2006-04-20 18:40:37 +00:00
David Shaw
99b1f3e1da * gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): Add
SHA-224.

* sign.c (write_plaintext_packet), encode.c (encode_simple): Factor
common literal packet setup code from here, to...

* main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure the
literal packet filename field is UTF-8 encoded.

* options.h, gpg.c (main): Make sure --set-filename is UTF-8 encoded
and note when filenames are already UTF-8.
2006-04-20 02:36:05 +00:00
David Shaw
ebdd458f82 * sigs.test, mds.test: Add tests for SHA-224, SHA-384, and SHA-512. 2006-04-20 02:12:34 +00:00
David Shaw
f0902a6aef Add SHA-224 support 2006-04-20 02:05:32 +00:00
Werner Koch
d0907e64f4 Continued with merging.
Still does not build.
2006-04-19 13:24:36 +00:00
Werner Koch
29b23dea97 Merged with gpg 1.4.3 code.
The gpg part does not yet build.
2006-04-19 11:26:11 +00:00
David Shaw
36ce455f15 * keyedit.c (menu_backsign): Give some more verbose errors when we
have no need to backsign.
2006-04-19 04:29:31 +00:00
David Shaw
0b33740f4e * gpg.sgml: Reminders that --cipher-algo, --digest-algo, and
--compress-algo should be avoided.
2006-04-19 03:56:23 +00:00
David Shaw
45c1414a2f * miscutil.c (make_printable_string): Fix bug where some control
characters lose part of their ASCII representation.
2006-04-17 20:54:15 +00:00
Marcus Brinkmann
751a3aeea7 2006-04-14 Marcus Brinkmann <marcus@g10code.de>
* app.c (select_application): Cover up a slot mismatch error in
	case it happens (it shouldn't happen).
	(release_application): Use APP->slot.  Lock the reader.
	(application_notify_card_removed): Lock the reader.
2006-04-14 20:40:00 +00:00
Werner Koch
b2f4b15b7c use minimal posix sed 2006-04-12 10:36:23 +00:00