security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-10-31 20:08:43 +01:00
Code Activity
3,442 Commits 101 Branches 306 Tags 73 MiB
f61e15670a
Commit Graph

3442 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Shaw
ebdd458f82 * sigs.test, mds.test: Add tests for SHA-224, SHA-384, and SHA-512. 2006-04-20 02:12:34 +00:00
David Shaw
f0902a6aef Add SHA-224 support 2006-04-20 02:05:32 +00:00
Werner Koch
d0907e64f4 Continued with merging. 
Still does not build.
 2006-04-19 13:24:36 +00:00
Werner Koch
29b23dea97 Merged with gpg 1.4.3 code. 
The gpg part does not yet build.
 2006-04-19 11:26:11 +00:00
David Shaw
36ce455f15 * keyedit.c (menu_backsign): Give some more verbose errors when we 
have no need to backsign.
 2006-04-19 04:29:31 +00:00
David Shaw
0b33740f4e * gpg.sgml: Reminders that --cipher-algo, --digest-algo, and 
--compress-algo should be avoided.
 2006-04-19 03:56:23 +00:00
David Shaw
45c1414a2f * miscutil.c (make_printable_string): Fix bug where some control 
characters lose part of their ASCII representation.
 2006-04-17 20:54:15 +00:00
Marcus Brinkmann
751a3aeea7 2006-04-14 Marcus Brinkmann <marcus@g10code.de> 
* app.c (select_application): Cover up a slot mismatch error in
	case it happens (it shouldn't happen).
	(release_application): Use APP->slot.  Lock the reader.
	(application_notify_card_removed): Lock the reader.
 2006-04-14 20:40:00 +00:00
Werner Koch
b2f4b15b7c use minimal posix sed 2006-04-12 10:36:23 +00:00
David Shaw
8df71cf868 * memory.c (realloc): Revert m_guard fix and stick an #error in there to 
inform people not to use it.
 2006-04-11 19:45:44 +00:00
David Shaw
27bb89d687 * options.skel, photoid.c (get_default_photo_command): Find an image 
viewer at runtime.  Seems FC5 doesn't have xloadimage.
 2006-04-11 19:20:08 +00:00
Werner Koch
c664309a0a Added command APDU 2006-04-11 13:53:21 +00:00
Werner Koch
2830e83246 . 2006-04-11 07:50:34 +00:00
Werner Koch
168583e596 Add new regression test 2006-04-11 07:49:25 +00:00
David Shaw
ed776a913f * gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quote 
directly into place rather than mallocing temporary buffers.
 2006-04-11 03:25:25 +00:00
David Shaw
af0a0ae6ee * gpgkeys_ldap.c (get_name): Build strings with strcat rather than 
using sprintf which is harder to read and modify.
 2006-04-11 03:13:46 +00:00
David Shaw
3011a39284 * ksutil.h, ksutil.c (classify_ks_search): Add KS_SEARCH_KEYID_SHORT 
and KS_SEARCH_KEYID_LONG to search for a key ID.

* gpgkeys_ldap.c (search_key): Use it here to flip from pgpUserID
searches to pgpKeyID or pgpCertID.
 2006-04-11 03:00:50 +00:00
David Shaw
1bf02666fb * gpg.sgml: Some typo fixes. This is Debian 361324. 2006-04-09 23:22:24 +00:00
Moritz Schulte
76cb368202 2006-04-09 Moritz Schulte <moritz@g10code.com> 
* command-ssh.c (ssh_request_process): Removed FIXME mentioning a
	possible DoS attack.
 2006-04-09 11:31:37 +00:00
David Shaw
51e88a5fdb * getkey.c (parse_auto_key_locate): Fix dupe-removal code. 
* keyedit.c (menu_backsign): Allow backsigning even if the secret
subkey doesn't have a binding signature.

* armor.c (radix64_read): Don't report EOF when reading only a pad (=)
character.  The EOF actually starts after the pad.

* gpg.c (main): Make --export, --send-keys, --recv-keys,
--refresh-keys, and --fetch-keys follow their arguments from left to
right.  Suggested by Peter Palfrader.
 2006-04-09 03:34:09 +00:00
Werner Koch
4fdc6387c3 Fixed segv 2006-04-08 01:23:23 +00:00
Werner Koch
e5a03c84f7 See ChangeLog 2006-04-08 00:36:51 +00:00
David Shaw
4af2725d32 * memory.c (realloc): Fix compile problem with --enable-m-guard. 2006-04-06 17:58:13 +00:00
Werner Koch
f3c5360ca1 Renamed 2006-04-05 17:00:13 +00:00
David Shaw
1f6fba7c52 * make-dns-cert.c: Some changes from Peter Palfrader to send errors to 
stderr and allow spaces in a fingerprint.  Also warn when a key is
over 16k (as that is the default max-cert-size) and fail when a key is
over 64k as that is the DNS limit in many places.
 2006-04-05 14:25:40 +00:00
David Shaw
d855bd31ab * make-dns-cert.c: New program to generate properly formatted CERT records 
so people don't have to do it manually.
 2006-04-04 22:19:13 +00:00
Werner Koch
91497480aa post release updates 2006-04-03 11:16:19 +00:00
Werner Koch
256f67675f About to release 1.4.3 2006-04-03 10:13:23 +00:00
Moritz Schulte
4a31738bd1 2006-04-01 Moritz Schulte <moritz@g10code.com> 
* command-ssh.c (ssh_identity_register): Make KEY_GRIP_RAW be 20
	instead of 21 bytes long; do not fill KEY_GRIP_RAW[20] with NUL
	byte - KEY_GRIP_RAW is a raw binary string anyway.
 2006-04-01 11:04:14 +00:00
David Shaw
4afa4eb10e * getkey.c (get_pubkey_byname): Fix missing auto_key_retrieve unlock. 
Fix strings to not start with a capital letter as per convention.
 2006-04-01 02:47:53 +00:00
David Shaw
66965ccc29 Update copyright 2006-03-30 23:55:45 +00:00
David Shaw
92e1528bf2 * main.h, seskey.c (encode_md_value): Modify to allow a q size greater 
than 160 bits as per DSA2.  This will allow us to verify and issue DSA2
signatures for some backwards compatibility once we start generating DSA2
keys.
* sign.c (do_sign), sig-check.c (do_check): Change all callers.

* sign.c (do_sign): Enforce the 160-bit check for new signatures here
since encode_md_value can handle non-160-bit digests now. This will need
to come out once the standard for DSA2 is firmed up.
 2006-03-30 19:20:59 +00:00
David Shaw
a43c1bc874 * README: Some more notes about building fat binaries. 2006-03-30 14:19:08 +00:00
David Shaw
f99dec9e53 * cert.c (main): Fix test program build warning on OSX. 2006-03-30 14:13:35 +00:00
David Shaw
0ea95fd80f * gpgkeys_ldap.c: #define LDAP_DEPRECATED for newer OpenLDAPs so they use 
the regular old API that is compatible with other LDAP libraries.
 2006-03-27 19:06:46 +00:00
David Shaw
025aabfd8e * README: Missing some instructions on building a fat binary. 2006-03-25 03:05:30 +00:00
David Shaw
97b0606a95 * getkey.c (parse_auto_key_locate): Silently strip out duplicates rather 
than causing an error.
 2006-03-22 23:05:32 +00:00
Werner Koch
ac46433052 Changed URLs 2006-03-22 16:43:59 +00:00
David Shaw
5531da1cfc * mainproc.c (get_pka_address): Fix bug introduced as part of 
sig_to_notation conversion.  Noted by Peter Palfradrer.
 2006-03-22 14:37:53 +00:00
Werner Koch
7f99c71839 Allow for rmd160 signatures when using gpg-agent. 2006-03-21 13:01:45 +00:00
Werner Koch
79f749fec9 Allo RMD160 signatures 2006-03-21 12:48:51 +00:00
Werner Koch
6b19366e4e Add Kludge for RegTP sillyness. 2006-03-21 09:56:47 +00:00
David Shaw
70f1c32ffd * blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Revert previous 
change.  It's now all done in configure.
 2006-03-20 16:40:28 +00:00
David Shaw
ca766728f4 * configure.ac: Improved --disable-endian-check that doesn't involve 
changing #ifdefs in the rest of the code.
 2006-03-20 16:13:52 +00:00
David Shaw
7fcba082c9 * configure.ac: Add --disable-endian-check for building fat binaries 
on OSX.

* README: Add note on how to build a fat binary on OSX.
 2006-03-20 00:57:33 +00:00
David Shaw
0f4f660d5f * blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Use '#if' 
rather than '#ifdef' BIG_ENDIAN_HOST.  Harmless as we explicitly
define BIG_ENDIAN_HOST to 1 when we need it, but needed for OSX fat
builds when we define BIG_ENDIAN_HOST to another macro.
 2006-03-20 00:39:44 +00:00
David Shaw
f4547924cb * configure.ac: Allow the DNS stuff to work on OSX by trying the 
Apple-specific BIND_8_COMPAT.
 2006-03-18 05:36:32 +00:00
David Shaw
3cfc77097d * keyserver.c (keyserver_import_cert): Handle the IPGP CERT type for 
both the fingerprint alone, and fingerprint+URL cases.

* getkey.c (get_pubkey_byname): Minor cleanup.
 2006-03-17 05:20:13 +00:00
David Shaw
e0ad2bda52 * cert.c (get_cert): Handle the fixed IPGP type with fingerprint. 2006-03-16 22:40:04 +00:00
David Shaw
9f524c4a04 * keyserver-internal.h, keyserver.c (keyserver_import_pka): Use the 
same API as the other auto-key-locate fetchers.

* getkey.c (get_pubkey_byname): Use the fingerprint of the key that we
actually fetched.  This helps prevent problems where the key that we
fetched doesn't have the same name that we used to fetch it.  In the
case of CERT and PKA, this is an actual security requirement as the
URL might point to a key put in by an attacker.  By forcing the use of
the fingerprint, we won't use the attacker's key here.
 2006-03-14 03:16:21 +00:00