security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Activity
gnupg/g10
History
Werner Koch 23c9786408
gpg: Add "self-sigs-only" and "import-clean" to the keyserver options. 
* g10/gpg.c (main): Change default.
--

Due to the DoS attack on the keyeservers we do not anymore default to
import key signatures.  That makes the keyserver unsuable for getting
keys for the WoT but it still allows to retriev keys - even if that
takes long to download the large keyblocks.

To revert to the old behavior add

  keyserver-optiions  no-self-sigs-only,no-import-clean

to gpg.conf.

GnuPG-bug-id: 4607
Signed-off-by: Werner Koch <wk@gnupg.org>
 		2019-07-04 15:45:39 +02:00
..
ChangeLog-2011 Spelling: correct spelling of "passphrase". 2016-11-02 12:53:58 +01:00
Makefile.am gpg: New caching functions. 2019-04-13 11:48:58 +02:00
all-tests.scm tests: Make it possible to run all tests using our infrastructure. 2017-05-11 18:12:37 +02:00
armor.c g10: Fix possible null dereference. 2019-05-14 11:20:07 +09:00
build-packet.c gpg: Do not allow creation of user ids larger than our parser allows. 2019-05-21 16:25:56 +02:00
call-agent.c g10,agent: Support CONFIRM for --delete-key. 2019-06-04 09:17:21 +09:00
call-agent.h gpg: Improve the code to decrypt using PIV cards. 2019-04-03 17:45:35 +02:00
call-dirmngr.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
call-dirmngr.h gpg: Store key origin info for new DANE and WKD retrieved keys. 2017-07-24 20:09:52 +02:00
card-util.c gpg: Unify the the use of the print_pubkey_info functions. 2019-05-21 13:02:32 +02:00
cipher-aead.c g10: Fix log_debug formatting. 2018-11-08 12:14:23 +09:00
cipher-cfb.c gpg: Remove MDC options 2018-05-29 12:42:52 +02:00
compress-bz2.c g10,tools: Fix bzlib.h include order. 2017-04-11 13:52:19 +09:00
compress.c gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
cpr.c spelling: Fix "synchronize" 2019-06-23 20:21:02 -04:00
dearmor.c Revert "g10: Always save standard revocation certificate in file." 2017-08-01 19:08:16 +02:00
decrypt-data.c gpg: Very minor code cleanup. 2019-06-21 11:42:59 +02:00
decrypt.c gpg: Fix using --decrypt along with --use-embedded-filename. 2019-05-17 13:40:24 +02:00
dek.h gpg: First take on PKT_ENCRYPTED_AEAD. 2018-01-21 16:30:53 +01:00
delkey.c gpg: Allow deletion of subkeys with --delete-[secret-]key. 2019-05-27 10:40:38 +02:00
distsigkey.gpg build: Update distsigkey.gpg 2017-11-22 20:54:47 +01:00
ecdh.c Fix the previous commit. 2019-03-14 08:23:38 +09:00
encrypt.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
exec.c gpg: Improve the photo image viewer selection. 2019-05-17 12:47:13 +02:00
exec.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
export.c gpg: Make the get_pubkey_byname interface easier to understand. 2019-07-04 10:42:48 +02:00
filter.h g10/armor: use libgcrypt's CRC24 implementation 2018-11-08 21:31:12 +02:00
free-packet.c gpg: Fix possible double free of the card serialno. 2017-07-21 17:49:10 +02:00
getkey.c gpg: Avoid printing false AKL error message. 2019-07-04 15:21:39 +02:00
gpg-w32info.rc w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpg.c gpg: Add "self-sigs-only" and "import-clean" to the keyserver options. 2019-07-04 15:45:39 +02:00
gpg.h Merge branch 'STABLE-BRANCH-2-2' into master 2018-03-27 08:48:00 +02:00
gpg.w32-manifest.in w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpgcompose.c gpg: Make the get_pubkey_byname interface easier to understand. 2019-07-04 10:42:48 +02:00
gpgsql.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
gpgsql.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gpgv.c g10: Change decryption key selection for public key encryption. 2018-08-27 13:12:31 +09:00
helptext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
import.c gpg: Fallback to import with self-sigs-only on too large keyblocks. 2019-07-01 21:53:55 +02:00
kbnode.c gpg: Avoid importing secret keys if the keyblock is not valid. 2019-03-15 20:41:38 +01:00
key-check.c gpg: Improve import's repair-key duplicate signature detection. 2018-06-07 18:41:17 +02:00
key-check.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
key-clean.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
key-clean.h headers: fix spelling 2018-10-25 16:53:05 -04:00
keydb.c gpg: Do not bail on an invalid packet in the local keyring. 2019-05-21 17:27:42 +02:00
keydb.h gpg: New command --locate-external-key. 2019-07-04 15:13:26 +02:00
keyedit.c gpg: Make the get_pubkey_byname interface easier to understand. 2019-07-04 10:42:48 +02:00
keyedit.h gpg: During secret key import print "sec" instead of "pub". 2019-03-15 19:14:34 +01:00
keygen.c gpg: Do not allow creation of user ids larger than our parser allows. 2019-05-21 16:25:56 +02:00
keyid.c gpg: Cache a once computed fingerprint in PKT_public_key. 2019-04-12 11:11:09 +02:00
keylist.c gpg: New command --locate-external-key. 2019-07-04 15:13:26 +02:00
keyring.c kbx: Unify the fingerprint search modes. 2019-03-14 14:55:06 +01:00
keyring.h gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
keyserver-internal.h gpg: Pass key origin values to import functions. 2017-07-13 18:29:01 +02:00
keyserver.c gpg: Do not print a hint to use the deprecated --keyserver option. 2019-05-14 07:56:10 +02:00
main.h gpg: New command --locate-external-key. 2019-07-04 15:13:26 +02:00
mainproc.c gpg: Print modern style key info for non-decryptable keys. 2019-04-03 09:04:49 +02:00
mdfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
migrate.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
misc.c gpg: Allow generating Ed25519 key from an existing key. 2019-01-30 11:28:14 +01:00
objcache.c gpg: New caching functions. 2019-04-13 11:48:58 +02:00
objcache.h gpg: New caching functions. 2019-04-13 11:48:58 +02:00
openfile.c gpg: Rename a misnomed arg in open_outfile. 2018-01-28 18:59:18 +01:00
options.h gpg: New import and keyserver option "self-sigs-only" 2019-07-01 15:15:30 +02:00
packet.h gpg: Do not allow creation of user ids larger than our parser allows. 2019-05-21 16:25:56 +02:00
parse-packet.c gpg: Do not allow creation of user ids larger than our parser allows. 2019-05-21 16:25:56 +02:00
passphrase.c gpg: Move S2K encoding function to a shared file. 2019-01-26 23:10:38 +01:00
photoid.c gpg: Improve the photo image viewer selection. 2019-05-17 12:47:13 +02:00
photoid.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
pkclist.c gpg: New command --locate-external-key. 2019-07-04 15:13:26 +02:00
pkglue.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pkglue.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
plaintext.c gpg: Fix using --decrypt along with --use-embedded-filename. 2019-05-17 13:40:24 +02:00
progress.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pubkey-enc.c gpg: Allow decryption using PIV cards. 2019-04-03 15:30:10 +02:00
pubring.asc Update copyright notices for 2017. 2017-01-23 19:16:55 +01:00
revoke.c gpg: Unify the the use of the print_pubkey_info functions. 2019-05-21 13:02:32 +02:00
rmd160.c Clean up word replication. 2017-02-21 13:11:46 -05:00
rmd160.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
seckey-cert.c More change for common. 2017-03-07 20:32:09 +09:00
server.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
seskey.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
sig-check.c sm: Add yet inactive options to support authenticode 2019-04-30 08:28:54 +02:00
sign.c gpg: Change update_keysig_packet to replace SHA-1 by SHA-256. 2019-05-13 19:01:28 +02:00
skclist.c gpg: Improve the code to decrypt using PIV cards. 2019-04-03 17:45:35 +02:00
t-keydb-get-keyblock.c gpg: Fix actual leak and possible leaks in the packet parser. 2017-03-30 16:01:52 +02:00
t-keydb-get-keyblock.gpg gpg: Correctly handle keyblocks followed by legacy keys. 2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx g10: Add test for keydb as well as new testing infrastructure. 2015-09-02 15:08:57 +02:00
t-keydb.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-rmd160.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-stutter-data.asc gpg: Add a new test. 2016-03-08 14:08:49 +01:00
t-stutter.c g10: Stop compiler warning for t-stutter. 2017-05-10 11:13:03 +09:00
tdbdump.c Merge branch 'STABLE-BRANCH-2-2' into master 2018-03-27 08:48:00 +02:00
tdbio.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
tdbio.h gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
test-stubs.c g10: Change decryption key selection for public key encryption. 2018-08-27 13:12:31 +09:00
test.c tests: Locate resources and scripts relative to top source dir. 2017-04-24 14:14:05 +02:00
textfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
tofu.c gpg: Fixed i18n markup of some strings. 2019-05-27 12:55:06 +02:00
tofu.h g10: Remove dead code. 2016-12-06 12:16:56 +01:00
trust.c gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
trustdb.c common: Prepare for parsing mail sub-addresses. 2018-11-12 07:44:33 +01:00
trustdb.h gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
verify.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
zlib-riscos.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00