security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Activity
gnupg/g10
History
Werner Koch 1303b0ed84
gpg: Do not use self-sigs-only for LDAP keyserver imports. 
* dirmngr/ks-engine-ldap.c (ks_ldap_get): Print a SOURCE status.
* g10/options.h (opts): New field expl_import_self_sigs_only.
* g10/import.c (parse_import_options): Set it.
* g10/keyserver.c (keyserver_get_chunk): Add special options for LDAP.
--

I can be assumed that configured LDAP servers are somehow curated and
not affected by rogue key signatures as the HKP servers are.  Thus we
can allow the import of key signature from LDAP keyservers by default.

GnuPG-bug-id: 5387
 		2021-04-13 14:50:05 +02:00
..
ChangeLog-2011 Spelling: correct spelling of "passphrase". 2016-11-02 12:53:58 +01:00
Makefile.am w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
all-tests.scm tests: Make it possible to run all tests using our infrastructure. 2017-05-11 18:12:37 +02:00
armor.c g10: Fix possible null dereference. 2019-05-14 11:24:35 +09:00
build-packet.c gpg: Do not allow creation of user ids larger than our parser allows. 2019-05-21 16:28:11 +02:00
call-agent.c card: Run factory-reset in locked stated. 2020-11-09 13:04:38 +01:00
call-agent.h gpg,gpgsm: Record the creation time of a private key. 2020-08-23 12:31:18 +02:00
call-dirmngr.c dirmngr: Store all version 2 schema attributes. 2020-12-17 11:08:31 +01:00
call-dirmngr.h gpg: Store key origin info for new DANE and WKD retrieved keys. 2017-07-24 20:09:52 +02:00
card-util.c card: Run factory-reset in locked stated. 2020-11-09 13:04:38 +01:00
cipher.c gpg: Remove MDC options 2018-05-31 12:08:22 +02:00
compress-bz2.c g10,tools: Fix bzlib.h include order. 2017-04-11 13:52:19 +09:00
compress.c gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
cpr.c spelling: Fix "synchronize" 2019-06-23 20:17:47 -04:00
dearmor.c Revert "g10: Always save standard revocation certificate in file." 2017-08-01 19:08:16 +02:00
decrypt-data.c common: Change argument order of log_printhex. 2020-05-12 18:51:47 +02:00
decrypt.c gpg: Fix using --decrypt along with --use-embedded-filename. 2019-05-17 13:42:42 +02:00
dek.h gpg: Support decryption of the new AEAD packet 2020-04-16 08:25:55 +02:00
delkey.c gpg: Print a hint for --batch mode and --delete-secret-key. 2020-03-18 15:26:43 +01:00
distsigkey.gpg Add a new dist signing key 2020-08-24 19:48:13 +02:00
ecdh.c common: Change argument order of log_printhex. 2020-05-12 18:51:47 +02:00
encrypt.c gpg: Switch to AES256 for symmetric encryption in de-vs mode. 2020-11-03 15:42:59 +01:00
exec.c w32: Support Unicode also for config files etc. 2020-11-10 12:09:11 +01:00
exec.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
export.c gpg: Do not close stdout after --export-ssh-key 2020-07-16 11:38:40 +02:00
filter.h gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
free-packet.c gpg: Fix possible double free of the card serialno. 2017-07-21 17:49:10 +02:00
getkey.c gpg: New AKL method "ntds" 2020-12-17 18:19:01 +01:00
gpg-w32info.rc w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpg.c gpg: Fix new pseudo option compliance_de_vs 2021-04-06 09:30:24 +02:00
gpg.h gpg: Fix build on Windows. 2018-03-08 14:08:51 +09:00
gpg.w32-manifest.in w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
gpgcompose.c build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:37:34 +01:00
gpgsql.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
gpgsql.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gpgv-w32info.rc w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
gpgv.c Merge branch 'wk/stable-2.2-global-options' into STABLE-BRANCH-2-2 2020-12-18 11:23:01 +01:00
gpgv.w32-manifest.in w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
helptext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
import.c gpg: Do not use self-sigs-only for LDAP keyserver imports. 2021-04-13 14:50:05 +02:00
kbnode.c gpg: Avoid importing secret keys if the keyblock is not valid. 2019-03-18 13:16:35 +01:00
key-check.c gpg: Fix segv importing certain keys. 2020-09-02 16:06:46 +02:00
key-check.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
key-clean.c gpg: Remove multiple subkey bindings during export-clean. 2018-07-09 12:07:24 +02:00
key-clean.h gpg: Let export-clean remove expired subkeys. 2018-07-09 10:25:06 +02:00
keydb.c w32: Support Unicode also for config files etc. 2020-11-10 12:09:11 +01:00
keydb.h gpg: Fix the encrypt+sign hash algo preference selection for ECDSA. 2020-11-13 16:02:00 +01:00
keyedit.c gpg: New option --force-sign-key 2021-03-11 11:32:00 +01:00
keyedit.h gpg: New command --quick-revoke-sig 2020-10-28 18:10:01 +01:00
keygen.c gpg: Support brainpool keygen with "key from card". 2020-11-11 14:52:32 +01:00
keyid.c common: Change argument order of log_printhex. 2020-05-12 18:51:47 +02:00
keylist.c gpg: New command --quick-revoke-sig 2020-10-28 18:10:01 +01:00
keyring.c Replace all calls to stat by gnupg_stat. 2020-10-23 11:15:59 +02:00
keyring.h gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
keyserver-internal.h gpg: New AKL method "ntds" 2020-12-17 18:19:01 +01:00
keyserver.c gpg: Do not use self-sigs-only for LDAP keyserver imports. 2021-04-13 14:50:05 +02:00
main.h gpg: Do not use weak digest algos if selected by recipient prefs. 2020-11-02 17:48:02 +01:00
mainproc.c Include the library version in the compliance checks. 2021-01-28 16:01:53 +01:00
mdfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
migrate.c Replace most of the remaining stdio calls by estream calls. 2020-10-21 21:09:38 +02:00
misc.c gpg: Do not print rejected digest algo notes with --quiet. 2020-11-09 08:34:24 +01:00
openfile.c common: Fix duplicate implementation of try_make_homedir. 2020-11-04 16:25:57 +01:00
options.h gpg: Do not use self-sigs-only for LDAP keyserver imports. 2021-04-13 14:50:05 +02:00
packet.h gpg: Show AEAD preferences 2020-04-16 08:36:28 +02:00
parse-packet.c gpg: Support decryption of the new AEAD packet 2020-04-16 08:25:55 +02:00
passphrase.c gpg: Add canceled status message. 2020-11-09 11:53:33 +01:00
photoid.c gpg: Keep temp files when opening images via xdg-open 2021-03-01 09:47:21 +01:00
photoid.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
pkclist.c gpg: Fix the encrypt+sign hash algo preference selection for ECDSA. 2020-11-13 16:02:00 +01:00
pkglue.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pkglue.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
plaintext.c w32: Support Unicode also for config files etc. 2020-11-10 12:09:11 +01:00
progress.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pubkey-enc.c sm: Exclude rsaPSS from de-vs compliance mode. 2020-07-03 17:08:58 +02:00
pubring.asc Update copyright notices for 2017. 2017-01-23 19:16:55 +01:00
revoke.c gpg: New command --quick-revoke-sig 2020-10-28 18:10:01 +01:00
rmd160.c Clean up word replication. 2017-02-21 13:11:46 -05:00
rmd160.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
seckey-cert.c More change for common. 2017-03-07 20:32:09 +09:00
server.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
seskey.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
sig-check.c gpg: Do not use weak digest algos if selected by recipient prefs. 2020-11-02 17:48:02 +01:00
sign.c gpg: Initialize a variable even in a never used code path. 2020-12-23 16:06:09 +01:00
skclist.c gpg: Fix double free with anonymous recipients. 2019-11-29 17:44:12 +01:00
t-keydb-get-keyblock.c gpg: Fix actual leak and possible leaks in the packet parser. 2017-03-30 16:01:52 +02:00
t-keydb-get-keyblock.gpg gpg: Correctly handle keyblocks followed by legacy keys. 2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx g10: Add test for keydb as well as new testing infrastructure. 2015-09-02 15:08:57 +02:00
t-keydb.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-rmd160.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-stutter-data.asc gpg: Add a new test. 2016-03-08 14:08:49 +01:00
t-stutter.c g10: Stop compiler warning for t-stutter. 2017-05-10 11:13:03 +09:00
tdbdump.c gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
tdbio.c Replace all calls to stat by gnupg_stat. 2020-10-23 11:15:59 +02:00
tdbio.h gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
test-stubs.c gpg: New AKL method "ntds" 2020-12-17 18:19:01 +01:00
test.c build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:37:34 +01:00
textfilter.c gpg: Initialize a parameter to silence valgrind. 2020-09-04 11:24:34 +02:00
tofu.c Replace all calls to stat by gnupg_stat. 2020-10-23 11:15:59 +02:00
tofu.h g10: Remove dead code. 2016-12-06 12:16:56 +01:00
trust.c gpg: Move key cleaning functions to a separate file. 2018-07-09 10:24:37 +02:00
trustdb.c gpg: Fix --trusted-key with fingerprint arg. 2020-12-18 17:10:01 +01:00
trustdb.h gpg: Move key cleaning functions to a separate file. 2018-07-09 10:24:37 +02:00
verify.c gpg: Make really sure that --verify-files always returns an error. 2020-02-10 15:33:53 +01:00
zlib-riscos.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00