security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity
gnupg/g10
History
Werner Koch 6c26e593df
gpg: Do not use self-sigs-only for LDAP keyserver imports. 
* dirmngr/ks-engine-ldap.c (ks_ldap_get): Print a SOURCE status.
* g10/options.h (opts): New field expl_import_self_sigs_only.
* g10/import.c (parse_import_options): Set it.
* g10/keyserver.c (keyserver_get_chunk): Add special options for LDAP.
--

I can be assumed that configured LDAP servers are somehow curated and
not affected by rogue key signatures as the HKP servers are.  Thus we
can allow the import of key signature from LDAP keyservers by default.

GnuPG-bug-id: 5387
 		2021-04-13 14:33:50 +02:00
..
ChangeLog-2011 Spelling: correct spelling of "passphrase". 2016-11-02 12:53:58 +01:00
Makefile.am gpg: Remove more or less useless tool gpgcompose. 2021-02-02 13:06:33 +01:00
all-tests.scm tests: Make it possible to run all tests using our infrastructure. 2017-05-11 18:12:37 +02:00
armor.c g10: Fix possible null dereference. 2019-05-14 11:20:07 +09:00
build-packet.c gpg,ecc: Handle external representation as SOS with opaque MPI. 2020-06-09 10:32:47 +09:00
call-agent.c gpg: Add new command keytotpm to convert a private key to TPM format 2021-03-10 13:34:18 +01:00
call-agent.h gpg: Add new command keytotpm to convert a private key to TPM format 2021-03-10 13:34:18 +01:00
call-dirmngr.c gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
call-dirmngr.h gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
call-keyboxd.c gpg: New experimental import option "bulk-import" 2020-09-24 16:47:10 +02:00
card-util.c gpg: Change API of agent_scd_serialno. 2020-11-20 17:19:45 +09:00
cipher-aead.c g10: Fix log_debug formatting. 2018-11-08 12:14:23 +09:00
cipher-cfb.c gpg: Remove MDC options 2018-05-29 12:42:52 +02:00
compress-bz2.c g10,tools: Fix bzlib.h include order. 2017-04-11 13:52:19 +09:00
compress.c gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
cpr.c Use only one copy of the warn_server_mismatch function. 2020-09-01 20:43:57 +02:00
dearmor.c Revert "g10: Always save standard revocation certificate in file." 2017-08-01 19:08:16 +02:00
decrypt-data.c gpg: Make AEAD modes subject to compliance checks. 2020-04-16 08:52:29 +02:00
decrypt.c gpg: Fix using --decrypt along with --use-embedded-filename. 2019-05-17 13:40:24 +02:00
dek.h gpg: More check for symmetric key encryption. 2019-07-18 11:02:34 +09:00
delkey.c gpg: Fix the previous commit. 2020-11-11 09:13:13 +09:00
distsigkey.gpg Add a new dist signing key 2020-08-24 19:47:26 +02:00
ecdh.c gpg: Allow ECDH with a smartcard returning just the x-ccordinate. 2021-03-29 14:36:52 +02:00
encrypt.c gpg: Do not allow old cipher algorithms for encryption. 2021-02-10 14:40:02 +01:00
exec.c w32: Change spawn functions to use Unicode version of CreateProcess. 2021-03-08 21:53:28 +01:00
exec.h gpg: photoid: Move functions from exec.c. 2019-07-25 11:21:58 +09:00
expand-group.c gpg: Fix expand GPG groups when resolving a key 2019-09-30 14:08:13 +02:00
export.c gpg: Support exporting Ed448 SSH key. 2021-03-22 16:57:18 +09:00
filter.h g10/armor: use libgcrypt's CRC24 implementation 2018-11-08 21:31:12 +02:00
free-packet.c gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
getkey.c gpg: Minor restructuring of a function. 2021-04-12 17:50:17 +02:00
gpg-w32info.rc w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpg.c Release GnuPG 2.3.0 2021-04-07 19:04:46 +02:00
gpg.h gpg: Change the way v5 fingerprints are printed. 2019-11-28 12:05:32 +01:00
gpg.w32-manifest.in w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpgsql.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
gpgsql.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gpgv.c gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
helptext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
import.c gpg: Do not use self-sigs-only for LDAP keyserver imports. 2021-04-13 14:33:50 +02:00
kbnode.c gpg: Avoid importing secret keys if the keyblock is not valid. 2019-03-15 20:41:38 +01:00
key-check.c gpg: Fix debug output for key_check_all_keysigs with opaque MPI. 2020-11-02 11:32:27 +09:00
key-check.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
key-clean.c gpg: Sort the signatures in standard key listings. 2020-10-27 17:21:19 +01:00
key-clean.h headers: fix spelling 2018-10-25 16:53:05 -04:00
keydb-private.h gpg: Set the found-by flags in the keyblock in keyboxd mode. 2020-09-22 16:20:41 +02:00
keydb.c w32: Replace some fopen by es_fopen. 2020-11-11 15:23:22 +01:00
keydb.h gpg: Fix the encrypt+sign hash algo preference selection for ECDSA. 2020-11-13 16:34:21 +01:00
keyedit.c gpg: New option --force-sign-key 2021-03-11 11:27:07 +01:00
keyedit.h gpg: New command --quick-revoke-sig 2020-10-28 17:06:27 +01:00
keygen.c gpg: Ed448 and X448 are only for v5. 2021-04-08 16:49:20 +09:00
keyid.c gpg: Fix compute_fingerprint for ECC with SOS. 2021-03-12 16:15:04 +09:00
keylist.c gpg: New command --quick-revoke-sig 2020-10-28 17:06:27 +01:00
keyring.c Replace all calls to stat by gnupg_stat. 2020-10-20 16:38:06 +02:00
keyring.h gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
keyserver-internal.h gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
keyserver.c gpg: Do not use self-sigs-only for LDAP keyserver imports. 2021-04-13 14:33:50 +02:00
main.h gpg: Do not use weak digest algos if selected by recipient prefs. 2020-11-02 13:45:19 +01:00
mainproc.c gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
mdfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
migrate.c Replace most of the remaining stdio calls by estream calls. 2020-10-20 12:15:56 +02:00
misc.c gpg: Do not allow old cipher algorithms for encryption. 2021-02-10 14:40:02 +01:00
objcache.c Spelling cleanup. 2020-02-18 18:07:46 -05:00
objcache.h gpg: Fix getting User ID. 2019-07-11 12:32:44 +09:00
openfile.c common: Fix duplicate implementation of try_make_homedir. 2020-11-04 16:13:04 +01:00
options.h gpg: Do not use self-sigs-only for LDAP keyserver imports. 2021-04-13 14:33:50 +02:00
packet.h gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
parse-packet.c gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
passphrase.c gpg: Add canceled status message. 2020-11-05 11:19:15 -08:00
photoid.c gpg: Keep temp files when opening images via xdg-open 2021-03-01 09:43:26 +01:00
photoid.h gpg: A little clean up. 2019-07-23 12:04:21 +09:00
pkclist.c gpg: Do not allow old cipher algorithms for encryption. 2021-02-10 14:40:02 +01:00
pkglue.c gpg: Support ECDH with v5 key. 2021-03-24 14:51:42 +09:00
pkglue.h gpg: Use bytes for ECDH. 2020-06-09 15:45:51 +09:00
plaintext.c w32: Replace some fopen by es_fopen. 2020-11-11 15:23:22 +01:00
progress.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pubkey-enc.c gpg: Support ECDH with v5 key. 2021-03-24 14:51:42 +09:00
pubring.asc Update copyright notices for 2017. 2017-01-23 19:16:55 +01:00
revoke.c gpg: New command --quick-revoke-sig 2020-10-28 17:06:27 +01:00
rmd160.c Clean up word replication. 2017-02-21 13:11:46 -05:00
rmd160.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
seckey-cert.c More change for common. 2017-03-07 20:32:09 +09:00
server.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
seskey.c gpg,ecc: Handle external representation as SOS with opaque MPI. 2020-06-09 10:32:47 +09:00
sig-check.c gpg: Do not use weak digest algos if selected by recipient prefs. 2020-11-02 13:45:19 +01:00
sign.c gpg: Minor restructuring of a function. 2021-04-12 17:50:17 +02:00
skclist.c gpg: Change API of agent_scd_serialno. 2020-11-20 17:19:45 +09:00
t-keydb-get-keyblock.c gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
t-keydb-get-keyblock.gpg gpg: Correctly handle keyblocks followed by legacy keys. 2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx g10: Add test for keydb as well as new testing infrastructure. 2015-09-02 15:08:57 +02:00
t-keydb.c gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
t-rmd160.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-stutter-data.asc gpg: Add a new test. 2016-03-08 14:08:49 +01:00
t-stutter.c g10: Stop compiler warning for t-stutter. 2017-05-10 11:13:03 +09:00
tdbdump.c Merge branch 'STABLE-BRANCH-2-2' into master 2018-03-27 08:48:00 +02:00
tdbio.c Replace all calls to stat by gnupg_stat. 2020-10-20 16:38:06 +02:00
tdbio.h gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
test-stubs.c gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
test.c build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:50:47 +01:00
textfilter.c gpg: Initialize a parameter to silence valgrind. 2020-09-04 11:32:47 +02:00
tofu.c Replace all calls to stat by gnupg_stat. 2020-10-20 16:38:06 +02:00
tofu.h g10: Remove dead code. 2016-12-06 12:16:56 +01:00
trust.c gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
trustdb.c gpg: Sort the signatures in standard key listings. 2020-10-27 17:21:19 +01:00
trustdb.h gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
verify.c gpg: Make really sure that --verify-files always returns an error. 2020-02-10 15:32:55 +01:00
zlib-riscos.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00