mirror of git://git.gnupg.org/gnupg.git
75 lines
2.5 KiB
Plaintext
75 lines
2.5 KiB
Plaintext
Bugs
|
|
----
|
|
* clearsig: keep lineendings as they are. Remember that trailings
|
|
blanks are not hashed. Funny: pgp263in works fine even with
|
|
a source file with CR,LF but GnuPG and pgp263in has problems
|
|
if the clearsign has been created by pgp263ia.
|
|
Needs more investigation - anyone?
|
|
|
|
* clearsign bug Greg Troxel Jan 11.
|
|
|
|
* README does not verify okay. verify inserts an extra CR,LF
|
|
just before "Esoteric Command" (after ~8k of text).
|
|
|
|
* Did I add -lsocket and -lnls for Solaris?
|
|
|
|
Important
|
|
----------
|
|
* replace gettext by a non exploitable one.
|
|
|
|
* Check revocation and expire stuff. PLEASE: THIS MUST BE TESTED!
|
|
|
|
* Check calculation of key validity. PLEASE: IT IS IMPORTED THAT
|
|
THIS GET TESTED.
|
|
|
|
* See why we always get this "Hmmm public key lost"
|
|
|
|
* print a warning when a revoked/expired secret key is used.
|
|
|
|
Needed
|
|
------
|
|
* encrypttoself, damit keine Angabe von -r immer noch zu einer
|
|
abfrage führt.
|
|
|
|
* remove more "Fixmes"
|
|
|
|
* Replace Blowfish by Twofish and add the new encrypted packet type
|
|
which has a MACing option (append SHA1 hash to the plaintext and
|
|
encrypt this all) - We need an identifier for Twofish to put this
|
|
one into the cipher preferences.
|
|
|
|
* The -export-dynamic flag to ld works only for FreeBSD 3.0. It does
|
|
not exist on FreeBSD's 2.2.x version of ld.
|
|
Also, on my FreeBSD 2.2-stable box, i simply removed the
|
|
-Wl,-export-dynamic flag from my Makefile and it linked and seems to
|
|
be working OK so far.
|
|
|
|
* Use capabilities if available.
|
|
|
|
|
|
Minor Bugs
|
|
----------
|
|
|
|
* There is a race condition which leaves lock files after process
|
|
termination (a signal while in make_dotlock). Change the dotlock
|
|
implementaion to a create handle, make and release implemenation
|
|
and use an atexit to cleanup all pending locks. This is also
|
|
faster.
|
|
|
|
Nice to have
|
|
------------
|
|
* preferences of hash algorithms are not yet used.
|
|
* new menu to delete signatures and list signature in menu
|
|
* Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.
|
|
or use POSIX.4 realtime signals.
|
|
* add test cases for invalid data (scrambled armor or other random data)
|
|
* add checking of armor trailers
|
|
* Burn the buffers used by fopen(), or use read(2). Does this
|
|
really make sense?
|
|
* change the fake_data stuff to mpi_set_opaque
|
|
* How about letting something like 'gpg --version -v', list the
|
|
effective options. Too much work.
|
|
* Stats about used random numbers.
|
|
|
|
|