| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
differences around TLS compared to OpenLDAP, and will segfault (!) if
the NSS library is not initialized first. Nothing impossible to do,
but I think I'll wait until someone actually asks us for mozldap
support.
|
| |
|
|
|
|
| |
SSL cert. This used to work with older OpenLDAP, but is now more
strictly handled.
|
| | |
|
| |
|
|
|
|
| |
bar (no quotes) on the command line resulted in searching for
"foo\2Abar" due to LDAP quoting. The proper search is "foo*bar".
|
| | |
|
| | |
|
| |
|
|
|
| |
only allows "Hash" in the signed data section.
|
| |
|
|
|
|
| |
conditionally and it confuses the includes when doing later type
checks. This is bug#810.
|
| |
|
|
|
|
| |
* sigs.test: Use it here, and also test with >=160 bit hashes for
DSA2.
|
| |
|
|
|
|
|
| |
2440bis-21. (parse_header_line): Call it here, as bis-21 requires
warning the user (but continuing to process the message) when seeing
an unknown header.
|
| |
|
|
|
|
| |
Minor W32 fix
Address change.
|
| |
|
|
|
|
| |
per-target builds (like we do in the keyserver dir), but exists in the
currently-used 1.9.3 as well.
|
| |
|
|
|
| |
This is bug#809.
|
| |
|
|
|
| |
by Dirk Traulsen.
|
| |
|
|
|
|
|
| |
testing. It is not (yet) legal OpenPGP, is not interop tested yet
(obviously), and it's a great way to lose your data. Just don't do
it.
|
| |
|
|
|
|
|
|
| |
for are >=v4. (write_signature_packets, make_keysig_packet): Only
call it for >=v4 sigs. This allows --force-v3-sigs and
--force-v4-certs to enable or disable notations, policies, and
keyserver URLs. This is bug#800.
|
| |
|
|
|
|
|
|
|
|
| |
support. This is safer than the previous setup which could hide that
some ciphers weren't being tested. Plus, this automatically tests any
new ciphers we may add.
* conventional.test, encrypt-test, encrypt-dsa.test,
conventional-mdc.test: Use it here.
|
| |
|
|
|
|
| |
conventional-mdc.test: Fix some broken tests that were only testing
3DES instead of all available ciphers.
|
| |
|
|
|
|
|
|
|
| |
the literals count.
* verify.c (verify_one_file), decrypt.c (decrypt_messages): Call it
here so we allow multiple literals in --multifile mode (in different
files - not concatenated together).
|
| |
|
|
|
| |
* Makefile.am: Link with libcompat.a for ascii_str(n)casecmp.
|
| |
|
|
|
|
| |
str(n)casecmp to ascii_str(n)casecmp. We want the locale-independent
ones here.
|
| | |
|
| |
|
|
|
|
| |
present. Note that autoconf protects us against a strings.h that
cannot be used together with string.h.
|
| |
|
|
|
|
|
|
|
|
|
| |
* secmem.c (init_pool): Avoid assigning a negative value to a
size_t.
./
* acinclude.m4: Fix last change. Make test self-conatined by
checking for sysconf and getpagesize. Remove indentation for the
sake of broken C-89 cpps.
|
| | |
|
| | |
|
| |
|
|
|
| |
* cert.c, srv.c, pka.c: Need arpa/inet.h for ntohs().
|
| |
|
|
|
| |
Boudreau.
|
| |
|
|
|
|
| |
contains 'P', 'G', 'P', and nothing but. (parse): Call it here.
(skip_packet): No longer need to handle marker packets here.
|
| |
|
|
|
|
| |
tests. Previous versions interpreted X_OK as F_OK anyway, so we'll
just use F_OK directly.
|
| |
|
|
|
|
|
|
|
| |
protocol we're about to use is actually available.
* curl-shim.h, curl-shim.c (curl_free): Make into a macro.
(curl_version_info): New. Only advertises "http" for our shim, of
course.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
fix_keyblock() or collapse_uids()) make sure we reprocess the keyblock
so the flags are correct. Noted by Robin H. Johnson.
* getkey.c (fixup_uidnode): Properly clear flags that don't apply to
us (revoked, expired) so that we can reprocess a uid.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* getkey.c (merge_selfsigs_subkey): Avoid listing the contents of a
backsig when list mode is on. Noted by Timo Schulz.
|
| |
|
|
|
|
|
| |
(m_is_secure): Implement in terms of above. Also check that the
pool has been initialized.
|
| |
|
|
|
|
| |
* curl-shim.c (curl_easy_perform): Some debugging items that may be
handy.
|
| |
|
|
|
|
| |
implement hkp in the keyserver handler, and the support here makes it
appear like a bad hkp request actually succeeded.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
the time to use to calculate the expiration offset, rather than
querying it internally. Change all callers.
|
| |
|
|
|
|
| |
echoing to the screen is sensitive and put it in secure memory.
Suggested by Benjamin Bennett.
|
| |
|
|
|
|
| |
generate_keypair, generate_subkeypair): Pass a timestamp through to
all the gen_xxx functions.
|
| |
|
|
|
| |
operation.
|
| |
|
|
|
|
|
|
| |
Change all callers. (sign_file, clearsign_file,
sign_symencrypt_file): Calculate one timestamp for the whole
transaction. Different timestamps for each step can leak performance
information.
|
| |
|
|
|
| |
the need for ask_expiredate().
|
| |
|
|
|
|
|
|
| |
(write_keybinding): Have the various selfsigs created during key
generation use the timestamp of their parent key. This helps avoid
leaking information about the performance of the machine where the
keys were generated. Noted by Christian Danner.
|
