aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* | * parse-packet.c (parse_user_id): Cap the user ID size at 2048 bytes. David Shaw2006-06-092-0/+22
| | | | | | | | | | | | | | This prevents a memory allocation attack with a very large user ID. A very large packet length could even cause the allocation (a u32) to wrap around to a small number. Noted by Evgeny Legerov on full-disclosure.
* | Revert last. It is still wrong.David Shaw2006-05-272-17/+7
| |
* | * exec.c (make_tempdir) [_WIN32]: Modified to properly handleDavid Shaw2006-05-272-7/+17
| | | | | | | | | | arbitrarily long temporary directory paths.
* | * keygen.c (gen_dsa): Allow generating DSA2 keys (allow specifying sizes >David Shaw2006-05-253-21/+73
| | | | | | | | | | | | | | 1024 when --enable-dsa2 is set). The size of q is set automatically based on the key size. (ask_keysize, generate_keypair): Ask for DSA size when --enable-dsa2 is set.
* | Added backsig to my keyWerner Koch2006-05-251-432/+437
| |
* | * exec.c (make_tempdir): Fix bug with a temporary directory on Win32David Shaw2006-05-252-2/+10
| | | | | | | | | | that is over 256 bytes long. Noted by Israel G. Lugo.
* | * mksamplekeys: Incorporate new package signature key and minimize keysDavid Shaw2006-05-232-2/+7
| | | | | | | | | | when generating samplekeys.asc.
* | * gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we areDavid Shaw2006-05-232-0/+72
| | | | | | | | | | | | | | | | called with them closed. This is to protect our keyring/trustdb files from corruption if they get attached to one of the standard fds. Print a warning if possible that this has happened, and fail completely if we cannot reopen (should never happen). (main): Call it here.
* | * configure.ac: Add --disable-optimization. This is handy for debuggingDavid Shaw2006-05-232-0/+15
| | | | | | | | | | so the compiler doesn't rearrange things and eliminate variables.
* | * parse-packet.c (dump_sig_subpkt, parse_signature), build-packet.cDavid Shaw2006-05-236-19/+34
| | | | | | | | | | | | | | | | | | (build_sig_subpkt_from_sig), getkey.c (fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey), keygen.c (keygen_add_key_expire): Fix meaning of key expiration and sig expiration subpackets - zero means "never expire" according to 2440, not "expire instantly".
* | * import.c (import_one): Fix bug when importing a new key from a file.David Shaw2006-05-222-7/+8
| |
* | 2006-05-22 Marcus Brinkmann <[email protected]>Marcus Brinkmann2006-05-224-18/+65
| | | | | | | | | | | | | | | | | | | | | | * configure.ac: Remove check for noexecstack and invoke CL_AS_NOEXECSTACK instead. m4/ 2006-05-22 Marcus Brinkmann <[email protected]> * noexecstack.m4: New file.
* | * getkey.c (get_pubkey_byname), import.c (import_one): Fix key selectionDavid Shaw2006-05-223-4/+19
| | | | | | | | | | | | problem when auto-key-locate returns a list of keys, not all of which are usable (revoked, expired, etc). Noted by Simon Josefsson.
* | Updated keysWerner Koch2006-05-172-1880/+368
| |
* | Forgot to save the actual fixWerner Koch2006-05-161-2/+2
| |
* | Fixed OSF5 warning suppression.Werner Koch2006-05-162-5/+7
| |
* | * libcurl.m4: Fix mistaken AC_SUBST when curl is not found.David Shaw2006-05-102-1/+8
| |
* | * NEWS: Note SHA-224 and DSA2.David Shaw2006-04-273-24/+40
| | | | | | | | | | | | * configure.ac: Remove --enable-old-keyserver-helpers. Comment out --enable-m-guard for now.
* | (keyserver_import_cert): Show warning if there is a CERT fingerprint,David Shaw2006-04-272-1/+9
| | | | | | | | | | but no --keyserver set.
* | * keyserver.c (path_makes_direct): New. (keyserver_spawn): Used hereDavid Shaw2006-04-272-32/+29
| | | | | | | | | | | | to add "_uri" to certain gpgkeys_xxx helpers when the meaning is different if a path is provided (i.e. ldap).
* | * gpgkeys_http.c, gpgkeys_oldhkp.c: Removed.David Shaw2006-04-263-1567/+2
| |
* | * Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any longer asDavid Shaw2006-04-266-30/+21
| | | | | | | | | | | | | | | | this is done via curl or fake-curl. * ksutil.h, ksutil.c, gpgkeys_hkp.c, gpgkeys_curl.c: Minor #include tweaks as FAKE_CURL is no longer meaningful.
* | * keyserver.c: Fix build problem with platforms that stick libcurl inDavid Shaw2006-04-222-3/+5
| | | | | | | | | | a place not in the regular include search path.
* | * make-dns-cert.c (main): Small exit code tweak from Peter Palfrader.David Shaw2006-04-202-1/+6
| |
* | * options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. DefaultsDavid Shaw2006-04-205-34/+145
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to disable. * pkclist.c (algo_available): If --enable-dsa2 is set, we're allowed to truncate hashes to fit DSA keys. * sign.c (match_dsa_hash): New. Return the best match hash for a given q size. (do_sign, hash_for, sign_file): When signing with a DSA key, if it has q==160, assume it is an old DSA key and don't allow truncation unless --enable-dsa2 is also set. q!=160 always allows truncation since they must be DSA2 keys. (make_keysig_packet): If the user doesn't specify a --cert-digest-algo, use match_dsa_hash to pick the best hash for key signatures.
* | (generate): Tweak to allow keys larger than 1024 bits. Enforce that the qDavid Shaw2006-04-202-1/+4
| | | | | | | | | | size doesn't end between byte boundaries.
* | The plumbing necessary to create DSA keys with variable sized q.David Shaw2006-04-204-9/+34
| | | | | | | | | | Not yet used (q==160).
* | * gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): AddDavid Shaw2006-04-208-50/+98
| | | | | | | | | | | | | | | | | | | | | | | | | | | | SHA-224. * sign.c (write_plaintext_packet), encode.c (encode_simple): Factor common literal packet setup code from here, to... * main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure the literal packet filename field is UTF-8 encoded. * options.h, gpg.c (main): Make sure --set-filename is UTF-8 encoded and note when filenames are already UTF-8.
* | * sigs.test, mds.test: Add tests for SHA-224, SHA-384, and SHA-512.David Shaw2006-04-203-0/+23
| |
* | Add SHA-224 supportDavid Shaw2006-04-206-7/+90
| |
* | * keyedit.c (menu_backsign): Give some more verbose errors when weDavid Shaw2006-04-192-6/+26
| | | | | | | | | | have no need to backsign.
* | * gpg.sgml: Reminders that --cipher-algo, --digest-algo, andDavid Shaw2006-04-192-6/+20
| | | | | | | | | | --compress-algo should be avoided.
* | * miscutil.c (make_printable_string): Fix bug where some controlDavid Shaw2006-04-172-1/+6
| | | | | | | | | | characters lose part of their ASCII representation.
* | use minimal posix sed Werner Koch2006-04-124-8/+20
| |
* | * memory.c (realloc): Revert m_guard fix and stick an #error in there toDavid Shaw2006-04-112-4/+10
| | | | | | | | | | inform people not to use it.
* | * options.skel, photoid.c (get_default_photo_command): Find an imageDavid Shaw2006-04-113-6/+24
| | | | | | | | | | viewer at runtime. Seems FC5 doesn't have xloadimage.
* | .Werner Koch2006-04-111-0/+0
| |
* | Add new regression testWerner Koch2006-04-115-9/+204
| |
* | * gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quoteDavid Shaw2006-04-112-47/+13
| | | | | | | | | | directly into place rather than mallocing temporary buffers.
* | * gpgkeys_ldap.c (get_name): Build strings with strcat rather thanDavid Shaw2006-04-112-8/+22
| | | | | | | | | | using sprintf which is harder to read and modify.
* | * ksutil.h, ksutil.c (classify_ks_search): Add KS_SEARCH_KEYID_SHORTDavid Shaw2006-04-114-15/+108
| | | | | | | | | | | | | | | | and KS_SEARCH_KEYID_LONG to search for a key ID. * gpgkeys_ldap.c (search_key): Use it here to flip from pgpUserID searches to pgpKeyID or pgpCertID.
* | * gpg.sgml: Some typo fixes. This is Debian 361324.David Shaw2006-04-092-6/+10
| |
* | * getkey.c (parse_auto_key_locate): Fix dupe-removal code.David Shaw2006-04-095-20/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | * keyedit.c (menu_backsign): Allow backsigning even if the secret subkey doesn't have a binding signature. * armor.c (radix64_read): Don't report EOF when reading only a pad (=) character. The EOF actually starts after the pad. * gpg.c (main): Make --export, --send-keys, --recv-keys, --refresh-keys, and --fetch-keys follow their arguments from left to right. Suggested by Peter Palfrader.
* | Fixed segvWerner Koch2006-04-082-2/+9
| |
* | See ChangeLogWerner Koch2006-04-087-35/+83
| |
* | * memory.c (realloc): Fix compile problem with --enable-m-guard.David Shaw2006-04-062-5/+9
| |
* | * make-dns-cert.c: Some changes from Peter Palfrader to send errors toDavid Shaw2006-04-052-20/+53
| | | | | | | | | | | | | | stderr and allow spaces in a fingerprint. Also warn when a key is over 16k (as that is the default max-cert-size) and fail when a key is over 64k as that is the DNS limit in many places.
* | * make-dns-cert.c: New program to generate properly formatted CERT recordsDavid Shaw2006-04-043-1/+220
| | | | | | | | | | so people don't have to do it manually.
* | post release updatesWerner Koch2006-04-034-2/+10
| |
* | About to release 1.4.3gnupg-1.4.3Werner Koch2006-04-0343-10104/+10657
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-24 04:40:17 +0000