[git] GnuPG - branch, master, updated. gnupg-2.1.0-76-gfc9a35d
by Werner Koch
cvs at cvs.gnupg.org
Mon Dec 15 09:50:36 CET 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via fc9a35d2dec2f838abac831fd88dca494773e082 (commit)
via b4e402cb5c6d7fc507e8d5131969145b49640e50 (commit)
via 38b583ab3cead59cd1d924cfe05b6bd15695ac36 (commit)
via 68b4e7c9e4de0dc3580ca5af3cfd0f20a2691b5e (commit)
from f3f9f9b2844c35f7942ee904d5222523615cdad4 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit fc9a35d2dec2f838abac831fd88dca494773e082
Author: Werner Koch <wk at gnupg.org>
Date: Mon Dec 15 09:50:19 2014 +0100
gpg: Fix regression in notation data regression.
* g10/misc.c (pct_expando): Reorder conditions for clarity.
* g10/sign.c (write_signature_packets): Fix notation data creation.
--
Also re-added the check for signature version > 3.
Reported-by: MFPA
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/misc.c b/g10/misc.c
index c47d6dc..6a45c69 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -867,23 +867,25 @@ pct_expando(const char *string,struct expando_args *args)
}
break;
- case 'p': /* primary pk fingerprint of a sk */
- case 'f': /* pk fingerprint */
- case 'g': /* sk fingerprint */
+ case 'f': /* Fingerprint of key being signed */
+ case 'p': /* Fingerprint of the primary key making the signature. */
+ case 'g': /* Fingerprint of thge key making the signature. */
{
byte array[MAX_FINGERPRINT_LEN];
size_t len;
int i;
- if((*(ch+1))=='p' && args->pksk)
+ if ((*(ch+1))=='f' && args->pk)
+ fingerprint_from_pk (args->pk, array, &len);
+ else if ((*(ch+1))=='p' && args->pksk)
{
if(args->pksk->flags.primary)
fingerprint_from_pk (args->pksk, array, &len);
else if (args->pksk->main_keyid[0]
|| args->pksk->main_keyid[1])
{
- /* FIXME: Document teh code and check whether
- it is still needed. */
+ /* Not the primary key: Find the fingerprint
+ of the primary key. */
PKT_public_key *pk=
xmalloc_clear(sizeof(PKT_public_key));
@@ -893,11 +895,9 @@ pct_expando(const char *string,struct expando_args *args)
memset (array, 0, (len=MAX_FINGERPRINT_LEN));
free_public_key (pk);
}
- else
+ else /* Oops: info about the primary key missing. */
memset(array,0,(len=MAX_FINGERPRINT_LEN));
}
- else if((*(ch+1))=='f' && args->pk)
- fingerprint_from_pk (args->pk, array, &len);
else if((*(ch+1))=='g' && args->pksk)
fingerprint_from_pk (args->pksk, array, &len);
else
diff --git a/g10/sign.c b/g10/sign.c
index 2e62f04..2724513 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -700,8 +700,11 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash,
if (gcry_md_copy (&md, hash))
BUG ();
- build_sig_subpkt_from_sig (sig);
- mk_notation_policy_etc (sig, pk, NULL);
+ if (sig->version >= 4)
+ {
+ build_sig_subpkt_from_sig (sig);
+ mk_notation_policy_etc (sig, NULL, pk);
+ }
hash_sigversion_to_magic (md, sig);
gcry_md_final (md);
commit b4e402cb5c6d7fc507e8d5131969145b49640e50
Author: Werner Koch <wk at gnupg.org>
Date: Mon Dec 15 09:47:21 2014 +0100
gpg: Avoid extra LF in notaion data listing.
* g10/keylist.c (show_notation): Use log_printf.
diff --git a/g10/keylist.c b/g10/keylist.c
index 75def77..0255f00 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -393,7 +393,12 @@ show_notation (PKT_signature * sig, int indent, int mode, int which)
print_utf8_buffer (fp, nd->name, strlen (nd->name));
es_fprintf (fp, "=");
print_utf8_buffer (fp, nd->value, strlen (nd->value));
- es_fprintf (fp, "\n");
+ /* (We need to use log_printf so that the next call to a
+ log function does not insert an extra LF.) */
+ if (mode)
+ log_printf ("\n");
+ else
+ es_putc ('\n', fp);
}
}
commit 38b583ab3cead59cd1d924cfe05b6bd15695ac36
Author: Werner Koch <wk at gnupg.org>
Date: Sun Dec 14 12:15:21 2014 +0100
doc: Typo fixes.
--
diff --git a/doc/a-decade-of-gnupg.txt b/doc/a-decade-of-gnupg.txt
index 17209ba..f632a2c 100644
--- a/doc/a-decade-of-gnupg.txt
+++ b/doc/a-decade-of-gnupg.txt
@@ -26,17 +26,17 @@ history: To help political activists Phil Zimmermann published a
software called Pretty Good Privacy (PGP) in 1991. PGP was designed
as an easy to use encryption tool with no backdoors and disclosed
source code. PGP was indeed intended to be cryptographically strong
-and not just pretty good; however it had a couple of inital bugs, most
+and not just pretty good; however it had a couple of initial bugs, most
of all a home designed cipher algorithm. With the availability of the
source code a community of hackers (Branko Lankester, Colin Plumb,
Derek Atkins, Hal Finney, Peter Gutmann and others) helped him to fix
these flaws and a get a solid version 2 out.
-Soon after that the trouble started. As in many counties the use or
+Soon after that the trouble started. As in many countries the use or
export of cryptographic devices and software was also strongly
restricted in the USA. Only weak cryptography was generally allowed.
PGP was much stronger and due to the Usenet and the availability of
-FTP servers and BBSs, PGP accidently leaked out of the country and
+FTP servers and BBSs, PGP accidentally leaked out of the country and
soon Phil was sued for unlicensed munitions export. Those export
control laws were not quite up to the age of software with the funny
effect that exporting the software in printed form seemed not to be
@@ -58,7 +58,7 @@ the PGP product was later continued by the new PGP Corporation).
Also often claimed to be Free Software, PGP has never fulfilled the
requirements for it: PGP-5 is straight proprietary software; the
-availability of the source code alonedoes not make it free. PGP-2 has
+availability of the source code alone does not make it free. PGP-2 has
certain restrictions on commercial use [2] and thus puts restrictions
on the software which makes it also non-free. Another problem with
PGP-2 is that it requires the use of the patented RSA and IDEA
@@ -80,8 +80,8 @@ such software in their country or even by US citizens working abroad.
Thus he told the European hackers that they are in the unique position
to help the GNU with crypto software.
-Being tired of writing SMGL conversion software and without a current
-fun project, I soon found my self hacking on PGP-2 parsing code based
+Being tired of writing SGML conversion software and without a current
+fun project, I soon found myself hacking on PGP-2 parsing code based
on the description in RFC-1991 and the pgformat.txt file. As this
turned out to be easy I continued and finally came up with code to
decrypt and create PGP-2 data. After I told the GNU towers that I
@@ -101,7 +101,7 @@ and wrote an announcement [5].
Right the next day Peter Gutmann offered to allow the use of his
random number code for systems without a /dev/random. This eventually
helped a lot to make GnuPG portable to many platforms. The next two
-months were filled with code updates and a lengthly discussion on the
+months were filled with code updates and a lengthily discussion on the
name; we finally settled for Anand Kumria's suggestion of GnuPG and
made the first release under this name (gnupg-0.2.8) on Feb 24 [6].
Just a few days later an experimental version with support for Windows
@@ -117,7 +117,7 @@ copyright concerns with the reference code). Michael Roth contributed
a Triple-DES implementation later the year and thus completed the
required set of OpenPGP algorithms. Over the next year the usual
problems were solved, features discussed, complaints noticed and
-support for gpg in various other software was introduced by their
+support for GPG in various other software was introduced by their
respective authors.
Finally, on September 7, 1999 the current code was released as version
@@ -206,7 +206,7 @@ In a reply to this mail Alan Olsen remarked on the ML:
determined that the only difference was that RSAREF2 had fixed a
number of buffer overflows and other security flaws. There were no
added features.)
-
+
If I remember correctly, 2.5 had RSAREF2 and 2.6 had RSAREF1. One
of the main reasons for the creation of the "International version"
was the use of RSAREF. (Besides the security issues, it was pretty
commit 68b4e7c9e4de0dc3580ca5af3cfd0f20a2691b5e
Author: Werner Koch <wk at gnupg.org>
Date: Fri Dec 12 20:08:45 2014 +0100
scd: Fix possibly inhibited checkpin of the admin pin.
* scd/app-openpgp.c (do_check_pin): Do not check a byte of a released
buffer.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 663b7d3..ac290c9 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -4286,7 +4286,7 @@ do_check_pin (app_t app, const char *keyidstr,
log_info (_("card is permanently locked!\n"));
return gpg_error (GPG_ERR_BAD_PIN);
}
- else if (value[6] < 3)
+ else if (count < 3)
{
log_info (_("verification of Admin PIN is currently prohibited "
"through this command\n"));
-----------------------------------------------------------------------
Summary of changes:
doc/a-decade-of-gnupg.txt | 18 +++++++++---------
g10/keylist.c | 7 ++++++-
g10/misc.c | 18 +++++++++---------
g10/sign.c | 7 +++++--
scd/app-openpgp.c | 2 +-
5 files changed, 30 insertions(+), 22 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list