[git] GnuPG - branch, master, updated. gnupg-2.1.0-13-ge30cb8f
by Werner Koch
cvs at cvs.gnupg.org
Thu Nov 13 12:47:59 CET 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via e30cb8f61792e3808f7c8f343fc8545e6c81fe74 (commit)
from 81e177be10273885573f5d1fd88a1ee23479f4ab (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit e30cb8f61792e3808f7c8f343fc8545e6c81fe74
Author: Werner Koch <wk at gnupg.org>
Date: Thu Nov 13 12:01:42 2014 +0100
gpg: Remove PGP-2 related cruft.
* g10/armor.c (parse_hash_header,carmor_filter): Ignore MD5 in hash
header.
(fake_packet): Remove pgp-2 workaround for white space stripping.
* g10/filter.h (armor_filter_context_t): Remove field pgp2mode.
* g10/options.h (opt): Remove field pgp2_workarounds.
* g10/gpg.c (main): Do not set this field.
* g10/gpgv.c (main): Ditto.
* g10/mainproc.c (proc_encrypted): Use SHA-1 as fallback s2k hash
algo. Using MD5 here is useless.
(proc_plaintext): Remove PGP-2 related woraround
(proc_tree): Remove another workaround but keep the one for PGP-5.
--
The removed code was either not anymore used or its use would have
caused an error message later anyway.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/armor.c b/g10/armor.c
index efdc92e..b00f985 100644
--- a/g10/armor.c
+++ b/g10/armor.c
@@ -286,8 +286,6 @@ parse_hash_header( const char *line )
found |= 1;
else if( !strncmp( s, "SHA1", s2-s ) )
found |= 2;
- else if( !strncmp( s, "MD5", s2-s ) )
- found |= 4;
else if( !strncmp( s, "SHA224", s2-s ) )
found |= 8;
else if( !strncmp( s, "SHA256", s2-s ) )
@@ -664,10 +662,9 @@ fake_packet( armor_filter_context_t *afx, IOBUF a,
{
int crlf = n > 1 && p[n-2] == '\r' && p[n-1]=='\n';
- /* PGP2 does not treat a tab as white space character */
afx->buffer_len=
trim_trailing_chars( &p[afx->buffer_pos], n-afx->buffer_pos,
- afx->pgp2mode ? " \r\n" : " \t\r\n");
+ " \t\r\n");
afx->buffer_len+=afx->buffer_pos;
/* the buffer is always allocated with enough space to append
* the removed [CR], LF and a Nul
@@ -1009,14 +1006,9 @@ armor_filter( void *opaque, int control,
/* the buffer is at least 15+n*15 bytes long, so it
* is easy to construct the packets */
- hashes &= 1|2|4|8|16|32|64;
+ hashes &= 1|2|8|16|32|64;
if( !hashes ) {
- hashes |= 4; /* default to MD 5 */
- /* This is non-ideal since PGP 5-8 have the same
- end-of-line bugs as PGP 2. However, we only
- enable pgp2mode if there is no Hash: header. */
- if( opt.pgp2_workarounds )
- afx->pgp2mode = 1;
+ hashes |= 2; /* Default to SHA-1. */
}
n=0;
/* First a gpg control packet... */
@@ -1029,8 +1021,6 @@ armor_filter( void *opaque, int control,
buf[n++] = DIGEST_ALGO_RMD160;
if( hashes & 2 )
buf[n++] = DIGEST_ALGO_SHA1;
- if( hashes & 4 )
- buf[n++] = DIGEST_ALGO_MD5;
if( hashes & 8 )
buf[n++] = DIGEST_ALGO_SHA224;
if( hashes & 16 )
diff --git a/g10/filter.h b/g10/filter.h
index 731ad0f..c3c7966 100644
--- a/g10/filter.h
+++ b/g10/filter.h
@@ -49,7 +49,6 @@ typedef struct {
int faked; /* we are faking a literal data packet */
int truncated; /* number of truncated lines */
int qp_detected;
- int pgp2mode;
byte eol[3]; /* The end of line characters as a
zero-terminated string. Defaults
(eol[0]=='\0') to whatever the local
diff --git a/g10/gpg.c b/g10/gpg.c
index c188d4a..a2225a0 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -2099,7 +2099,6 @@ main (int argc, char **argv)
opt.completes_needed = 1;
opt.marginals_needed = 3;
opt.max_cert_depth = 5;
- opt.pgp2_workarounds = 1;
opt.escape_from = 1;
opt.flags.require_cross_cert = 1;
opt.import_options = 0;
@@ -2528,7 +2527,6 @@ main (int argc, char **argv)
opt.rfc2440_text = 0;
opt.allow_non_selfsigned_uid = 1;
opt.allow_freeform_uid = 1;
- opt.pgp2_workarounds = 0;
opt.escape_from = 1;
opt.not_dash_escaped = 0;
opt.def_cipher_algo = 0;
@@ -2545,7 +2543,6 @@ main (int argc, char **argv)
opt.rfc2440_text = 1;
opt.allow_non_selfsigned_uid = 1;
opt.allow_freeform_uid = 1;
- opt.pgp2_workarounds = 0;
opt.escape_from = 0;
opt.not_dash_escaped = 0;
opt.def_cipher_algo = 0;
diff --git a/g10/gpgv.c b/g10/gpgv.c
index d79b899..7bba535 100644
--- a/g10/gpgv.c
+++ b/g10/gpgv.c
@@ -161,7 +161,6 @@ main( int argc, char **argv )
gnupg_init_signals (0, NULL);
opt.command_fd = -1; /* no command fd */
- opt.pgp2_workarounds = 1;
opt.keyserver_options.options |= KEYSERVER_AUTO_KEY_RETRIEVE;
opt.trust_model = TM_ALWAYS;
opt.batch = 1;
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 50d1d27..19f1aac 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -555,9 +555,9 @@ proc_encrypted( CTX c, PACKET *pkt )
algo = CIPHER_ALGO_IDEA;
if (!opt.s2k_digest_algo)
{
- /* If no digest is given we assume MD5 */
+ /* If no digest is given we assume SHA-1. */
s2kbuf.mode = 0;
- s2kbuf.hash_algo = DIGEST_ALGO_MD5;
+ s2kbuf.hash_algo = DIGEST_ALGO_SHA1;
s2k = &s2kbuf;
}
log_info (_("assuming %s encrypted data\n"), "IDEA");
@@ -617,7 +617,7 @@ static void
proc_plaintext( CTX c, PACKET *pkt )
{
PKT_plaintext *pt = pkt->pkt.plaintext;
- int any, clearsig, only_md5, rc;
+ int any, clearsig, rc;
KBNODE n;
literals_seen++;
@@ -635,7 +635,7 @@ proc_plaintext( CTX c, PACKET *pkt )
* Should we assume that plaintext in mode 't' has always sigclass 1??
* See: Russ Allbery's mail 1999-02-09
*/
- any = clearsig = only_md5 = 0;
+ any = clearsig = 0;
for(n=c->list; n; n = n->next )
{
if( n->pkt->pkttype == PKT_ONEPASS_SIG )
@@ -645,15 +645,8 @@ proc_plaintext( CTX c, PACKET *pkt )
{
gcry_md_enable (c->mfx.md,
n->pkt->pkt.onepass_sig->digest_algo);
- if( !any && n->pkt->pkt.onepass_sig->digest_algo
- == DIGEST_ALGO_MD5 )
- only_md5 = 1;
- else
- only_md5 = 0;
any = 1;
}
- if( n->pkt->pkt.onepass_sig->sig_class != 0x01 )
- only_md5 = 0;
}
else if( n->pkt->pkttype == PKT_GPG_CONTROL
&& n->pkt->pkt.gpg_control->control
@@ -692,18 +685,7 @@ proc_plaintext( CTX c, PACKET *pkt )
answer. */
gcry_md_enable( c->mfx.md, DIGEST_ALGO_RMD160 );
gcry_md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
- gcry_md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
}
- if (opt.pgp2_workarounds && only_md5 && !opt.skip_verify
- && opt.flags.allow_weak_digest_algos) {
- /* This is a kludge to work around a bug in pgp2. It does only
- * catch those mails which are armored. To catch the non-armored
- * pgp mails we could see whether there is the signature packet
- * in front of the plaintext. If someone needs this, send me a patch.
- */
- if ( gcry_md_open (&c->mfx.md2, DIGEST_ALGO_MD5, 0) )
- BUG ();
- }
if ( DBG_HASHING ) {
gcry_md_debug ( c->mfx.md, "verify" );
if ( c->mfx.md2 )
@@ -2130,20 +2112,13 @@ proc_tree( CTX c, KBNODE node )
if (gcry_md_open (&c->mfx.md, sig->digest_algo, 0))
BUG ();
- if( !opt.pgp2_workarounds )
- ;
- else if( sig->digest_algo == DIGEST_ALGO_MD5
- && is_RSA( sig->pubkey_algo)
- && opt.flags.allow_weak_digest_algos) {
- /* enable a workaround for a pgp2 bug */
- if (gcry_md_open (&c->mfx.md2, DIGEST_ALGO_MD5, 0))
- BUG ();
- }
+ if (RFC2440 || RFC4880)
+ ; /* Strict RFC mode. */
else if( sig->digest_algo == DIGEST_ALGO_SHA1
&& sig->pubkey_algo == PUBKEY_ALGO_DSA
&& sig->sig_class == 0x01 ) {
- /* enable the workaround also for pgp5 when the detached
- * signature has been created in textmode */
+ /* Enable a workaround for a pgp5 bug when the
+ * detached signature has been created in textmode. */
if (gcry_md_open (&c->mfx.md2, sig->digest_algo, 0 ))
BUG ();
}
diff --git a/g10/options.h b/g10/options.h
index 95d1651..6a94ff4 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -126,7 +126,6 @@ struct
{
KF_SHORT, KF_LONG, KF_0xSHORT, KF_0xLONG
} keyid_format;
- int pgp2_workarounds;
int shm_coprocess;
const char *set_filename;
strlist_t comments;
-----------------------------------------------------------------------
Summary of changes:
g10/armor.c | 16 +++-------------
g10/filter.h | 1 -
g10/gpg.c | 3 ---
g10/gpgv.c | 1 -
g10/mainproc.c | 41 ++++++++---------------------------------
g10/options.h | 1 -
6 files changed, 11 insertions(+), 52 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list