[git] GnuPG - branch, master, updated. gnupg-2.1.8-92-g4584125
by Werner Koch
cvs at cvs.gnupg.org
Mon Oct 12 09:35:40 CEST 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 4584125802be11833a5b289e864b45eedc2b45fd (commit)
from b0627ec25903f48e4b57eb2c1348507e69a4d6f5 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 4584125802be11833a5b289e864b45eedc2b45fd
Author: Werner Koch <wk at gnupg.org>
Date: Mon Oct 12 09:31:44 2015 +0200
gpg: Try hard to use MDC also for sign+symenc.
* g10/encrypt.c (use_mdc): Make it a global func.
* g10/sign.c (sign_symencrypt_file): Use that function to decide
whether to use an MDC.
* tests/openpgp/conventional-mdc.test: Add a simple test case.
--
We used --force-mdc in sign+symenc mode (-cs) only with --force-mdc.
That broke our assumption from commit 625e292 (GnuPG 2.1.9) that all
uses of modern ciphers are using MDC.
Reported-by: Ben Kibbey <bjk at luxsci.net>
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/encrypt.c b/g10/encrypt.c
index e2e1c05..8bdbe8c 100644
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@@ -101,8 +101,8 @@ encrypt_seskey (DEK *dek, DEK **seskey, byte *enckey)
/* We try very hard to use a MDC */
-static int
-use_mdc(PK_LIST pk_list,int algo)
+int
+use_mdc (pk_list_t pk_list,int algo)
{
/* RFC-2440 don't has MDC */
if (RFC2440)
diff --git a/g10/main.h b/g10/main.h
index 0bace61..c9521ad 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -211,6 +211,7 @@ void display_online_help( const char *keyword );
/*-- encode.c --*/
int setup_symkey (STRING2KEY **symkey_s2k,DEK **symkey_dek);
+int use_mdc (pk_list_t pk_list,int algo);
int encrypt_symmetric (const char *filename );
int encrypt_store (const char *filename );
int encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
diff --git a/g10/sign.c b/g10/sign.c
index 782b9fc..fadf4cc 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -1261,12 +1261,7 @@ sign_symencrypt_file (const char *fname, strlist_t locusr)
goto leave;
}
- /* We have no way to tell if the recipient can handle messages
- with an MDC, so this defaults to no. Perhaps in a few years,
- this can be defaulted to yes. Note that like regular
- encrypting, --force-mdc overrides --disable-mdc. */
- if(opt.force_mdc)
- cfx.dek->use_mdc=1;
+ cfx.dek->use_mdc = use_mdc (NULL, cfx.dek->algo);
/* now create the outfile */
rc = open_outfile (-1, fname, opt.armor? 1:0, 0, &out);
@@ -1309,7 +1304,11 @@ sign_symencrypt_file (const char *fname, strlist_t locusr)
/* Push the compress filter */
if (default_compress_algo())
- push_compress_filter(out,&zfx,default_compress_algo());
+ {
+ if (cfx.dek && cfx.dek->use_mdc)
+ zfx.new_ctb = 1;
+ push_compress_filter (out, &zfx,default_compress_algo() );
+ }
/* Write the one-pass signature packets */
/*(current filters: zip - encrypt - armor)*/
diff --git a/tests/openpgp/conventional-mdc.test b/tests/openpgp/conventional-mdc.test
index 744e11e..031fc0e 100755
--- a/tests/openpgp/conventional-mdc.test
+++ b/tests/openpgp/conventional-mdc.test
@@ -31,5 +31,14 @@ for ciph in `all_cipher_algos`; do
cmp z y || error "$ciph/$i: mismatch"
done
done
-
progress_end
+
+#info Checking sign+symencrypt
+for i in $plain_files $data_files; do
+ echo "Hier spricht HAL" | $GPG --passphrase-fd 0 $s2k -cs -o x --yes $i
+ echo "Hier spricht HAL" | $GPG --passphrase-fd 0 $s2k -o y --yes x
+ cmp $i y || error "$i: mismatch in sign+symenc"
+done
+
+
+# eof
-----------------------------------------------------------------------
Summary of changes:
g10/encrypt.c | 4 ++--
g10/main.h | 1 +
g10/sign.c | 13 ++++++-------
tests/openpgp/conventional-mdc.test | 11 ++++++++++-
4 files changed, 19 insertions(+), 10 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list