[git] GnuPG - branch, master, updated. gnupg-2.1.9-18-gb989398
by Daniel Kahn Gillmor
cvs at cvs.gnupg.org
Mon Oct 19 17:38:10 CEST 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via b98939812abf6c643c752ce7c325f98039a1a9e2 (commit)
from 76afaed65e3b0ddfa4923cb577ada43217dd4b18 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b98939812abf6c643c752ce7c325f98039a1a9e2
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date: Mon Oct 19 10:41:23 2015 -0400
gpg: Print warning when rejecting weak digests
* g10/misc.c (print_md5_rejected_note): Rename to ..
(print_digest_rejected_note): this. Parameterize function to take an
enum gcry_md_algos.
* g10/sig-check.c: Use print_digest_rejected_note() when rejecting
signatures.
--
76afaed65e3b0ddfa4923cb577ada43217dd4b18 allowed extra --weak-digests,
but removed the one call to print_md5_rejected_note(). This replaces
and generalizes that warning.
Signed-Off-By: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
diff --git a/g10/main.h b/g10/main.h
index 0226c64..601a952 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -87,7 +87,7 @@ extern int g10_errors_seen;
void print_pubkey_algo_note (pubkey_algo_t algo);
void print_cipher_algo_note (cipher_algo_t algo);
void print_digest_algo_note (digest_algo_t algo);
-void print_md5_rejected_note (void);
+void print_digest_rejected_note (enum gcry_md_algos algo);
void additional_weak_digest (const char* digestname);
/*-- armor.c --*/
diff --git a/g10/misc.c b/g10/misc.c
index c135059..93ddaa0 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -339,7 +339,7 @@ print_digest_algo_note (digest_algo_t algo)
void
-print_md5_rejected_note (void)
+print_digest_rejected_note (enum gcry_md_algos algo)
{
static int shown;
@@ -348,7 +348,7 @@ print_md5_rejected_note (void)
es_fflush (es_stdout);
log_info
(_("Note: signatures using the %s algorithm are rejected\n"),
- "MD5");
+ gcry_md_algo_name(algo));
shown = 1;
}
}
diff --git a/g10/sig-check.c b/g10/sig-check.c
index 84930d6..23f42b9 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -282,10 +282,16 @@ do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest,
if (!opt.flags.allow_weak_digest_algos)
{
if (sig->digest_algo == GCRY_MD_MD5)
- return GPG_ERR_DIGEST_ALGO;
+ {
+ print_digest_rejected_note(sig->digest_algo);
+ return GPG_ERR_DIGEST_ALGO;
+ }
for (weak = opt.additional_weak_digests; weak; weak = weak->next)
if (sig->digest_algo == weak->algo)
- return GPG_ERR_DIGEST_ALGO;
+ {
+ print_digest_rejected_note(sig->digest_algo);
+ return GPG_ERR_DIGEST_ALGO;
+ }
}
/* Make sure the digest algo is enabled (in case of a detached
-----------------------------------------------------------------------
Summary of changes:
g10/main.h | 2 +-
g10/misc.c | 4 ++--
g10/sig-check.c | 10 ++++++++--
3 files changed, 11 insertions(+), 5 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list