[git] GnuPG - branch, master, updated. gnupg-2.1.21-56-g6e23416
by Justus Winter
cvs at cvs.gnupg.org
Mon Jun 19 11:07:52 CEST 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 6e23416fe61d4130918f2d1bf6e1f98d102c4610 (commit)
from 9b12b45aa5e67d4d422bf75a3879df1d52dbe67f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 6e23416fe61d4130918f2d1bf6e1f98d102c4610
Author: Justus Winter <justus at g10code.com>
Date: Mon Jun 19 11:00:04 2017 +0200
gpg: Disable compliance module for other GnuPG components.
* common/compliance.c (gnupg_{pk,cipher,digest}_is_compliant): Return
false if the module is not initialized.
(gnupg_{pk,cipher,digest}_is_allowed): Return true if the module is
not initialized.
(gnupg_status_compliance_flag): Do not assert that the module is
initialized.
(gnupg_parse_compliance_option): Likewise.
(gnupg_compliance_option_string): Likewise.
--
This implements a default policy for modules not explicitly using the
compliance module. The default policy is to allow all algorithms, but
mark none of them as compliant.
Fixes gpgv.
GnuPG-bug-id: 3210
Signed-off-by: Justus Winter <justus at g10code.com>
diff --git a/common/compliance.c b/common/compliance.c
index b19112c..2662273 100644
--- a/common/compliance.c
+++ b/common/compliance.c
@@ -100,7 +100,8 @@ gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo,
enum { is_rsa, is_dsa, is_pgp5, is_elg_sign, is_ecc } algotype;
int result = 0;
- log_assert (initialized);
+ if (! initialized)
+ return 0;
switch (algo)
{
@@ -202,6 +203,9 @@ gnupg_pk_is_allowed (enum gnupg_compliance_mode compliance,
enum pk_use_case use, int algo, gcry_mpi_t key[],
unsigned int keylength, const char *curvename)
{
+ if (! initialized)
+ return 1;
+
switch (compliance)
{
case CO_DE_VS:
@@ -298,7 +302,8 @@ gnupg_cipher_is_compliant (enum gnupg_compliance_mode compliance,
cipher_algo_t cipher,
enum gcry_cipher_modes mode)
{
- log_assert (initialized);
+ if (! initialized)
+ return 0;
switch (compliance)
{
@@ -340,6 +345,9 @@ gnupg_cipher_is_allowed (enum gnupg_compliance_mode compliance, int producer,
cipher_algo_t cipher,
enum gcry_cipher_modes mode)
{
+ if (! initialized)
+ return 1;
+
switch (compliance)
{
case CO_DE_VS:
@@ -386,7 +394,8 @@ gnupg_cipher_is_allowed (enum gnupg_compliance_mode compliance, int producer,
int
gnupg_digest_is_compliant (enum gnupg_compliance_mode compliance, digest_algo_t digest)
{
- log_assert (initialized);
+ if (! initialized)
+ return 0;
switch (compliance)
{
@@ -418,6 +427,9 @@ int
gnupg_digest_is_allowed (enum gnupg_compliance_mode compliance, int producer,
digest_algo_t digest)
{
+ if (! initialized)
+ return 1;
+
switch (compliance)
{
case CO_DE_VS:
@@ -450,8 +462,6 @@ gnupg_digest_is_allowed (enum gnupg_compliance_mode compliance, int producer,
const char *
gnupg_status_compliance_flag (enum gnupg_compliance_mode compliance)
{
- log_assert (initialized);
-
switch (compliance)
{
case CO_GNUPG:
@@ -482,8 +492,6 @@ gnupg_parse_compliance_option (const char *string,
{
size_t i;
- log_assert (initialized);
-
if (! ascii_strcasecmp (string, "help"))
{
log_info (_ ("valid values for option '%s':\n"), "--compliance");
@@ -507,8 +515,6 @@ gnupg_parse_compliance_option (const char *string,
const char *
gnupg_compliance_option_string (enum gnupg_compliance_mode compliance)
{
- log_assert (initialized);
-
switch (compliance)
{
case CO_GNUPG: return "--compliance=gnupg";
-----------------------------------------------------------------------
Summary of changes:
common/compliance.c | 24 +++++++++++++++---------
1 file changed, 15 insertions(+), 9 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list