head 1.12; access; symbols OPENPKG_2_STABLE_MP:1.9 OPENPKG_E1_MP_HEAD:1.9 OPENPKG_E1_MP:1.9 OPENPKG_E1_MP_2_STABLE:1.7 OPENPKG_E1_FP:1.7 OPENPKG_2_STABLE_20061018:1.7 OPENPKG_2_STABLE:1.7.0.2 OPENPKG_2_STABLE_BP:1.7 OPENPKG_2_5_SOLID:1.5.0.8 OPENPKG_2_5_SOLID_BP:1.5 OPENPKG_2_4_RELEASE:1.5 OPENPKG_2_4_SOLID:1.5.0.6 OPENPKG_2_4_SOLID_BP:1.5 OPENPKG_2_3_RELEASE:1.5 OPENPKG_2_3_SOLID:1.5.0.4 OPENPKG_2_3_SOLID_BP:1.5 OPENPKG_2_2_RELEASE:1.5 OPENPKG_2_2_SOLID:1.5.0.2 OPENPKG_2_2_SOLID_BP:1.5 OPENPKG_2_1_RELEASE:1.4 OPENPKG_2_1_SOLID:1.4.0.4 OPENPKG_2_1_SOLID_BP:1.4 OPENPKG_2_0_RELEASE:1.4 OPENPKG_2_0_SOLID:1.4.0.2 OPENPKG_2_0_SOLID_BP:1.4 OPENPKG_1_3_SOLID:1.2.0.2 OPENPKG_1_1_SOLID:1.1.0.4 OPENPKG_1_2_SOLID:1.1.0.2; locks; strict; comment @# @; 1.12 date 2009.09.06.21.15.03; author rse; state Exp; branches; next 1.11; commitid dmR1SortrSjjcF2u; 1.11 date 2007.12.21.08.23.17; author rse; state Exp; branches; next 1.10; commitid TjkhJ6kLmOU71hKs; 1.10 date 2007.07.06.10.51.43; author rse; state Exp; branches; next 1.9; commitid pRiYz0OUm50ReHos; 1.9 date 2006.12.06.17.09.25; author rse; state dead; branches; next 1.8; commitid DQK44PH7wEMU8uXr; 1.8 date 2006.11.28.07.07.33; author rse; state Exp; branches; next 1.7; commitid CGaUWTiARXon4pWr; 1.7 date 2006.04.03.18.25.33; author rse; state dead; branches 1.7.2.1; next 1.6; commitid xT5eFmachKBhvKrr; 1.6 date 2005.12.16.16.55.16; author rse; state Exp; branches; next 1.5; commitid SVIRnAtsFjUxtRdr; 1.5 date 2004.07.26.18.35.48; author rse; state dead; branches 1.5.4.1 1.5.6.1 1.5.8.1; next 1.4; 1.4 date 2004.01.13.13.26.45; author ms; state Exp; branches; next 1.3; 1.3 date 2003.12.24.10.36.11; author rse; state dead; branches; next 1.2; 1.2 date 2003.11.27.19.20.36; author rse; state Exp; branches 1.2.2.1; next 1.1; 1.1 date 2003.05.16.09.20.00; author rse; state dead; branches 1.1.2.1 1.1.4.1; next ; 1.7.2.1 date 2006.11.28.07.08.47; author rse; state Exp; branches; next 1.7.2.2; commitid LNMWsEsKcwTN4pWr; 1.7.2.2 date 2006.12.07.18.32.37; author rse; state dead; branches; next ; commitid cVkQw3uZeG3szCXr; 1.5.4.1 date 2006.02.17.23.03.22; author rse; state Exp; branches; next ; commitid 0o35hbA9qsXfuZlr; 1.5.6.1 date 2006.02.17.22.50.16; author rse; state Exp; branches; next ; commitid 38gd6wMscwiMpZlr; 1.5.8.1 date 2006.02.17.22.48.26; author rse; state Exp; branches; next 1.5.8.2; commitid 0h7pTER93H88pZlr; 1.5.8.2 date 2006.06.25.17.20.09; author rse; state Exp; branches; next ; commitid QM9BErDeL1MqtpCr; 1.2.2.1 date 2003.12.12.15.36.21; author thl; state Exp; branches; next ; 1.1.2.1 date 2003.05.16.09.20.00; author rse; state Exp; branches; next 1.1.2.2; 1.1.2.2 date 2003.12.12.15.45.58; author thl; state Exp; branches; next ; 1.1.4.1 date 2003.05.16.09.23.13; author rse; state Exp; branches; next ; desc @@ 1.12 log @upgrading package: gnupg 2.0.12 -> 2.0.13 @ text @Index: agent/genkey.c --- agent/genkey.c.orig 2009-06-29 08:20:15 +0200 +++ agent/genkey.c 2009-09-06 22:59:18 +0200 @@@@ -190,11 +190,9 @@@@ return gpg_error (GPG_ERR_INV_PASSPHRASE); desc = xtryasprintf - ( ngettext ("Warning: You have entered an insecure passphrase.%%0A" + ( "Warning: You have entered an insecure passphrase.%%0A" "A passphrase should be at least %u character long.", - "Warning: You have entered an insecure passphrase.%%0A" - "A passphrase should be at least %u characters long.", - minlen), minlen ); + minlen); if (!desc) return gpg_error_from_syserror (); err = take_this_one_anyway (ctrl, desc); Index: configure --- configure.orig 2009-09-04 18:09:14 +0200 +++ configure 2009-09-06 23:05:29 +0200 @@@@ -7992,13 +7992,13 @@@@ # Check wether it is necessary to link against libdl. # gnupg_dlopen_save_libs="$LIBS" -LIBS="" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dlopen" >&5 $as_echo_n "checking for library containing dlopen... " >&6; } if test "${ac_cv_search_dlopen+set}" = set; then : $as_echo_n "(cached) " >&6 else ac_func_search_save_LIBS=$LIBS + LIBS="" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @ 1.11 log @upgrading package: gnupg 2.0.7 -> 2.0.8 @ text @d2 3 a4 3 --- agent/genkey.c.orig 2007-11-19 16:11:31 +0100 +++ agent/genkey.c 2007-12-21 09:17:46 +0100 @@@@ -188,11 +188,9 @@@@ d19 3 a21 3 --- configure.orig 2007-12-20 09:40:04 +0100 +++ configure 2007-12-21 09:08:55 +0100 @@@@ -6909,13 +6909,13 @@@@ d26 4 a29 4 { echo "$as_me:$LINENO: checking for library containing dlopen" >&5 echo $ECHO_N "checking for library containing dlopen... $ECHO_C" >&6; } if test "${ac_cv_search_dlopen+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 d33 3 a35 3 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF @ 1.10 log @move gnupg2 to gnupg @ text @d2 13 a14 14 --- agent/genkey.c.orig 2007-01-25 10:43:10 +0100 +++ agent/genkey.c 2007-02-01 09:23:19 +0100 @@@@ -87,12 +87,9 @@@@ if (utf8_charcount (pw) < minlen ) { char *desc = xtryasprintf - ( ngettext ("Warning: You have entered a passphrase that%%0A" + ( "Warning: You have entered a passphrase that%%0A" "is obviously not secure. A passphrase should%%0A" - "be at least %u character long.", - "Warning: You have entered a passphrase that%%0A" - "is obviously not secure. A passphrase should%%0A" - "be at least %u characters long.", minlen), minlen ); + "be at least %u characters long.", minlen ); d17 1 a17 1 d19 3 a21 3 --- configure.orig 2007-01-31 15:09:31 +0100 +++ configure 2007-02-01 09:17:47 +0100 @@@@ -6916,13 +6916,13 @@@@ @ 1.9 log @upgrading package: gnupg 1.4.5 -> 1.4.6 @ text @d1 36 a36 16 Security Fix http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html Index: g10/openfile.c --- g10/openfile.c.orig 2006-07-31 16:00:19 +0200 +++ g10/openfile.c 2006-11-28 08:04:21 +0100 @@@@ -144,8 +144,8 @@@@ s = _("Enter new filename"); - n = strlen(s) + namelen + 10; defname = name && namelen? make_printable_string( name, namelen, 0): NULL; + n = strlen(s) + (defname ? strlen(defname) : 0) + 10; prompt = xmalloc(n); if( defname ) sprintf(prompt, "%s [%s]: ", s, defname ); @ 1.8 log @Security Fix @ text @@ 1.7 log @upgrading package: gnupg 1.4.2.2 -> 1.4.3 @ text @d1 2 a2 4 Fix operation under "--batch", which failed with: "Assertion failed: (pkt->pkt.generic), function build_packet, file build-packet.c, line 74." Taken from vendor repository via FreeBSD ports: http://www.freebsd.org/cgi/query-pr.cgi?pr=90105 d4 4 a7 29 Index: g10/keygen.c --- g10/keygen.c.orig 2005-06-21 14:22:17 +0200 +++ g10/keygen.c 2005-12-16 17:49:59 +0100 @@@@ -3243,15 +3243,21 @@@@ static int write_keyblock( IOBUF out, KBNODE node ) { - for( ; node ; node = node->next ) { - int rc = build_packet( out, node->pkt ); - if( rc ) { - log_error("build_packet(%d) failed: %s\n", + for( ; node ; node = node->next ) + { + if(!is_deleted_kbnode(node)) + { + int rc = build_packet( out, node->pkt ); + if( rc ) + { + log_error("build_packet(%d) failed: %s\n", node->pkt->pkttype, g10_errstr(rc) ); - return G10ERR_WRITE_FILE; + return G10ERR_WRITE_FILE; + } } } - return 0; + + return 0; } d9 1 d11 6 @ 1.7.2.1 log @MFC: Security Fix @ text @d1 4 a4 2 Security Fix http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html d6 29 a34 4 Index: g10/openfile.c --- g10/openfile.c.orig 2006-07-31 16:00:19 +0200 +++ g10/openfile.c 2006-11-28 08:04:21 +0100 @@@@ -144,8 +144,8 @@@@ a35 1 s = _("Enter new filename"); a36 6 - n = strlen(s) + namelen + 10; defname = name && namelen? make_printable_string( name, namelen, 0): NULL; + n = strlen(s) + (defname ? strlen(defname) : 0) + 10; prompt = xmalloc(n); if( defname ) sprintf(prompt, "%s [%s]: ", s, defname ); @ 1.7.2.2 log @MFC: security fixed version @ text @@ 1.6 log @Fix --batch operation @ text @@ 1.5 log @upgrading package: gnupg 1.2.4 -> 1.2.5 @ text @d1 34 a34 4 diff -Naur gnupg-1.2.4.orig/g10/compress-bz2.c gnupg-1.2.4/g10/compress-bz2.c --- gnupg-1.2.4.orig/g10/compress-bz2.c Tue Jan 13 14:13:28 2004 +++ gnupg-1.2.4/g10/compress-bz2.c Tue Jan 13 14:12:59 2004 @@@@ -20,6 +20,7 @@@@ a35 4 #include #include +#include #include a36 1 #include "util.h" @ 1.5.4.1 log @Security Fix (CVE-2006-0455) @ text @d1 4 a4 11 Security Fix (CVE-2006-0455) Index: g10/mainproc.c --- g10/mainproc.c.orig 2005-05-31 08:29:56 +0200 +++ g10/mainproc.c 2006-02-17 23:42:36 +0100 @@@@ -77,6 +77,7 @@@@ int op; int stop_now; } pipemode; + int any_sig_seen; /* Set to true if a signature packet has been seen. */ }; d6 4 d11 1 a11 61 @@@@ -217,6 +218,7 @@@@ { KBNODE node; + c->any_sig_seen = 1; if( pkt->pkttype == PKT_SIGNATURE && !c->list ) { /* This is the first signature for the following datafile. * GPG does not write such packets; instead it always uses @@@@ -1137,6 +1139,18 @@@@ c->signed_data = signedfiles; c->sigfilename = sigfilename; rc = do_proc_packets( c, a ); + + /* If we have not encountered any signature we print an error + messages, send a NODATA status back and return an error code. + Using log_error is required becuase verify_files does not check + error codes for each file but we want to terminate the process + with an error. */ + if (!rc && !c->any_sig_seen) + { + write_status_text (STATUS_NODATA, "4"); + log_error (_("no signature found\n")); + rc = G10ERR_NO_DATA; + } m_free( c ); return rc; } Index: g10/verify.c --- g10/verify.c.orig 2005-07-20 22:42:29 +0200 +++ g10/verify.c 2006-02-17 23:42:36 +0100 @@@@ -113,7 +113,7 @@@@ rc = proc_signature_packets( NULL, fp, sl, sigfile ); free_strlist(sl); iobuf_close(fp); - if( afx.no_openpgp_data && rc == -1 ) { + if( (afx.no_openpgp_data && rc == -1) || rc == G10ERR_NO_DATA ) { log_error(_("the signature could not be verified.\n" "Please remember that the signature file (.sig or .asc)\n" "should be the first file given on the command line.\n") ); Index: include/errors.h --- include/errors.h.orig 2005-05-31 08:30:04 +0200 +++ include/errors.h 2006-02-17 23:42:36 +0100 @@@@ -78,6 +78,7 @@@@ #define G10ERR_KEYSERVER 55 #define G10ERR_CANCELED 56 #define G10ERR_NO_CARD 57 +#define G10ERR_NO_DATA 58 #ifndef HAVE_STRERROR char *strerror (int n); Index: util/errors.c --- util/errors.c.orig 2005-05-31 08:30:16 +0200 +++ util/errors.c 2006-02-17 23:42:36 +0100 @@@@ -108,6 +108,7 @@@@ X(KEYSERVER ,N_("keyserver error")) X(CANCELED ,N_("canceled")) X(NO_CARD ,N_("no card")) + X(NO_DATA ,N_("no data")) default: p = buf; sprintf(buf, "g10err=%d", err); break; } #undef X @ 1.5.6.1 log @Security Fix (CVE-2006-0455) @ text @d1 4 a4 11 Security Fix (CVE-2006-0455) Index: g10/mainproc.c --- g10/mainproc.c.orig 2005-05-31 08:29:56 +0200 +++ g10/mainproc.c 2006-02-17 23:42:36 +0100 @@@@ -77,6 +77,7 @@@@ int op; int stop_now; } pipemode; + int any_sig_seen; /* Set to true if a signature packet has been seen. */ }; d6 4 d11 1 a11 61 @@@@ -217,6 +218,7 @@@@ { KBNODE node; + c->any_sig_seen = 1; if( pkt->pkttype == PKT_SIGNATURE && !c->list ) { /* This is the first signature for the following datafile. * GPG does not write such packets; instead it always uses @@@@ -1137,6 +1139,18 @@@@ c->signed_data = signedfiles; c->sigfilename = sigfilename; rc = do_proc_packets( c, a ); + + /* If we have not encountered any signature we print an error + messages, send a NODATA status back and return an error code. + Using log_error is required becuase verify_files does not check + error codes for each file but we want to terminate the process + with an error. */ + if (!rc && !c->any_sig_seen) + { + write_status_text (STATUS_NODATA, "4"); + log_error (_("no signature found\n")); + rc = G10ERR_NO_DATA; + } m_free( c ); return rc; } Index: g10/verify.c --- g10/verify.c.orig 2005-07-20 22:42:29 +0200 +++ g10/verify.c 2006-02-17 23:42:36 +0100 @@@@ -113,7 +113,7 @@@@ rc = proc_signature_packets( NULL, fp, sl, sigfile ); free_strlist(sl); iobuf_close(fp); - if( afx.no_openpgp_data && rc == -1 ) { + if( (afx.no_openpgp_data && rc == -1) || rc == G10ERR_NO_DATA ) { log_error(_("the signature could not be verified.\n" "Please remember that the signature file (.sig or .asc)\n" "should be the first file given on the command line.\n") ); Index: include/errors.h --- include/errors.h.orig 2005-05-31 08:30:04 +0200 +++ include/errors.h 2006-02-17 23:42:36 +0100 @@@@ -78,6 +78,7 @@@@ #define G10ERR_KEYSERVER 55 #define G10ERR_CANCELED 56 #define G10ERR_NO_CARD 57 +#define G10ERR_NO_DATA 58 #ifndef HAVE_STRERROR char *strerror (int n); Index: util/errors.c --- util/errors.c.orig 2005-05-31 08:30:16 +0200 +++ util/errors.c 2006-02-17 23:42:36 +0100 @@@@ -108,6 +108,7 @@@@ X(KEYSERVER ,N_("keyserver error")) X(CANCELED ,N_("canceled")) X(NO_CARD ,N_("no card")) + X(NO_DATA ,N_("no data")) default: p = buf; sprintf(buf, "g10err=%d", err); break; } #undef X @ 1.5.8.1 log @Security Fix (CVE-2006-0455) @ text @d1 4 a4 11 Security Fix (CVE-2006-0455) Index: g10/mainproc.c --- g10/mainproc.c.orig 2005-05-31 08:29:56 +0200 +++ g10/mainproc.c 2006-02-17 23:42:36 +0100 @@@@ -77,6 +77,7 @@@@ int op; int stop_now; } pipemode; + int any_sig_seen; /* Set to true if a signature packet has been seen. */ }; d6 4 d11 1 a11 61 @@@@ -217,6 +218,7 @@@@ { KBNODE node; + c->any_sig_seen = 1; if( pkt->pkttype == PKT_SIGNATURE && !c->list ) { /* This is the first signature for the following datafile. * GPG does not write such packets; instead it always uses @@@@ -1137,6 +1139,18 @@@@ c->signed_data = signedfiles; c->sigfilename = sigfilename; rc = do_proc_packets( c, a ); + + /* If we have not encountered any signature we print an error + messages, send a NODATA status back and return an error code. + Using log_error is required becuase verify_files does not check + error codes for each file but we want to terminate the process + with an error. */ + if (!rc && !c->any_sig_seen) + { + write_status_text (STATUS_NODATA, "4"); + log_error (_("no signature found\n")); + rc = G10ERR_NO_DATA; + } m_free( c ); return rc; } Index: g10/verify.c --- g10/verify.c.orig 2005-07-20 22:42:29 +0200 +++ g10/verify.c 2006-02-17 23:42:36 +0100 @@@@ -113,7 +113,7 @@@@ rc = proc_signature_packets( NULL, fp, sl, sigfile ); free_strlist(sl); iobuf_close(fp); - if( afx.no_openpgp_data && rc == -1 ) { + if( (afx.no_openpgp_data && rc == -1) || rc == G10ERR_NO_DATA ) { log_error(_("the signature could not be verified.\n" "Please remember that the signature file (.sig or .asc)\n" "should be the first file given on the command line.\n") ); Index: include/errors.h --- include/errors.h.orig 2005-05-31 08:30:04 +0200 +++ include/errors.h 2006-02-17 23:42:36 +0100 @@@@ -78,6 +78,7 @@@@ #define G10ERR_KEYSERVER 55 #define G10ERR_CANCELED 56 #define G10ERR_NO_CARD 57 +#define G10ERR_NO_DATA 58 #ifndef HAVE_STRERROR char *strerror (int n); Index: util/errors.c --- util/errors.c.orig 2005-05-31 08:30:16 +0200 +++ util/errors.c 2006-02-17 23:42:36 +0100 @@@@ -108,6 +108,7 @@@@ X(KEYSERVER ,N_("keyserver error")) X(CANCELED ,N_("canceled")) X(NO_CARD ,N_("no card")) + X(NO_DATA ,N_("no data")) default: p = buf; sprintf(buf, "g10err=%d", err); break; } #undef X @ 1.5.8.2 log @Security Fix (CVE-2006-3082) @ text @a74 29 ============================================================================= Security Fix (CVE-2006-3082) Index: g10/parse-packet.c --- g10/parse-packet.c.orig 2005-06-18 13:29:34 +0200 +++ g10/parse-packet.c 2006-06-25 19:17:27 +0200 @@@@ -1983,6 +1983,20 @@@@ { byte *p; + /* Cap the size of a user ID at 2k: a value absurdly large enough + that there is no sane user ID string (which is printable text + as of RFC2440bis) that won't fit in it, but yet small enough to + avoid allocation problems. A large pktlen may not be + allocatable, and a very large pktlen could actually cause our + allocation to wrap around in xmalloc to a small number. */ + + if(pktlen>2048) + { + log_error("packet(%d) too large\n", pkttype); + iobuf_skip_rest(inp, pktlen, 0); + return G10ERR_INVALID_PACKET; + } + packet->pkt.user_id = m_alloc(sizeof *packet->pkt.user_id + pktlen); packet->pkt.user_id->len = pktlen; @ 1.4 log @modifying package: gnupg-1.2.4 20031224 -> 20040113 @ text @@ 1.3 log @upgrading package: gnupg 1.2.3 -> 1.2.4 @ text @d1 4 a4 17 David Shaw wrote a patch against GnuPG 1.2.3 to disable the ability to create signatures using the ElGamal sign+encrypt (type 20) keys as well as to remove the option to create such keys. Index: g10/getkey.c --- g10/getkey.c 21 Jul 2003 14:55:00 -0000 1.78.2.20 +++ g10/getkey.c 27 Nov 2003 00:32:30 -0000 @@@@ -1655,6 +1655,11 @@@@ if ( x ) /* mask it down to the actual allowed usage */ key_usage &= x; } + + /* Type 20 Elgamal keys are not usable. */ + if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL) + key_usage=0; + pk->pubkey_usage = key_usage; d6 6 a11 49 if ( !key_expire_seen ) { @@@@ -1869,6 +1874,13 @@@@ if ( x ) /* mask it down to the actual allowed usage */ key_usage &= x; } + + /* Type 20 Elgamal subkeys or any subkey on a type 20 primary are + not usable. */ + if(mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL + || subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL) + key_usage=0; + subpk->pubkey_usage = key_usage; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); Index: g10/keygen.c --- g10/keygen.c 16 Jul 2003 03:09:15 -0000 1.90.2.11 +++ g10/keygen.c 27 Nov 2003 00:32:31 -0000 @@@@ -958,8 +958,6 @@@@ tty_printf( _(" (%d) DSA (sign only)\n"), 2 ); if( addmode ) tty_printf( _(" (%d) ElGamal (encrypt only)\n"), 3 ); - if (opt.expert) - tty_printf( _(" (%d) ElGamal (sign and encrypt)\n"), 4 ); tty_printf( _(" (%d) RSA (sign only)\n"), 5 ); if (addmode) tty_printf( _(" (%d) RSA (encrypt only)\n"), 6 ); @@@@ -989,21 +987,6 @@@@ algo = PUBKEY_ALGO_RSA; *r_usage = PUBKEY_USAGE_SIG; break; - } - else if( algo == 4 && opt.expert) - { - tty_printf(_( -"The use of this algorithm is only supported by GnuPG. You will not be\n" -"able to use this key to communicate with PGP users. This algorithm is also\n" -"very slow, and may not be as secure as the other choices.\n")); - - if( cpr_get_answer_is_yes("keygen.algo.elg_se", - _("Create anyway? "))) - { - algo = PUBKEY_ALGO_ELGAMAL; - *r_usage = PUBKEY_USAGE_ENC | PUBKEY_USAGE_SIG; - break; - } } else if( algo == 3 && addmode ) { algo = PUBKEY_ALGO_ELGAMAL_E; @ 1.2 log @include feature disabling patch Werner Koch posted on BugTraq until next release is available @ text @@ 1.2.2.1 log @CAN-2003-0971 @ text @d6 3 a8 3 --- g10/getkey.c.orig 2003-04-29 09:26:40.000000000 +0200 +++ g10/getkey.c 2003-12-12 16:27:56.000000000 +0100 @@@@ -1636,6 +1636,11 @@@@ d20 1 a20 1 @@@@ -1806,6 +1811,13 @@@@ d35 3 a37 3 --- g10/keygen.c.orig 2003-04-09 16:58:01.000000000 +0200 +++ g10/keygen.c 2003-12-12 16:28:23.000000000 +0100 @@@@ -953,8 +953,6 @@@@ d46 2 a47 1 @@@@ -985,20 +983,6 @@@@ d50 1 a50 1 } d62 1 d65 1 a65 1 - } a67 1 break; @ 1.1 log @file gnupg.patch was initially added on branch OPENPKG_1_2_SOLID. @ text @d1 67 @ 1.1.4.1 log @apply security bugfix @ text @a0 162 Index: g10/trustdb.c =================================================================== RCS file: /cvs/gnupg/gnupg/g10/trustdb.c,v retrieving revision 1.89.2.1 diff -u -r1.89.2.1 trustdb.c --- g10/trustdb.c 2 Oct 2002 21:56:03 -0000 1.89.2.1 +++ g10/trustdb.c 4 May 2003 01:12:38 -0000 @@@@ -808,16 +808,27 @@@@ while (recno) { read_record (recno, &vrec, RECTYPE_VALID); - if ( validity < (vrec.r.valid.validity & TRUST_MASK) ) - validity = (vrec.r.valid.validity & TRUST_MASK); - if ( namehash && !memcmp (vrec.r.valid.namehash, namehash, 20) ) - break; + if(namehash) + { + /* If namehash is given we return the trust for that user ID + ONLY. If the namehash is not found, then there is no + validity at all (i.e. the user ID wasn't signed). */ + if(memcmp(vrec.r.valid.namehash,namehash,20)==0) + { + validity=(vrec.r.valid.validity & TRUST_MASK); + break; + } + } + else + { + /* If no namehash is given, we take the maximum validity + over all user IDs */ + if ( validity < (vrec.r.valid.validity & TRUST_MASK) ) + validity = (vrec.r.valid.validity & TRUST_MASK); + } recno = vrec.r.valid.next; } - if (recno) /* okay, use the user ID associated one */ - validity = (vrec.r.valid.validity & TRUST_MASK); - if ( (trec.r.trust.ownertrust & TRUST_FLAG_DISABLED) ) validity |= TRUST_FLAG_DISABLED; Index: g10/pkclist.c =================================================================== RCS file: /cvs/gnupg/gnupg/g10/pkclist.c,v retrieving revision 1.73.2.1 diff -u -r1.73.2.1 pkclist.c --- g10/pkclist.c 17 Oct 2002 13:49:30 -0000 1.73.2.1 +++ g10/pkclist.c 4 May 2003 01:12:39 -0000 @@@@ -524,17 +524,23 @@@@ return 0; if( !opt.batch && !rc ) { - char *p; u32 keyid[2]; - size_t n; keyid_from_pk( pk, keyid); tty_printf( "%4u%c/%08lX %s \"", nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ), (ulong)keyid[1], datestr_from_pk( pk ) ); - p = get_user_id( keyid, &n ); - tty_print_utf8_string( p, n ), - m_free(p); + /* If the pk was chosen by a particular user ID, this is the + one to ask about. */ + if(pk->user_id) + tty_print_utf8_string(pk->user_id->name,pk->user_id->len); + else + { + size_t n; + char *p = get_user_id( keyid, &n ); + tty_print_utf8_string( p, n ); + m_free(p); + } tty_printf("\"\n"); print_fingerprint (pk, NULL, 2); tty_printf("\n"); @@@@ -887,8 +893,27 @@@@ } else { int trustlevel; + + /* Fill in the namehash so we can get the validity + for this particular UID. If we start using it + in more places than here, it might be good to + fill this in for all PKs. */ + + if(pk->user_id) + { + pk->namehash=m_alloc(20); + + if( pk->user_id->attrib_data ) + rmd160_hash_buffer (pk->namehash, + pk->user_id->attrib_data, + pk->user_id->attrib_len); + else + rmd160_hash_buffer (pk->namehash, + pk->user_id->name, + pk->user_id->len ); + } - trustlevel = get_validity (pk, NULL); + trustlevel = get_validity (pk, pk->namehash); if( (trustlevel & TRUST_FLAG_DISABLED) ) { tty_printf(_("Public key is disabled.\n") ); } @@@@ -901,8 +926,6 @@@@ } else { PK_LIST r; - char *p; - size_t n; u32 keyid[2]; keyid_from_pk( pk, keyid); @@@@ -911,9 +934,16 @@@@ pubkey_letter( pk->pubkey_algo ), (ulong)keyid[1], datestr_from_pk( pk ) ); - p = get_user_id( keyid, &n ); - tty_print_utf8_string( p, n ); - m_free(p); + if(pk->user_id) + tty_print_utf8_string(pk->user_id->name, + pk->user_id->len); + else + { + size_t n; + char *p = get_user_id( keyid, &n ); + tty_print_utf8_string( p, n ); + m_free(p); + } tty_printf("\"\n"); r = m_alloc( sizeof *r ); @@@@ -981,6 +1011,25 @@@@ } else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) { int trustlevel; + + /* Fill in the namehash so we can get the validity + for this particular UID. If we start using it + in more places than here, it might be good to + fill this in for all PKs. */ + + if(pk->user_id) + { + pk->namehash=m_alloc(20); + + if( pk->user_id->attrib_data ) + rmd160_hash_buffer (pk->namehash, + pk->user_id->attrib_data, + pk->user_id->attrib_len); + else + rmd160_hash_buffer (pk->namehash, + pk->user_id->name, + pk->user_id->len ); + } trustlevel = get_validity (pk, pk->namehash); if( (trustlevel & TRUST_FLAG_DISABLED) ) { @ 1.1.2.1 log @apply security bugfix (missing patch) @ text @a0 162 Index: g10/trustdb.c =================================================================== RCS file: /cvs/gnupg/gnupg/g10/trustdb.c,v retrieving revision 1.89.2.1 diff -u -r1.89.2.1 trustdb.c --- g10/trustdb.c 2 Oct 2002 21:56:03 -0000 1.89.2.1 +++ g10/trustdb.c 4 May 2003 01:12:38 -0000 @@@@ -808,16 +808,27 @@@@ while (recno) { read_record (recno, &vrec, RECTYPE_VALID); - if ( validity < (vrec.r.valid.validity & TRUST_MASK) ) - validity = (vrec.r.valid.validity & TRUST_MASK); - if ( namehash && !memcmp (vrec.r.valid.namehash, namehash, 20) ) - break; + if(namehash) + { + /* If namehash is given we return the trust for that user ID + ONLY. If the namehash is not found, then there is no + validity at all (i.e. the user ID wasn't signed). */ + if(memcmp(vrec.r.valid.namehash,namehash,20)==0) + { + validity=(vrec.r.valid.validity & TRUST_MASK); + break; + } + } + else + { + /* If no namehash is given, we take the maximum validity + over all user IDs */ + if ( validity < (vrec.r.valid.validity & TRUST_MASK) ) + validity = (vrec.r.valid.validity & TRUST_MASK); + } recno = vrec.r.valid.next; } - if (recno) /* okay, use the user ID associated one */ - validity = (vrec.r.valid.validity & TRUST_MASK); - if ( (trec.r.trust.ownertrust & TRUST_FLAG_DISABLED) ) validity |= TRUST_FLAG_DISABLED; Index: g10/pkclist.c =================================================================== RCS file: /cvs/gnupg/gnupg/g10/pkclist.c,v retrieving revision 1.73.2.1 diff -u -r1.73.2.1 pkclist.c --- g10/pkclist.c 17 Oct 2002 13:49:30 -0000 1.73.2.1 +++ g10/pkclist.c 4 May 2003 01:12:39 -0000 @@@@ -524,17 +524,23 @@@@ return 0; if( !opt.batch && !rc ) { - char *p; u32 keyid[2]; - size_t n; keyid_from_pk( pk, keyid); tty_printf( "%4u%c/%08lX %s \"", nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ), (ulong)keyid[1], datestr_from_pk( pk ) ); - p = get_user_id( keyid, &n ); - tty_print_utf8_string( p, n ), - m_free(p); + /* If the pk was chosen by a particular user ID, this is the + one to ask about. */ + if(pk->user_id) + tty_print_utf8_string(pk->user_id->name,pk->user_id->len); + else + { + size_t n; + char *p = get_user_id( keyid, &n ); + tty_print_utf8_string( p, n ); + m_free(p); + } tty_printf("\"\n"); print_fingerprint (pk, NULL, 2); tty_printf("\n"); @@@@ -887,8 +893,27 @@@@ } else { int trustlevel; + + /* Fill in the namehash so we can get the validity + for this particular UID. If we start using it + in more places than here, it might be good to + fill this in for all PKs. */ + + if(pk->user_id) + { + pk->namehash=m_alloc(20); + + if( pk->user_id->attrib_data ) + rmd160_hash_buffer (pk->namehash, + pk->user_id->attrib_data, + pk->user_id->attrib_len); + else + rmd160_hash_buffer (pk->namehash, + pk->user_id->name, + pk->user_id->len ); + } - trustlevel = get_validity (pk, NULL); + trustlevel = get_validity (pk, pk->namehash); if( (trustlevel & TRUST_FLAG_DISABLED) ) { tty_printf(_("Public key is disabled.\n") ); } @@@@ -901,8 +926,6 @@@@ } else { PK_LIST r; - char *p; - size_t n; u32 keyid[2]; keyid_from_pk( pk, keyid); @@@@ -911,9 +934,16 @@@@ pubkey_letter( pk->pubkey_algo ), (ulong)keyid[1], datestr_from_pk( pk ) ); - p = get_user_id( keyid, &n ); - tty_print_utf8_string( p, n ); - m_free(p); + if(pk->user_id) + tty_print_utf8_string(pk->user_id->name, + pk->user_id->len); + else + { + size_t n; + char *p = get_user_id( keyid, &n ); + tty_print_utf8_string( p, n ); + m_free(p); + } tty_printf("\"\n"); r = m_alloc( sizeof *r ); @@@@ -981,6 +1011,25 @@@@ } else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) { int trustlevel; + + /* Fill in the namehash so we can get the validity + for this particular UID. If we start using it + in more places than here, it might be good to + fill this in for all PKs. */ + + if(pk->user_id) + { + pk->namehash=m_alloc(20); + + if( pk->user_id->attrib_data ) + rmd160_hash_buffer (pk->namehash, + pk->user_id->attrib_data, + pk->user_id->attrib_len); + else + rmd160_hash_buffer (pk->namehash, + pk->user_id->name, + pk->user_id->len ); + } trustlevel = get_validity (pk, pk->namehash); if( (trustlevel & TRUST_FLAG_DISABLED) ) { @ 1.1.2.2 log @CAN-2003-0971 @ text @a162 60 David Shaw wrote a patch against GnuPG 1.2.3 to disable the ability to create signatures using the ElGamal sign+encrypt (type 20) keys as well as to remove the option to create such keys. Index: g10/getkey.c --- g10/getkey.c.orig 2002-10-12 13:39:35.000000000 +0200 +++ g10/getkey.c 2003-12-12 16:39:12.000000000 +0100 @@@@ -1566,6 +1566,11 @@@@ if ( x ) /* mask it down to the actual allowed usage */ key_usage &= x; } + + /* Type 20 Elgamal keys are not usable. */ + if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL) + key_usage=0; + pk->pubkey_usage = key_usage; if ( !key_expire_seen ) { @@@@ -1736,6 +1741,13 @@@@ if ( x ) /* mask it down to the actual allowed usage */ key_usage &= x; } + + /* Type 20 Elgamal subkeys or any subkey on a type 20 primary are + not usable. */ + if(mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL + || subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL) + key_usage=0; + subpk->pubkey_usage = key_usage; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); Index: g10/keygen.c --- g10/keygen.c.orig 2002-10-12 13:31:38.000000000 +0200 +++ g10/keygen.c 2003-12-12 16:40:26.000000000 +0100 @@@@ -944,8 +944,6 @@@@ tty_printf( _(" (%d) DSA (sign only)\n"), 2 ); if( addmode ) tty_printf( _(" (%d) ElGamal (encrypt only)\n"), 3 ); - if (opt.expert) - tty_printf( _(" (%d) ElGamal (sign and encrypt)\n"), 4 ); tty_printf( _(" (%d) RSA (sign only)\n"), 5 ); if (addmode) tty_printf( _(" (%d) RSA (encrypt only)\n"), 6 ); @@@@ -979,13 +977,6 @@@@ *r_usage = PUBKEY_USAGE_SIG; break; } - else if( algo == 4 && opt.expert) { - if( cpr_get_answer_is_yes("keygen.algo.elg_se",_( - "The use of this algorithm is deprecated - create anyway? "))){ - algo = PUBKEY_ALGO_ELGAMAL; - break; - } - } else if( algo == 3 && addmode ) { algo = PUBKEY_ALGO_ELGAMAL_E; break; @