diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/gnupg/Makefile | 2 | ||||
-rw-r--r-- | security/gnupg/files/patch-getkey.c | 28 | ||||
-rw-r--r-- | security/gnupg/files/patch-keygen.c | 33 | ||||
-rw-r--r-- | security/gnupg1/Makefile | 2 | ||||
-rw-r--r-- | security/gnupg1/files/patch-getkey.c | 28 | ||||
-rw-r--r-- | security/gnupg1/files/patch-keygen.c | 33 |
6 files changed, 124 insertions, 2 deletions
diff --git a/security/gnupg/Makefile b/security/gnupg/Makefile index 0ee11e4..81e30c4 100644 --- a/security/gnupg/Makefile +++ b/security/gnupg/Makefile @@ -7,7 +7,7 @@ PORTNAME= gnupg PORTVERSION= 1.2.3 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GNUPG} MASTER_SITE_SUBDIR= gnupg diff --git a/security/gnupg/files/patch-getkey.c b/security/gnupg/files/patch-getkey.c new file mode 100644 index 0000000..fdbb5ec --- /dev/null +++ b/security/gnupg/files/patch-getkey.c @@ -0,0 +1,28 @@ +--- g10/getkey.c.orig Tue Jul 29 03:34:41 2003 ++++ g10/getkey.c Thu Nov 27 18:54:55 2003 +@@ -1655,6 +1655,11 @@ + if ( x ) /* mask it down to the actual allowed usage */ + key_usage &= x; + } ++ ++ /* Type 20 Elgamal keys are not usable. */ ++ if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL) ++ key_usage=0; ++ + pk->pubkey_usage = key_usage; + + if ( !key_expire_seen ) { +@@ -1869,6 +1874,13 @@ + if ( x ) /* mask it down to the actual allowed usage */ + key_usage &= x; + } ++ ++ /* Type 20 Elgamal subkeys or any subkey on a type 20 primary are ++ not usable. */ ++ if(mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL ++ || subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL) ++ key_usage=0; ++ + subpk->pubkey_usage = key_usage; + + p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); diff --git a/security/gnupg/files/patch-keygen.c b/security/gnupg/files/patch-keygen.c new file mode 100644 index 0000000..b4051ed --- /dev/null +++ b/security/gnupg/files/patch-keygen.c @@ -0,0 +1,33 @@ +--- g10/keygen.c.orig Tue Jul 29 03:34:41 2003 ++++ g10/keygen.c Thu Nov 27 18:54:55 2003 +@@ -958,8 +958,6 @@ + tty_printf( _(" (%d) DSA (sign only)\n"), 2 ); + if( addmode ) + tty_printf( _(" (%d) ElGamal (encrypt only)\n"), 3 ); +- if (opt.expert) +- tty_printf( _(" (%d) ElGamal (sign and encrypt)\n"), 4 ); + tty_printf( _(" (%d) RSA (sign only)\n"), 5 ); + if (addmode) + tty_printf( _(" (%d) RSA (encrypt only)\n"), 6 ); +@@ -989,21 +987,6 @@ + algo = PUBKEY_ALGO_RSA; + *r_usage = PUBKEY_USAGE_SIG; + break; +- } +- else if( algo == 4 && opt.expert) +- { +- tty_printf(_( +-"The use of this algorithm is only supported by GnuPG. You will not be\n" +-"able to use this key to communicate with PGP users. This algorithm is also\n" +-"very slow, and may not be as secure as the other choices.\n")); +- +- if( cpr_get_answer_is_yes("keygen.algo.elg_se", +- _("Create anyway? "))) +- { +- algo = PUBKEY_ALGO_ELGAMAL; +- *r_usage = PUBKEY_USAGE_ENC | PUBKEY_USAGE_SIG; +- break; +- } + } + else if( algo == 3 && addmode ) { + algo = PUBKEY_ALGO_ELGAMAL_E; diff --git a/security/gnupg1/Makefile b/security/gnupg1/Makefile index 0ee11e4..81e30c4 100644 --- a/security/gnupg1/Makefile +++ b/security/gnupg1/Makefile @@ -7,7 +7,7 @@ PORTNAME= gnupg PORTVERSION= 1.2.3 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GNUPG} MASTER_SITE_SUBDIR= gnupg diff --git a/security/gnupg1/files/patch-getkey.c b/security/gnupg1/files/patch-getkey.c new file mode 100644 index 0000000..fdbb5ec --- /dev/null +++ b/security/gnupg1/files/patch-getkey.c @@ -0,0 +1,28 @@ +--- g10/getkey.c.orig Tue Jul 29 03:34:41 2003 ++++ g10/getkey.c Thu Nov 27 18:54:55 2003 +@@ -1655,6 +1655,11 @@ + if ( x ) /* mask it down to the actual allowed usage */ + key_usage &= x; + } ++ ++ /* Type 20 Elgamal keys are not usable. */ ++ if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL) ++ key_usage=0; ++ + pk->pubkey_usage = key_usage; + + if ( !key_expire_seen ) { +@@ -1869,6 +1874,13 @@ + if ( x ) /* mask it down to the actual allowed usage */ + key_usage &= x; + } ++ ++ /* Type 20 Elgamal subkeys or any subkey on a type 20 primary are ++ not usable. */ ++ if(mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL ++ || subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL) ++ key_usage=0; ++ + subpk->pubkey_usage = key_usage; + + p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); diff --git a/security/gnupg1/files/patch-keygen.c b/security/gnupg1/files/patch-keygen.c new file mode 100644 index 0000000..b4051ed --- /dev/null +++ b/security/gnupg1/files/patch-keygen.c @@ -0,0 +1,33 @@ +--- g10/keygen.c.orig Tue Jul 29 03:34:41 2003 ++++ g10/keygen.c Thu Nov 27 18:54:55 2003 +@@ -958,8 +958,6 @@ + tty_printf( _(" (%d) DSA (sign only)\n"), 2 ); + if( addmode ) + tty_printf( _(" (%d) ElGamal (encrypt only)\n"), 3 ); +- if (opt.expert) +- tty_printf( _(" (%d) ElGamal (sign and encrypt)\n"), 4 ); + tty_printf( _(" (%d) RSA (sign only)\n"), 5 ); + if (addmode) + tty_printf( _(" (%d) RSA (encrypt only)\n"), 6 ); +@@ -989,21 +987,6 @@ + algo = PUBKEY_ALGO_RSA; + *r_usage = PUBKEY_USAGE_SIG; + break; +- } +- else if( algo == 4 && opt.expert) +- { +- tty_printf(_( +-"The use of this algorithm is only supported by GnuPG. You will not be\n" +-"able to use this key to communicate with PGP users. This algorithm is also\n" +-"very slow, and may not be as secure as the other choices.\n")); +- +- if( cpr_get_answer_is_yes("keygen.algo.elg_se", +- _("Create anyway? "))) +- { +- algo = PUBKEY_ALGO_ELGAMAL; +- *r_usage = PUBKEY_USAGE_ENC | PUBKEY_USAGE_SIG; +- break; +- } + } + else if( algo == 3 && addmode ) { + algo = PUBKEY_ALGO_ELGAMAL_E; |