pool/gpg2
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4eafdb296b
gpg2/gnupg-detect_FIPS_mode.patch
Pedro Monreal Gonzalez 1567d49408 Accepting request 1012076 from home:pmonrealgonzalez:branches:Base:System 
- GnuPG 2.3.8:
  * gpg: Do not consider unknown public keys as non-compliant while
    decrypting.
  * gpg: Avoid to emit a compliance mode line if Libgcrypt is
    non-compliant.
  * gpg: Improve --edit-key setpref command to ease c+p.
  * gpg: Emit an ERROR status if --quick-set-primary-uid fails and
    allow to pass the user ID by hash.
  * gpg: Actually show symmetric+pubkey encrypted data as de-vs
    compliant.  Add extra compliance checks for symkey_enc packets.
  * gpg: In de-vs mode use SHA-256 instead of SHA-1 as implicit
    preference.
  * gpgsm: Fix reporting of bad passphrase error during PKCS#11
    import.
  * agent: Fix a regression in "READKEY --format=ssh".
  * agent: New option --need-attr for KEYINFO.
  * agent: New attribute "Remote-list" for use by KEYINFO.
  * scd: Fix problem with Yubikey 5.4 firmware.
  * dirmngr: Fix CRL Distribution Point fallback to other schemes.
  * dirmngr: New LDAP server flag "areconly" (A-record-only).
  * dirmngr: Fix upload of multiple keys for an LDAP server specified
    using the colon format.
  * dirmngr: Use LDAP schema v2 when a Base DN is specified.
  * dirmngr: Avoid caching expired certificates.
  * wkd: Fix path traversal attack in gpg-wks-server. Add the mail
    address to the pending request data.
  * wkd: New command --mirror for gpg-wks-client.
  * gpg-auth: New tool for authentication.
  * New common.conf option no-autostart.
  * Silence warnings from AllowSetForegroundWindow unless

OBS-URL: https://build.opensuse.org/request/show/1012076
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=280
2022-10-17 18:43:45 +00:00

19 lines
784 B
Diff
Raw Blame History

Index: gnupg-2.3.8/g10/mainproc.c
===================================================================
--- gnupg-2.3.8.orig/g10/mainproc.c
+++ gnupg-2.3.8/g10/mainproc.c
@@ -1011,7 +1011,12 @@ proc_plaintext( CTX c, PACKET *pkt )
according to 2440, so hopefully it won't come up that often.
There is no good way to specify what algorithms to use in
that case, so these there are the historical answer. */
- gcry_md_enable (c->mfx.md, DIGEST_ALGO_RMD160);
+
+ /* Libgcrypt manual says that gcry_version_check must be called
+ * before calling gcry_fips_mode_active. */
+ gcry_check_version (NULL);
+ if(!gcry_fips_mode_active())
+ gcry_md_enable(c->mfx.md, DIGEST_ALGO_RMD160);
gcry_md_enable (c->mfx.md, DIGEST_ALGO_SHA1);
}
if (DBG_HASHING)
Reference in New Issue View Git Blame Copy Permalink