[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, gnutls_2_10_x, updated. gnutls_2_10_0-8-ge3617d
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, gnutls_2_10_x, updated. gnutls_2_10_0-8-ge3617dd |
|
Date: |
Mon, 05 Jul 2010 13:03:10 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=e3617dd08019470a7c225e01c14bedd2ada7e52a
The branch, gnutls_2_10_x has been updated
via e3617dd08019470a7c225e01c14bedd2ada7e52a (commit)
from 1e338d75555d50af19d9593bc27eb1334159af2a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit e3617dd08019470a7c225e01c14bedd2ada7e52a
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Jul 5 15:02:48 2010 +0200
Warn when generating DSA keys of size more than 1024.
-----------------------------------------------------------------------
Summary of changes:
NEWS | 3 +++
src/certtool.c | 7 ++++---
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/NEWS b/NEWS
index aaf4226..4c4a6a9 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,9 @@ See the end for copying conditions.
** libgnutls: Correctly deinitialize crypto API functions to prevent
a memory leak. Reported by Mads Kiilerich.
+certtool: If asked to generate DSA keys of size more than 1024 bits,
+issue a warning, that the output key might not be working everywhere.
+
certtool: The --pkcs-cipher is taken into account when generating a
private key. The default cipher used now is aes-128. The old behavior can
be simulated by specifying "--pkcs-cipher 3des-pkcs12".
diff --git a/src/certtool.c b/src/certtool.c
index da81902..4ffc721 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -172,9 +172,10 @@ generate_private_key_int (void)
if (info.dsa)
{
key_type = GNUTLS_PK_DSA;
- /* FIXME: Remove me once we depend on 1.3.x */
- if (info.bits > 1024 && gcry_check_version ("1.3.1") == NULL)
- info.bits = 1024;
+ if (info.bits > 1024)
+ {
+ fprintf(stderr, "It is suggested for compatibility with other
implementations to use DSA keys bit length 1024\n");
+ }
}
else
key_type = GNUTLS_PK_RSA;
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, gnutls_2_10_x, updated. gnutls_2_10_0-8-ge3617dd,
Nikos Mavrogiannopoulos <=