On Wed, Apr 5, 2017 at 3:45 PM, Ævar Arnfjörð Bjarmason <avarab@xxxxxxxxx> wrote: > On Wed, Apr 5, 2017 at 3:04 PM, Tom G. Christensen <tgc@xxxxxxxxxxxxxxx> wrote: >> This adds an OLD_GNUPG define to the Makefile which when activated will >> ensure git does not use the --keyid-format argument when calling the >> 'gpg' program. >> This is consistent with how 'gpg' was used in git < 2.10.0 and slightly >> decreases security. > > This changes the code Linus Torvalds added in b624a3e67f to mitigate > the evil32 project generating keys which looked the same for 32 bit > signatures. > > I think this change makes sense, but the Makefile should have a > slightly scarier warning, something like: > > "Define OLD_GNUPG if you need support for gnupg <1.4. Note that this > will cause git to only show the first 32 bits of PGP keys instead of > 64, and there's a wide variety of brute-forced 32 bit keys in the wild > thanks to the evil32 project (https://evil32.com). Enabling this will > make GPG work old versions, but you might be fooled into accepting grammar fix: "work on older versions".... > malicious keys as a result". > >> Signed-off-by: Tom G. Christensen <tgc@xxxxxxxxxxxxxxx> >> --- >> Makefile | 6 ++++++ >> gpg-interface.c | 2 ++ >> 2 files changed, 8 insertions(+) >> >> diff --git a/Makefile b/Makefile >> index ca9f16d19..f8f585d21 100644 >> --- a/Makefile >> +++ b/Makefile >> @@ -386,6 +386,8 @@ all:: >> # >> # to say "export LESS=FRX (and LV=-c) if the environment variable >> # LESS (and LV) is not set, respectively". >> +# >> +# Define OLD_GNUPG if you need support for gnupg < 1.4. >> >> GIT-VERSION-FILE: FORCE >> @$(SHELL_PATH) ./GIT-VERSION-GEN >> @@ -1529,6 +1531,10 @@ ifndef PAGER_ENV >> PAGER_ENV = LESS=FRX LV=-c >> endif >> >> +ifdef OLD_GNUPG >> + BASIC_CFLAGS += -DOLD_GNUPG >> +endif >> + >> QUIET_SUBDIR0 = +$(MAKE) -C # space to separate -C and subdir >> QUIET_SUBDIR1 = >> >> diff --git a/gpg-interface.c b/gpg-interface.c >> index e44cc27da..57f1ea792 100644 >> --- a/gpg-interface.c >> +++ b/gpg-interface.c >> @@ -224,7 +224,9 @@ int verify_signed_buffer(const char *payload, size_t payload_size, >> argv_array_pushl(&gpg.args, >> gpg_program, >> "--status-fd=1", >> +#ifndef OLD_GNUPG >> "--keyid-format=long", >> +#endif >> "--verify", temp.filename.buf, "-", >> NULL); >> >> -- >> 2.12.2 >>