summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Dittberner <jandd@cacert.org>2020-05-17 00:07:48 +0200
committerJan Dittberner <jandd@cacert.org>2020-05-17 00:07:48 +0200
commitfcd88cae43ef981a6c2ddfa28a62543f0d671d3c (patch)
tree7850bf7b47e1a44aa42e3e9750ad00a9daca4d82
parentd328ebd6ad641a9caf4c80208a14d3b8f768edc0 (diff)
downloadcacert-devel-fcd88cae43ef981a6c2ddfa28a62543f0d671d3c.tar.gz
cacert-devel-fcd88cae43ef981a6c2ddfa28a62543f0d671d3c.tar.xz
cacert-devel-fcd88cae43ef981a6c2ddfa28a62543f0d671d3c.zip
Set GPG digest algorithm to SHA256
This commit fixes https://bugs.cacert.org/view.php?id=1473 by setting the cert-digest-algo parameter of gpg to SHA256.
-rwxr-xr-xCommModule/server.pl4
1 files changed, 3 insertions, 1 deletions
diff --git a/CommModule/server.pl b/CommModule/server.pl
index 3fd77e6..7e0e1e8 100755
--- a/CommModule/server.pl
+++ b/CommModule/server.pl
@@ -26,6 +26,8 @@ my $serialport="/dev/ttyUSB0";
my $CPSUrl="http://www.cacert.org/cps.php";
+my $GPGCertDigestAlgo="SHA256";
+
my $OCSPUrl="http://ocsp.cacert.org/";
my $gpgbin="/usr/bin/gpg";
@@ -688,7 +690,7 @@ sub SignOpenPGP
$ENV{'LANG'}="";
- my $line="$gpgbin --no-tty --default-key $gpgID --homedir $homedir --default-cert-expire $days"."d --ask-cert-expire --cert-policy-url $CPSUrl --command-fd 0 --status-fd 1 --logger-fd 2 --sign-key $keyid ";
+ my $line="$gpgbin --no-tty --default-key $gpgID --homedir $homedir --default-cert-expire $days"."d --ask-cert-expire --cert-policy-url $CPSUrl --command-fd 0 --cert-digest-algo $GPGCertDigestAlgo --status-fd 1 --logger-fd 2 --sign-key $keyid ";
SysLog($line."\n");
my $pid = open3($stdin,$stdout,$stderr,$line);