Fixed the detached signature bug.

Minor modifications for W32.
2025-07-03 22:56:33 +02:00 · 2000-11-30 12:08:36 +00:00 · 2000-11-30 12:08:36 +00:00 · 41913b7f01
commit 41913b7f01
parent daee3b1d9a
13 changed files with 136 additions and 27 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,18 @@
+2000-11-30  Werner Koch  <wk@gnupg.org>
+
+	* g10.c (main): Use iobuf_translate_file_handle for all options
+	with filehandles as arguments.  This is function does some magic
+	some for the W32 API.
+
+	* verify.c (verify_signatures): Add a comment rant about the
+	detached signature problem.
+	* mainproc.c (proc_tree): Issue an error if a detached signature
+	is assumed but a standard one was found.
+	* plaintext.c (hash_datafiles): Don't fall back to read signature
+	from stdin.
+	* openfile.c (open_sigfile): Print verbose message only if the
+	file could be accessed.
+
 2000-11-24  Werner Koch  <wk@gnupg.org>

 	* passphrase.c [HAVE_DOSISH_SYSTEM]: Disabled all the agent stuff.
--- a/g10/g10.c
+++ b/g10/g10.c
@ -47,7 +47,6 @@
 #include "g10defs.h"
 #include "hkp.h"

-
 enum cmd_and_opt_values { aNull = 0,
    oArmor	  = 'a',
    aDetachedSign = 'b',
@ -791,8 +790,13 @@ main( int argc, char **argv )
 	  case oKeyring: append_to_strlist( &nrings, pargs.r.ret_str); break;
 	  case oDebug: opt.debug |= pargs.r.ret_ulong; break;
 	  case oDebugAll: opt.debug = ~0; break;
-	  case oStatusFD: set_status_fd( pargs.r.ret_int ); break;
-	  case oLoggerFD: log_set_logfile( NULL, pargs.r.ret_int ); break;
+	  case oStatusFD:
+            set_status_fd( iobuf_translate_file_handle (pargs.r.ret_int, 1) );
+            break;
+	  case oLoggerFD:
+            log_set_logfile( NULL,
+                             iobuf_translate_file_handle (pargs.r.ret_int, 1) );
+            break;
 	  case oWithFingerprint:
 		with_fpr=1; /*fall thru*/
 	  case oFingerprint: opt.fingerprint++; break;
@ -905,8 +909,12 @@ main( int argc, char **argv )
 	    add_to_strlist2( &locusr, pargs.r.ret_str, utf8_strings );
 	    break;
 	  case oCompress: opt.compress = pargs.r.ret_int; break;
-	  case oPasswdFD: pwfd = pargs.r.ret_int; break;
-	  case oCommandFD: opt.command_fd = pargs.r.ret_int; break;
+	  case oPasswdFD:
+            pwfd = iobuf_translate_file_handle (pargs.r.ret_int, 0);
+            break;
+	  case oCommandFD:
+            opt.command_fd = iobuf_translate_file_handle (pargs.r.ret_int, 0);
+            break;
 	  case oCipherAlgo: def_cipher_string = m_strdup(pargs.r.ret_str); break;
 	  case oDigestAlgo: def_digest_string = m_strdup(pargs.r.ret_str); break;
 	  case oNoSecmemWarn: secmem_set_flags( secmem_get_flags() | 1 ); break;
@ -1002,6 +1010,7 @@ main( int argc, char **argv )
    set_debug();
    g10_opt_homedir = opt.homedir;

+
    /* must do this after dropping setuid, because string_to...
     * may try to load an module */
    if( def_cipher_string ) {
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -1299,6 +1299,10 @@ proc_tree( CTX c, KBNODE node )
 		return;
 	    }
 	}
+        else if ( c->signed_data ) {
+            log_error (_("not a detached signature\n") );
+            return;
+        }

 	for( n1 = node; (n1 = find_next_kbnode(n1, PKT_SIGNATURE )); )
 	    check_sig_and_print( c, n1 );
@ -1310,6 +1314,10 @@ proc_tree( CTX c, KBNODE node )
            log_error("cleartext signature without data\n" );
            return;
        }
+        else if ( c->signed_data ) {
+            log_error (_("not a detached signature\n") );
+            return;
+        }
 	
 	for( n1 = node; (n1 = find_next_kbnode(n1, PKT_SIGNATURE )); )
 	    check_sig_and_print( c, n1 );
@ -1368,6 +1376,10 @@ proc_tree( CTX c, KBNODE node )
 		return;
 	    }
 	}
+        else if ( c->signed_data ) {
+            log_error (_("not a detached signature\n") );
+            return;
+        }
 	else
 	    log_info(_("old style (PGP 2.x) signature\n"));

--- a/g10/openfile.c
+++ b/g10/openfile.c
@ -257,7 +257,7 @@ open_sigfile( const char *iname )
 	    buf = m_strdup(iname);
 	    buf[len-4] = 0 ;
 	    a = iobuf_open( buf );
-	    if( opt.verbose )
+	    if( a && opt.verbose )
 		log_info(_("assuming signed data in `%s'\n"), buf );
 	    m_free(buf);
 	}
--- a/g10/plaintext.c
+++ b/g10/plaintext.c
@ -370,7 +370,7 @@ hash_datafiles( MD_HANDLE md, MD_HANDLE md2, STRLIST files,
 		const char *sigfilename, int textmode )
 {
    IOBUF fp;
-    STRLIST sl=NULL;
+    STRLIST sl;

    if( !files ) {
 	/* check whether we can open the signed material */
@ -380,28 +380,26 @@ hash_datafiles( MD_HANDLE md, MD_HANDLE md2, STRLIST files,
 	    iobuf_close(fp);
 	    return 0;
 	}
-	/* no we can't (no sigfile) - read signed stuff from stdin */
-	add_to_strlist( &sl, "-");
+        log_error (_("no signed data\n"));
+        return G10ERR_OPEN_FILE;
    }
-    else
-	sl = files;

-    for( ; sl; sl = sl->next ) {
+
+    for (sl=files; sl; sl = sl->next ) {
 	fp = iobuf_open( sl->d );
 	if( !fp ) {
 	    log_error(_("can't open signed data `%s'\n"),
 						print_fname_stdin(sl->d));
-	    if( !files )
-		free_strlist(sl);
 	    return G10ERR_OPEN_FILE;
 	}
 	do_hash( md, md2, fp, textmode );
 	iobuf_close(fp);
    }

-    if( !files )
-	free_strlist(sl);
    return 0;
 }


+
+
+
--- a/g10/verify.c
+++ b/g10/verify.c
@ -24,6 +24,7 @@
 #include <string.h>
 #include <errno.h>
 #include <assert.h>
+#include <unistd.h> /* for isatty() */

 #include "options.h"
 #include "packet.h"
@ -60,6 +61,31 @@ verify_signatures( int nfiles, char **files )
    STRLIST sl;

    memset( &afx, 0, sizeof afx);
+    /* decide whether we should handle a detached or a normal signature,
+     * which is needed so that the code later can hash the correct data and
+     * not have a normal signature act as detached signature and ignoring the
+     * indended signed material from the 2nd file or stdin.
+     * 1. gpg <file        - normal
+     * 2. gpg file         - normal (or detached)
+     * 3. gpg file <file2  - detached
+     * 4. gpg file file2   - detached
+     * The question is how decide between case 2 and 3?  The only way
+     * we can do it is by reading one byte from stdin and the unget
+     * it; the problem here is that we may be reading from the
+     * terminal (which could be detected using isatty() but won't work
+     * when under contol of a pty using program (e.g. expect)) and
+     * might get us in trouble when stdin is used for another purpose
+     * (--passphrase-fd 0).  So we have to break with the behaviour
+     * prior to gpg 1.0.4 by assuming that case 3 is a normal
+     * signature (where file2 is ignored and require for a detached
+     * signature to indicate signed material comes from stdin by using
+     * case 4 with a file2 of "-".
+     *
+     * Actually we don't have to change anything here but can handle
+     * that all quite easily in mainproc.c 
+     */
+     
+
    sigfile = nfiles? *files : NULL;

    /* open the signature file */