More tests added; make distcheck works

g10/ChangeLog

@@ -1,3 +1,9 @@
+2006-03-07  Werner Koch  <wk@g10code.com>
+
+	* mainproc.c (proc_signature_packets): Return any_sig_seen to caller.
+	(check_sig_and_print): Option to partly allow the old behaviour.
+	* gpg.c: New option --allow-multisig-verification.
+
 2006-03-06  David Shaw  <dshaw@jabberwocky.com>
 
 	* sign.c (make_keysig_packet): Don't use MD5 for a RSA_S key as

g10/gpg.c

@@ -362,6 +362,7 @@ enum cmd_and_opt_values
     oNoRequireBacksigs,
     oAutoKeyLocate,
     oNoAutoKeyLocate,
+    oAllowMultisigVerification,
 
     oNoop
   };
@@ -699,6 +700,8 @@ static ARGPARSE_OPTS opts[] = {
 #if defined(ENABLE_CARD_SUPPORT) && defined(HAVE_LIBUSB)
     { oDebugCCIDDriver, "debug-ccid-driver", 0, "@"},
 #endif
+    { oAllowMultisigVerification, "allow-multisig-verification", 0, "@"},
+
     /* These two are aliases to help users of the PGP command line
        product use gpg with minimal pain.  Many commands are common
        already as they seem to have borrowed commands from us.  Now
@@ -2669,6 +2672,10 @@ main (int argc, char **argv )
 	    release_akl();
 	    break;
 
+          case oAllowMultisigVerification:
+            opt.allow_multisig_verification = 1;
+            break;
+
 	  case oNoop: break;
 
 	  default : pargs.err = configfp? 1:2; break;

g10/mainproc.c

@@ -1163,6 +1163,13 @@ proc_signature_packets( void *anchor, IOBUF a,
         log_error (_("no signature found\n"));
         rc = G10ERR_NO_DATA;
       }
+
+    /* Propagate the signature seen flag upward. Do this only on
+       success so that we won't issue the nodata status several
+       times. */
+    if (!rc && c->anchor && c->any_sig_seen)
+      c->anchor->any_sig_seen = 1;
+
     xfree( c );
     return rc;
 }
@@ -1445,8 +1452,8 @@ check_sig_and_print( CTX c, KBNODE node )
     KBNODE n;
     int n_onepass, n_sig;
 
-    log_debug ("checking signature packet composition\n");
-    dump_kbnode (c->list);
+/*     log_debug ("checking signature packet composition\n"); */
+/*     dump_kbnode (c->list); */
 
     n = c->list;
     assert (n);
@@ -1482,7 +1489,9 @@ check_sig_and_print( CTX c, KBNODE node )
         for (n_sig=0, n = n->next;
              n && n->pkt->pkttype == PKT_SIGNATURE; n = n->next)
           n_sig++;
-        if (n || !n_sig)
+        if (!n_sig)
+          goto ambiguous;
+        if (n && !opt.allow_multisig_verification)
           goto ambiguous;
         if (n_onepass != n_sig)
           {

g10/options.h

@@ -231,6 +231,9 @@ struct
     struct akl *next;
   } *auto_key_locate;
 
+  /* True if multiple concatenated signatures may be verified. */
+  int allow_multisig_verification; 
+
 } opt;
 
 /* CTRL is used to keep some global variables we currently can't