From 928dba9e708cf8955e32371b762fd47ea251ee3d Mon Sep 17 00:00:00 2001
From: David Shaw <dshaw@jabberwocky.com>
Date: Tue, 30 Jul 2002 16:48:21 +0000
Subject: [PATCH] * options.h, g10.c (main), mainproc.c (proc_encrypted):
 Return a decryption failed error if a MDC does not verify.  Warn if a MDC is
 not present (can disable via --no-mdc-warning).

* exec.c (exec_write), g10.c (main), keyserver.c (keyserver_spawn): Use
new DISABLE_KEYSERVER_PATH rather than FIXED_EXEC_PATH.
---
 g10/ChangeLog   | 10 ++++++++++
 g10/exec.c      |  4 ----
 g10/g10.c       |  5 +++--
 g10/keyserver.c |  9 ++++++---
 g10/mainproc.c  |  3 +++
 g10/options.h   |  1 +
 6 files changed, 23 insertions(+), 9 deletions(-)

diff --git a/g10/ChangeLog b/g10/ChangeLog
index 17d16e24d..63c5c01df 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,13 @@
+2002-07-30  David Shaw  <dshaw@jabberwocky.com>
+
+	* options.h, g10.c (main), mainproc.c (proc_encrypted): Return a
+	decryption failed error if a MDC does not verify.  Warn if a MDC
+	is not present (can disable via --no-mdc-warning).
+
+	* exec.c (exec_write), g10.c (main), keyserver.c
+	(keyserver_spawn): Use new DISABLE_KEYSERVER_PATH rather than
+	FIXED_EXEC_PATH.
+
 2002-07-28  David Shaw  <dshaw@jabberwocky.com>
 
 	* sig-check.c (do_check): Properly validate v4 sigs with no hashed
diff --git a/g10/exec.c b/g10/exec.c
index 6b0a10cf1..a585fb7cb 100644
--- a/g10/exec.c
+++ b/g10/exec.c
@@ -330,10 +330,6 @@ int exec_write(struct exec_info **info,const char *program,
   if(program==NULL && args_in==NULL)
     BUG();
 
-#ifdef FIXED_EXEC_PATH
-  set_exec_path(FIXED_EXEC_PATH,0);
-#endif
-
   *info=m_alloc_clear(sizeof(struct exec_info));
 
   if(name)
diff --git a/g10/g10.c b/g10/g10.c
index fc50781a2..7da518e25 100644
--- a/g10/g10.c
+++ b/g10/g10.c
@@ -186,6 +186,7 @@ enum cmd_and_opt_values { aNull = 0,
     oTrustDBName,
     oNoSecmemWarn,
     oNoPermissionWarn,
+    oNoMDCWarn,
     oNoArmor,
     oNoDefKeyring,
     oNoGreeting,
@@ -491,6 +492,7 @@ static ARGPARSE_OPTS opts[] = {
     { oTrustDBName, "trustdb-name", 2, "@" },
     { oNoSecmemWarn, "no-secmem-warning", 0, "@" }, /* used only by regression tests */
     { oNoPermissionWarn, "no-permission-warning", 0, "@" },
+    { oNoMDCWarn, "no-mdc-warning", 0, "@" },
     { oNoArmor, "no-armor",   0, "@"},
     { oNoArmor, "no-armour",   0, "@"},
     { oNoDefKeyring, "no-default-keyring", 0, "@" },
@@ -1315,6 +1317,7 @@ main( int argc, char **argv )
 	  case oCertDigestAlgo: cert_digest_string = m_strdup(pargs.r.ret_str); break;
 	  case oNoSecmemWarn: secmem_set_flags( secmem_get_flags() | 1 ); break;
 	  case oNoPermissionWarn: opt.no_perm_warn=1; break;
+	  case oNoMDCWarn: opt.no_mdc_warn=1; break;
 	  case oCharset:
 	    if( set_native_charset( pargs.r.ret_str ) )
 		log_error(_("%s is not a valid character set\n"),
@@ -1362,12 +1365,10 @@ main( int argc, char **argv )
 	    break;
 	  case oTempDir: opt.temp_dir=pargs.r.ret_str; break;
 	  case oExecPath:
-#ifndef FIXED_EXEC_PATH
 	    if(set_exec_path(pargs.r.ret_str,0))
 	      log_error(_("unable to set exec-path to %s\n"),pargs.r.ret_str);
 	    else
 	      opt.exec_path_set=1;
-#endif
 	    break;
 	  case oNotation:
 	    add_notation_data( pargs.r.ret_str, 0 );
diff --git a/g10/keyserver.c b/g10/keyserver.c
index 61c71569c..59e87c8c2 100644
--- a/g10/keyserver.c
+++ b/g10/keyserver.c
@@ -339,13 +339,16 @@ keyserver_spawn(int action,STRLIST list,
   opt.keyserver_options.use_temp_files=1;
 #endif
 
-#ifndef FIXED_EXEC_PATH
-  /* Push the libdir into path */
+  /* Push the libexecdir into path.  If DISABLE_KEYSERVER_PATH is set,
+     use the 0 arg to replace the path. */
+#ifdef DISABLE_KEYSERVER_PATH
+  set_exec_path(GNUPG_LIBEXECDIR,0);
+#else
   set_exec_path(GNUPG_LIBEXECDIR,opt.exec_path_set);
 #endif
 
-  /* Build the filename for the helper to execute */
 
+  /* Build the filename for the helper to execute */
   command=m_alloc(strlen("gpgkeys_")+strlen(opt.keyserver_scheme)+1);
   strcpy(command,"gpgkeys_");
   strcat(command,opt.keyserver_scheme);
diff --git a/g10/mainproc.c b/g10/mainproc.c
index f5c1dfe9a..2004da1c7 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -498,10 +498,13 @@ proc_encrypted( CTX c, PACKET *pkt )
 	    log_info(_("decryption okay\n"));
 	if( pkt->pkt.encrypted->mdc_method )
 	    write_status( STATUS_GOODMDC );
+	else if(!opt.no_mdc_warn)
+	    log_info ("WARNING: message was not integrity protected\n");
     }
     else if( result == G10ERR_BAD_SIGN ) {
 	log_error(_("WARNING: encrypted message has been manipulated!\n"));
 	write_status( STATUS_BADMDC );
+	write_status( STATUS_DECRYPTION_FAILED );
     }
     else {
 	write_status( STATUS_DECRYPTION_FAILED );
diff --git a/g10/options.h b/g10/options.h
index db82bc4ad..814880360 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -141,6 +141,7 @@ struct {
                *personal_digest_prefs,
                *personal_compress_prefs;
     int no_perm_warn;
+    int no_mdc_warn;
     char *temp_dir;
     int no_encrypt_to;
     int interactive;