mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
Ported multiple-messages protection.
This commit is contained in:
parent
f6243073a8
commit
9491ab44c5
7
NEWS
7
NEWS
@ -1,6 +1,13 @@
|
|||||||
Noteworthy changes in version 2.0.3
|
Noteworthy changes in version 2.0.3
|
||||||
------------------------------------------------
|
------------------------------------------------
|
||||||
|
|
||||||
|
* By default, do not allow processing multiple plaintexts in a single
|
||||||
|
stream. Many programs that called GnuPG were assuming that GnuPG
|
||||||
|
did not permit this, and were thus not using the plaintext boundary
|
||||||
|
status tags that GnuPG provides. This change makes GnuPG reject
|
||||||
|
such messages by default which makes those programs safe again.
|
||||||
|
--allow-multiple-messages returns to the old behavior.
|
||||||
|
|
||||||
* New --verify-option show-primary-uid-only.
|
* New --verify-option show-primary-uid-only.
|
||||||
|
|
||||||
|
|
||||||
|
@ -1,3 +1,8 @@
|
|||||||
|
2007-03-04 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* gpg.texi (GPG Esoteric Options): Document
|
||||||
|
--allow-multiple-messages.
|
||||||
|
|
||||||
2007-02-26 Werner Koch <wk@g10code.com>
|
2007-02-26 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
* gpg.texi (GPG Configuration): Document envvar LANGUAGE.
|
* gpg.texi (GPG Configuration): Document envvar LANGUAGE.
|
||||||
|
14
doc/gpg.texi
14
doc/gpg.texi
@ -1985,7 +1985,7 @@ SHA224, SHA384, and SHA512 digests.
|
|||||||
@c ******** ESOTERIC OPTIONS ***************
|
@c ******** ESOTERIC OPTIONS ***************
|
||||||
@c *******************************************
|
@c *******************************************
|
||||||
@node GPG Esoteric Options
|
@node GPG Esoteric Options
|
||||||
@subsection Doing things one usually don't want to do.
|
@subsection Doing things one usually doesn't want to do.
|
||||||
|
|
||||||
@table @gnupgtabopt
|
@table @gnupgtabopt
|
||||||
|
|
||||||
@ -2380,11 +2380,13 @@ absolute date in the form YYYY-MM-DD. Defaults to "0".
|
|||||||
@item --allow-secret-key-import
|
@item --allow-secret-key-import
|
||||||
This is an obsolete option and is not used anywhere.
|
This is an obsolete option and is not used anywhere.
|
||||||
|
|
||||||
@item --allow-multisig-verification
|
@item --allow-multiple-messages
|
||||||
Allow verification of concatenated signed messages. This will run a
|
@item --no-allow-multiple-messages
|
||||||
signature verification for each data+signature block. There are some
|
Allow processing of multiple OpenPGP messages contained in a single
|
||||||
security issues with this option and thus it is off by default. Note
|
file or stream. Some programs that call GPG are not prepared to deal
|
||||||
that versions of GPG prior to version 1.4.3 implicitly allowed this.
|
with multiple messages being processed together, so this option
|
||||||
|
defaults to no. Note that versions of GPG prior to 1.4.7 always
|
||||||
|
allowed multiple messages.
|
||||||
|
|
||||||
@item --enable-special-filenames
|
@item --enable-special-filenames
|
||||||
This options enables a mode in which filenames of the form
|
This options enables a mode in which filenames of the form
|
||||||
|
@ -1,3 +1,20 @@
|
|||||||
|
2007-03-05 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
Converted this file to UTF-8.
|
||||||
|
|
||||||
|
Ported David and my multiple messages changes from 1.4.7.
|
||||||
|
|
||||||
|
* options.h, gpg.c (main), mainproc.c (check_sig_and_print): Allow
|
||||||
|
multiple sig verification again as this is protected via the
|
||||||
|
multiple-messages code. New option --allow-multiple-messages and
|
||||||
|
--no variant.
|
||||||
|
* status.h (STATUS_ERROR): New status code.
|
||||||
|
* status.c (get_status_string): Ditto.
|
||||||
|
* mainproc.c (proc_plaintext): Emit it if multiple messages are
|
||||||
|
detected. Error out if more than one plaintext packet is
|
||||||
|
encountered.
|
||||||
|
* mainproc.c (literals_seen): New.
|
||||||
|
|
||||||
2007-02-26 Werner Koch <wk@g10code.com>
|
2007-02-26 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
* gpg.c (main): Add verify option show-primary-uid-only.
|
* gpg.c (main): Add verify option show-primary-uid-only.
|
||||||
@ -1756,7 +1773,7 @@
|
|||||||
2003-04-10 Werner Koch <wk@gnupg.org>
|
2003-04-10 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
* passphrase.c (read_passphrase_from_fd): Do a dummy read if the
|
* passphrase.c (read_passphrase_from_fd): Do a dummy read if the
|
||||||
agent is to be used. Noted by Ingo Klöcker.
|
agent is to be used. Noted by Ingo Klöcker.
|
||||||
(agent_get_passphrase): Inhibit caching when we have no
|
(agent_get_passphrase): Inhibit caching when we have no
|
||||||
fingerprint. This is required for key generation as well as for
|
fingerprint. This is required for key generation as well as for
|
||||||
symmetric only encryption.
|
symmetric only encryption.
|
||||||
@ -2699,7 +2716,7 @@
|
|||||||
warning.
|
warning.
|
||||||
|
|
||||||
* passphrase.c (agent_get_passphrase): Fixed signed/unsigned char
|
* passphrase.c (agent_get_passphrase): Fixed signed/unsigned char
|
||||||
problem in %-escaping. Noted by Ingo Klöcker.
|
problem in %-escaping. Noted by Ingo Klöcker.
|
||||||
|
|
||||||
2002-10-03 David Shaw <dshaw@jabberwocky.com>
|
2002-10-03 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
@ -7027,12 +7044,12 @@ Fri Feb 11 17:44:40 CET 2000 Werner Koch <wk@gnupg.de>
|
|||||||
Thu Feb 10 17:39:44 CET 2000 Werner Koch <wk@gnupg.de>
|
Thu Feb 10 17:39:44 CET 2000 Werner Koch <wk@gnupg.de>
|
||||||
|
|
||||||
* keyedit.c (menu_expire): Fixed segv due to unitialized sub_pk.
|
* keyedit.c (menu_expire): Fixed segv due to unitialized sub_pk.
|
||||||
By Rémi.
|
By Rémi.
|
||||||
|
|
||||||
Thu Feb 10 11:39:41 CET 2000 Werner Koch <wk@gnupg.de>
|
Thu Feb 10 11:39:41 CET 2000 Werner Koch <wk@gnupg.de>
|
||||||
|
|
||||||
* keylist.c (list_keyblock): Don't print warnings in the middle of
|
* keylist.c (list_keyblock): Don't print warnings in the middle of
|
||||||
regulat output lines. By Rémi.
|
regulat output lines. By Rémi.
|
||||||
|
|
||||||
* sig-check.c: Include options.h
|
* sig-check.c: Include options.h
|
||||||
|
|
||||||
@ -7622,7 +7639,7 @@ Mon May 31 19:41:10 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
|||||||
* g10.c (main): Fix for SHM init (Michael).
|
* g10.c (main): Fix for SHM init (Michael).
|
||||||
|
|
||||||
* compress.c, encr-data.c, mdfilter.c,
|
* compress.c, encr-data.c, mdfilter.c,
|
||||||
plaintext.c, free-packet.c: Speed patches (Rémi).
|
plaintext.c, free-packet.c: Speed patches (Rémi).
|
||||||
|
|
||||||
Thu May 27 09:40:55 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
Thu May 27 09:40:55 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
||||||
|
|
||||||
@ -7647,7 +7664,7 @@ Wed May 26 14:36:29 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
|||||||
Tue May 25 19:50:32 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
Tue May 25 19:50:32 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
||||||
|
|
||||||
* sign.c (sign_file): Always use compression algo 1 for signed
|
* sign.c (sign_file): Always use compression algo 1 for signed
|
||||||
onyl file becuase we can´ be sure the the verifier supports other
|
onyl file becuase we can´ be sure the the verifier supports other
|
||||||
algorithms.
|
algorithms.
|
||||||
|
|
||||||
* build-packet.c (build_sig_subpkt): Support for notation data.
|
* build-packet.c (build_sig_subpkt): Support for notation data.
|
||||||
@ -7837,7 +7854,7 @@ Wed Apr 7 20:51:39 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
|||||||
(protect_secret_key). Ditto.
|
(protect_secret_key). Ditto.
|
||||||
* misc.c (print_cipher_algo_note): Twofish is now a standard algo.
|
* misc.c (print_cipher_algo_note): Twofish is now a standard algo.
|
||||||
|
|
||||||
* keygen.c (do_create): Fixed spelling (Gaël Quéri)
|
* keygen.c (do_create): Fixed spelling (Gaël Quéri)
|
||||||
(ask_keysize): Only allow keysizes up to 4096
|
(ask_keysize): Only allow keysizes up to 4096
|
||||||
|
|
||||||
* ringedit.c (add_keyblock_resource): chmod newly created secrings.
|
* ringedit.c (add_keyblock_resource): chmod newly created secrings.
|
||||||
@ -7880,7 +7897,7 @@ Wed Mar 17 13:09:03 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
|
|||||||
|
|
||||||
* trustdb.c (insert_trust_record): Always use the primary key.
|
* trustdb.c (insert_trust_record): Always use the primary key.
|
||||||
|
|
||||||
* encode.c (encode_simple): Added text_mode filter (Rémi Guyomarch)
|
* encode.c (encode_simple): Added text_mode filter (Rémi Guyomarch)
|
||||||
(encode_crypt): Ditto.
|
(encode_crypt): Ditto.
|
||||||
|
|
||||||
* mainproc.c (proc_pubkey_enc): Added status ENC_TO.
|
* mainproc.c (proc_pubkey_enc): Added status ENC_TO.
|
||||||
@ -9261,7 +9278,7 @@ Wed Apr 8 13:40:33 1998 Werner Koch (wk@isil.d.shuttle.de)
|
|||||||
|
|
||||||
Wed Apr 8 09:47:21 1998 Werner Koch (wk@isil.d.shuttle.de)
|
Wed Apr 8 09:47:21 1998 Werner Koch (wk@isil.d.shuttle.de)
|
||||||
|
|
||||||
* sig-check.c (do_check): Applied small fix from Ulf Möller.
|
* sig-check.c (do_check): Applied small fix from Ulf Möller.
|
||||||
|
|
||||||
Tue Apr 7 19:28:07 1998 Werner Koch (wk@isil.d.shuttle.de)
|
Tue Apr 7 19:28:07 1998 Werner Koch (wk@isil.d.shuttle.de)
|
||||||
|
|
||||||
@ -9640,7 +9657,7 @@ Thu Feb 12 22:24:42 1998 Werner Koch (wk@frodo)
|
|||||||
|
|
||||||
|
|
||||||
Copyright 1998,1999,2000,2001,2002,2003,2004,2005,
|
Copyright 1998,1999,2000,2001,2002,2003,2004,2005,
|
||||||
2006 Free Software Foundation, Inc.
|
2006,2007 Free Software Foundation, Inc.
|
||||||
|
|
||||||
This file is free software; as a special exception the author gives
|
This file is free software; as a special exception the author gives
|
||||||
unlimited permission to copy and/or distribute it, with or without
|
unlimited permission to copy and/or distribute it, with or without
|
||||||
|
17
g10/gpg.c
17
g10/gpg.c
@ -357,6 +357,8 @@ enum cmd_and_opt_values
|
|||||||
oAllowMultisigVerification,
|
oAllowMultisigVerification,
|
||||||
oEnableDSA2,
|
oEnableDSA2,
|
||||||
oDisableDSA2,
|
oDisableDSA2,
|
||||||
|
oAllowMultipleMessages,
|
||||||
|
oNoAllowMultipleMessages,
|
||||||
|
|
||||||
oNoop
|
oNoop
|
||||||
};
|
};
|
||||||
@ -692,6 +694,8 @@ static ARGPARSE_OPTS opts[] = {
|
|||||||
{ oAllowMultisigVerification, "allow-multisig-verification", 0, "@"},
|
{ oAllowMultisigVerification, "allow-multisig-verification", 0, "@"},
|
||||||
{ oEnableDSA2, "enable-dsa2", 0, "@"},
|
{ oEnableDSA2, "enable-dsa2", 0, "@"},
|
||||||
{ oDisableDSA2, "disable-dsa2", 0, "@"},
|
{ oDisableDSA2, "disable-dsa2", 0, "@"},
|
||||||
|
{ oAllowMultipleMessages, "allow-multiple-messages", 0, "@"},
|
||||||
|
{ oNoAllowMultipleMessages, "no-allow-multiple-messages", 0, "@"},
|
||||||
|
|
||||||
/* These two are aliases to help users of the PGP command line
|
/* These two are aliases to help users of the PGP command line
|
||||||
product use gpg with minimal pain. Many commands are common
|
product use gpg with minimal pain. Many commands are common
|
||||||
@ -2807,13 +2811,18 @@ main (int argc, char **argv )
|
|||||||
release_akl();
|
release_akl();
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case oAllowMultisigVerification:
|
|
||||||
opt.allow_multisig_verification = 1;
|
|
||||||
break;
|
|
||||||
|
|
||||||
case oEnableDSA2: opt.flags.dsa2=1; break;
|
case oEnableDSA2: opt.flags.dsa2=1; break;
|
||||||
case oDisableDSA2: opt.flags.dsa2=0; break;
|
case oDisableDSA2: opt.flags.dsa2=0; break;
|
||||||
|
|
||||||
|
case oAllowMultisigVerification:
|
||||||
|
case oAllowMultipleMessages:
|
||||||
|
opt.flags.allow_multiple_messages=1;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case oNoAllowMultipleMessages:
|
||||||
|
opt.flags.allow_multiple_messages=0;
|
||||||
|
break;
|
||||||
|
|
||||||
case oNoop: break;
|
case oNoop: break;
|
||||||
|
|
||||||
default : pargs.err = configfp? 1:2; break;
|
default : pargs.err = configfp? 1:2; break;
|
||||||
|
@ -98,10 +98,9 @@ struct mainproc_context
|
|||||||
|
|
||||||
|
|
||||||
static int do_proc_packets( CTX c, IOBUF a );
|
static int do_proc_packets( CTX c, IOBUF a );
|
||||||
|
|
||||||
static void list_node( CTX c, KBNODE node );
|
static void list_node( CTX c, KBNODE node );
|
||||||
static void proc_tree( CTX c, KBNODE node );
|
static void proc_tree( CTX c, KBNODE node );
|
||||||
|
static int literals_seen;
|
||||||
|
|
||||||
static void
|
static void
|
||||||
release_list( CTX c )
|
release_list( CTX c )
|
||||||
@ -596,6 +595,8 @@ proc_plaintext( CTX c, PACKET *pkt )
|
|||||||
int any, clearsig, only_md5, rc;
|
int any, clearsig, only_md5, rc;
|
||||||
KBNODE n;
|
KBNODE n;
|
||||||
|
|
||||||
|
literals_seen++;
|
||||||
|
|
||||||
if( pt->namelen == 8 && !memcmp( pt->name, "_CONSOLE", 8 ) )
|
if( pt->namelen == 8 && !memcmp( pt->name, "_CONSOLE", 8 ) )
|
||||||
log_info(_("NOTE: sender requested \"for-your-eyes-only\"\n"));
|
log_info(_("NOTE: sender requested \"for-your-eyes-only\"\n"));
|
||||||
else if( opt.verbose )
|
else if( opt.verbose )
|
||||||
@ -683,6 +684,22 @@ proc_plaintext( CTX c, PACKET *pkt )
|
|||||||
gcry_md_start_debug ( c->mfx.md2, "verify2" );
|
gcry_md_start_debug ( c->mfx.md2, "verify2" );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
rc=0;
|
||||||
|
|
||||||
|
if (literals_seen>1)
|
||||||
|
{
|
||||||
|
log_info (_("WARNING: multiple plaintexts seen\n"));
|
||||||
|
|
||||||
|
if (!opt.flags.allow_multiple_messages)
|
||||||
|
{
|
||||||
|
write_status_text (STATUS_ERROR, "proc_pkt.plaintext 89_BAD_DATA");
|
||||||
|
log_inc_errorcount ();
|
||||||
|
rc = gpg_error (GPG_ERR_UNEXPECTED);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!rc)
|
||||||
|
{
|
||||||
rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
|
rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
|
||||||
if ( gpg_err_code (rc) == GPG_ERR_EACCES && !c->sigs_only )
|
if ( gpg_err_code (rc) == GPG_ERR_EACCES && !c->sigs_only )
|
||||||
{
|
{
|
||||||
@ -690,6 +707,7 @@ proc_plaintext( CTX c, PACKET *pkt )
|
|||||||
signature. */
|
signature. */
|
||||||
rc = handle_plaintext( pt, &c->mfx, 1, clearsig );
|
rc = handle_plaintext( pt, &c->mfx, 1, clearsig );
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if( rc )
|
if( rc )
|
||||||
log_error( "handle plaintext failed: %s\n", g10_errstr(rc));
|
log_error( "handle plaintext failed: %s\n", g10_errstr(rc));
|
||||||
@ -1512,8 +1530,17 @@ check_sig_and_print( CTX c, KBNODE node )
|
|||||||
n_sig++;
|
n_sig++;
|
||||||
if (!n_sig)
|
if (!n_sig)
|
||||||
goto ambiguous;
|
goto ambiguous;
|
||||||
|
|
||||||
|
/* If we wanted to disallow multiple sig verification, we'd do
|
||||||
|
something like this:
|
||||||
|
|
||||||
if (n && !opt.allow_multisig_verification)
|
if (n && !opt.allow_multisig_verification)
|
||||||
goto ambiguous;
|
goto ambiguous;
|
||||||
|
|
||||||
|
However, now that we have --allow-multiple-messages, this
|
||||||
|
can stay allowable as we can't get here unless multiple
|
||||||
|
messages (i.e. multiple literals) are allowed. */
|
||||||
|
|
||||||
if (n_onepass != n_sig)
|
if (n_onepass != n_sig)
|
||||||
{
|
{
|
||||||
log_info ("number of one-pass packets does not match "
|
log_info ("number of one-pass packets does not match "
|
||||||
|
@ -227,6 +227,7 @@ struct
|
|||||||
unsigned int use_embedded_filename:1;
|
unsigned int use_embedded_filename:1;
|
||||||
unsigned int utf8_filename:1;
|
unsigned int utf8_filename:1;
|
||||||
unsigned int dsa2:1;
|
unsigned int dsa2:1;
|
||||||
|
unsigned int allow_multiple_messages:1;
|
||||||
} flags;
|
} flags;
|
||||||
|
|
||||||
/* Linked list of ways to find a key if the key isn't on the local
|
/* Linked list of ways to find a key if the key isn't on the local
|
||||||
@ -238,8 +239,6 @@ struct
|
|||||||
struct akl *next;
|
struct akl *next;
|
||||||
} *auto_key_locate;
|
} *auto_key_locate;
|
||||||
|
|
||||||
/* True if multiple concatenated signatures may be verified. */
|
|
||||||
int allow_multisig_verification;
|
|
||||||
int passwd_repeat;
|
int passwd_repeat;
|
||||||
} opt;
|
} opt;
|
||||||
|
|
||||||
|
@ -148,6 +148,7 @@ get_status_string ( int no )
|
|||||||
case STATUS_PKA_TRUST_BAD : s = "PKA_TRUST_BAD"; break;
|
case STATUS_PKA_TRUST_BAD : s = "PKA_TRUST_BAD"; break;
|
||||||
case STATUS_PKA_TRUST_GOOD : s = "PKA_TRUST_GOOD"; break;
|
case STATUS_PKA_TRUST_GOOD : s = "PKA_TRUST_GOOD"; break;
|
||||||
case STATUS_BEGIN_SIGNING : s = "BEGIN_SIGNING"; break;
|
case STATUS_BEGIN_SIGNING : s = "BEGIN_SIGNING"; break;
|
||||||
|
case STATUS_ERROR : s = "ERROR"; break;
|
||||||
default: s = "?"; break;
|
default: s = "?"; break;
|
||||||
}
|
}
|
||||||
return s;
|
return s;
|
||||||
|
@ -120,6 +120,8 @@
|
|||||||
|
|
||||||
#define STATUS_BEGIN_SIGNING 84
|
#define STATUS_BEGIN_SIGNING 84
|
||||||
|
|
||||||
|
#define STATUS_ERROR 85
|
||||||
|
|
||||||
|
|
||||||
/*-- status.c --*/
|
/*-- status.c --*/
|
||||||
void set_status_fd ( int fd );
|
void set_status_fd ( int fd );
|
||||||
|
@ -1,3 +1,9 @@
|
|||||||
|
2007-03-04 David Shaw <dshaw@jabberwocky.com> (wk)
|
||||||
|
|
||||||
|
* verify.test: Use --allow-multiple-messages instead of
|
||||||
|
--allow-multisig-verification. Two clearsigs in a row counds as a
|
||||||
|
multiple-message test.
|
||||||
|
|
||||||
2006-11-16 Werner Koch <wk@g10code.com>
|
2006-11-16 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
* Makefile.am (plain-large): Use gpg.texi instead of FAQ which
|
* Makefile.am (plain-large): Use gpg.texi instead of FAQ which
|
||||||
|
@ -121,8 +121,8 @@ IHBlb3BsZS4K
|
|||||||
|
|
||||||
|
|
||||||
# Two standard signed messages in a row
|
# Two standard signed messages in a row
|
||||||
tests="$tests msg_olsols_asc_multisig"
|
tests="$tests msg_olsols_asc_multiple"
|
||||||
msg_olsols_asc_multisig='-----BEGIN PGP MESSAGE-----
|
msg_olsols_asc_multiple='-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
kA0DAAIRLXJ8x2hpdzQBrQEHYgNtc2dEDFJaSSB0aGluayB0aGF0IGFsbCByaWdo
|
kA0DAAIRLXJ8x2hpdzQBrQEHYgNtc2dEDFJaSSB0aGluayB0aGF0IGFsbCByaWdo
|
||||||
dC10aGlua2luZyBwZW9wbGUgaW4gdGhpcyBjb3VudHJ5IGFyZSBzaWNrIGFuZAp0
|
dC10aGlua2luZyBwZW9wbGUgaW4gdGhpcyBjb3VudHJ5IGFyZSBzaWNrIGFuZAp0
|
||||||
@ -215,8 +215,8 @@ EOF
|
|||||||
`
|
`
|
||||||
|
|
||||||
# Two clear text signatures in a row
|
# Two clear text signatures in a row
|
||||||
tests="$tests msg_clsclss_asc"
|
tests="$tests msg_clsclss_asc_multiple"
|
||||||
msg_clsclss_asc="${msg_cls_asc}
|
msg_clsclss_asc_multiple="${msg_cls_asc}
|
||||||
${msg_clss_asc}"
|
${msg_clss_asc}"
|
||||||
|
|
||||||
|
|
||||||
@ -233,8 +233,8 @@ for i in $tests ; do
|
|||||||
msg_*_asc)
|
msg_*_asc)
|
||||||
$GPG --verify x || error "verify of $i failed"
|
$GPG --verify x || error "verify of $i failed"
|
||||||
;;
|
;;
|
||||||
msg_*_asc_multisig)
|
msg_*_asc_multiple)
|
||||||
$GPG --verify --allow-multisig-verification x \
|
$GPG --verify --allow-multiple-messages x \
|
||||||
|| error "verify of $i failed"
|
|| error "verify of $i failed"
|
||||||
$GPG --verify x && error "verify of $i succeeded but should not"
|
$GPG --verify x && error "verify of $i succeeded but should not"
|
||||||
;;
|
;;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user