security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

Fixed a wrong return code with gpg --verify

This commit is contained in:
Werner Koch 2006-02-14 10:17:57 +00:00
parent 2410941461
commit 966cd80d88
13 changed files with 121 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
checks/ChangeLog
View File

@ -1,3 +1,7 @@
2006-02-14 Werner Koch <wk@gnupg.org>
* verify.test: New.
2005-06-21 Werner Koch <wk@g10code.com>
* conventional.test (algos): Uhh ohh, cut+paste error and not

2
checks/Makefile.am
View File

@ -30,7 +30,7 @@ TESTS = version.test mds.test \
armsignencrypt.test armdetach.test \
armdetachm.test detachm.test genkey1024.test \
conventional.test conventional-mdc.test \
multisig.test
multisig.test verify.test
TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \

11
checks/verify.test Executable file
View File

@ -0,0 +1,11 @@
#!/bin/sh
. $srcdir/defs.inc || exit 3
#info check that verify fails for bad input data
../tools/mk-tdata --char 0x2d 64 >x
$GPG --verify x data-500 && error "no error code from verify"
../tools/mk-tdata --char 0xca 64 >x
$GPG --verify x data-500 && error "no error code from verify"
exit 0

4
doc/DETAILS
View File

@ -270,7 +270,9 @@ more arguments in future versions.
No data has been found. Codes for what are:
1 - No armored data.
2 - Expected a packet but did not found one.
3 - Invalid packet found, this may indicate a non OpenPGP message.
3 - Invalid packet found, this may indicate a non OpenPGP
message.
4 - signature expected but not found
You may see more than one of these status lines.
UNEXPECTED <what>

8
g10/ChangeLog
View File

@ -1,3 +1,11 @@
2006-02-14 Werner Koch <wk@gnupg.org>
* verify.c (verify_signatures): Print warning also for NO_DATA.
* mainproc.c (struct mainproc_context): New field any_sig_seen.
(add_signature): Set it.
(proc_signature_packets): Test and return NO_DATA.
2006-02-09 Werner Koch <wk@g10code.com>
* gpg.c (main) <oLockNever>: Disable random locking.

62
g10/mainproc.c
View File

@ -1,6 +1,6 @@
/* mainproc.c - handle packets
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
* 2005 Free Software Foundation, Inc.
* 2005, 2006 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@ -55,28 +55,31 @@ struct kidlist_item {
* Structure to hold the context
*/
typedef struct mainproc_context *CTX;
struct mainproc_context {
struct mainproc_context *anchor; /* may be useful in the future */
PKT_public_key *last_pubkey;
PKT_secret_key *last_seckey;
PKT_user_id *last_user_id;
md_filter_context_t mfx;
int sigs_only; /* process only signatures and reject all other stuff */
int encrypt_only; /* process only encryption messages */
STRLIST signed_data;
const char *sigfilename;
DEK *dek;
int last_was_session_key;
KBNODE list; /* the current list of packets */
int have_data;
IOBUF iobuf; /* used to get the filename etc. */
int trustletter; /* temp usage in list_node */
ulong symkeys;
struct kidlist_item *pkenc_list; /* list of encryption packets */
struct {
int op;
int stop_now;
} pipemode;
struct mainproc_context
{
struct mainproc_context *anchor; /* May be useful in the future. */
PKT_public_key *last_pubkey;
PKT_secret_key *last_seckey;
PKT_user_id *last_user_id;
md_filter_context_t mfx;
int sigs_only; /* Process only signatures and reject all other stuff. */
int encrypt_only; /* Process only encryption messages. */
STRLIST signed_data;
const char *sigfilename;
DEK *dek;
int last_was_session_key;
KBNODE list; /* The current list of packets. */
int have_data;
IOBUF iobuf; /* Used to get the filename etc. */
int trustletter; /* Temporary usage in list_node. */
ulong symkeys;
struct kidlist_item *pkenc_list; /* List of encryption packets. */
struct
{
int op;
int stop_now;
} pipemode;
int any_sig_seen; /* Set to true if a signature packet has been seen. */
};
@ -217,6 +220,7 @@ add_signature( CTX c, PACKET *pkt )
{
KBNODE node;
c->any_sig_seen = 1;
if( pkt->pkttype == PKT_SIGNATURE && !c->list ) {
/* This is the first signature for the following datafile.
* GPG does not write such packets; instead it always uses
@ -1152,6 +1156,18 @@ proc_signature_packets( void *anchor, IOBUF a,
c->signed_data = signedfiles;
c->sigfilename = sigfilename;
rc = do_proc_packets( c, a );
/* If we have not encountered any signature we print an error
messages, send a NODATA status back and return an error code.
Using log_error is required becuase verify_files does not check
error codes for each file but we want to terminate the process
with an error. */
if (!rc && !c->any_sig_seen)
{
write_status_text (STATUS_NODATA, "4");
log_error (_("no signature found\n"));
rc = G10ERR_NO_DATA;
}
xfree( c );
return rc;
}

2
g10/verify.c
View File

@ -113,7 +113,7 @@ verify_signatures( int nfiles, char **files )
rc = proc_signature_packets( NULL, fp, sl, sigfile );
free_strlist(sl);
iobuf_close(fp);
if( afx.no_openpgp_data && rc == -1 ) {
if( (afx.no_openpgp_data && rc == -1) || rc == G10ERR_NO_DATA ) {
log_error(_("the signature could not be verified.\n"
"Please remember that the signature file (.sig or .asc)\n"
"should be the first file given on the command line.\n") );

4
include/ChangeLog
View File

@ -1,3 +1,7 @@
2006-02-14 Werner Koch <wk@gnupg.org>
* errors.h (G10ERR_NO_DATA): New.
2005-12-23 David Shaw <dshaw@jabberwocky.com>
* util.h: Prototype get_cert().

1
include/errors.h
View File

@ -78,6 +78,7 @@
#define G10ERR_KEYSERVER 55
#define G10ERR_CANCELED 56
#define G10ERR_NO_CARD 57
#define G10ERR_NO_DATA 58
#ifndef HAVE_STRERROR
char *strerror (int n);

4
tools/ChangeLog
View File

@ -1,3 +1,7 @@
2006-02-14 Werner Koch <wk@gnupg.org>
* mk-tdata.c (main): Implement option --char.
2005-08-05 David Shaw <dshaw@jabberwocky.com>
* gpg-zip.in: Add --decrypt functionality. Fix quoting so

55
tools/mk-tdata.c
View File

@ -1,5 +1,5 @@
/* mk-tdata.c - Create some simple random testdata
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
* Copyright (C) 1998, 1999, 2000, 2001, 2006 Free Software Foundation, Inc.
*
* This file is free software; as a special exception the author gives
* unlimited permission to copy and/or distribute it, with or without
@ -13,6 +13,7 @@
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
@ -23,20 +24,44 @@
int
main(int argc, char **argv)
{
int i, c;
int limit =0;
int i, c = 0;
int limit =0;
int char_mode = 0;
limit = argc > 1 ? atoi(argv[1]) : 0;
srand(getpid());
for(i=0; !limit || i < limit; i++ ) {
#ifdef HAVE_RAND
c = ((unsigned)(1 + (int) (256.0*rand()/(RAND_MAX+1.0)))-1);
#else
c = ((unsigned)(1 + (int) (256.0*random()/(RAND_MAX+1.0)))-1);
#endif
putchar(c);
if (argc)
{
argc--;
argv++;
}
return 0;
/* Check for option --char N */
if (argc > 1 && !strcmp (argv[0], "--char"))
{
char_mode = 1;
c = strtol (argv[1], NULL, 0);
argc -= 2;
argv += 2;
}
limit = argc ? atoi(argv[0]) : 0;
srand(getpid());
for (i=0; !limit || i < limit; i++ )
{
if (char_mode)
{
putchar (c);
}
else
{
#ifdef HAVE_RAND
c = ((unsigned)(1 + (int) (256.0*rand()/(RAND_MAX+1.0)))-1);
#else
c = ((unsigned)(1 + (int) (256.0*random()/(RAND_MAX+1.0)))-1);
#endif
putchar (c);
}
}
return 0;
}

4
util/ChangeLog
View File

@ -1,3 +1,7 @@
2006-02-14 Werner Koch <wk@gnupg.org>
* errors.c (g10_errstr): Add NO_DATA.
2006-01-26 David Shaw <dshaw@jabberwocky.com>
* cert.c (get_cert): Disable IPGP types for now until the format

1
util/errors.c
View File

@ -108,6 +108,7 @@ g10_errstr( int err )
X(KEYSERVER ,N_("keyserver error"))
X(CANCELED ,N_("canceled"))
X(NO_CARD ,N_("no card"))
X(NO_DATA ,N_("no data"))
default: p = buf; sprintf(buf, "g10err=%d", err); break;
}
#undef X