security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity

Fixed a wrong return code with gpg --verify

Browse Source
This commit is contained in:
Werner Koch 2006-02-14 10:17:57 +00:00
parent 2410941461
commit 966cd80d88
13 changed files with 121 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
checks/ChangeLog
View File

@ -1,3 +1,7 @@
2006-02-14 Werner Koch <wk@gnupg.org>
* verify.test: New.
2005-06-21 Werner Koch <wk@g10code.com> 2005-06-21 Werner Koch <wk@g10code.com>
* conventional.test (algos): Uhh ohh, cut+paste error and not * conventional.test (algos): Uhh ohh, cut+paste error and not

2
checks/Makefile.am
View File

@ -30,7 +30,7 @@ TESTS = version.test mds.test \
armsignencrypt.test armdetach.test \ armsignencrypt.test armdetach.test \
armdetachm.test detachm.test genkey1024.test \ armdetachm.test detachm.test genkey1024.test \
conventional.test conventional-mdc.test \ conventional.test conventional-mdc.test \
multisig.test multisig.test verify.test
TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \ TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \

11
checks/verify.test Executable file
View File

@ -0,0 +1,11 @@
#!/bin/sh
. $srcdir/defs.inc || exit 3
#info check that verify fails for bad input data
../tools/mk-tdata --char 0x2d 64 >x
$GPG --verify x data-500 && error "no error code from verify"
../tools/mk-tdata --char 0xca 64 >x
$GPG --verify x data-500 && error "no error code from verify"
exit 0

4
doc/DETAILS
View File

@ -270,7 +270,9 @@ more arguments in future versions.
No data has been found. Codes for what are: No data has been found. Codes for what are:
1 - No armored data. 1 - No armored data.
2 - Expected a packet but did not found one. 2 - Expected a packet but did not found one.
3 - Invalid packet found, this may indicate a non OpenPGP message. 3 - Invalid packet found, this may indicate a non OpenPGP
message.
4 - signature expected but not found
You may see more than one of these status lines. You may see more than one of these status lines.
UNEXPECTED <what> UNEXPECTED <what>

8
g10/ChangeLog
View File

@ -1,3 +1,11 @@
2006-02-14 Werner Koch <wk@gnupg.org>
* verify.c (verify_signatures): Print warning also for NO_DATA.
* mainproc.c (struct mainproc_context): New field any_sig_seen.
(add_signature): Set it.
(proc_signature_packets): Test and return NO_DATA.
2006-02-09 Werner Koch <wk@g10code.com> 2006-02-09 Werner Koch <wk@g10code.com>
* gpg.c (main) <oLockNever>: Disable random locking. * gpg.c (main) <oLockNever>: Disable random locking.

62
g10/mainproc.c
View File

@ -1,6 +1,6 @@
/* mainproc.c - handle packets /* mainproc.c - handle packets
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
* 2005 Free Software Foundation, Inc. * 2005, 2006 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -55,28 +55,31 @@ struct kidlist_item {
* Structure to hold the context * Structure to hold the context
*/ */
typedef struct mainproc_context *CTX; typedef struct mainproc_context *CTX;
struct mainproc_context { struct mainproc_context
struct mainproc_context *anchor; /* may be useful in the future */ {
PKT_public_key *last_pubkey; struct mainproc_context *anchor; /* May be useful in the future. */
PKT_secret_key *last_seckey; PKT_public_key *last_pubkey;
PKT_user_id *last_user_id; PKT_secret_key *last_seckey;
md_filter_context_t mfx; PKT_user_id *last_user_id;
int sigs_only; /* process only signatures and reject all other stuff */ md_filter_context_t mfx;
int encrypt_only; /* process only encryption messages */ int sigs_only; /* Process only signatures and reject all other stuff. */
STRLIST signed_data; int encrypt_only; /* Process only encryption messages. */
const char *sigfilename; STRLIST signed_data;
DEK *dek; const char *sigfilename;
int last_was_session_key; DEK *dek;
KBNODE list; /* the current list of packets */ int last_was_session_key;
int have_data; KBNODE list; /* The current list of packets. */
IOBUF iobuf; /* used to get the filename etc. */ int have_data;
int trustletter; /* temp usage in list_node */ IOBUF iobuf; /* Used to get the filename etc. */
ulong symkeys; int trustletter; /* Temporary usage in list_node. */
struct kidlist_item *pkenc_list; /* list of encryption packets */ ulong symkeys;
struct { struct kidlist_item *pkenc_list; /* List of encryption packets. */
int op; struct
int stop_now; {
} pipemode; int op;
int stop_now;
} pipemode;
int any_sig_seen; /* Set to true if a signature packet has been seen. */
}; };
@ -217,6 +220,7 @@ add_signature( CTX c, PACKET *pkt )
{ {
KBNODE node; KBNODE node;
c->any_sig_seen = 1;
if( pkt->pkttype == PKT_SIGNATURE && !c->list ) { if( pkt->pkttype == PKT_SIGNATURE && !c->list ) {
/* This is the first signature for the following datafile. /* This is the first signature for the following datafile.
* GPG does not write such packets; instead it always uses * GPG does not write such packets; instead it always uses
@ -1152,6 +1156,18 @@ proc_signature_packets( void *anchor, IOBUF a,
c->signed_data = signedfiles; c->signed_data = signedfiles;
c->sigfilename = sigfilename; c->sigfilename = sigfilename;
rc = do_proc_packets( c, a ); rc = do_proc_packets( c, a );
/* If we have not encountered any signature we print an error
messages, send a NODATA status back and return an error code.
Using log_error is required becuase verify_files does not check
error codes for each file but we want to terminate the process
with an error. */
if (!rc && !c->any_sig_seen)
{
write_status_text (STATUS_NODATA, "4");
log_error (_("no signature found\n"));
rc = G10ERR_NO_DATA;
}
xfree( c ); xfree( c );
return rc; return rc;
} }

2
g10/verify.c
View File

@ -113,7 +113,7 @@ verify_signatures( int nfiles, char **files )
rc = proc_signature_packets( NULL, fp, sl, sigfile ); rc = proc_signature_packets( NULL, fp, sl, sigfile );
free_strlist(sl); free_strlist(sl);
iobuf_close(fp); iobuf_close(fp);
if( afx.no_openpgp_data && rc == -1 ) { if( (afx.no_openpgp_data && rc == -1) || rc == G10ERR_NO_DATA ) {
log_error(_("the signature could not be verified.\n" log_error(_("the signature could not be verified.\n"
"Please remember that the signature file (.sig or .asc)\n" "Please remember that the signature file (.sig or .asc)\n"
"should be the first file given on the command line.\n") ); "should be the first file given on the command line.\n") );

4
include/ChangeLog
View File

@ -1,3 +1,7 @@
2006-02-14 Werner Koch <wk@gnupg.org>
* errors.h (G10ERR_NO_DATA): New.
2005-12-23 David Shaw <dshaw@jabberwocky.com> 2005-12-23 David Shaw <dshaw@jabberwocky.com>
* util.h: Prototype get_cert(). * util.h: Prototype get_cert().

1
include/errors.h
View File

@ -78,6 +78,7 @@
#define G10ERR_KEYSERVER 55 #define G10ERR_KEYSERVER 55
#define G10ERR_CANCELED 56 #define G10ERR_CANCELED 56
#define G10ERR_NO_CARD 57 #define G10ERR_NO_CARD 57
#define G10ERR_NO_DATA 58
#ifndef HAVE_STRERROR #ifndef HAVE_STRERROR
char *strerror (int n); char *strerror (int n);

4
tools/ChangeLog
View File

@ -1,3 +1,7 @@
2006-02-14 Werner Koch <wk@gnupg.org>
* mk-tdata.c (main): Implement option --char.
2005-08-05 David Shaw <dshaw@jabberwocky.com> 2005-08-05 David Shaw <dshaw@jabberwocky.com>
* gpg-zip.in: Add --decrypt functionality. Fix quoting so * gpg-zip.in: Add --decrypt functionality. Fix quoting so

55
tools/mk-tdata.c
View File

@ -1,5 +1,5 @@
/* mk-tdata.c - Create some simple random testdata /* mk-tdata.c - Create some simple random testdata
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc. * Copyright (C) 1998, 1999, 2000, 2001, 2006 Free Software Foundation, Inc.
* *
* This file is free software; as a special exception the author gives * This file is free software; as a special exception the author gives
* unlimited permission to copy and/or distribute it, with or without * unlimited permission to copy and/or distribute it, with or without
@ -13,6 +13,7 @@
#include <config.h> #include <config.h>
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h>
#include <unistd.h> #include <unistd.h>
@ -23,20 +24,44 @@
int int
main(int argc, char **argv) main(int argc, char **argv)
{ {
int i, c; int i, c = 0;
int limit =0; int limit =0;
int char_mode = 0;
limit = argc > 1 ? atoi(argv[1]) : 0; if (argc)
{
srand(getpid()); argc--;
argv++;
for(i=0; !limit || i < limit; i++ ) {
#ifdef HAVE_RAND
c = ((unsigned)(1 + (int) (256.0*rand()/(RAND_MAX+1.0)))-1);
#else
c = ((unsigned)(1 + (int) (256.0*random()/(RAND_MAX+1.0)))-1);
#endif
putchar(c);
} }
return 0;
/* Check for option --char N */
if (argc > 1 && !strcmp (argv[0], "--char"))
{
char_mode = 1;
c = strtol (argv[1], NULL, 0);
argc -= 2;
argv += 2;
}
limit = argc ? atoi(argv[0]) : 0;
srand(getpid());
for (i=0; !limit || i < limit; i++ )
{
if (char_mode)
{
putchar (c);
}
else
{
#ifdef HAVE_RAND
c = ((unsigned)(1 + (int) (256.0*rand()/(RAND_MAX+1.0)))-1);
#else
c = ((unsigned)(1 + (int) (256.0*random()/(RAND_MAX+1.0)))-1);
#endif
putchar (c);
}
}
return 0;
} }

4
util/ChangeLog
View File

@ -1,3 +1,7 @@
2006-02-14 Werner Koch <wk@gnupg.org>
* errors.c (g10_errstr): Add NO_DATA.
2006-01-26 David Shaw <dshaw@jabberwocky.com> 2006-01-26 David Shaw <dshaw@jabberwocky.com>
* cert.c (get_cert): Disable IPGP types for now until the format * cert.c (get_cert): Disable IPGP types for now until the format

1
util/errors.c
View File

@ -108,6 +108,7 @@ g10_errstr( int err )
X(KEYSERVER ,N_("keyserver error")) X(KEYSERVER ,N_("keyserver error"))
X(CANCELED ,N_("canceled")) X(CANCELED ,N_("canceled"))
X(NO_CARD ,N_("no card")) X(NO_CARD ,N_("no card"))
X(NO_DATA ,N_("no data"))
default: p = buf; sprintf(buf, "g10err=%d", err); break; default: p = buf; sprintf(buf, "g10err=%d", err); break;
} }
#undef X #undef X