mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-03 12:11:33 +01:00
Fixed problem with PGP2 style signatures and mutilple plaintext data
This commit is contained in:
Werner Koch
parent
09203be1c6
commit
a200f76dcf
@ -26,7 +26,7 @@ min_automake_version="1.9.3"
|
|||||||
|
|
||||||
# Remember to change the version number immediately *after* a release
|
# Remember to change the version number immediately *after* a release
|
||||||
# and remove the "-cvs" or "rc" suffix immediately *before* a release.
|
# and remove the "-cvs" or "rc" suffix immediately *before* a release.
|
||||||
AC_INIT(gnupg, 1.4.3rc1, bug-gnupg@gnu.org)
|
AC_INIT(gnupg, 1.4.3-cvs, bug-gnupg@gnu.org)
|
||||||
# Set development_version to yes if the minor number is odd or you
|
# Set development_version to yes if the minor number is odd or you
|
||||||
# feel that the default check for a development version is not
|
# feel that the default check for a development version is not
|
||||||
# sufficient.
|
# sufficient.
|
||||||
|
|||||||
@ -1,3 +1,8 @@
|
|||||||
|
2006-03-06 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* mainproc.c (check_sig_and_print): Check for multiple plaintexts
|
||||||
|
before a signature. Reported by Tavis Ormandy.
|
||||||
|
|
||||||
2006-03-05 Werner Koch <wk@g10code.com>
|
2006-03-05 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
* plaintext.c (handle_plaintext): Replace assert by explict error
|
* plaintext.c (handle_plaintext): Replace assert by explict error
|
||||||
|
|||||||
@ -680,7 +680,8 @@ proc_plaintext( CTX c, PACKET *pkt )
|
|||||||
for( data++, datalen--; datalen; datalen--, data++ )
|
for( data++, datalen--; datalen; datalen--, data++ )
|
||||||
md_enable( c->mfx.md, *data );
|
md_enable( c->mfx.md, *data );
|
||||||
any = 1;
|
any = 1;
|
||||||
break; /* no pass signature packets are expected */
|
break; /* Stop here as one-pass signature packets are not
|
||||||
|
expected. */
|
||||||
}
|
}
|
||||||
else if(n->pkt->pkttype==PKT_SIGNATURE)
|
else if(n->pkt->pkttype==PKT_SIGNATURE)
|
||||||
{
|
{
|
||||||
@ -1164,7 +1165,7 @@ proc_signature_packets( void *anchor, IOBUF a,
|
|||||||
|
|
||||||
/* If we have not encountered any signature we print an error
|
/* If we have not encountered any signature we print an error
|
||||||
messages, send a NODATA status back and return an error code.
|
messages, send a NODATA status back and return an error code.
|
||||||
Using log_error is required becuase verify_files does not check
|
Using log_error is required because verify_files does not check
|
||||||
error codes for each file but we want to terminate the process
|
error codes for each file but we want to terminate the process
|
||||||
with an error. */
|
with an error. */
|
||||||
if (!rc && !c->any_sig_seen)
|
if (!rc && !c->any_sig_seen)
|
||||||
@ -1444,39 +1445,62 @@ check_sig_and_print( CTX c, KBNODE node )
|
|||||||
*/
|
*/
|
||||||
{
|
{
|
||||||
KBNODE n;
|
KBNODE n;
|
||||||
int n_sig=0;
|
int n_sig = 0;
|
||||||
|
int n_plaintext = 0;
|
||||||
|
int sig_seen, onepass_seen;
|
||||||
|
|
||||||
for (n=c->list; n; n=n->next ) {
|
for (n=c->list; n; n=n->next )
|
||||||
|
{
|
||||||
if ( n->pkt->pkttype == PKT_SIGNATURE )
|
if ( n->pkt->pkttype == PKT_SIGNATURE )
|
||||||
n_sig++;
|
n_sig++;
|
||||||
}
|
else if (n->pkt->pkttype == PKT_GPG_CONTROL
|
||||||
if (n_sig > 1) { /* more than one signature - check sequence */
|
&& (n->pkt->pkt.gpg_control->control
|
||||||
int tmp, onepass;
|
== CTRLPKT_PLAINTEXT_MARK) )
|
||||||
|
n_plaintext++;
|
||||||
for (tmp=onepass=0,n=c->list; n; n=n->next ) {
|
}
|
||||||
if (n->pkt->pkttype == PKT_ONEPASS_SIG)
|
|
||||||
onepass++;
|
for (sig_seen=onepass_seen=0,n=c->list; n; n=n->next )
|
||||||
else if (n->pkt->pkttype == PKT_GPG_CONTROL
|
{
|
||||||
&& n->pkt->pkt.gpg_control->control
|
if (n->pkt->pkttype == PKT_ONEPASS_SIG)
|
||||||
== CTRLPKT_CLEARSIGN_START ) {
|
{
|
||||||
onepass++; /* handle the same way as a onepass */
|
onepass_seen++;
|
||||||
}
|
}
|
||||||
else if ( (tmp && n->pkt->pkttype != PKT_SIGNATURE) ) {
|
else if (n->pkt->pkttype == PKT_GPG_CONTROL
|
||||||
log_error(_("can't handle these multiple signatures\n"));
|
&& (n->pkt->pkt.gpg_control->control
|
||||||
return 0;
|
== CTRLPKT_CLEARSIGN_START) )
|
||||||
}
|
{
|
||||||
else if ( n->pkt->pkttype == PKT_SIGNATURE )
|
onepass_seen++; /* Handle the same way as a onepass. */
|
||||||
tmp = 1;
|
}
|
||||||
else if (!tmp && !onepass
|
else if ( (sig_seen && n->pkt->pkttype != PKT_SIGNATURE) )
|
||||||
&& n->pkt->pkttype == PKT_GPG_CONTROL
|
{
|
||||||
&& n->pkt->pkt.gpg_control->control
|
log_error(_("can't handle these multiple signatures\n"));
|
||||||
== CTRLPKT_PLAINTEXT_MARK ) {
|
return 0;
|
||||||
/* plaintext before signatures but no one-pass packets*/
|
}
|
||||||
log_error(_("can't handle these multiple signatures\n"));
|
else if ( n->pkt->pkttype == PKT_SIGNATURE )
|
||||||
return 0;
|
{
|
||||||
}
|
sig_seen = 1;
|
||||||
}
|
}
|
||||||
}
|
else if (n_sig > 1 && !sig_seen && !onepass_seen
|
||||||
|
&& n->pkt->pkttype == PKT_GPG_CONTROL
|
||||||
|
&& (n->pkt->pkt.gpg_control->control
|
||||||
|
== CTRLPKT_PLAINTEXT_MARK) )
|
||||||
|
{
|
||||||
|
/* Plaintext before signatures but no onepass
|
||||||
|
signature packets. */
|
||||||
|
log_error(_("can't handle these multiple signatures\n"));
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
else if (n_plaintext > 1 && !sig_seen && !onepass_seen
|
||||||
|
&& n->pkt->pkttype == PKT_GPG_CONTROL
|
||||||
|
&& (n->pkt->pkt.gpg_control->control
|
||||||
|
== CTRLPKT_PLAINTEXT_MARK) )
|
||||||
|
{
|
||||||
|
/* More than one plaintext before a signature but no
|
||||||
|
onepass packets. */
|
||||||
|
log_error(_("can't handle this ambiguous signed data\n"));
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
astr = pubkey_algo_to_string( sig->pubkey_algo );
|
astr = pubkey_algo_to_string( sig->pubkey_algo );
|
||||||
|
|||||||
@ -1,5 +1,7 @@
|
|||||||
2006-02-14 Werner Koch <wk@gnupg.org>
|
2006-02-14 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
|
* w32installer.nsi: Don't use System.dll.
|
||||||
|
|
||||||
* autogen.sh (DIE): Add lost exit for --build-w32.
|
* autogen.sh (DIE): Add lost exit for --build-w32.
|
||||||
|
|
||||||
2005-10-02 Marcus Brinkmann <marcus@g10code.de>
|
2005-10-02 Marcus Brinkmann <marcus@g10code.de>
|
||||||
|
|||||||
@ -132,7 +132,7 @@ Page custom CustomPageOptions
|
|||||||
ReserveFile "opt.ini"
|
ReserveFile "opt.ini"
|
||||||
ReserveFile "COPYING.txt"
|
ReserveFile "COPYING.txt"
|
||||||
ReserveFile "README-W32.txt"
|
ReserveFile "README-W32.txt"
|
||||||
ReserveFile "${NSISDIR}/Plugins/System.dll"
|
#ReserveFile "${NSISDIR}/Plugins/System.dll"
|
||||||
ReserveFile "${NSISDIR}/Plugins/UserInfo.dll"
|
ReserveFile "${NSISDIR}/Plugins/UserInfo.dll"
|
||||||
|
|
||||||
|
|
||||||
@ -444,11 +444,14 @@ SectionEnd ; Uninstall
|
|||||||
; ---------
|
; ---------
|
||||||
|
|
||||||
Function .onInit
|
Function .onInit
|
||||||
System::Call 'kernel32::CreateMutexA(i 0, i 0, t "GnuPGInst") i .r1 ?e'
|
# We can't use System.dll anymore becuase it has bee removed from
|
||||||
Pop $R0
|
# Debian due to an inability to build using FS. We should use the
|
||||||
StrCmp $R0 0 +3
|
# use our own DLL as we do with gpg4win.
|
||||||
MessageBox MB_OK "An instance of the installer is already running."
|
#System::Call 'kernel32::CreateMutexA(i 0, i 0, t "GnuPGInst") i .r1 ?e'
|
||||||
Abort
|
#Pop $R0
|
||||||
|
#StrCmp $R0 0 +3
|
||||||
|
# MessageBox MB_OK "An instance of the installer is already running."
|
||||||
|
# Abort
|
||||||
|
|
||||||
;;!define MUI_LANGDLL_ALWAYSSHOW
|
;;!define MUI_LANGDLL_ALWAYSSHOW
|
||||||
!insertmacro MUI_LANGDLL_DISPLAY
|
!insertmacro MUI_LANGDLL_DISPLAY
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user