gpg: Ignore the multiple message override options.

* g10/gpg.c (oAllowMultisigVerification) (oAllowMultipleMessages, oNoAllowMultipleMessages): Remove. (opts): Turn --allow-multisig-verification, --allow-multiple-messages and --no-allow-multiple-messages into NOPs * g10/options.h (struct opt): Remove flags.allow_multiple_messages. * g10/mainproc.c (proc_plaintext): Assume allow_multiple_messages is false. -- These options are very old compatibility hacks and should not be used anymore. We keep them as dummy options in case someone has them in the conf file. Signed-off-by: Werner Koch <wk@gnupg.org>
2024-12-22 10:19:57 +01:00 · 2018-05-30 22:05:57 +02:00 · 2018-05-30 22:05:57 +02:00 · d3d41146b3
commit d3d41146b3
parent 97183b5c0f
5 changed files with 17 additions and 50 deletions
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@ -3382,16 +3382,7 @@ This is an obsolete option and is not used anywhere.

@item --allow-multiple-messages
@item --no-allow-multiple-messages
-@opindex allow-multiple-messages
-Allow processing of multiple OpenPGP messages contained in a single file
-or stream.  Some programs that call GPG are not prepared to deal with
-multiple messages being processed together, so this option defaults to
-no.  Note that versions of GPG prior to 1.4.7 always allowed multiple
-messages.
-
-Warning: Do not use this option unless you need it as a temporary
-workaround!
-
+These are obsolete options; they have no more effect since GnuPG 2.2.8.

@item --enable-special-filenames
@opindex enable-special-filenames
--- a/g10/gpg.c
+++ b/g10/gpg.c
@ -401,13 +401,10 @@ enum cmd_and_opt_values
    oNoRequireCrossCert,
    oAutoKeyLocate,
    oNoAutoKeyLocate,
-    oAllowMultisigVerification,
    oEnableLargeRSA,
    oDisableLargeRSA,
    oEnableDSA2,
    oDisableDSA2,
-    oAllowMultipleMessages,
-    oNoAllowMultipleMessages,
    oAllowWeakDigestAlgos,
    oFakedSystemTime,
    oNoAutostart,
@ -863,14 +860,10 @@ static ARGPARSE_OPTS opts[] = {
  ARGPARSE_s_n (oExitOnStatusWriteError, "exit-on-status-write-error", "@"),
  ARGPARSE_s_i (oLimitCardInsertTries, "limit-card-insert-tries", "@"),

-  ARGPARSE_s_n (oAllowMultisigVerification,
-                "allow-multisig-verification", "@"),
  ARGPARSE_s_n (oEnableLargeRSA, "enable-large-rsa", "@"),
  ARGPARSE_s_n (oDisableLargeRSA, "disable-large-rsa", "@"),
  ARGPARSE_s_n (oEnableDSA2, "enable-dsa2", "@"),
  ARGPARSE_s_n (oDisableDSA2, "disable-dsa2", "@"),
-  ARGPARSE_s_n (oAllowMultipleMessages,      "allow-multiple-messages", "@"),
-  ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"),
  ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"),

  ARGPARSE_s_s (oDefaultNewKeyAlgo, "default-new-key-algo", "@"),
@ -918,7 +911,9 @@ static ARGPARSE_OPTS opts[] = {
  ARGPARSE_s_n (oNoop, "no-force-mdc", "@"),
  ARGPARSE_s_n (oNoop, "disable-mdc", "@"),
  ARGPARSE_s_n (oNoop, "no-disable-mdc", "@"),
-
+  ARGPARSE_s_n (oNoop, "allow-multisig-verification", "@"),
+  ARGPARSE_s_n (oNoop, "allow-multiple-messages", "@"),
+  ARGPARSE_s_n (oNoop, "no-allow-multiple-messages", "@"),

  ARGPARSE_end ()
 };
@ -3578,15 +3573,6 @@ main (int argc, char **argv)
 	  case oEnableDSA2: opt.flags.dsa2=1; break;
 	  case oDisableDSA2: opt.flags.dsa2=0; break;

-          case oAllowMultisigVerification:
-	  case oAllowMultipleMessages:
-	    opt.flags.allow_multiple_messages=1;
-	    break;
-
-	  case oNoAllowMultipleMessages:
-	    opt.flags.allow_multiple_messages=0;
-	    break;
-
          case oAllowWeakDigestAlgos:
            opt.flags.allow_weak_digest_algos = 1;
            break;
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -899,12 +899,9 @@ proc_plaintext( CTX c, PACKET *pkt )
    {
      log_info (_("WARNING: multiple plaintexts seen\n"));

-      if (!opt.flags.allow_multiple_messages)
-        {
-          write_status_text (STATUS_ERROR, "proc_pkt.plaintext 89_BAD_DATA");
-          log_inc_errorcount ();
-          rc = gpg_error (GPG_ERR_UNEXPECTED);
-        }
+      write_status_text (STATUS_ERROR, "proc_pkt.plaintext 89_BAD_DATA");
+      log_inc_errorcount ();
+      rc = gpg_error (GPG_ERR_UNEXPECTED);
    }

  if (!rc)
@ -1871,14 +1868,12 @@ check_sig_and_print (CTX c, kbnode_t node)
          goto ambiguous;

 	/* If we wanted to disallow multiple sig verification, we'd do
-	   something like this:
-
-	   if (n && !opt.allow_multisig_verification)
-             goto ambiguous;
-
-	   However, now that we have --allow-multiple-messages, this
-	   can stay allowable as we can't get here unless multiple
-	   messages (i.e. multiple literals) are allowed. */
+	 * something like this:
+         *
+	 * if (n)
+         *   goto ambiguous;
+         *
+         * However, this can stay allowable as we can't get here.  */

        if (n_onepass != n_sig)
          {
--- a/g10/options.h
+++ b/g10/options.h
@ -244,7 +244,6 @@ struct
    unsigned int use_embedded_filename:1;
    unsigned int utf8_filename:1;
    unsigned int dsa2:1;
-    unsigned int allow_multiple_messages:1;
    unsigned int allow_weak_digest_algos:1;
    unsigned int large_rsa:1;
    unsigned int disable_signer_uid:1;
--- a/tests/openpgp/verify.scm
+++ b/tests/openpgp/verify.scm
@ -51,16 +51,12 @@
 '(msg_ols_asc msg_cols_asc msg_sl_asc msg_oolss_asc msg_cls_asc msg_clss_asc))

 (for-each-p
- "Checking that a valid signature over multiple messages is verified as such"
+ "Checking that a valid signature over multiple messages is rejected"
 (lambda (armored-file)
-   (pipe:do
-    (pipe:echo (eval armored-file (current-environment)))
-    (pipe:spawn `(,@GPG --verify --allow-multiple-messages)))
   (catch '()
-	  (pipe:do
-	   (pipe:defer (lambda (sink)
-			 (display armored-file (fdopen sink "w"))))
-	   (pipe:spawn `(,@GPG --verify)))
+          (pipe:do
+           (pipe:echo (eval armored-file (current-environment)))
+           (pipe:spawn `(,@GPG --verify)))
 	  (fail "verification succeeded but should not")))
 '(msg_olsols_asc_multiple msg_clsclss_asc_multiple))