1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

gpg: Ignore the multiple message override options.

* g10/gpg.c (oAllowMultisigVerification)
(oAllowMultipleMessages, oNoAllowMultipleMessages): Remove.
(opts): Turn --allow-multisig-verification, --allow-multiple-messages
and --no-allow-multiple-messages into NOPs
* g10/options.h (struct opt): Remove flags.allow_multiple_messages.
* g10/mainproc.c (proc_plaintext): Assume allow_multiple_messages is
false.
--

These options are very old compatibility hacks and should not be used
anymore.  We keep them as dummy options in case someone has them in
the conf file.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2018-05-30 22:05:57 +02:00
parent 97183b5c0f
commit d3d41146b3
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
5 changed files with 17 additions and 50 deletions

View File

@ -3382,16 +3382,7 @@ This is an obsolete option and is not used anywhere.
@item --allow-multiple-messages
@item --no-allow-multiple-messages
@opindex allow-multiple-messages
Allow processing of multiple OpenPGP messages contained in a single file
or stream. Some programs that call GPG are not prepared to deal with
multiple messages being processed together, so this option defaults to
no. Note that versions of GPG prior to 1.4.7 always allowed multiple
messages.
Warning: Do not use this option unless you need it as a temporary
workaround!
These are obsolete options; they have no more effect since GnuPG 2.2.8.
@item --enable-special-filenames
@opindex enable-special-filenames

View File

@ -401,13 +401,10 @@ enum cmd_and_opt_values
oNoRequireCrossCert,
oAutoKeyLocate,
oNoAutoKeyLocate,
oAllowMultisigVerification,
oEnableLargeRSA,
oDisableLargeRSA,
oEnableDSA2,
oDisableDSA2,
oAllowMultipleMessages,
oNoAllowMultipleMessages,
oAllowWeakDigestAlgos,
oFakedSystemTime,
oNoAutostart,
@ -863,14 +860,10 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_n (oExitOnStatusWriteError, "exit-on-status-write-error", "@"),
ARGPARSE_s_i (oLimitCardInsertTries, "limit-card-insert-tries", "@"),
ARGPARSE_s_n (oAllowMultisigVerification,
"allow-multisig-verification", "@"),
ARGPARSE_s_n (oEnableLargeRSA, "enable-large-rsa", "@"),
ARGPARSE_s_n (oDisableLargeRSA, "disable-large-rsa", "@"),
ARGPARSE_s_n (oEnableDSA2, "enable-dsa2", "@"),
ARGPARSE_s_n (oDisableDSA2, "disable-dsa2", "@"),
ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"),
ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"),
ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"),
ARGPARSE_s_s (oDefaultNewKeyAlgo, "default-new-key-algo", "@"),
@ -918,7 +911,9 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_n (oNoop, "no-force-mdc", "@"),
ARGPARSE_s_n (oNoop, "disable-mdc", "@"),
ARGPARSE_s_n (oNoop, "no-disable-mdc", "@"),
ARGPARSE_s_n (oNoop, "allow-multisig-verification", "@"),
ARGPARSE_s_n (oNoop, "allow-multiple-messages", "@"),
ARGPARSE_s_n (oNoop, "no-allow-multiple-messages", "@"),
ARGPARSE_end ()
};
@ -3578,15 +3573,6 @@ main (int argc, char **argv)
case oEnableDSA2: opt.flags.dsa2=1; break;
case oDisableDSA2: opt.flags.dsa2=0; break;
case oAllowMultisigVerification:
case oAllowMultipleMessages:
opt.flags.allow_multiple_messages=1;
break;
case oNoAllowMultipleMessages:
opt.flags.allow_multiple_messages=0;
break;
case oAllowWeakDigestAlgos:
opt.flags.allow_weak_digest_algos = 1;
break;

View File

@ -899,13 +899,10 @@ proc_plaintext( CTX c, PACKET *pkt )
{
log_info (_("WARNING: multiple plaintexts seen\n"));
if (!opt.flags.allow_multiple_messages)
{
write_status_text (STATUS_ERROR, "proc_pkt.plaintext 89_BAD_DATA");
log_inc_errorcount ();
rc = gpg_error (GPG_ERR_UNEXPECTED);
}
}
if (!rc)
{
@ -1871,14 +1868,12 @@ check_sig_and_print (CTX c, kbnode_t node)
goto ambiguous;
/* If we wanted to disallow multiple sig verification, we'd do
something like this:
if (n && !opt.allow_multisig_verification)
goto ambiguous;
However, now that we have --allow-multiple-messages, this
can stay allowable as we can't get here unless multiple
messages (i.e. multiple literals) are allowed. */
* something like this:
*
* if (n)
* goto ambiguous;
*
* However, this can stay allowable as we can't get here. */
if (n_onepass != n_sig)
{

View File

@ -244,7 +244,6 @@ struct
unsigned int use_embedded_filename:1;
unsigned int utf8_filename:1;
unsigned int dsa2:1;
unsigned int allow_multiple_messages:1;
unsigned int allow_weak_digest_algos:1;
unsigned int large_rsa:1;
unsigned int disable_signer_uid:1;

View File

@ -51,15 +51,11 @@
'(msg_ols_asc msg_cols_asc msg_sl_asc msg_oolss_asc msg_cls_asc msg_clss_asc))
(for-each-p
"Checking that a valid signature over multiple messages is verified as such"
"Checking that a valid signature over multiple messages is rejected"
(lambda (armored-file)
(pipe:do
(pipe:echo (eval armored-file (current-environment)))
(pipe:spawn `(,@GPG --verify --allow-multiple-messages)))
(catch '()
(pipe:do
(pipe:defer (lambda (sink)
(display armored-file (fdopen sink "w"))))
(pipe:echo (eval armored-file (current-environment)))
(pipe:spawn `(,@GPG --verify)))
(fail "verification succeeded but should not")))
'(msg_olsols_asc_multiple msg_clsclss_asc_multiple))