1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00
Werner Koch a5ca45e616 gpg: Make the use of "--verify FILE" for detached sigs harder.
* g10/openfile.c (open_sigfile): Factor some code out to ...
(get_matching_datafile): new function.
* g10/plaintext.c (hash_datafiles): Do not try to find matching file
in batch mode.
* g10/mainproc.c (check_sig_and_print): Print a warning if a possibly
matching data file is not used by a standard signatures.
--

Allowing to use the abbreviated form for detached signatures is a long
standing bug which has only been noticed by the public with the
release of 2.1.0.  :-(

What we do is to remove the ability to check detached signature in
--batch using the one file abbreviated mode.  This should exhibit
problems in scripts which use this insecure practice.  We also print a
warning if a matching data file exists but was not considered because
the detached signature was actually a standard signature:

  gpgv: Good signature from "Werner Koch (dist sig)"
  gpgv: WARNING: not a detached signature; \
  file 'gnupg-2.1.0.tar.bz2' was NOT verified!

We can only print a warning because it is possible that a standard
signature is indeed to be verified but by coincidence a file with a
matching name is stored alongside the standard signature.

Reported-by: Simon Nicolussi (to gnupg-users on Nov 7)
Signed-off-by: Werner Koch <wk@gnupg.org>

(backported from commit 69384568f66a48eff3968bb1714aa13925580e9f)
2014-11-14 09:36:19 +01:00
..
2009-12-21 16:19:09 +00:00
2009-09-03 11:29:25 +00:00
2007-07-04 19:49:40 +00:00
2007-07-04 19:49:40 +00:00
2007-07-04 19:49:40 +00:00
2007-07-04 19:49:40 +00:00
2009-12-21 16:19:09 +00:00
2007-07-04 19:49:40 +00:00
2009-09-03 20:51:55 +00:00
2007-07-04 19:49:40 +00:00
2007-07-04 19:49:40 +00:00
2009-06-05 14:11:03 +00:00
2008-12-12 12:01:20 +00:00
2008-12-12 08:54:50 +00:00
2009-06-05 14:11:03 +00:00
2009-05-26 09:29:02 +00:00