[svn] gpgme - r1209 - in trunk: . doc gpgme tests tests/gpg
svn author wk
cvs at cvs.gnupg.org
Mon Feb 26 11:36:11 CET 2007
Author: wk
Date: 2007-02-26 11:36:08 +0100 (Mon, 26 Feb 2007)
New Revision: 1209
Modified:
trunk/
trunk/NEWS
trunk/doc/
trunk/gpgme/
trunk/gpgme/ChangeLog
trunk/gpgme/gpgme.h
trunk/gpgme/verify.c
trunk/tests/ChangeLog
trunk/tests/gpg/t-verify.c
Log:
Detect and bailo out on double plaintext messages.
Property changes on: trunk
___________________________________________________________________
Name: svn:ignore
- Makefile
Makefile.in
aclocal.m4
config.cache
config.h
config.h.in
config.log
config.status
configure
stamp-h
stamp-h.in
stamp-h1
libtool
+ Makefile
Makefile.in
aclocal.m4
config.cache
config.h
config.h.in
config.log
config.status
configure
stamp-h
stamp-h.in
stamp-h1
libtool
autom4te.cache
*.bz2
*.gz
Modified: trunk/NEWS
===================================================================
--- trunk/NEWS 2007-01-29 20:53:59 UTC (rev 1208)
+++ trunk/NEWS 2007-02-26 10:36:08 UTC (rev 1209)
@@ -1,3 +1,9 @@
+Noteworthy changes in version 1.1.4
+------------------------------------------------
+
+ * Detect and bail out on double plaintext messages.
+
+
Noteworthy changes in version 1.1.3 (2007-01-29)
------------------------------------------------
Property changes on: trunk/doc
___________________________________________________________________
Name: svn:ignore
- Makefile.in
Makefile
+ Makefile.in
Makefile
*.info
stamp-vti
version.texi
Property changes on: trunk/gpgme
___________________________________________________________________
Name: svn:ignore
- Makefile.in
Makefile
.deps
.libs
*.lo
*.la
errors.c
gpgme-config
status-table.h
+ Makefile.in
Makefile
.deps
.libs
*.lo
*.la
errors.c
gpgme-config
status-table.h
*.pdf
Modified: trunk/gpgme/ChangeLog
===================================================================
--- trunk/gpgme/ChangeLog 2007-01-29 20:53:59 UTC (rev 1208)
+++ trunk/gpgme/ChangeLog 2007-02-26 10:36:08 UTC (rev 1209)
@@ -1,3 +1,11 @@
+2007-02-26 Werner Koch <wk at g10code.com>
+
+ * verify.c (op_data_t): New element PLAINTEXT_SEEN.
+ (_gpgme_verify_status_handler): Return an error if more than one
+ plaintext has been seen.
+ (parse_error): New arg SET_STATUS. Also detect it based on an
+ ERROR status (gpg > 1.4.6).
+
2007-01-26 Werner Koch <wk at g10code.com>
* w32-io.c (build_commandline): Fixed stupid quoting bug.
Modified: trunk/gpgme/gpgme.h
===================================================================
--- trunk/gpgme/gpgme.h 2007-01-29 20:53:59 UTC (rev 1208)
+++ trunk/gpgme/gpgme.h 2007-02-26 10:36:08 UTC (rev 1209)
@@ -72,7 +72,7 @@
AM_PATH_GPGME macro) check that this header matches the installed
library. Warning: Do not edit the next line. configure will do
that for you! */
-#define GPGME_VERSION "1.1.3-cvs1202"
+#define GPGME_VERSION "1.1.3"
�
Modified: trunk/gpgme/verify.c
===================================================================
--- trunk/gpgme/verify.c 2007-01-29 20:53:59 UTC (rev 1208)
+++ trunk/gpgme/verify.c 2007-02-26 10:36:08 UTC (rev 1209)
@@ -40,6 +40,7 @@
gpgme_signature_t current_sig;
int did_prepare_new_sig;
int only_newsig_seen;
+ int plaintext_seen;
} *op_data_t;
@@ -549,8 +550,11 @@
}
+/* Parse an error status line and if SET_STATUS is true update the
+ result status as appropriate. With SET_STATUS being false, only
+ check for an error. */
static gpgme_error_t
-parse_error (gpgme_signature_t sig, char *args)
+parse_error (gpgme_signature_t sig, char *args, int set_status)
{
gpgme_error_t err;
char *where = strchr (args, ' ');
@@ -572,7 +576,16 @@
err = _gpgme_map_gnupg_error (which);
- if (!strcmp (where, "verify.findkey"))
+ if (!strcmp (where, "proc_pkt.plaintext")
+ && gpg_err_code (err) == GPG_ERR_BAD_DATA)
+ {
+ /* This indicates a double plaintext. The only solid way to
+ handle this is by failing the oepration. */
+ return gpg_error (GPG_ERR_BAD_DATA);
+ }
+ else if (!set_status)
+ ;
+ else if (!strcmp (where, "verify.findkey"))
sig->status = err;
else if (!strcmp (where, "verify.keyusage")
&& gpg_err_code (err) == GPG_ERR_WRONG_KEY_USAGE)
@@ -670,9 +683,9 @@
case GPGME_STATUS_ERROR:
opd->only_newsig_seen = 0;
- /* The error status is informational, so we don't return an
- error code if we are not ready to process this status. */
- return sig ? parse_error (sig, args) : 0;
+ /* Some error stati are informational, so we don't return an
+ error code if we are not ready to process this status. */
+ return parse_error (sig, args, !!sig );
case GPGME_STATUS_EOF:
if (sig && !opd->did_prepare_new_sig)
@@ -703,6 +716,8 @@
break;
case GPGME_STATUS_PLAINTEXT:
+ if (++opd->only_newsig_seen > 1)
+ return gpg_error (GPG_ERR_BAD_DATA);
err = _gpgme_parse_plaintext (args, &opd->result.file_name);
if (err)
return err;
@@ -816,8 +831,9 @@
successful verify operation in R_STAT (if non-null). The creation
time stamp of the signature is returned in R_CREATED (if non-null).
The function returns a string containing the fingerprint. */
-const char *gpgme_get_sig_status (gpgme_ctx_t ctx, int idx,
- _gpgme_sig_stat_t *r_stat, time_t *r_created)
+const char *
+gpgme_get_sig_status (gpgme_ctx_t ctx, int idx,
+ _gpgme_sig_stat_t *r_stat, time_t *r_created)
{
gpgme_verify_result_t result;
gpgme_signature_t sig;
@@ -876,8 +892,9 @@
number of the signature after a successful verify operation. WHAT
is an attribute where GPGME_ATTR_EXPIRE is probably the most useful
one. WHATIDX is to be passed as 0 for most attributes . */
-unsigned long gpgme_get_sig_ulong_attr (gpgme_ctx_t ctx, int idx,
- _gpgme_attr_t what, int whatidx)
+unsigned long
+gpgme_get_sig_ulong_attr (gpgme_ctx_t ctx, int idx,
+ _gpgme_attr_t what, int whatidx)
{
gpgme_verify_result_t result;
gpgme_signature_t sig;
@@ -939,8 +956,9 @@
}
-const char *gpgme_get_sig_string_attr (gpgme_ctx_t ctx, int idx,
- _gpgme_attr_t what, int whatidx)
+const char *
+gpgme_get_sig_string_attr (gpgme_ctx_t ctx, int idx,
+ _gpgme_attr_t what, int whatidx)
{
gpgme_verify_result_t result;
gpgme_signature_t sig;
Modified: trunk/tests/ChangeLog
===================================================================
--- trunk/tests/ChangeLog 2007-01-29 20:53:59 UTC (rev 1208)
+++ trunk/tests/ChangeLog 2007-02-26 10:36:08 UTC (rev 1209)
@@ -1,3 +1,8 @@
+2007-02-26 Werner Koch <wk at g10code.com>
+
+ * gpg/t-verify.c (double_plaintext_sig): New.
+ (main): Check it.
+
2006-12-02 Marcus Brinkmann <marcus at g10code.de>
* gpgsm/t-keylist.c (main): Skip unknown keys. Newer versions of
Modified: trunk/tests/gpg/t-verify.c
===================================================================
--- trunk/tests/gpg/t-verify.c 2007-01-29 20:53:59 UTC (rev 1208)
+++ trunk/tests/gpg/t-verify.c 2007-02-26 10:36:08 UTC (rev 1209)
@@ -76,7 +76,21 @@
"=Crq6\n"
"-----END PGP MESSAGE-----\n";
+/* A message with a prepended but unsigned plaintext packet. */
+static const char double_plaintext_sig[] =
+"-----BEGIN PGP MESSAGE-----\n"
+"\n"
+"rDRiCmZvb2Jhci50eHRF4pxNVGhpcyBpcyBteSBzbmVha3kgcGxhaW50ZXh0IG1l\n"
+"c3NhZ2UKowGbwMvMwCSoW1RzPCOz3IRxTWISa6JebnG666MFD1wzSzJSixQ81XMV\n"
+"UlITUxTyixRyKxXKE0uSMxQyEosVikvyCwpSU/S4FNCArq6Ce1F+aXJGvoJvYlGF\n"
+"erFCTmJxiUJ5flFKMVeHGwuDIBMDGysTyA4GLk4BmO036xgWzMgzt9V85jCtfDFn\n"
+"UqVooWlGXHwNw/xg/fVzt9VNbtjtJ/fhUqYo0/LyCGEA\n"
+"=6+AK\n"
+"-----END PGP MESSAGE-----\n";
+
+
+
static void
check_result (gpgme_verify_result_t result, unsigned int summary, char *fpr,
gpgme_error_t status, int notation)
@@ -235,8 +249,25 @@
check_result (result, 0, "A0FF4590BB6122EDEF6E3C542D727CC768697734",
GPG_ERR_NO_ERROR, 0);
+
+ /* Checking an invalid message. */
gpgme_data_release (sig);
gpgme_data_release (text);
+ err = gpgme_data_new_from_mem (&sig, double_plaintext_sig,
+ strlen (double_plaintext_sig), 0);
+ fail_if_err (err);
+ err = gpgme_data_new (&text);
+ fail_if_err (err);
+ err = gpgme_op_verify (ctx, sig, NULL, text);
+ if (gpg_err_code (err) != GPG_ERR_BAD_DATA)
+ {
+ fprintf (stderr, "%s:%i: Double plaintext message not detected\n",
+ __FILE__, __LINE__);
+ exit (1);
+ }
+
+ gpgme_data_release (sig);
+ gpgme_data_release (text);
gpgme_release (ctx);
return 0;
}
More information about the Gnupg-commits
mailing list