Funky little bug
Jason Gunthorpe
jgg at gpu.srv.ualberta.ca
Mon Sep 20 15:24:19 CEST 1999
On Mon, 20 Sep 1999, Werner Koch wrote:
> Okay, here is what you need:
>
>
> $ ls *.dsc | gpg --verify-files
>
> or
>
> $ gpg --verify-files *.dsc
Hm, just reading the diff, you don't output the current filename on the
status FD? That would make it hard to syncronize with GPG. With this sort
of system I would evision GPG being run as a sub process with stdin
directed to a file list and possibly stdout + status-fd directed to
another program.
For maximum utility what I would do is monitor the status-fd fo file
changes and syncronize each new file I send with the completion of an old
file. If you are carefull to only send a file start/file done marker when
the entire signature has been processed and the verified plain text
written and flushed to stdout then fully batch processing would be
possible. I would envision something like this:
1) write foo.dsc to gpg stdin
2) Monitor status-fd and stdout, buffer stdout, parse status-fd
When status-fd inidicates the file is done, do a final read on stdout and
then declare the buffer as the signature that was checked
Repeat
You cannot pipeline the filenames like this, but you can access the
verified plain text if need be. [Ideally GPG would write a FILE START
<SIZE> <NAME> string to the status-fd, but I don't think GPG knows the
text size in advance?]
The other way I would see using this is to simply extract the signing key
fingerprints and match them to filenames in which case a start marker is
sufficient.
Thanks,
Jason
More information about the Gnupg-devel
mailing list