Lines 680-686
Link Here
|
680 |
for( data++, datalen--; datalen; datalen--, data++ ) |
680 |
for( data++, datalen--; datalen; datalen--, data++ ) |
681 |
md_enable( c->mfx.md, *data ); |
681 |
md_enable( c->mfx.md, *data ); |
682 |
any = 1; |
682 |
any = 1; |
683 |
break; /* no pass signature packets are expected */ |
683 |
break; /* Stop here as one-pass signature packets are not |
|
|
684 |
expected. */ |
684 |
} |
685 |
} |
685 |
else if(n->pkt->pkttype==PKT_SIGNATURE) |
686 |
else if(n->pkt->pkttype==PKT_SIGNATURE) |
686 |
{ |
687 |
{ |
Lines 1164-1170
Link Here
|
1164 |
|
1165 |
|
1165 |
/* If we have not encountered any signature we print an error |
1166 |
/* If we have not encountered any signature we print an error |
1166 |
messages, send a NODATA status back and return an error code. |
1167 |
messages, send a NODATA status back and return an error code. |
1167 |
Using log_error is required becuase verify_files does not check |
1168 |
Using log_error is required because verify_files does not check |
1168 |
error codes for each file but we want to terminate the process |
1169 |
error codes for each file but we want to terminate the process |
1169 |
with an error. */ |
1170 |
with an error. */ |
1170 |
if (!rc && !c->any_sig_seen) |
1171 |
if (!rc && !c->any_sig_seen) |
Lines 1444-1482
Link Here
|
1444 |
*/ |
1445 |
*/ |
1445 |
{ |
1446 |
{ |
1446 |
KBNODE n; |
1447 |
KBNODE n; |
1447 |
int n_sig=0; |
1448 |
int n_sig = 0; |
|
|
1449 |
int n_plaintext = 0; |
1450 |
int sig_seen, onepass_seen; |
1448 |
|
1451 |
|
1449 |
for (n=c->list; n; n=n->next ) { |
1452 |
for (n=c->list; n; n=n->next ) |
|
|
1453 |
{ |
1450 |
if ( n->pkt->pkttype == PKT_SIGNATURE ) |
1454 |
if ( n->pkt->pkttype == PKT_SIGNATURE ) |
1451 |
n_sig++; |
1455 |
n_sig++; |
1452 |
} |
1456 |
else if (n->pkt->pkttype == PKT_GPG_CONTROL |
1453 |
if (n_sig > 1) { /* more than one signature - check sequence */ |
1457 |
&& (n->pkt->pkt.gpg_control->control |
1454 |
int tmp, onepass; |
1458 |
== CTRLPKT_PLAINTEXT_MARK) ) |
1455 |
|
1459 |
n_plaintext++; |
1456 |
for (tmp=onepass=0,n=c->list; n; n=n->next ) { |
1460 |
} |
1457 |
if (n->pkt->pkttype == PKT_ONEPASS_SIG) |
1461 |
|
1458 |
onepass++; |
1462 |
for (sig_seen=onepass_seen=0,n=c->list; n; n=n->next ) |
1459 |
else if (n->pkt->pkttype == PKT_GPG_CONTROL |
1463 |
{ |
1460 |
&& n->pkt->pkt.gpg_control->control |
1464 |
if (n->pkt->pkttype == PKT_ONEPASS_SIG) |
1461 |
== CTRLPKT_CLEARSIGN_START ) { |
1465 |
{ |
1462 |
onepass++; /* handle the same way as a onepass */ |
1466 |
onepass_seen++; |
1463 |
} |
1467 |
} |
1464 |
else if ( (tmp && n->pkt->pkttype != PKT_SIGNATURE) ) { |
1468 |
else if (n->pkt->pkttype == PKT_GPG_CONTROL |
1465 |
log_error(_("can't handle these multiple signatures\n")); |
1469 |
&& (n->pkt->pkt.gpg_control->control |
1466 |
return 0; |
1470 |
== CTRLPKT_CLEARSIGN_START) ) |
1467 |
} |
1471 |
{ |
1468 |
else if ( n->pkt->pkttype == PKT_SIGNATURE ) |
1472 |
onepass_seen++; /* Handle the same way as a onepass. */ |
1469 |
tmp = 1; |
1473 |
} |
1470 |
else if (!tmp && !onepass |
1474 |
else if ( (sig_seen && n->pkt->pkttype != PKT_SIGNATURE) ) |
1471 |
&& n->pkt->pkttype == PKT_GPG_CONTROL |
1475 |
{ |
1472 |
&& n->pkt->pkt.gpg_control->control |
1476 |
log_error(_("can't handle these multiple signatures\n")); |
1473 |
== CTRLPKT_PLAINTEXT_MARK ) { |
1477 |
return 0; |
1474 |
/* plaintext before signatures but no one-pass packets*/ |
1478 |
} |
1475 |
log_error(_("can't handle these multiple signatures\n")); |
1479 |
else if ( n->pkt->pkttype == PKT_SIGNATURE ) |
1476 |
return 0; |
1480 |
{ |
1477 |
} |
1481 |
sig_seen = 1; |
1478 |
} |
1482 |
} |
1479 |
} |
1483 |
else if (n_sig > 1 && !sig_seen && !onepass_seen |
|
|
1484 |
&& n->pkt->pkttype == PKT_GPG_CONTROL |
1485 |
&& (n->pkt->pkt.gpg_control->control |
1486 |
== CTRLPKT_PLAINTEXT_MARK) ) |
1487 |
{ |
1488 |
/* Plaintext before signatures but no onepass |
1489 |
signature packets. */ |
1490 |
log_error(_("can't handle these multiple signatures\n")); |
1491 |
return 0; |
1492 |
} |
1493 |
else if (n_plaintext > 1 && !sig_seen && !onepass_seen |
1494 |
&& n->pkt->pkttype == PKT_GPG_CONTROL |
1495 |
&& (n->pkt->pkt.gpg_control->control |
1496 |
== CTRLPKT_PLAINTEXT_MARK) ) |
1497 |
{ |
1498 |
/* More than one plaintext before a signature but no |
1499 |
onepass packets. */ |
1500 |
log_error(_("can't handle this ambiguous signed data\n")); |
1501 |
return 0; |
1502 |
} |
1503 |
} |
1480 |
} |
1504 |
} |
1481 |
|
1505 |
|
1482 |
astr = pubkey_algo_to_string( sig->pubkey_algo ); |
1506 |
astr = pubkey_algo_to_string( sig->pubkey_algo ); |