|
Lines 680-686
Link Here
|
| 680 |
for( data++, datalen--; datalen; datalen--, data++ ) |
680 |
for( data++, datalen--; datalen; datalen--, data++ ) |
| 681 |
md_enable( c->mfx.md, *data ); |
681 |
md_enable( c->mfx.md, *data ); |
| 682 |
any = 1; |
682 |
any = 1; |
| 683 |
break; /* no pass signature packets are expected */ |
683 |
break; /* Stop here as one-pass signature packets are not |
|
|
684 |
expected. */ |
| 684 |
} |
685 |
} |
| 685 |
else if(n->pkt->pkttype==PKT_SIGNATURE) |
686 |
else if(n->pkt->pkttype==PKT_SIGNATURE) |
| 686 |
{ |
687 |
{ |
|
Lines 1164-1170
Link Here
|
| 1164 |
|
1165 |
|
| 1165 |
/* If we have not encountered any signature we print an error |
1166 |
/* If we have not encountered any signature we print an error |
| 1166 |
messages, send a NODATA status back and return an error code. |
1167 |
messages, send a NODATA status back and return an error code. |
| 1167 |
Using log_error is required becuase verify_files does not check |
1168 |
Using log_error is required because verify_files does not check |
| 1168 |
error codes for each file but we want to terminate the process |
1169 |
error codes for each file but we want to terminate the process |
| 1169 |
with an error. */ |
1170 |
with an error. */ |
| 1170 |
if (!rc && !c->any_sig_seen) |
1171 |
if (!rc && !c->any_sig_seen) |
|
Lines 1444-1482
Link Here
|
| 1444 |
*/ |
1445 |
*/ |
| 1445 |
{ |
1446 |
{ |
| 1446 |
KBNODE n; |
1447 |
KBNODE n; |
| 1447 |
int n_sig=0; |
1448 |
int n_sig = 0; |
|
|
1449 |
int n_plaintext = 0; |
| 1450 |
int sig_seen, onepass_seen; |
| 1448 |
|
1451 |
|
| 1449 |
for (n=c->list; n; n=n->next ) { |
1452 |
for (n=c->list; n; n=n->next ) |
|
|
1453 |
{ |
| 1450 |
if ( n->pkt->pkttype == PKT_SIGNATURE ) |
1454 |
if ( n->pkt->pkttype == PKT_SIGNATURE ) |
| 1451 |
n_sig++; |
1455 |
n_sig++; |
| 1452 |
} |
1456 |
else if (n->pkt->pkttype == PKT_GPG_CONTROL |
| 1453 |
if (n_sig > 1) { /* more than one signature - check sequence */ |
1457 |
&& (n->pkt->pkt.gpg_control->control |
| 1454 |
int tmp, onepass; |
1458 |
== CTRLPKT_PLAINTEXT_MARK) ) |
| 1455 |
|
1459 |
n_plaintext++; |
| 1456 |
for (tmp=onepass=0,n=c->list; n; n=n->next ) { |
1460 |
} |
| 1457 |
if (n->pkt->pkttype == PKT_ONEPASS_SIG) |
1461 |
|
| 1458 |
onepass++; |
1462 |
for (sig_seen=onepass_seen=0,n=c->list; n; n=n->next ) |
| 1459 |
else if (n->pkt->pkttype == PKT_GPG_CONTROL |
1463 |
{ |
| 1460 |
&& n->pkt->pkt.gpg_control->control |
1464 |
if (n->pkt->pkttype == PKT_ONEPASS_SIG) |
| 1461 |
== CTRLPKT_CLEARSIGN_START ) { |
1465 |
{ |
| 1462 |
onepass++; /* handle the same way as a onepass */ |
1466 |
onepass_seen++; |
| 1463 |
} |
1467 |
} |
| 1464 |
else if ( (tmp && n->pkt->pkttype != PKT_SIGNATURE) ) { |
1468 |
else if (n->pkt->pkttype == PKT_GPG_CONTROL |
| 1465 |
log_error(_("can't handle these multiple signatures\n")); |
1469 |
&& (n->pkt->pkt.gpg_control->control |
| 1466 |
return 0; |
1470 |
== CTRLPKT_CLEARSIGN_START) ) |
| 1467 |
} |
1471 |
{ |
| 1468 |
else if ( n->pkt->pkttype == PKT_SIGNATURE ) |
1472 |
onepass_seen++; /* Handle the same way as a onepass. */ |
| 1469 |
tmp = 1; |
1473 |
} |
| 1470 |
else if (!tmp && !onepass |
1474 |
else if ( (sig_seen && n->pkt->pkttype != PKT_SIGNATURE) ) |
| 1471 |
&& n->pkt->pkttype == PKT_GPG_CONTROL |
1475 |
{ |
| 1472 |
&& n->pkt->pkt.gpg_control->control |
1476 |
log_error(_("can't handle these multiple signatures\n")); |
| 1473 |
== CTRLPKT_PLAINTEXT_MARK ) { |
1477 |
return 0; |
| 1474 |
/* plaintext before signatures but no one-pass packets*/ |
1478 |
} |
| 1475 |
log_error(_("can't handle these multiple signatures\n")); |
1479 |
else if ( n->pkt->pkttype == PKT_SIGNATURE ) |
| 1476 |
return 0; |
1480 |
{ |
| 1477 |
} |
1481 |
sig_seen = 1; |
| 1478 |
} |
1482 |
} |
| 1479 |
} |
1483 |
else if (n_sig > 1 && !sig_seen && !onepass_seen |
|
|
1484 |
&& n->pkt->pkttype == PKT_GPG_CONTROL |
| 1485 |
&& (n->pkt->pkt.gpg_control->control |
| 1486 |
== CTRLPKT_PLAINTEXT_MARK) ) |
| 1487 |
{ |
| 1488 |
/* Plaintext before signatures but no onepass |
| 1489 |
signature packets. */ |
| 1490 |
log_error(_("can't handle these multiple signatures\n")); |
| 1491 |
return 0; |
| 1492 |
} |
| 1493 |
else if (n_plaintext > 1 && !sig_seen && !onepass_seen |
| 1494 |
&& n->pkt->pkttype == PKT_GPG_CONTROL |
| 1495 |
&& (n->pkt->pkt.gpg_control->control |
| 1496 |
== CTRLPKT_PLAINTEXT_MARK) ) |
| 1497 |
{ |
| 1498 |
/* More than one plaintext before a signature but no |
| 1499 |
onepass packets. */ |
| 1500 |
log_error(_("can't handle this ambiguous signed data\n")); |
| 1501 |
return 0; |
| 1502 |
} |
| 1503 |
} |
| 1480 |
} |
1504 |
} |
| 1481 |
|
1505 |
|
| 1482 |
astr = pubkey_algo_to_string( sig->pubkey_algo ); |
1506 |
astr = pubkey_algo_to_string( sig->pubkey_algo ); |
