Module Name: src Committed By: agc Date: Fri May 7 16:20:08 UTC 2010
Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: validate.c Log Message: Overhaul the mechanism used to decide what is a detached signature, and a detached armoured signature, as well as just a plain standard signed file. This is in response to PR 43245 from Juan RP, and addresses the verification of detached armoured signatures, but in a different way to the patch provided in the PR which is hopefully more generic, and less reliant upon size of detached signature files. To generate a diff of this commit: cvs rdiff -u -r1.32 -r1.33 \ src/crypto/external/bsd/netpgp/dist/src/lib/validate.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/lib/validate.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/validate.c:1.32 src/crypto/external/bsd/netpgp/dist/src/lib/validate.c:1.33 --- src/crypto/external/bsd/netpgp/dist/src/lib/validate.c:1.32 Wed Apr 14 00:19:22 2010 +++ src/crypto/external/bsd/netpgp/dist/src/lib/validate.c Fri May 7 16:20:07 2010 @@ -54,7 +54,7 @@ #if defined(__NetBSD__) __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: validate.c,v 1.32 2010/04/14 00:19:22 agc Exp $"); +__RCSID("$NetBSD: validate.c,v 1.33 2010/05/07 16:20:07 agc Exp $"); #endif #include <sys/types.h> @@ -793,47 +793,58 @@ validate_data_cb_t validation; __ops_stream_t *parse = NULL; struct stat st; + const char *signame; const int printerrors = 1; unsigned ret; - int64_t sigsize; - char origfile[MAXPATHLEN]; - char *detachname; + char f[MAXPATHLEN]; + char *dataname; int realarmour; int outfd = 0; int infd; int cc; -#define SIG_OVERHEAD 284 /* XXX - depends on sig size? */ - - realarmour = user_says_armoured; if (stat(infile, &st) < 0) { - (void) fprintf(io->errs, "can't validate \"%s\"\n", infile); + (void) fprintf(io->errs, "__ops_validate_file: can't open '%s'\n", infile); return 0; } - sigsize = st.st_size; - detachname = NULL; - cc = snprintf(origfile, sizeof(origfile), "%s", infile); - if (strcmp(&origfile[cc - 4], ".sig") == 0) { - origfile[cc - 4] = 0x0; - if (stat(origfile, &st) == 0 && - st.st_size > sigsize - SIG_OVERHEAD) { - detachname = netpgp_strdup(origfile); + realarmour = user_says_armoured; + dataname = NULL; + signame = NULL; + cc = snprintf(f, sizeof(f), "%s", infile); + if (strcmp(&f[cc - 4], ".sig") == 0 || strcmp(&f[cc - 4], ".asc") == 0) { + /* we've been given a sigfile as infile */ + f[cc - 4] = 0x0; + /* set dataname to name of file which was signed */ + dataname = f; + signame = infile; + } else { + cc = snprintf(f, sizeof(f), "%s.sig", infile); + if (stat(f, &st) == 0) { + /* been given f and f.sig exists */ + dataname = __UNCONST(infile); + signame = f; + } else { + cc = snprintf(f, sizeof(f), "%s.asc", infile); + if (stat(f, &st) == 0) { + /* been given f and f.asc exists */ + dataname = __UNCONST(infile); + signame = f; + realarmour = 1; + } else { + signame = infile; + } } } - if (strcmp(&origfile[cc - 4], ".asc") == 0) { - realarmour = 1; - } - (void) memset(&validation, 0x0, sizeof(validation)); - - infd = __ops_setup_file_read(io, &parse, infile, &validation, + infd = __ops_setup_file_read(io, &parse, signame, &validation, validate_data_cb, 1); if (infd < 0) { - free(detachname); return 0; } - validation.detachname = detachname; + if (dataname) { + validation.detachname = netpgp_strdup(dataname); + } /* Set verification reader and handling options */ validation.result = result;