CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib

[Alistair G. Crooks]

Module Name:    src
Committed By:   agc
Date:           Fri May  7 16:20:08 UTC 2010

Modified Files:
        src/crypto/external/bsd/netpgp/dist/src/lib: validate.c

Log Message:
Overhaul the mechanism used to decide what is a detached signature, and
a detached armoured signature, as well as just a plain standard signed
file.

This is in response to PR 43245 from Juan RP, and addresses the
verification of detached armoured signatures, but in a different way
to the patch provided in the PR which is hopefully more generic, and
less reliant upon size of detached signature files.


To generate a diff of this commit:
cvs rdiff -u -r1.32 -r1.33 \
    src/crypto/external/bsd/netpgp/dist/src/lib/validate.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/crypto/external/bsd/netpgp/dist/src/lib/validate.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/validate.c:1.32 src/crypto/external/bsd/netpgp/dist/src/lib/validate.c:1.33
--- src/crypto/external/bsd/netpgp/dist/src/lib/validate.c:1.32	Wed Apr 14 00:19:22 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/validate.c	Fri May  7 16:20:07 2010
@@ -54,7 +54,7 @@
 
 #if defined(__NetBSD__)
 __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: validate.c,v 1.32 2010/04/14 00:19:22 agc Exp $");
+__RCSID("$NetBSD: validate.c,v 1.33 2010/05/07 16:20:07 agc Exp $");
 #endif
 
 #include <sys/types.h>
@@ -793,47 +793,58 @@
 	validate_data_cb_t	 validation;
 	__ops_stream_t		*parse = NULL;
 	struct stat		 st;
+	const char		*signame;
 	const int		 printerrors = 1;
 	unsigned		 ret;
-	int64_t		 	 sigsize;
-	char			 origfile[MAXPATHLEN];
-	char			*detachname;
+	char			 f[MAXPATHLEN];
+	char			*dataname;
 	int			 realarmour;
 	int			 outfd = 0;
 	int			 infd;
 	int			 cc;
 
-#define SIG_OVERHEAD	284 /* XXX - depends on sig size? */
-
-	realarmour = user_says_armoured;
 	if (stat(infile, &st) < 0) {
-		(void) fprintf(io->errs, "can't validate \"%s\"\n", infile);
+		(void) fprintf(io->errs, "__ops_validate_file: can't open '%s'\n", infile);
 		return 0;
 	}
-	sigsize = st.st_size;
-	detachname = NULL;
-	cc = snprintf(origfile, sizeof(origfile), "%s", infile);
-	if (strcmp(&origfile[cc - 4], ".sig") == 0) {
-		origfile[cc - 4] = 0x0;
-		if (stat(origfile, &st) == 0 &&
-		    st.st_size > sigsize - SIG_OVERHEAD) {
-			detachname = netpgp_strdup(origfile);
+	realarmour = user_says_armoured;
+	dataname = NULL;
+	signame = NULL;
+	cc = snprintf(f, sizeof(f), "%s", infile);
+	if (strcmp(&f[cc - 4], ".sig") == 0 || strcmp(&f[cc - 4], ".asc") == 0) {
+		/* we've been given a sigfile as infile */
+		f[cc - 4] = 0x0;
+		/* set dataname to name of file which was signed */
+		dataname = f;
+		signame = infile;
+	} else {
+		cc = snprintf(f, sizeof(f), "%s.sig", infile);
+		if (stat(f, &st) == 0) {
+			/* been given f and f.sig exists */
+			dataname = __UNCONST(infile);
+			signame = f;
+		} else {
+			cc = snprintf(f, sizeof(f), "%s.asc", infile);
+			if (stat(f, &st) == 0) {
+				/* been given f and f.asc exists */
+				dataname = __UNCONST(infile);
+				signame = f;
+				realarmour = 1;
+			} else {
+				signame = infile;
+			}
 		}
 	}
-	if (strcmp(&origfile[cc - 4], ".asc") == 0) {
-		realarmour = 1;
-	}
-
 	(void) memset(&validation, 0x0, sizeof(validation));
-
-	infd = __ops_setup_file_read(io, &parse, infile, &validation,
+	infd = __ops_setup_file_read(io, &parse, signame, &validation,
 				validate_data_cb, 1);
 	if (infd < 0) {
-		free(detachname);
 		return 0;
 	}
 
-	validation.detachname = detachname;
+	if (dataname) {
+		validation.detachname = netpgp_strdup(dataname);
+	}
 
 	/* Set verification reader and handling options */
 	validation.result = result;