pkg/43248: security/netpgp doesn't support signing files armored and detached at a time

[xtraeme%gmail.com@localhost]

>Number:         43248
>Category:       pkg
>Synopsis:       security/netpgp doesn't support signing files armored and 
>detached at a time
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          support
>Submitter-Id:   net
>Arrival-Date:   Tue May 04 11:40:00 +0000 2010
>Originator:     Juan RP
>Release:        NULL
>Organization:
>Environment:
>Description:
As the one line summary mentions libnetpgp doesn't support signing
files when you need them to be armored and detached.

The following code from src/lib/netpgp.c::netpgp_sign_file() obviously
demonstrates this:

        if (detached) {
                ret = __ops_sign_detached(io, f, out, seckey, hashalg,
                                get_birthtime(netpgp_getvar(netpgp, 
"birthtime")),
                                get_duration(netpgp_getvar(netpgp, 
"duration")));
        } else {
                ret = __ops_sign_file(io, f, out, seckey, hashalg,
                                get_birthtime(netpgp_getvar(netpgp, 
"birthtime")),
                                get_duration(netpgp_getvar(netpgp, "duration")),
                                (unsigned)armored, (unsigned)cleartext,
                                overwrite);
        }

The "armored" value is only used in the !detached case.
>How-To-Repeat:
$ netpgp --sign --armor --detach --userid=XXXX <myfile>

That will result in a SIGSEGV and the signature file will be always created 
"detached" but not "armored".

If you don't mix --armour and --detach all will be ok.

>Fix: