pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/security/netpgpverify/files
Module Name: pkgsrc
Committed By: agc
Date: Thu Jun 30 21:20:00 UTC 2016
Modified Files:
pkgsrc/security/netpgpverify/files: Makefile.bsd Makefile.in pgpsum.c
verify.h
Added Files:
pkgsrc/security/netpgpverify/files: dash-escaped-text
dash-escaped-text.asc
Log Message:
Update netpgpverify and libnetpgpverify to 20160625
+ Perform digest on correctly dash-escaped text, per RFC 4880.
Problem pointed out by Dimitri John Ledkov, fixed in a different way
(in case the last line is itself dash-escaped).
+ add test case
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/security/netpgpverify/files/Makefile.bsd
cvs rdiff -u -r1.7 -r1.8 pkgsrc/security/netpgpverify/files/Makefile.in
cvs rdiff -u -r0 -r1.1 pkgsrc/security/netpgpverify/files/dash-escaped-text \
pkgsrc/security/netpgpverify/files/dash-escaped-text.asc
cvs rdiff -u -r1.3 -r1.4 pkgsrc/security/netpgpverify/files/pgpsum.c
cvs rdiff -u -r1.27 -r1.28 pkgsrc/security/netpgpverify/files/verify.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/security/netpgpverify/files/Makefile.bsd
diff -u pkgsrc/security/netpgpverify/files/Makefile.bsd:1.11 pkgsrc/security/netpgpverify/files/Makefile.bsd:1.12
--- pkgsrc/security/netpgpverify/files/Makefile.bsd:1.11 Thu Jun 30 21:10:59 2016
+++ pkgsrc/security/netpgpverify/files/Makefile.bsd Thu Jun 30 21:19:59 2016
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.bsd,v 1.11 2016/06/30 21:10:59 agc Exp $
+# $NetBSD: Makefile.bsd,v 1.12 2016/06/30 21:19:59 agc Exp $
PROG=netpgpverify
@@ -47,3 +47,5 @@ tst:
./${PROG} -k pubring.gpg version.asc
@echo "testing signatures with no version"
./${PROG} -k pubring.gpg noversion.asc
+ @echo "testing dash-escaped text"
+ ./${PROG} -k pubring.gpg dash-escaped-text.asc
Index: pkgsrc/security/netpgpverify/files/Makefile.in
diff -u pkgsrc/security/netpgpverify/files/Makefile.in:1.7 pkgsrc/security/netpgpverify/files/Makefile.in:1.8
--- pkgsrc/security/netpgpverify/files/Makefile.in:1.7 Thu Jun 30 21:10:59 2016
+++ pkgsrc/security/netpgpverify/files/Makefile.in Thu Jun 30 21:19:59 2016
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.in,v 1.7 2016/06/30 21:10:59 agc Exp $
+# $NetBSD: Makefile.in,v 1.8 2016/06/30 21:19:59 agc Exp $
PROG=netpgpverify
@@ -47,6 +47,8 @@ tst:
./${PROG} -k pubring.gpg version.asc
@echo "testing signatures with no version"
./${PROG} -k pubring.gpg noversion.asc
+ @echo "testing dash-escaped text"
+ ./${PROG} -k pubring.gpg dash-escaped-text.asc
clean:
rm -rf *.core ${OBJS} ${PROG}
Index: pkgsrc/security/netpgpverify/files/pgpsum.c
diff -u pkgsrc/security/netpgpverify/files/pgpsum.c:1.3 pkgsrc/security/netpgpverify/files/pgpsum.c:1.4
--- pkgsrc/security/netpgpverify/files/pgpsum.c:1.3 Sun Sep 6 20:21:20 2015
+++ pkgsrc/security/netpgpverify/files/pgpsum.c Thu Jun 30 21:19:59 2016
@@ -44,6 +44,18 @@
#undef swap16
#undef swap32
+/* ignore any dash-escape at the start of a line */
+static void
+dash_escaped_update(digest_t *hash, uint8_t *in, size_t insize)
+{
+ if (insize >= 2 && memcmp(in, "- ", 2) == 0) {
+ in += 2;
+ insize -= 2;
+ }
+ digest_update(hash, in, insize);
+
+}
+
/* add the ascii armor line endings (except for last line) */
static size_t
don_armor(digest_t *hash, uint8_t *in, size_t insize, int doarmor)
@@ -61,10 +73,10 @@ don_armor(digest_t *hash, uint8_t *in, s
break;
}
}
- digest_update(hash, from, (size_t)(newp - from));
+ dash_escaped_update(hash, from, (size_t)(newp - from));
digest_update(hash, dos_line_end, sizeof(dos_line_end));
}
- digest_update(hash, from, insize - (size_t)(from - in));
+ dash_escaped_update(hash, from, insize - (size_t)(from - in));
return 1;
}
Index: pkgsrc/security/netpgpverify/files/verify.h
diff -u pkgsrc/security/netpgpverify/files/verify.h:1.27 pkgsrc/security/netpgpverify/files/verify.h:1.28
--- pkgsrc/security/netpgpverify/files/verify.h:1.27 Thu Jun 30 21:10:59 2016
+++ pkgsrc/security/netpgpverify/files/verify.h Thu Jun 30 21:19:59 2016
@@ -23,9 +23,9 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef NETPGP_VERIFY_H_
-#define NETPGP_VERIFY_H_ 20160624
+#define NETPGP_VERIFY_H_ 20160625
-#define NETPGPVERIFY_VERSION "netpgpverify portable 20160624"
+#define NETPGPVERIFY_VERSION "netpgpverify portable 20160625"
#include <sys/types.h>
Added files:
Index: pkgsrc/security/netpgpverify/files/dash-escaped-text
diff -u /dev/null pkgsrc/security/netpgpverify/files/dash-escaped-text:1.1
--- /dev/null Thu Jun 30 21:20:00 2016
+++ pkgsrc/security/netpgpverify/files/dash-escaped-text Thu Jun 30 21:19:59 2016
@@ -0,0 +1,7 @@
+From sea to shining sea
+Dash escape me harder
+- at least once
+-- no, twice
+-well, curses, folied again
+-------
+-if it wasn't for you pesky kids, I'd have got away with it
Index: pkgsrc/security/netpgpverify/files/dash-escaped-text.asc
diff -u /dev/null pkgsrc/security/netpgpverify/files/dash-escaped-text.asc:1.1
--- /dev/null Thu Jun 30 21:20:00 2016
+++ pkgsrc/security/netpgpverify/files/dash-escaped-text.asc Thu Jun 30 21:19:59 2016
@@ -0,0 +1,21 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+- From sea to shining sea
+Dash escape me harder
+- - at least once
+- -- no, twice
+- -well, curses, folied again
+- -------
+- -if it wasn't for you pesky kids, I'd have got away with it
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1
+
+iQEcBAEBAgAGBQJXbXhIAAoJEBto3PzAWWgjuCUH/0kGBjK2RshejxKf+87xZNV9
+zSqoc17n5ViXDbVM5v7P6zAdjYVVaaZc6U+8DMJhbPbvbUTsEiFlp3Kh9BiBz5A5
+BtqXJmkyF2C5y/HTf9vPgbw8UAiqnNFYwlpWvrlxopAv31x7UIDNGJ9/oAKw0dqM
+XujJub4lRBX+V2RlFWage/fAmuslq3lz7QJpLM5EpePNGQVXM1c9x+jhvgSXucHU
+2UVcsUb8Y2nCXRoJKcIK4iGoIoqnoFk1WAa+/S593h2Iz+zzPqvVlPU1tyA27v/s
+lgQ3DakeOeiae33gqK3iXqDNXady1te7hYGyhWT4G5Kuz+8tMMQXWAg4e+olEtk=
+=n0R+
+-----END PGP SIGNATURE-----
Home |
Main Index |
Thread Index |
Old Index