diff options
| author | David Shaw <[email protected]> | 2007-07-19 12:29:22 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2007-07-19 12:29:22 +0000 |
| commit | 14d6d2c90c42f43ec8976efb978f16bc63f4aa39 (patch) | |
| tree | 63018ac52d6325bc70167293306ef72408f6fddb | |
| parent | * configure.ac: It seems that AM_GNU_GETTEXT doesn't like being run (diff) | |
| download | gnupg-14d6d2c90c42f43ec8976efb978f16bc63f4aa39.tar.gz gnupg-14d6d2c90c42f43ec8976efb978f16bc63f4aa39.zip | |
* armor.c (parse_header_line): Improve test so that the header test
only allows "Hash" in the signed data section.
| -rw-r--r-- | g10/ChangeLog | 5 | ||||
| -rw-r--r-- | g10/armor.c | 36 |
2 files changed, 25 insertions, 16 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index b6f73f667..eecc2b454 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,8 @@ +2007-07-19 David Shaw <[email protected]> + + * armor.c (parse_header_line): Improve test so that the header + test only allows "Hash" in the signed data section. + 2007-07-18 David Shaw <[email protected]> * armor.c (is_armor_tag): New. Detect if an armor header matches diff --git a/g10/armor.c b/g10/armor.c index 5a6319e65..00139a132 100644 --- a/g10/armor.c +++ b/g10/armor.c @@ -436,28 +436,32 @@ parse_header_line( armor_filter_context_t *afx, byte *line, unsigned int len ) putc('\n', stderr); } - /* Section 6.2: OpenPGP should consider improperly formatted Armor - Headers to be corruption of the ASCII Armor. Unknown keys - should be reported to the user, but OpenPGP should continue to - process the message. */ - - if(!is_armor_tag(line)) + if( afx->in_cleartext ) + { + if( (hashes=parse_hash_header( line )) ) + afx->hashes |= hashes; + else if( strlen(line) > 15 && !memcmp( line, "NotDashEscaped:", 15 ) ) + afx->not_dash_escaped = 1; + else + { + log_error(_("invalid clearsig header\n")); + return -1; + } + } + else if(!is_armor_tag(line)) { + /* Section 6.2: "Unknown keys should be reported to the user, + but OpenPGP should continue to process the message." Note + that in a clearsigned message this applies to the signature + part (i.e. "BEGIN PGP SIGNATURE") and not the signed data + ("BEGIN PGP SIGNED MESSAGE"). The only key allowed in the + signed data section is "Hash". */ + log_info(_("unknown armor header: ")); print_string( stderr, line, len, 0 ); putc('\n', stderr); } - if( afx->in_cleartext ) { - if( (hashes=parse_hash_header( line )) ) - afx->hashes |= hashes; - else if( strlen(line) > 15 && !memcmp( line, "NotDashEscaped:", 15 ) ) - afx->not_dash_escaped = 1; - else { - log_error(_("invalid clearsig header\n")); - return -1; - } - } return 1; } |