This is an automated email from the git hooks/post-receive script. guillem pushed a commit to branch main in repository dpkg.
View the commit online: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=49cb5a0e0afcfc4e5839491084e21ad51bd3b0a9 commit 49cb5a0e0afcfc4e5839491084e21ad51bd3b0a9 Author: Guillem Jover <[email protected]> AuthorDate: Wed Nov 9 22:52:23 2022 +0100 Dpkg::OpenPGP: Change inline_verify to take an output file When doing inline-verify, ideally we should let the OpenPGP implementation verify the inlinesigned data and output the verified data with the ASCII Armor and any heading or trailing junk stripped. We are currently not doing that, as we cannot assume we might have an OpenPGP implementation around when we need to parse deb822 data, so for now we will just pass undef as the output filename, but in the future we might rearchitect the code to make use of this. At least this way the implementation can be used properly by potential future users, once and if the module becomes public, instead of providing an insecure API. Requested-by: Daniel Kahn Gillmor <[email protected]> --- scripts/Dpkg/OpenPGP.pm | 11 ++++++----- scripts/Dpkg/Source/Package.pm | 2 +- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/scripts/Dpkg/OpenPGP.pm b/scripts/Dpkg/OpenPGP.pm index 051affd68..8a956eced 100644 --- a/scripts/Dpkg/OpenPGP.pm +++ b/scripts/Dpkg/OpenPGP.pm @@ -189,7 +189,7 @@ sub _gpg_options_weak_digests { } sub _gpg_verify { - my ($self, $data, $sig, @certs) = @_; + my ($self, $signeddata, $sig, $data, @certs) = @_; return OPENPGP_MISSING_CMD unless $self->{has_cmd}{gpgv}; @@ -208,8 +208,9 @@ sub _gpg_verify { } push @exec, '--keyring', $certring; } + push @exec, '--output', $data if defined $data; push @exec, $sig if defined $sig; - push @exec, $data; + push @exec, $signeddata; my $status = $self->_gpg_exec(@exec); return OPENPGP_NO_SIG if $status; @@ -217,15 +218,15 @@ sub _gpg_verify { } sub inline_verify { - my ($self, $data, @certs) = @_; + my ($self, $inlinesigned, $data, @certs) = @_; - return $self->_gpg_verify($data, undef, @certs); + return $self->_gpg_verify($inlinesigned, undef, $data, @certs); } sub verify { my ($self, $data, $sig, @certs) = @_; - return $self->_gpg_verify($data, $sig, @certs); + return $self->_gpg_verify($data, $sig, undef, @certs); } 1; diff --git a/scripts/Dpkg/Source/Package.pm b/scripts/Dpkg/Source/Package.pm index be9f720f1..7aacffaf5 100644 --- a/scripts/Dpkg/Source/Package.pm +++ b/scripts/Dpkg/Source/Package.pm @@ -515,7 +515,7 @@ sub check_signature { } } - my $rc = $self->{openpgp}->inline_verify($dsc, @certs); + my $rc = $self->{openpgp}->inline_verify($dsc, undef, @certs); if ($rc) { $self->{report_verify}->(g_('cannot verify inline signature for %s: %s'), $dsc, openpgp_errorcode_to_string($rc)); -- Dpkg.Org's dpkg
