This is an automated email from the git hooks/post-receive script. guillem pushed a commit to branch main in repository dpkg.
View the commit online: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=cac9a06474b188aa91194c606512557b55a99790 commit cac9a06474b188aa91194c606512557b55a99790 Author: Guillem Jover <[email protected]> AuthorDate: Thu Nov 10 04:49:53 2022 +0100 Dpkg::OpenPGP: Remove now unnecessary is_armored() method This method was potentially a security issue in case it would match apparent ASCII Armor that was not valid and would not be parsed by an OpenPGP implementation. It is no longer used, so we can remove it. Prompted-by: Daniel Kahn Gillmor <[email protected]> --- scripts/Dpkg/OpenPGP.pm | 16 ---------------- scripts/t/Dpkg_OpenPGP.t | 12 +++++++++--- 2 files changed, 9 insertions(+), 19 deletions(-) diff --git a/scripts/Dpkg/OpenPGP.pm b/scripts/Dpkg/OpenPGP.pm index ff62c008b..4c1cd9bbc 100644 --- a/scripts/Dpkg/OpenPGP.pm +++ b/scripts/Dpkg/OpenPGP.pm @@ -52,22 +52,6 @@ sub new { return $self; } -sub is_armored { - my ($self, $file) = @_; - my $armored = 0; - - open my $fh, '<', $file or syserr(g_('cannot open %s'), $file); - while (<$fh>) { - if (m/^-----BEGIN PGP /) { - $armored = 1; - last; - } - } - close $fh; - - return $armored; -} - # _pgp_* functions are strictly for applying or removing ASCII armor. # See <https://datatracker.ietf.org/doc/html/rfc4880#section-6> for more # details. diff --git a/scripts/t/Dpkg_OpenPGP.t b/scripts/t/Dpkg_OpenPGP.t index f21fa3c4f..194669b32 100644 --- a/scripts/t/Dpkg_OpenPGP.t +++ b/scripts/t/Dpkg_OpenPGP.t @@ -25,7 +25,7 @@ use Dpkg::ErrorHandling; test_needs_command('gpg'); -plan tests => 8; +plan tests => 10; use_ok('Dpkg::OpenPGP'); use_ok('Dpkg::OpenPGP::ErrorCodes'); @@ -42,8 +42,14 @@ my ($reffile, $binfile, $ascfile); $binfile = "$datadir/data-file"; $reffile = "$datadir/data-file.asc"; -ok(!$openpgp->is_armored($binfile), 'file not ASCII Armored'); -ok($openpgp->is_armored($reffile), 'file ASCII Armored'); +ok($openpgp->armor('ARMORED FILE', $binfile, "$tmpdir/data-file.asc") == OPENPGP_OK(), + 'armoring file not ASCII Armored'); +ok(compare("$tmpdir/data-file.asc", $reffile) == 0, + 'armor binary file into OpenPGP ASCII Armor'); +ok($openpgp->armor('ARMORED FILE', $reffile, "$tmpdir/data-file-rearmor.asc") == OPENPGP_OK(), + 'armoring file ASCII Armored'); +ok(compare("$tmpdir/data-file-rearmor.asc", $reffile) == 0, + 'rearmor binary file into OpenPGP ASCII Armor'); $ascfile = "$tmpdir/data-file.asc"; -- Dpkg.Org's dpkg
