debsig-verify (0.25)
[PTS] [DDPO]
NEW: VCS has unreleased changes: 0.26 > 0.25
- Git: https://git.dpkg.org/git/dpkg/debsig-verify.git
-
- Branch: main
- Path: debian/changelog
- Browser: https://git.dpkg.org/cgit/dpkg/debsig-verify.git
- Last scan: 2022-09-28 09:15:11+00
- Next scan: 2022-09-29 09:57:00+00
- Debian changelog in Git:
debsig-verify (0.26) UNRELEASED; urgency=medium
*
-- Guillem Jover <guillem@debian.org> Mon, 06 Jun 2022 16:29:12 +0200
- This branch is 27 commits ahead of tag 0.25
- Git log:
commit 004036f28b8dde5ee273ca6ba8402bf7731caf36
Author: Guillem Jover <guillem@debian.org>
Date: Fri Sep 9 10:51:36 2022 +0200
build: Add new test key and policy to EXTRA_FILES
Fixes: commit 3600ebb617e9136922d879596fe213ddce02880c
Changelog: silent
commit f32fbeb7990d32b51d2bf4a1ee2de9516017590a
Author: Guillem Jover <guillem@debian.org>
Date: Fri Sep 9 09:33:47 2022 +0200
doc: Switch release URL from ftp.debian.org to deb.debian.org
commit 9148be33e966da6caafcc95526aad9b7c4ae11a7
Author: Guillem Jover <guillem@debian.org>
Date: Fri Sep 9 09:33:21 2022 +0200
doc: Use https:// for release download URLs
commit 864620382210d0035c44a3efe470c09006040c3b
Author: Guillem Jover <guillem@debian.org>
Date: Thu Aug 25 09:08:09 2022 +0200
doc: Refer to the main git repository as primary
commit 58a92e732a40f056ba82c4059fd253e72752d9d2
Author: Guillem Jover <guillem@debian.org>
Date: Mon Jun 6 14:15:49 2022 +0200
doc: Update TODO
commit 5085d170585e8f3cbbc4e1ec903358708d238b4d
Author: Guillem Jover <guillem@debian.org>
Date: Fri Apr 29 02:30:11 2022 +0200
openpgp: Print the pathname for the keyring used in debug mode
This makes debugging more helpful.
commit cc75cda39c8014e0ac1465dfb286bca33c8362a7
Author: Guillem Jover <guillem@debian.org>
Date: Fri Apr 29 02:23:00 2022 +0200
openpgp-gpg: Fix cleanup_gpg_tmpdir() subprocess description
The description for the subproc_reap() did not match the function this
code is now in. Give it a more descriptive text.
Changelog: internal
commit 0075a04287c761d6178cacd7ad2b1ed1ec821422
Author: Guillem Jover <guillem@debian.org>
Date: Fri Apr 29 02:19:34 2022 +0200
Turn struct match «type» member from an int to an enum
This makes the values easier to identify as pertaining to this member,
through explicit typing.
Changelog: internal
commit 2243270e04ac6290f05986d5049a8c2dc6cde260
Author: Guillem Jover <guillem@debian.org>
Date: Fri Apr 29 02:16:10 2022 +0200
Rename getSigKeyID() argument from type to name
This function does not take a match type, instead it takes a match name.
Rename the argument to avoid confusion.
Changelog: internal
commit 8665b14730a19cae3ed279de51d1cad872fdbaff
Author: Guillem Jover <guillem@debian.org>
Date: Thu Apr 28 01:43:27 2022 +0200
Check whether the origin ID is in the keyring if no match ID is specified
We should check whether the origin ID can be found in the keyring, as
that is the fingerprint/keyID for the signature that selected the
current policy.
It's not essential, as the actual signature verification will be the
final decision point, but it means we might be able to discard this
policy as invalid otherwise, and use another one instead.
commit b53a39fef9af46ea122a008ca3d8fbdc21845280
Author: Guillem Jover <guillem@debian.org>
Date: Fri Apr 29 01:49:28 2022 +0200
Pass a string instead of a struct match to getKeyID()
This will make it possible to specify arbitrary strings, instead of
having to construct a match struct to be able to call the function.
Changelog: internal
commit a11aa0f0e3e1dcf59aece2758ad43e0a7013c589
Author: Guillem Jover <guillem@debian.org>
Date: Tue Nov 16 01:30:19 2021 +0100
Refactor keyring generation
This way we do not need to implement it on each backend driver.
Changelog: internal
commit 0ca244813ebf7454f97f37d5527acec8fce30c9a
Author: Guillem Jover <guillem@debian.org>
Date: Fri Apr 29 02:24:46 2022 +0200
openpgp-gpg: Unset GPG_TTY
Do not let our gpg invocation be affected by externally set environment
variables.
commit 14e70de6df5c8ee3d9e11f9556dac83593de8639
Author: Guillem Jover <guillem@debian.org>
Date: Wed Apr 27 00:27:27 2022 +0200
openpgp-gpg: Switch from internal gpg --list-packets to --verify --status-fd
The GnuPG --list-packets command is for debugging and its interface is
not intended to be used by other tools.
Switch to use --verify with --status-fd, which is a supported interface
with a defined output format. This also simplifies the code parsing.
While this is not an ideal interface, and a dedicated one to inspect a
signature would be better, this is the best we can get right now.
Ref: #1001331
commit b1e3e03743eeae13253efc7346901727a98f4c2e
Author: Guillem Jover <guillem@debian.org>
Date: Wed Apr 27 01:45:44 2022 +0200
openpgp-gpg: Fix last field parsing
Remove newline character from parsed lines, so that we do not need to
ignore them as field delimiter. Take into account the terminating NUL
character as another implicit valid field delimiter. Otherwise we will
never match the last field in a line.
commit 885c12b96226f7fd98411f977ceb4e30545465f8
Author: Guillem Jover <guillem@debian.org>
Date: Tue Apr 26 19:41:36 2022 +0200
openpgp-gpg: Refactor get_field() out from get_colon_field()
This generalizes the function and makes it possible to use other
delimiters.
Changelog: internal
commit 849d9633ebf809398c848821c603148ae0470278
Author: Guillem Jover <guillem@debian.org>
Date: Wed Apr 27 23:46:46 2022 +0200
openpgp-gpg: Do not fallback to the match ID on fingerprint/keyID not found
We should always return a fingerprint or a keyID, as that's what we are
going to compare against. Returning the match ID is not helpful because
it both signals we matched something (which might not be the case), and
might be a user ID, which will never match.
Partially fixed with commit a468bcb2b23f114995e0bdd7915409312a6b666c,
but incorrectly restored the fallback behavior, which should have been
removed instead.
commit 29f80390bebba1deb304ac58e0acc0644cb130eb
Author: Guillem Jover <guillem@debian.org>
Date: Thu Apr 28 00:11:01 2022 +0200
openpgp-gpg: When matching on getKeyID match on fingerprint
If we are asked to match on a policy ID, we should check whether it
matches a fingerprint (or keyID) when we find one in the keyring. And
only if not, then match on a UID.
This has meant that the selection and verification policy ID criteria
based on a fingerprint or keyID was not effective until now. This does
not seem like a serious issue though, as the policy needed to be found
based on the fingerprint/keyID of the signature, the origin and type
checks were in place and working, and the signature needed to verify
successfully based on the specific policy keyring.
commit 30ae7efb89128ec46cb907015b0b450ec3a2c1fc
Author: Guillem Jover <guillem@debian.org>
Date: Wed Apr 27 01:51:13 2022 +0200
openpgp: Do not consider a match if one of the fingerprints has zero length
We should not accept zero-length fingerprints or keyIDs, as that implies
that these would match any other fingerprint or keyID.
While we are not supposed to get back such zero-length strings, this
makes the code more robust against unexpected inputs or potential bugs
in other parts of the code.
commit a9d60b36706e776cca31828bae1db452da149bba
Author: Guillem Jover <guillem@debian.org>
Date: Wed Apr 27 01:09:56 2022 +0200
openpgp-gpg: Skip field separator character when parsing --with-colons output
We need to skip the actual field separator or we end up stuck in the
same separator and never match the desired field.
This implied that we returned an empty string that ended up matching
any fingerprint or keyID, bypassing the policy IDs. Although those had
not been really effective anyway due to getKeyID not matching the ID
against the found fingerprint/keyID.
commit 2f091208e125962e84d65a04703672fa4fd0f5bc
Author: Guillem Jover <guillem@debian.org>
Date: Thu Apr 28 01:02:25 2022 +0200
openpgp-gpg: Always pass the gpg command in argv[0]
The current command API is not very ergonomic, and should probably be
changed to use the progname as the default argv[0] instead. But let's
fix this for now here.
commit e25bbbf1d0e0b0b4ed5b570a97d2114f305da205
Author: Guillem Jover <guillem@debian.org>
Date: Tue Apr 26 11:31:49 2022 +0200
Switch from fgets() to getline()
This moves from statically allocated buffers to dynamic ones.
Changelog: internal
commit 2f544dad74ee830f483ef70698d184d1e21c0d64
Author: Guillem Jover <guillem@debian.org>
Date: Wed Dec 15 04:27:44 2021 +0100
Avoid using an intermediate buffer in ds_printf()
We can simply print the heading and the trailer independently of the
format string and its arguments, which gets rid of the need to keep
a fixed-size buffer, and its potential contents truncation.
Changelog: internal
commit 3600ebb617e9136922d879596fe213ddce02880c
Author: Guillem Jover <guillem@debian.org>
Date: Sun Jul 17 14:10:59 2022 +0200
test: Add new test keys with non-weak algorithms
commit f9b84b0cf44ee16b26726ea9389aac1561db47bc
Author: Guillem Jover <guillem@debian.org>
Date: Mon Jul 18 00:15:42 2022 +0200
Fix mismatched number of arguments error
We were printing “too many arguments” even when we were missing one,
which was rather confusing. Print appropriate messages depending on
whether we have excess or missing arguments.
commit ea97a65cbcde7aa4bcd174d212142c1104e91fbb
Author: Guillem Jover <guillem@debian.org>
Date: Mon Jul 18 00:14:33 2022 +0200
Print the unknown option on error
commit 37170453451ea9aabb016abf9ff5667144625a15
Author: Guillem Jover <guillem@debian.org>
Date: Mon Jun 6 16:29:21 2022 +0200
Bump version to 0.26
