adapt to ${CC_WNO_IMPLICIT_FALLTHROUGH}

Use ${CC_WNO_IMPLICIT_FALLTHROUGH} instead of
the older style more complex expressions.

bsd.own.mk: rename GCC_NO_* to CC_WNO_*

Rename compiler-warning-disable variables from
GCC_NO_warning
to
CC_WNO_warning
where warning is the full warning name as used by the compiler.

GCC_NO_IMPLICIT_FALLTHRU is CC_WNO_IMPLICIT_FALLTHROUGH

Using the convention CC_compilerflag, where compilerflag
is based on the full compiler flag name.

netpgp: fix or suppress a few lint warnings

No functional change.

introduce some common variables for use in GCC warning disables:

GCC_NO_FORMAT_TRUNCATION -Wno-format-truncation (GCC 7/8)
GCC_NO_STRINGOP_TRUNCATION -Wno-stringop-truncation (GCC 8)
GCC_NO_STRINGOP_OVERFLOW -Wno-stringop-overflow (GCC 8)
GCC_NO_CAST_FUNCTION_TYPE -Wno-cast-function-type (GCC 8)

use these to turn off warnings for most GCC-8 complaints. many
of these are false positives, most of the real bugs are already
commited, or are yet to come.


we plan to introduce versions of (some?) of these that use the
"-Wno-error=" form, which still displays the warnings but does
not make it an error, and all of the above will be re-considered
as either being "fix me" (warning still displayed) or "warning
is wrong."

convert HAVE_GCC == 7 to HAVE_GCC >= 7.

- use -Wno-error=implicit-fallthrough with GCC7.

branches: 1.15.12;
Update netpgpverify sources in base from 20160617 to 20170201 (i.e. bring
over changes from master sources in pkgsrc/security/netpgpverify, version 20170201):

Changes:

Update netpgpverify (and libnetpgpverify) to 20160614
+ handle signatures created by gpg with "--no-emit-version", don't assume
there will always be a version string.
+ add a test for above
Fixes security PR 51240.
Thanks to xnox@ubuntu.com for reporting the error

Update netpgpverify and libnetpgpverify to 20160615:
Simplify the method of finding the end of the versioning information
in the signature - back up to the "\n" character at the end of the
signature start:

"-----BEGIN PGP SIGNATURE-----\n"

and then find the "\n\n" character sequence to denote the start of the
signature itself. The previous version worked, but this is more efficient.

Update netpgpverify and libnetpgpverify to 20160616
+ bring over joerg's printflike change from the netpgpverify
version in src/crypto
+ add a test for cleartext signatures with version information
to complement the one with no version information

Update netpgpverify and libnetpgpverify to 20160622 during freeze to fix PR 51262
+ take a bit of a step backwards, and don't use stdbool.h, just to appease
Solaris 10 compiler

Update netpgpverify and libnetpgpverify to 20160623
+ remove use of asprintf and vasprintf from libverify. Inspired
by work from Dimitri John Ledkov. Should allow building on Linux
without superfluous definitions.
+ also free the BIGNUM struct in PGPV_BN_clear() - from Dimitri
John Ledkov

Update netpgpverify and libnetpgpverify to 20160626
+ make the pgpv_t and pgpv_cursor_t structures opaque
+ add new accessor functions for fields in the pgpv_cursor_t struct
+ add new creation functions for the pgpv_t and pgpv_cursor_t structs

Update netpgpverify and libnetpgpverify to 20160704
+ get rid of redundant PGPV_ARRAY definition in libverify.c, brought in when
the definitions moved from verify.h
+ fix obuf_add_mem() to use a const void *, as any struct can be
dumped using it
+ remove redundant NO_SUBKEYS definition - unused
+ add an (unused as yet) ARRAY_FREE() macro

Update netpgpverify and libnetpgpverify to 20160705
External API changes
====================
+ add a pgpv_cursor_close() function to free resources associated with
a cursor
Better memory management
========================
+ restructure the way dynamic arrays are used, to avoid memory
corruption issues and memory leaks - keep all dynamic arrays in the global
data structure, and use indices in the other data structures to index them.
Means lack of data localisation, but avoids stale pointers, and leaks.
+ make signer field of signature a uint8_t array, rather than a pointer
+ use our own version of strdup(3) - don't depend on it being
available in standard library
+ keep track of whether litdata filenames and userid were allocated or not,
and free memory in pgpv_close() if it was allocated
+ free up allocated resources which were allocated in pgpv_close()

Update netpgpverify and libnetpgpverify to 20160706
+ 20160705 introduced a bug whereby a key subid would match and verify
fine, but, if formatted, would not display the correct subkey
information. Fix to show the correct information in this case.

Update netpgpverify and libnetpgpverify to 20160707 to fix some
unusual build errors shown by old gcc versions (works fine for
gcc-5.2.1 on ubuntu and gcc-5.3.0 on NetBSD 7.99.32)
+ use ULL suffix on unsigned 64bit constants, not UL
+ don't typedef the public structs twice - second time just define it
without the typedef
Fixes PR 51327

Update netpgpverify and libnetpgpverify to 20160708
+ clear and free bignums properly - helps immensely with plugging
memory leaks

Update netpgpverify and libnetpgpverify to 20160828
+ bring over change from christos in src/crypto to check for
the end of an ASCII-armored signature
+ no need for namespace protection in array.h any more, now
that netpgp/verify.h now contains opaque structures
+ minor typo clean-up in a definition (benign, ignored by compiler)

update netpgpverify and libnetpgpverify to 20170201
+ make sure howmany() macro is defined
pointed out by cube - thanks!

branches: 1.14.2; 1.14.4;
add test for signatures produced by gpg --no-emit-version

Bring over the 20141204 portable version of netpgpverify from pkgsrc

+ Remove unused logmessage helper function

+ Add pgpv_get_cursor_element for easier manipulation of results
returned.

+ libnetpgpverify(3) man page improvements

+ Standardise on WARNS=5 settings (6 is too intrusive and distracting)

+ Also install the library and header file for netpgpverify. This
allows scripting languages to use the same verification methods via a
shared library, rather than being forced to exec the netpgpverify(1)
command line utility.

+ libnetpgpverify is now a standalone library, and requires no
pre-requsisite libraries to function

branches: 1.12.4;
It's nonliteral format strings it should not warn about.

Older gcc does not support -Wno-format-literal

Turn off literal format string warnings for one file

A better fix is coming

fix typo in previous commit

WARNS=6 is impossible for this code :-)

proper include

Install the binary in the correct location

Bring over the standalone netpgpverify sources from
pkgsrc/security/netpgpverify.

No functional change.

branches: 1.4.2; 1.4.6;
revert previous change for LIBDPLIBS until I have a chance to work out the
order for building pre-req libs

link libz and libbz2 into the netpgpverify library, rather than into the
executable, via LIBDPLIBS.

Merge netpgpverify(1) and libnetpgpverify(3) from the
agc-netpgp-standalone branch.

Rewrite the netpgpverify(1) functionality from RFC4880 up. This is a
completely new implementation, and uses its own bignum library derived
from libtommath. Apart from libz and libbz2, it just uses its own
library and is self-contained - this makes it easier to embed, and to
use from scripting languages.

netpgpverify(1) now verifies all the signed files i've thrown at it,
and the added bonus of using no functionality from libcrypto - all of
its bignum functionality comes from its own libnetpgpverify.so.
netpgpverify(1) now verifies not only signatures on binary files, but
also signatures on text documents. This fixes PR/46930. Please don't
start me on the hoops I had to jump through to calculate the digests
on text files; trust me, you will regret it.

% supersize `which netpgpverify`
text data bss dec hex filename
4452 860 72 5384 1508 /usr/bin/netpgpverify
79542 1408 0 80950 13c36 /usr/lib/libz.so.1
43994 984 488 45466 b19a /usr/lib/libgcc_s.so.1
1318116 49644 69272 1437032 15ed68 /usr/lib/libc.so.12
57253 4184 0 61437 effd /usr/lib/libbz2.so.1
108726 1712 0 110438 1af66 /usr/lib/libnetpgpverify.so.4
1612083 58792 69832 1740707 0x1a8fa3 total
%

% make t
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify b.gpg > output16
diff expected16 output16
rm -f output16
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify a.gpg > output17
diff expected17 output17
rm -f output17
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify gpgsigned-a.gpg > output18
diff expected18 output18
rm -f output18
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify NetBSD-6.0_RC2_hashes.asc > output19
diff expected19 output19
rm -f output19
...
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k dsa-pubring.gpg in2.asc > output45
diff expected45 output45
rm -f output45
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k problem-pubring.gpg NetBSD-6.0_hashes.asc > output46
diff expected46 output46
rm -f output46
cd tests/netpgpverify && make && atf-run
atf2kyua: I: Removing stale Kyuafiles from /tmp/.XXXXXX.004966aa
atf2kyua: I: Converting /usr/src/crypto/external/bsd/netpgp-standalone/tests/netpgpverify/Atffile -> /tmp/.XXXXXX.004966aa/Kyuafile
t_netpgpverify:netpgpverify_rsa -> passed [0.221s]
t_netpgpverify:netpgpverify_dsa -> passed [0.117s]

2/2 passed (0 failed)
Committed action 19
%

branches: 1.1.2;
file Makefile was initially added on branch agc-netpgp-standalone.

netpgp: fix or suppress a few lint warnings

No functional change.

introduce some common variables for use in GCC warning disables:

GCC_NO_FORMAT_TRUNCATION -Wno-format-truncation (GCC 7/8)
GCC_NO_STRINGOP_TRUNCATION -Wno-stringop-truncation (GCC 8)
GCC_NO_STRINGOP_OVERFLOW -Wno-stringop-overflow (GCC 8)
GCC_NO_CAST_FUNCTION_TYPE -Wno-cast-function-type (GCC 8)

use these to turn off warnings for most GCC-8 complaints. many
of these are false positives, most of the real bugs are already
commited, or are yet to come.


we plan to introduce versions of (some?) of these that use the
"-Wno-error=" form, which still displays the warnings but does
not make it an error, and all of the above will be re-considered
as either being "fix me" (warning still displayed) or "warning
is wrong."

convert HAVE_GCC == 7 to HAVE_GCC >= 7.

- use -Wno-error=implicit-fallthrough with GCC7.

branches: 1.15.12;
Update netpgpverify sources in base from 20160617 to 20170201 (i.e. bring
over changes from master sources in pkgsrc/security/netpgpverify, version 20170201):

Changes:

Update netpgpverify (and libnetpgpverify) to 20160614
+ handle signatures created by gpg with "--no-emit-version", don't assume
there will always be a version string.
+ add a test for above
Fixes security PR 51240.
Thanks to xnox@ubuntu.com for reporting the error

Update netpgpverify and libnetpgpverify to 20160615:
Simplify the method of finding the end of the versioning information
in the signature - back up to the "\n" character at the end of the
signature start:

"-----BEGIN PGP SIGNATURE-----\n"

and then find the "\n\n" character sequence to denote the start of the
signature itself. The previous version worked, but this is more efficient.

Update netpgpverify and libnetpgpverify to 20160616
+ bring over joerg's printflike change from the netpgpverify
version in src/crypto
+ add a test for cleartext signatures with version information
to complement the one with no version information

Update netpgpverify and libnetpgpverify to 20160622 during freeze to fix PR 51262
+ take a bit of a step backwards, and don't use stdbool.h, just to appease
Solaris 10 compiler

Update netpgpverify and libnetpgpverify to 20160623
+ remove use of asprintf and vasprintf from libverify. Inspired
by work from Dimitri John Ledkov. Should allow building on Linux
without superfluous definitions.
+ also free the BIGNUM struct in PGPV_BN_clear() - from Dimitri
John Ledkov

Update netpgpverify and libnetpgpverify to 20160626
+ make the pgpv_t and pgpv_cursor_t structures opaque
+ add new accessor functions for fields in the pgpv_cursor_t struct
+ add new creation functions for the pgpv_t and pgpv_cursor_t structs

Update netpgpverify and libnetpgpverify to 20160704
+ get rid of redundant PGPV_ARRAY definition in libverify.c, brought in when
the definitions moved from verify.h
+ fix obuf_add_mem() to use a const void *, as any struct can be
dumped using it
+ remove redundant NO_SUBKEYS definition - unused
+ add an (unused as yet) ARRAY_FREE() macro

Update netpgpverify and libnetpgpverify to 20160705
External API changes
====================
+ add a pgpv_cursor_close() function to free resources associated with
a cursor
Better memory management
========================
+ restructure the way dynamic arrays are used, to avoid memory
corruption issues and memory leaks - keep all dynamic arrays in the global
data structure, and use indices in the other data structures to index them.
Means lack of data localisation, but avoids stale pointers, and leaks.
+ make signer field of signature a uint8_t array, rather than a pointer
+ use our own version of strdup(3) - don't depend on it being
available in standard library
+ keep track of whether litdata filenames and userid were allocated or not,
and free memory in pgpv_close() if it was allocated
+ free up allocated resources which were allocated in pgpv_close()

Update netpgpverify and libnetpgpverify to 20160706
+ 20160705 introduced a bug whereby a key subid would match and verify
fine, but, if formatted, would not display the correct subkey
information. Fix to show the correct information in this case.

Update netpgpverify and libnetpgpverify to 20160707 to fix some
unusual build errors shown by old gcc versions (works fine for
gcc-5.2.1 on ubuntu and gcc-5.3.0 on NetBSD 7.99.32)
+ use ULL suffix on unsigned 64bit constants, not UL
+ don't typedef the public structs twice - second time just define it
without the typedef
Fixes PR 51327

Update netpgpverify and libnetpgpverify to 20160708
+ clear and free bignums properly - helps immensely with plugging
memory leaks

Update netpgpverify and libnetpgpverify to 20160828
+ bring over change from christos in src/crypto to check for
the end of an ASCII-armored signature
+ no need for namespace protection in array.h any more, now
that netpgp/verify.h now contains opaque structures
+ minor typo clean-up in a definition (benign, ignored by compiler)

update netpgpverify and libnetpgpverify to 20170201
+ make sure howmany() macro is defined
pointed out by cube - thanks!

branches: 1.14.2; 1.14.4;
add test for signatures produced by gpg --no-emit-version

Bring over the 20141204 portable version of netpgpverify from pkgsrc

+ Remove unused logmessage helper function

+ Add pgpv_get_cursor_element for easier manipulation of results
returned.

+ libnetpgpverify(3) man page improvements

+ Standardise on WARNS=5 settings (6 is too intrusive and distracting)

+ Also install the library and header file for netpgpverify. This
allows scripting languages to use the same verification methods via a
shared library, rather than being forced to exec the netpgpverify(1)
command line utility.

+ libnetpgpverify is now a standalone library, and requires no
pre-requsisite libraries to function

branches: 1.12.4;
It's nonliteral format strings it should not warn about.

Older gcc does not support -Wno-format-literal

Turn off literal format string warnings for one file

A better fix is coming

fix typo in previous commit

WARNS=6 is impossible for this code :-)

proper include

Install the binary in the correct location

Bring over the standalone netpgpverify sources from
pkgsrc/security/netpgpverify.

No functional change.

branches: 1.4.2; 1.4.6;
revert previous change for LIBDPLIBS until I have a chance to work out the
order for building pre-req libs

link libz and libbz2 into the netpgpverify library, rather than into the
executable, via LIBDPLIBS.

Merge netpgpverify(1) and libnetpgpverify(3) from the
agc-netpgp-standalone branch.

Rewrite the netpgpverify(1) functionality from RFC4880 up. This is a
completely new implementation, and uses its own bignum library derived
from libtommath. Apart from libz and libbz2, it just uses its own
library and is self-contained - this makes it easier to embed, and to
use from scripting languages.

netpgpverify(1) now verifies all the signed files i've thrown at it,
and the added bonus of using no functionality from libcrypto - all of
its bignum functionality comes from its own libnetpgpverify.so.
netpgpverify(1) now verifies not only signatures on binary files, but
also signatures on text documents. This fixes PR/46930. Please don't
start me on the hoops I had to jump through to calculate the digests
on text files; trust me, you will regret it.

% supersize `which netpgpverify`
text data bss dec hex filename
4452 860 72 5384 1508 /usr/bin/netpgpverify
79542 1408 0 80950 13c36 /usr/lib/libz.so.1
43994 984 488 45466 b19a /usr/lib/libgcc_s.so.1
1318116 49644 69272 1437032 15ed68 /usr/lib/libc.so.12
57253 4184 0 61437 effd /usr/lib/libbz2.so.1
108726 1712 0 110438 1af66 /usr/lib/libnetpgpverify.so.4
1612083 58792 69832 1740707 0x1a8fa3 total
%

% make t
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify b.gpg > output16
diff expected16 output16
rm -f output16
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify a.gpg > output17
diff expected17 output17
rm -f output17
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify gpgsigned-a.gpg > output18
diff expected18 output18
rm -f output18
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify NetBSD-6.0_RC2_hashes.asc > output19
diff expected19 output19
rm -f output19
...
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k dsa-pubring.gpg in2.asc > output45
diff expected45 output45
rm -f output45
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k problem-pubring.gpg NetBSD-6.0_hashes.asc > output46
diff expected46 output46
rm -f output46
cd tests/netpgpverify && make && atf-run
atf2kyua: I: Removing stale Kyuafiles from /tmp/.XXXXXX.004966aa
atf2kyua: I: Converting /usr/src/crypto/external/bsd/netpgp-standalone/tests/netpgpverify/Atffile -> /tmp/.XXXXXX.004966aa/Kyuafile
t_netpgpverify:netpgpverify_rsa -> passed [0.221s]
t_netpgpverify:netpgpverify_dsa -> passed [0.117s]

2/2 passed (0 failed)
Committed action 19
%

branches: 1.1.2;
file Makefile was initially added on branch agc-netpgp-standalone.

introduce some common variables for use in GCC warning disables:

GCC_NO_FORMAT_TRUNCATION -Wno-format-truncation (GCC 7/8)
GCC_NO_STRINGOP_TRUNCATION -Wno-stringop-truncation (GCC 8)
GCC_NO_STRINGOP_OVERFLOW -Wno-stringop-overflow (GCC 8)
GCC_NO_CAST_FUNCTION_TYPE -Wno-cast-function-type (GCC 8)

use these to turn off warnings for most GCC-8 complaints. many
of these are false positives, most of the real bugs are already
commited, or are yet to come.


we plan to introduce versions of (some?) of these that use the
"-Wno-error=" form, which still displays the warnings but does
not make it an error, and all of the above will be re-considered
as either being "fix me" (warning still displayed) or "warning
is wrong."

convert HAVE_GCC == 7 to HAVE_GCC >= 7.

- use -Wno-error=implicit-fallthrough with GCC7.

branches: 1.15.12;
Update netpgpverify sources in base from 20160617 to 20170201 (i.e. bring
over changes from master sources in pkgsrc/security/netpgpverify, version 20170201):

Changes:

Update netpgpverify (and libnetpgpverify) to 20160614
+ handle signatures created by gpg with "--no-emit-version", don't assume
there will always be a version string.
+ add a test for above
Fixes security PR 51240.
Thanks to xnox@ubuntu.com for reporting the error

Update netpgpverify and libnetpgpverify to 20160615:
Simplify the method of finding the end of the versioning information
in the signature - back up to the "\n" character at the end of the
signature start:

"-----BEGIN PGP SIGNATURE-----\n"

and then find the "\n\n" character sequence to denote the start of the
signature itself. The previous version worked, but this is more efficient.

Update netpgpverify and libnetpgpverify to 20160616
+ bring over joerg's printflike change from the netpgpverify
version in src/crypto
+ add a test for cleartext signatures with version information
to complement the one with no version information

Update netpgpverify and libnetpgpverify to 20160622 during freeze to fix PR 51262
+ take a bit of a step backwards, and don't use stdbool.h, just to appease
Solaris 10 compiler

Update netpgpverify and libnetpgpverify to 20160623
+ remove use of asprintf and vasprintf from libverify. Inspired
by work from Dimitri John Ledkov. Should allow building on Linux
without superfluous definitions.
+ also free the BIGNUM struct in PGPV_BN_clear() - from Dimitri
John Ledkov

Update netpgpverify and libnetpgpverify to 20160626
+ make the pgpv_t and pgpv_cursor_t structures opaque
+ add new accessor functions for fields in the pgpv_cursor_t struct
+ add new creation functions for the pgpv_t and pgpv_cursor_t structs

Update netpgpverify and libnetpgpverify to 20160704
+ get rid of redundant PGPV_ARRAY definition in libverify.c, brought in when
the definitions moved from verify.h
+ fix obuf_add_mem() to use a const void *, as any struct can be
dumped using it
+ remove redundant NO_SUBKEYS definition - unused
+ add an (unused as yet) ARRAY_FREE() macro

Update netpgpverify and libnetpgpverify to 20160705
External API changes
====================
+ add a pgpv_cursor_close() function to free resources associated with
a cursor
Better memory management
========================
+ restructure the way dynamic arrays are used, to avoid memory
corruption issues and memory leaks - keep all dynamic arrays in the global
data structure, and use indices in the other data structures to index them.
Means lack of data localisation, but avoids stale pointers, and leaks.
+ make signer field of signature a uint8_t array, rather than a pointer
+ use our own version of strdup(3) - don't depend on it being
available in standard library
+ keep track of whether litdata filenames and userid were allocated or not,
and free memory in pgpv_close() if it was allocated
+ free up allocated resources which were allocated in pgpv_close()

Update netpgpverify and libnetpgpverify to 20160706
+ 20160705 introduced a bug whereby a key subid would match and verify
fine, but, if formatted, would not display the correct subkey
information. Fix to show the correct information in this case.

Update netpgpverify and libnetpgpverify to 20160707 to fix some
unusual build errors shown by old gcc versions (works fine for
gcc-5.2.1 on ubuntu and gcc-5.3.0 on NetBSD 7.99.32)
+ use ULL suffix on unsigned 64bit constants, not UL
+ don't typedef the public structs twice - second time just define it
without the typedef
Fixes PR 51327

Update netpgpverify and libnetpgpverify to 20160708
+ clear and free bignums properly - helps immensely with plugging
memory leaks

Update netpgpverify and libnetpgpverify to 20160828
+ bring over change from christos in src/crypto to check for
the end of an ASCII-armored signature
+ no need for namespace protection in array.h any more, now
that netpgp/verify.h now contains opaque structures
+ minor typo clean-up in a definition (benign, ignored by compiler)

update netpgpverify and libnetpgpverify to 20170201
+ make sure howmany() macro is defined
pointed out by cube - thanks!

branches: 1.14.2; 1.14.4;
add test for signatures produced by gpg --no-emit-version

Bring over the 20141204 portable version of netpgpverify from pkgsrc

+ Remove unused logmessage helper function

+ Add pgpv_get_cursor_element for easier manipulation of results
returned.

+ libnetpgpverify(3) man page improvements

+ Standardise on WARNS=5 settings (6 is too intrusive and distracting)

+ Also install the library and header file for netpgpverify. This
allows scripting languages to use the same verification methods via a
shared library, rather than being forced to exec the netpgpverify(1)
command line utility.

+ libnetpgpverify is now a standalone library, and requires no
pre-requsisite libraries to function

branches: 1.12.4;
It's nonliteral format strings it should not warn about.

Older gcc does not support -Wno-format-literal

Turn off literal format string warnings for one file

A better fix is coming

fix typo in previous commit

WARNS=6 is impossible for this code :-)

proper include

Install the binary in the correct location

Bring over the standalone netpgpverify sources from
pkgsrc/security/netpgpverify.

No functional change.

branches: 1.4.2; 1.4.6;
revert previous change for LIBDPLIBS until I have a chance to work out the
order for building pre-req libs

link libz and libbz2 into the netpgpverify library, rather than into the
executable, via LIBDPLIBS.

Merge netpgpverify(1) and libnetpgpverify(3) from the
agc-netpgp-standalone branch.

Rewrite the netpgpverify(1) functionality from RFC4880 up. This is a
completely new implementation, and uses its own bignum library derived
from libtommath. Apart from libz and libbz2, it just uses its own
library and is self-contained - this makes it easier to embed, and to
use from scripting languages.

netpgpverify(1) now verifies all the signed files i've thrown at it,
and the added bonus of using no functionality from libcrypto - all of
its bignum functionality comes from its own libnetpgpverify.so.
netpgpverify(1) now verifies not only signatures on binary files, but
also signatures on text documents. This fixes PR/46930. Please don't
start me on the hoops I had to jump through to calculate the digests
on text files; trust me, you will regret it.

% supersize `which netpgpverify`
text data bss dec hex filename
4452 860 72 5384 1508 /usr/bin/netpgpverify
79542 1408 0 80950 13c36 /usr/lib/libz.so.1
43994 984 488 45466 b19a /usr/lib/libgcc_s.so.1
1318116 49644 69272 1437032 15ed68 /usr/lib/libc.so.12
57253 4184 0 61437 effd /usr/lib/libbz2.so.1
108726 1712 0 110438 1af66 /usr/lib/libnetpgpverify.so.4
1612083 58792 69832 1740707 0x1a8fa3 total
%

% make t
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify b.gpg > output16
diff expected16 output16
rm -f output16
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify a.gpg > output17
diff expected17 output17
rm -f output17
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify gpgsigned-a.gpg > output18
diff expected18 output18
rm -f output18
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify NetBSD-6.0_RC2_hashes.asc > output19
diff expected19 output19
rm -f output19
...
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k dsa-pubring.gpg in2.asc > output45
diff expected45 output45
rm -f output45
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k problem-pubring.gpg NetBSD-6.0_hashes.asc > output46
diff expected46 output46
rm -f output46
cd tests/netpgpverify && make && atf-run
atf2kyua: I: Removing stale Kyuafiles from /tmp/.XXXXXX.004966aa
atf2kyua: I: Converting /usr/src/crypto/external/bsd/netpgp-standalone/tests/netpgpverify/Atffile -> /tmp/.XXXXXX.004966aa/Kyuafile
t_netpgpverify:netpgpverify_rsa -> passed [0.221s]
t_netpgpverify:netpgpverify_dsa -> passed [0.117s]

2/2 passed (0 failed)
Committed action 19
%

branches: 1.1.2;
file Makefile was initially added on branch agc-netpgp-standalone.

convert HAVE_GCC == 7 to HAVE_GCC >= 7.

- use -Wno-error=implicit-fallthrough with GCC7.

branches: 1.15.12;
Update netpgpverify sources in base from 20160617 to 20170201 (i.e. bring
over changes from master sources in pkgsrc/security/netpgpverify, version 20170201):

Changes:

Update netpgpverify (and libnetpgpverify) to 20160614
+ handle signatures created by gpg with "--no-emit-version", don't assume
there will always be a version string.
+ add a test for above
Fixes security PR 51240.
Thanks to xnox@ubuntu.com for reporting the error

Update netpgpverify and libnetpgpverify to 20160615:
Simplify the method of finding the end of the versioning information
in the signature - back up to the "\n" character at the end of the
signature start:

"-----BEGIN PGP SIGNATURE-----\n"

and then find the "\n\n" character sequence to denote the start of the
signature itself. The previous version worked, but this is more efficient.

Update netpgpverify and libnetpgpverify to 20160616
+ bring over joerg's printflike change from the netpgpverify
version in src/crypto
+ add a test for cleartext signatures with version information
to complement the one with no version information

Update netpgpverify and libnetpgpverify to 20160622 during freeze to fix PR 51262
+ take a bit of a step backwards, and don't use stdbool.h, just to appease
Solaris 10 compiler

Update netpgpverify and libnetpgpverify to 20160623
+ remove use of asprintf and vasprintf from libverify. Inspired
by work from Dimitri John Ledkov. Should allow building on Linux
without superfluous definitions.
+ also free the BIGNUM struct in PGPV_BN_clear() - from Dimitri
John Ledkov

Update netpgpverify and libnetpgpverify to 20160626
+ make the pgpv_t and pgpv_cursor_t structures opaque
+ add new accessor functions for fields in the pgpv_cursor_t struct
+ add new creation functions for the pgpv_t and pgpv_cursor_t structs

Update netpgpverify and libnetpgpverify to 20160704
+ get rid of redundant PGPV_ARRAY definition in libverify.c, brought in when
the definitions moved from verify.h
+ fix obuf_add_mem() to use a const void *, as any struct can be
dumped using it
+ remove redundant NO_SUBKEYS definition - unused
+ add an (unused as yet) ARRAY_FREE() macro

Update netpgpverify and libnetpgpverify to 20160705
External API changes
====================
+ add a pgpv_cursor_close() function to free resources associated with
a cursor
Better memory management
========================
+ restructure the way dynamic arrays are used, to avoid memory
corruption issues and memory leaks - keep all dynamic arrays in the global
data structure, and use indices in the other data structures to index them.
Means lack of data localisation, but avoids stale pointers, and leaks.
+ make signer field of signature a uint8_t array, rather than a pointer
+ use our own version of strdup(3) - don't depend on it being
available in standard library
+ keep track of whether litdata filenames and userid were allocated or not,
and free memory in pgpv_close() if it was allocated
+ free up allocated resources which were allocated in pgpv_close()

Update netpgpverify and libnetpgpverify to 20160706
+ 20160705 introduced a bug whereby a key subid would match and verify
fine, but, if formatted, would not display the correct subkey
information. Fix to show the correct information in this case.

Update netpgpverify and libnetpgpverify to 20160707 to fix some
unusual build errors shown by old gcc versions (works fine for
gcc-5.2.1 on ubuntu and gcc-5.3.0 on NetBSD 7.99.32)
+ use ULL suffix on unsigned 64bit constants, not UL
+ don't typedef the public structs twice - second time just define it
without the typedef
Fixes PR 51327

Update netpgpverify and libnetpgpverify to 20160708
+ clear and free bignums properly - helps immensely with plugging
memory leaks

Update netpgpverify and libnetpgpverify to 20160828
+ bring over change from christos in src/crypto to check for
the end of an ASCII-armored signature
+ no need for namespace protection in array.h any more, now
that netpgp/verify.h now contains opaque structures
+ minor typo clean-up in a definition (benign, ignored by compiler)

update netpgpverify and libnetpgpverify to 20170201
+ make sure howmany() macro is defined
pointed out by cube - thanks!

branches: 1.14.2; 1.14.4;
add test for signatures produced by gpg --no-emit-version

Bring over the 20141204 portable version of netpgpverify from pkgsrc

+ Remove unused logmessage helper function

+ Add pgpv_get_cursor_element for easier manipulation of results
returned.

+ libnetpgpverify(3) man page improvements

+ Standardise on WARNS=5 settings (6 is too intrusive and distracting)

+ Also install the library and header file for netpgpverify. This
allows scripting languages to use the same verification methods via a
shared library, rather than being forced to exec the netpgpverify(1)
command line utility.

+ libnetpgpverify is now a standalone library, and requires no
pre-requsisite libraries to function

branches: 1.12.4;
It's nonliteral format strings it should not warn about.

Older gcc does not support -Wno-format-literal

Turn off literal format string warnings for one file

A better fix is coming

fix typo in previous commit

WARNS=6 is impossible for this code :-)

proper include

Install the binary in the correct location

Bring over the standalone netpgpverify sources from
pkgsrc/security/netpgpverify.

No functional change.

branches: 1.4.2; 1.4.6;
revert previous change for LIBDPLIBS until I have a chance to work out the
order for building pre-req libs

link libz and libbz2 into the netpgpverify library, rather than into the
executable, via LIBDPLIBS.

Merge netpgpverify(1) and libnetpgpverify(3) from the
agc-netpgp-standalone branch.

Rewrite the netpgpverify(1) functionality from RFC4880 up. This is a
completely new implementation, and uses its own bignum library derived
from libtommath. Apart from libz and libbz2, it just uses its own
library and is self-contained - this makes it easier to embed, and to
use from scripting languages.

netpgpverify(1) now verifies all the signed files i've thrown at it,
and the added bonus of using no functionality from libcrypto - all of
its bignum functionality comes from its own libnetpgpverify.so.
netpgpverify(1) now verifies not only signatures on binary files, but
also signatures on text documents. This fixes PR/46930. Please don't
start me on the hoops I had to jump through to calculate the digests
on text files; trust me, you will regret it.

% supersize `which netpgpverify`
text data bss dec hex filename
4452 860 72 5384 1508 /usr/bin/netpgpverify
79542 1408 0 80950 13c36 /usr/lib/libz.so.1
43994 984 488 45466 b19a /usr/lib/libgcc_s.so.1
1318116 49644 69272 1437032 15ed68 /usr/lib/libc.so.12
57253 4184 0 61437 effd /usr/lib/libbz2.so.1
108726 1712 0 110438 1af66 /usr/lib/libnetpgpverify.so.4
1612083 58792 69832 1740707 0x1a8fa3 total
%

% make t
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify b.gpg > output16
diff expected16 output16
rm -f output16
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify a.gpg > output17
diff expected17 output17
rm -f output17
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify gpgsigned-a.gpg > output18
diff expected18 output18
rm -f output18
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify NetBSD-6.0_RC2_hashes.asc > output19
diff expected19 output19
rm -f output19
...
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k dsa-pubring.gpg in2.asc > output45
diff expected45 output45
rm -f output45
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k problem-pubring.gpg NetBSD-6.0_hashes.asc > output46
diff expected46 output46
rm -f output46
cd tests/netpgpverify && make && atf-run
atf2kyua: I: Removing stale Kyuafiles from /tmp/.XXXXXX.004966aa
atf2kyua: I: Converting /usr/src/crypto/external/bsd/netpgp-standalone/tests/netpgpverify/Atffile -> /tmp/.XXXXXX.004966aa/Kyuafile
t_netpgpverify:netpgpverify_rsa -> passed [0.221s]
t_netpgpverify:netpgpverify_dsa -> passed [0.117s]

2/2 passed (0 failed)
Committed action 19
%

branches: 1.1.2;
file Makefile was initially added on branch agc-netpgp-standalone.

- use -Wno-error=implicit-fallthrough with GCC7.

Update netpgpverify sources in base from 20160617 to 20170201 (i.e. bring
over changes from master sources in pkgsrc/security/netpgpverify, version 20170201):

Changes:

Update netpgpverify (and libnetpgpverify) to 20160614
+ handle signatures created by gpg with "--no-emit-version", don't assume
there will always be a version string.
+ add a test for above
Fixes security PR 51240.
Thanks to xnox@ubuntu.com for reporting the error

Update netpgpverify and libnetpgpverify to 20160615:
Simplify the method of finding the end of the versioning information
in the signature - back up to the "\n" character at the end of the
signature start:

"-----BEGIN PGP SIGNATURE-----\n"

and then find the "\n\n" character sequence to denote the start of the
signature itself. The previous version worked, but this is more efficient.

Update netpgpverify and libnetpgpverify to 20160616
+ bring over joerg's printflike change from the netpgpverify
version in src/crypto
+ add a test for cleartext signatures with version information
to complement the one with no version information

Update netpgpverify and libnetpgpverify to 20160622 during freeze to fix PR 51262
+ take a bit of a step backwards, and don't use stdbool.h, just to appease
Solaris 10 compiler

Update netpgpverify and libnetpgpverify to 20160623
+ remove use of asprintf and vasprintf from libverify. Inspired
by work from Dimitri John Ledkov. Should allow building on Linux
without superfluous definitions.
+ also free the BIGNUM struct in PGPV_BN_clear() - from Dimitri
John Ledkov

Update netpgpverify and libnetpgpverify to 20160626
+ make the pgpv_t and pgpv_cursor_t structures opaque
+ add new accessor functions for fields in the pgpv_cursor_t struct
+ add new creation functions for the pgpv_t and pgpv_cursor_t structs

Update netpgpverify and libnetpgpverify to 20160704
+ get rid of redundant PGPV_ARRAY definition in libverify.c, brought in when
the definitions moved from verify.h
+ fix obuf_add_mem() to use a const void *, as any struct can be
dumped using it
+ remove redundant NO_SUBKEYS definition - unused
+ add an (unused as yet) ARRAY_FREE() macro

Update netpgpverify and libnetpgpverify to 20160705
External API changes
====================
+ add a pgpv_cursor_close() function to free resources associated with
a cursor
Better memory management
========================
+ restructure the way dynamic arrays are used, to avoid memory
corruption issues and memory leaks - keep all dynamic arrays in the global
data structure, and use indices in the other data structures to index them.
Means lack of data localisation, but avoids stale pointers, and leaks.
+ make signer field of signature a uint8_t array, rather than a pointer
+ use our own version of strdup(3) - don't depend on it being
available in standard library
+ keep track of whether litdata filenames and userid were allocated or not,
and free memory in pgpv_close() if it was allocated
+ free up allocated resources which were allocated in pgpv_close()

Update netpgpverify and libnetpgpverify to 20160706
+ 20160705 introduced a bug whereby a key subid would match and verify
fine, but, if formatted, would not display the correct subkey
information. Fix to show the correct information in this case.

Update netpgpverify and libnetpgpverify to 20160707 to fix some
unusual build errors shown by old gcc versions (works fine for
gcc-5.2.1 on ubuntu and gcc-5.3.0 on NetBSD 7.99.32)
+ use ULL suffix on unsigned 64bit constants, not UL
+ don't typedef the public structs twice - second time just define it
without the typedef
Fixes PR 51327

Update netpgpverify and libnetpgpverify to 20160708
+ clear and free bignums properly - helps immensely with plugging
memory leaks

Update netpgpverify and libnetpgpverify to 20160828
+ bring over change from christos in src/crypto to check for
the end of an ASCII-armored signature
+ no need for namespace protection in array.h any more, now
that netpgp/verify.h now contains opaque structures
+ minor typo clean-up in a definition (benign, ignored by compiler)

update netpgpverify and libnetpgpverify to 20170201
+ make sure howmany() macro is defined
pointed out by cube - thanks!

branches: 1.14.2; 1.14.4;
add test for signatures produced by gpg --no-emit-version

Bring over the 20141204 portable version of netpgpverify from pkgsrc

+ Remove unused logmessage helper function

+ Add pgpv_get_cursor_element for easier manipulation of results
returned.

+ libnetpgpverify(3) man page improvements

+ Standardise on WARNS=5 settings (6 is too intrusive and distracting)

+ Also install the library and header file for netpgpverify. This
allows scripting languages to use the same verification methods via a
shared library, rather than being forced to exec the netpgpverify(1)
command line utility.

+ libnetpgpverify is now a standalone library, and requires no
pre-requsisite libraries to function

branches: 1.12.4;
It's nonliteral format strings it should not warn about.

Older gcc does not support -Wno-format-literal

Turn off literal format string warnings for one file

A better fix is coming

fix typo in previous commit

WARNS=6 is impossible for this code :-)

proper include

Install the binary in the correct location

Bring over the standalone netpgpverify sources from
pkgsrc/security/netpgpverify.

No functional change.

branches: 1.4.2; 1.4.6;
revert previous change for LIBDPLIBS until I have a chance to work out the
order for building pre-req libs

link libz and libbz2 into the netpgpverify library, rather than into the
executable, via LIBDPLIBS.

Merge netpgpverify(1) and libnetpgpverify(3) from the
agc-netpgp-standalone branch.

Rewrite the netpgpverify(1) functionality from RFC4880 up. This is a
completely new implementation, and uses its own bignum library derived
from libtommath. Apart from libz and libbz2, it just uses its own
library and is self-contained - this makes it easier to embed, and to
use from scripting languages.

netpgpverify(1) now verifies all the signed files i've thrown at it,
and the added bonus of using no functionality from libcrypto - all of
its bignum functionality comes from its own libnetpgpverify.so.
netpgpverify(1) now verifies not only signatures on binary files, but
also signatures on text documents. This fixes PR/46930. Please don't
start me on the hoops I had to jump through to calculate the digests
on text files; trust me, you will regret it.

% supersize `which netpgpverify`
text data bss dec hex filename
4452 860 72 5384 1508 /usr/bin/netpgpverify
79542 1408 0 80950 13c36 /usr/lib/libz.so.1
43994 984 488 45466 b19a /usr/lib/libgcc_s.so.1
1318116 49644 69272 1437032 15ed68 /usr/lib/libc.so.12
57253 4184 0 61437 effd /usr/lib/libbz2.so.1
108726 1712 0 110438 1af66 /usr/lib/libnetpgpverify.so.4
1612083 58792 69832 1740707 0x1a8fa3 total
%

% make t
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify b.gpg > output16
diff expected16 output16
rm -f output16
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify a.gpg > output17
diff expected17 output17
rm -f output17
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify gpgsigned-a.gpg > output18
diff expected18 output18
rm -f output18
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify NetBSD-6.0_RC2_hashes.asc > output19
diff expected19 output19
rm -f output19
...
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k dsa-pubring.gpg in2.asc > output45
diff expected45 output45
rm -f output45
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k problem-pubring.gpg NetBSD-6.0_hashes.asc > output46
diff expected46 output46
rm -f output46
cd tests/netpgpverify && make && atf-run
atf2kyua: I: Removing stale Kyuafiles from /tmp/.XXXXXX.004966aa
atf2kyua: I: Converting /usr/src/crypto/external/bsd/netpgp-standalone/tests/netpgpverify/Atffile -> /tmp/.XXXXXX.004966aa/Kyuafile
t_netpgpverify:netpgpverify_rsa -> passed [0.221s]
t_netpgpverify:netpgpverify_dsa -> passed [0.117s]

2/2 passed (0 failed)
Committed action 19
%

branches: 1.1.2;
file Makefile was initially added on branch agc-netpgp-standalone.

Update netpgpverify sources in base from 20160617 to 20170201 (i.e. bring
over changes from master sources in pkgsrc/security/netpgpverify, version 20170201):

Changes:

Update netpgpverify (and libnetpgpverify) to 20160614
+ handle signatures created by gpg with "--no-emit-version", don't assume
there will always be a version string.
+ add a test for above
Fixes security PR 51240.
Thanks to xnox@ubuntu.com for reporting the error

Update netpgpverify and libnetpgpverify to 20160615:
Simplify the method of finding the end of the versioning information
in the signature - back up to the "\n" character at the end of the
signature start:

"-----BEGIN PGP SIGNATURE-----\n"

and then find the "\n\n" character sequence to denote the start of the
signature itself. The previous version worked, but this is more efficient.

Update netpgpverify and libnetpgpverify to 20160616
+ bring over joerg's printflike change from the netpgpverify
version in src/crypto
+ add a test for cleartext signatures with version information
to complement the one with no version information

Update netpgpverify and libnetpgpverify to 20160622 during freeze to fix PR 51262
+ take a bit of a step backwards, and don't use stdbool.h, just to appease
Solaris 10 compiler

Update netpgpverify and libnetpgpverify to 20160623
+ remove use of asprintf and vasprintf from libverify. Inspired
by work from Dimitri John Ledkov. Should allow building on Linux
without superfluous definitions.
+ also free the BIGNUM struct in PGPV_BN_clear() - from Dimitri
John Ledkov

Update netpgpverify and libnetpgpverify to 20160626
+ make the pgpv_t and pgpv_cursor_t structures opaque
+ add new accessor functions for fields in the pgpv_cursor_t struct
+ add new creation functions for the pgpv_t and pgpv_cursor_t structs

Update netpgpverify and libnetpgpverify to 20160704
+ get rid of redundant PGPV_ARRAY definition in libverify.c, brought in when
the definitions moved from verify.h
+ fix obuf_add_mem() to use a const void *, as any struct can be
dumped using it
+ remove redundant NO_SUBKEYS definition - unused
+ add an (unused as yet) ARRAY_FREE() macro

Update netpgpverify and libnetpgpverify to 20160705
External API changes
====================
+ add a pgpv_cursor_close() function to free resources associated with
a cursor
Better memory management
========================
+ restructure the way dynamic arrays are used, to avoid memory
corruption issues and memory leaks - keep all dynamic arrays in the global
data structure, and use indices in the other data structures to index them.
Means lack of data localisation, but avoids stale pointers, and leaks.
+ make signer field of signature a uint8_t array, rather than a pointer
+ use our own version of strdup(3) - don't depend on it being
available in standard library
+ keep track of whether litdata filenames and userid were allocated or not,
and free memory in pgpv_close() if it was allocated
+ free up allocated resources which were allocated in pgpv_close()

Update netpgpverify and libnetpgpverify to 20160706
+ 20160705 introduced a bug whereby a key subid would match and verify
fine, but, if formatted, would not display the correct subkey
information. Fix to show the correct information in this case.

Update netpgpverify and libnetpgpverify to 20160707 to fix some
unusual build errors shown by old gcc versions (works fine for
gcc-5.2.1 on ubuntu and gcc-5.3.0 on NetBSD 7.99.32)
+ use ULL suffix on unsigned 64bit constants, not UL
+ don't typedef the public structs twice - second time just define it
without the typedef
Fixes PR 51327

Update netpgpverify and libnetpgpverify to 20160708
+ clear and free bignums properly - helps immensely with plugging
memory leaks

Update netpgpverify and libnetpgpverify to 20160828
+ bring over change from christos in src/crypto to check for
the end of an ASCII-armored signature
+ no need for namespace protection in array.h any more, now
that netpgp/verify.h now contains opaque structures
+ minor typo clean-up in a definition (benign, ignored by compiler)

update netpgpverify and libnetpgpverify to 20170201
+ make sure howmany() macro is defined
pointed out by cube - thanks!

branches: 1.14.2; 1.14.4;
add test for signatures produced by gpg --no-emit-version

Bring over the 20141204 portable version of netpgpverify from pkgsrc

+ Remove unused logmessage helper function

+ Add pgpv_get_cursor_element for easier manipulation of results
returned.

+ libnetpgpverify(3) man page improvements

+ Standardise on WARNS=5 settings (6 is too intrusive and distracting)

+ Also install the library and header file for netpgpverify. This
allows scripting languages to use the same verification methods via a
shared library, rather than being forced to exec the netpgpverify(1)
command line utility.

+ libnetpgpverify is now a standalone library, and requires no
pre-requsisite libraries to function

branches: 1.12.4;
It's nonliteral format strings it should not warn about.

Older gcc does not support -Wno-format-literal

Turn off literal format string warnings for one file

A better fix is coming

fix typo in previous commit

WARNS=6 is impossible for this code :-)

proper include

Install the binary in the correct location

Bring over the standalone netpgpverify sources from
pkgsrc/security/netpgpverify.

No functional change.

branches: 1.4.2; 1.4.6;
revert previous change for LIBDPLIBS until I have a chance to work out the
order for building pre-req libs

link libz and libbz2 into the netpgpverify library, rather than into the
executable, via LIBDPLIBS.

Merge netpgpverify(1) and libnetpgpverify(3) from the
agc-netpgp-standalone branch.

Rewrite the netpgpverify(1) functionality from RFC4880 up. This is a
completely new implementation, and uses its own bignum library derived
from libtommath. Apart from libz and libbz2, it just uses its own
library and is self-contained - this makes it easier to embed, and to
use from scripting languages.

netpgpverify(1) now verifies all the signed files i've thrown at it,
and the added bonus of using no functionality from libcrypto - all of
its bignum functionality comes from its own libnetpgpverify.so.
netpgpverify(1) now verifies not only signatures on binary files, but
also signatures on text documents. This fixes PR/46930. Please don't
start me on the hoops I had to jump through to calculate the digests
on text files; trust me, you will regret it.

% supersize `which netpgpverify`
text data bss dec hex filename
4452 860 72 5384 1508 /usr/bin/netpgpverify
79542 1408 0 80950 13c36 /usr/lib/libz.so.1
43994 984 488 45466 b19a /usr/lib/libgcc_s.so.1
1318116 49644 69272 1437032 15ed68 /usr/lib/libc.so.12
57253 4184 0 61437 effd /usr/lib/libbz2.so.1
108726 1712 0 110438 1af66 /usr/lib/libnetpgpverify.so.4
1612083 58792 69832 1740707 0x1a8fa3 total
%

% make t
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify b.gpg > output16
diff expected16 output16
rm -f output16
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify a.gpg > output17
diff expected17 output17
rm -f output17
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify gpgsigned-a.gpg > output18
diff expected18 output18
rm -f output18
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify NetBSD-6.0_RC2_hashes.asc > output19
diff expected19 output19
rm -f output19
...
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k dsa-pubring.gpg in2.asc > output45
diff expected45 output45
rm -f output45
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k problem-pubring.gpg NetBSD-6.0_hashes.asc > output46
diff expected46 output46
rm -f output46
cd tests/netpgpverify && make && atf-run
atf2kyua: I: Removing stale Kyuafiles from /tmp/.XXXXXX.004966aa
atf2kyua: I: Converting /usr/src/crypto/external/bsd/netpgp-standalone/tests/netpgpverify/Atffile -> /tmp/.XXXXXX.004966aa/Kyuafile
t_netpgpverify:netpgpverify_rsa -> passed [0.221s]
t_netpgpverify:netpgpverify_dsa -> passed [0.117s]

2/2 passed (0 failed)
Committed action 19
%

branches: 1.1.2;
file Makefile was initially added on branch agc-netpgp-standalone.

add test for signatures produced by gpg --no-emit-version

Bring over the 20141204 portable version of netpgpverify from pkgsrc

+ Remove unused logmessage helper function

+ Add pgpv_get_cursor_element for easier manipulation of results
returned.

+ libnetpgpverify(3) man page improvements

+ Standardise on WARNS=5 settings (6 is too intrusive and distracting)

+ Also install the library and header file for netpgpverify. This
allows scripting languages to use the same verification methods via a
shared library, rather than being forced to exec the netpgpverify(1)
command line utility.

+ libnetpgpverify is now a standalone library, and requires no
pre-requsisite libraries to function

branches: 1.12.4;
It's nonliteral format strings it should not warn about.

Older gcc does not support -Wno-format-literal

Turn off literal format string warnings for one file

A better fix is coming

fix typo in previous commit

WARNS=6 is impossible for this code :-)

proper include

Install the binary in the correct location

Bring over the standalone netpgpverify sources from
pkgsrc/security/netpgpverify.

No functional change.

branches: 1.4.2; 1.4.6;
revert previous change for LIBDPLIBS until I have a chance to work out the
order for building pre-req libs

link libz and libbz2 into the netpgpverify library, rather than into the
executable, via LIBDPLIBS.

Merge netpgpverify(1) and libnetpgpverify(3) from the
agc-netpgp-standalone branch.

Rewrite the netpgpverify(1) functionality from RFC4880 up. This is a
completely new implementation, and uses its own bignum library derived
from libtommath. Apart from libz and libbz2, it just uses its own
library and is self-contained - this makes it easier to embed, and to
use from scripting languages.

netpgpverify(1) now verifies all the signed files i've thrown at it,
and the added bonus of using no functionality from libcrypto - all of
its bignum functionality comes from its own libnetpgpverify.so.
netpgpverify(1) now verifies not only signatures on binary files, but
also signatures on text documents. This fixes PR/46930. Please don't
start me on the hoops I had to jump through to calculate the digests
on text files; trust me, you will regret it.

% supersize `which netpgpverify`
text data bss dec hex filename
4452 860 72 5384 1508 /usr/bin/netpgpverify
79542 1408 0 80950 13c36 /usr/lib/libz.so.1
43994 984 488 45466 b19a /usr/lib/libgcc_s.so.1
1318116 49644 69272 1437032 15ed68 /usr/lib/libc.so.12
57253 4184 0 61437 effd /usr/lib/libbz2.so.1
108726 1712 0 110438 1af66 /usr/lib/libnetpgpverify.so.4
1612083 58792 69832 1740707 0x1a8fa3 total
%

% make t
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify b.gpg > output16
diff expected16 output16
rm -f output16
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify a.gpg > output17
diff expected17 output17
rm -f output17
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify gpgsigned-a.gpg > output18
diff expected18 output18
rm -f output18
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify NetBSD-6.0_RC2_hashes.asc > output19
diff expected19 output19
rm -f output19
...
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k dsa-pubring.gpg in2.asc > output45
diff expected45 output45
rm -f output45
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k problem-pubring.gpg NetBSD-6.0_hashes.asc > output46
diff expected46 output46
rm -f output46
cd tests/netpgpverify && make && atf-run
atf2kyua: I: Removing stale Kyuafiles from /tmp/.XXXXXX.004966aa
atf2kyua: I: Converting /usr/src/crypto/external/bsd/netpgp-standalone/tests/netpgpverify/Atffile -> /tmp/.XXXXXX.004966aa/Kyuafile
t_netpgpverify:netpgpverify_rsa -> passed [0.221s]
t_netpgpverify:netpgpverify_dsa -> passed [0.117s]

2/2 passed (0 failed)
Committed action 19
%

branches: 1.1.2;
file Makefile was initially added on branch agc-netpgp-standalone.

Bring over the 20141204 portable version of netpgpverify from pkgsrc

+ Remove unused logmessage helper function

+ Add pgpv_get_cursor_element for easier manipulation of results
returned.

+ libnetpgpverify(3) man page improvements

+ Standardise on WARNS=5 settings (6 is too intrusive and distracting)

+ Also install the library and header file for netpgpverify. This
allows scripting languages to use the same verification methods via a
shared library, rather than being forced to exec the netpgpverify(1)
command line utility.

+ libnetpgpverify is now a standalone library, and requires no
pre-requsisite libraries to function

branches: 1.12.4;
It's nonliteral format strings it should not warn about.

Older gcc does not support -Wno-format-literal

Turn off literal format string warnings for one file

A better fix is coming

fix typo in previous commit

WARNS=6 is impossible for this code :-)

proper include

Install the binary in the correct location

Bring over the standalone netpgpverify sources from
pkgsrc/security/netpgpverify.

No functional change.

branches: 1.4.2; 1.4.6;
revert previous change for LIBDPLIBS until I have a chance to work out the
order for building pre-req libs

link libz and libbz2 into the netpgpverify library, rather than into the
executable, via LIBDPLIBS.

Merge netpgpverify(1) and libnetpgpverify(3) from the
agc-netpgp-standalone branch.

Rewrite the netpgpverify(1) functionality from RFC4880 up. This is a
completely new implementation, and uses its own bignum library derived
from libtommath. Apart from libz and libbz2, it just uses its own
library and is self-contained - this makes it easier to embed, and to
use from scripting languages.

netpgpverify(1) now verifies all the signed files i've thrown at it,
and the added bonus of using no functionality from libcrypto - all of
its bignum functionality comes from its own libnetpgpverify.so.
netpgpverify(1) now verifies not only signatures on binary files, but
also signatures on text documents. This fixes PR/46930. Please don't
start me on the hoops I had to jump through to calculate the digests
on text files; trust me, you will regret it.

% supersize `which netpgpverify`
text data bss dec hex filename
4452 860 72 5384 1508 /usr/bin/netpgpverify
79542 1408 0 80950 13c36 /usr/lib/libz.so.1
43994 984 488 45466 b19a /usr/lib/libgcc_s.so.1
1318116 49644 69272 1437032 15ed68 /usr/lib/libc.so.12
57253 4184 0 61437 effd /usr/lib/libbz2.so.1
108726 1712 0 110438 1af66 /usr/lib/libnetpgpverify.so.4
1612083 58792 69832 1740707 0x1a8fa3 total
%

% make t
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify b.gpg > output16
diff expected16 output16
rm -f output16
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify a.gpg > output17
diff expected17 output17
rm -f output17
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify gpgsigned-a.gpg > output18
diff expected18 output18
rm -f output18
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify NetBSD-6.0_RC2_hashes.asc > output19
diff expected19 output19
rm -f output19
...
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k dsa-pubring.gpg in2.asc > output45
diff expected45 output45
rm -f output45
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k problem-pubring.gpg NetBSD-6.0_hashes.asc > output46
diff expected46 output46
rm -f output46
cd tests/netpgpverify && make && atf-run
atf2kyua: I: Removing stale Kyuafiles from /tmp/.XXXXXX.004966aa
atf2kyua: I: Converting /usr/src/crypto/external/bsd/netpgp-standalone/tests/netpgpverify/Atffile -> /tmp/.XXXXXX.004966aa/Kyuafile
t_netpgpverify:netpgpverify_rsa -> passed [0.221s]
t_netpgpverify:netpgpverify_dsa -> passed [0.117s]

2/2 passed (0 failed)
Committed action 19
%

branches: 1.1.2;
file Makefile was initially added on branch agc-netpgp-standalone.

changes to libnetpgpverify:

+ isolate the RSA verification code (the DSA verification code was
isolated previously), and include it in our sources, rather than
including the source for librsa, (and thus bringing in all the code
for signing and encryption/decryption) - no crypto is involved in
signature verification, just the digest calculation, and the BIGNUM
expmod.

+ check some more arguments

+ order the user ids as expected in public keys (i.e. if there's a
primary user id signature sub-packet, honor it), and fix up the
regression test results accordingly.

get rid of RCS Ids in test files - both input and expected output

Fix a tyop in the getopt string so that it specifies that -k takes an
argument - makes the specification of public keyrings work again.

Make pgpv_verify return a cookie if the signature matches, rather than
just a plain pseudo-boolean value. The cookie can be used
subsequently to retrieve the verified data

Use the cookie as input to pgp_get_verified()

Add tests for DSA key verification

install into the correct place

Replace the netpgpverify command and libnetpgpverify in the
agc-netpgp-standalone branch with a completely rewritten "from the RFC
up" version designed to be small, standalone, and easy to maintain.

% ldd bin/netpgpverify/netpgpverify
bin/netpgpverify/netpgpverify:
-lz.1 => /usr/lib/libz.so.1
-lgcc_s.1 => /usr/lib/libgcc_s.so.1
-lc.12 => /usr/lib/libc.so.12
-lbz2.1 => /usr/lib/libbz2.so.1
-lnetpgpverify.4 => /usr/lib/libnetpgpverify.so.4
% ldd lib/verify/libnetpgpverify.so
lib/verify/libnetpgpverify.so:
-lc.12 => /usr/lib/libc.so.12
% ls -al lib/verify/libnetpgpverify* bin/netpgpverify/netpgpverify
-rwxr-xr-x 1 agc agc 10502 Oct 18 20:59 bin/netpgpverify/netpgpverify
-rw-r--r-- 1 agc agc 159720 Oct 18 20:59 lib/verify/libnetpgpverify.a
-rw-r--r-- 1 agc agc 4822 Oct 18 20:59 lib/verify/libnetpgpverify.html3
lrwxr-xr-x 1 agc agc 22 Oct 18 20:59 lib/verify/libnetpgpverify.so -> libnetpgpverify.so.4.0
lrwxr-xr-x 1 agc agc 22 Oct 18 20:59 lib/verify/libnetpgpverify.so.4 -> libnetpgpverify.so.4.0
-rwxr-xr-x 1 agc agc 123069 Oct 18 20:59 lib/verify/libnetpgpverify.so.4.0
-rw-r--r-- 1 agc agc 169696 Oct 18 20:59 lib/verify/libnetpgpverify_p.a
-rw-r--r-- 1 agc agc 149968 Oct 18 20:59 lib/verify/libnetpgpverify_pic.a
%

("Small" here includes the full BIGNUM/mpi functionality required to
verify signatures).

Instead of using extensive callbacks for input data, which have proved
to be fragile and difficult to maintain, as well as precluding uses
elsewhere, this uses straight mmaping of input files where possible,
and falls back to reading if unavailable.

RFC 4880 makes provision for two types of data to be signed, binary
data and text, and text is subject to modification of data before the
signature is made, and is usually opaque. The new netpgpverify(1) can
handle this, our old version could not. DSA signatures are not yet
supported -- watch this space -- but full RSA ones, including those of
text documents like the signed NetBSD release hashes (see PR
bin/46930) are recognised and are included in the regression tests.

% env LD_LIBRARY_PATH=../../lib/verify ./netpgpverify < NetBSD-6.0_hashes.asc
Good signature for [stdin] made Mon Oct 15 09:28:54 2012
signature 4096/RSA (Encrypt or Sign) 064973ac4c4a706e 2009-06-23
fingerprint: ddee 2bdb 9c98 a0d1 d4fb dbf7 0649 73ac 4c4a 706e
uid NetBSD Security Officer <security-officer@NetBSD.org>
encryption 4096/RSA (Encrypt or Sign) 9ff2c24fdf2ce620 2009-06-23 [Expiry 2019-06-21]
fingerprint: 1915 0801 fbd8 f45d 89f2 0205 9ff2 c24f df2c e620

%

Redirection from stdin is also supported, as are multiple files, and
detached signatures. Another interesting use is to verify the
signatures, and to retrieve the data only if a signature matches -
this was the old "--cat" command to netpgpverify(1), and it has been
brought forward into the newer version.

% env LD_LIBRARY_PATH=../../lib/verify ./netpgpverify -c cat det.sig | diff det -
%

This is implemented as a library and a small program to call so
that it is easier to embed verification of signatures in scripting
languages, or other source code.

reachover build infrastructure for standalone version of netpgp

Rebase to HEAD as of a few days ago.

resync with head

file Makefile was added on branch tls-maxphys on 2013-02-25 00:24:04 +0000

sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")

sync with (a bit old) head

file Makefile was added on branch yamt-pagecache on 2013-01-16 05:25:56 +0000

Pull up following revision(s) (requested by agc in ticket #297):
crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.h: revision 1.3
crypto/external/bsd/netpgp/dist/src/netpgpverify/rsa.c: revision 1.2
crypto/external/bsd/netpgp/dist/src/netpgpverify/misc.c: revision 1.2
crypto/external/bsd/netpgp/dist/src/netpgpverify/main.c: revision 1.5
crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c: revision 1.5
crypto/external/bsd/netpgp/dist/src/netpgpverify/misc.h: revision 1.3
crypto/external/bsd/netpgp/lib/verify/Makefile: revision 1.7
crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.bsd: revision 1.2
crypto/external/bsd/netpgp/lib/verify/config.h: revision 1.1
crypto/external/bsd/netpgp/dist/src/netpgpverify/libnetpgpverify.3: revision 1.2
crypto/external/bsd/netpgp/bin/netpgpverify/Makefile: revision 1.13

Bring over the 20141204 portable version of netpgpverify from pkgsrc
+ Remove unused logmessage helper function
+ Add pgpv_get_cursor_element for easier manipulation of results returned.
+ libnetpgpverify(3) man page improvements
+ Standardise on WARNS=5 settings (6 is too intrusive and distracting)
+ Also install the library and header file for netpgpverify. This
allows scripting languages to use the same verification methods via a
shared library, rather than being forced to exec the netpgpverify(1)
command line utility.
+ libnetpgpverify is now a standalone library, and requires no
pre-requsisite libraries to function