key_file kf;
key *k;
sig *s;
+ fhashstate fh;
time_t exp = KEXP_EXPIRE;
unsigned verb = 0;
const char *ifile = 0, *hfile = 0;
/* --- Read the next filename to hash --- */
+ fhash_init(&fh, GH_CLASS(s->h), f | FHF_BINARY);
breset(&b);
if (getstring(ifp, &b.d, GSF_FILE | f))
break;
b.tag = T_FILE;
DENSURE(&b.b, GH_CLASS(s->h)->hashsz);
- if (fhash(GH_CLASS(s->h), f | FHF_BINARY, b.d.buf, b.b.buf)) {
+ if (fhash(&fh, b.d.buf, b.b.buf)) {
moan("error reading `%s': %s", b.d.buf, strerror(errno));
f |= f_bogus;
} else {
}
bemit(&b, ofp, s->h, f & f_bin);
}
+ fhash_free(&fh);
}
}
/*----- Signature verification --------------------------------------------*/
+static int checkjunk(const char *path, const struct stat *st, void *p)
+{
+ if (!st) printf("JUNK (error %s) %s\n", strerror(errno), path);
+ else printf("JUNK %s %s\n", describefile(st), path);
+ return (0);
+}
+
static int verify(int argc, char *argv[])
{
#define f_bogus 1u
sig *s;
dstr d = DSTR_INIT;
const char *err;
+ fhashstate fh;
FILE *fp;
block b;
int e;
{ "progress", 0, 0, 'p' },
{ "quiet", 0, 0, 'q' },
{ "nocheck", 0, 0, 'C' },
+ { "junk", 0, 0, 'j' },
{ 0, 0, 0, 0 }
};
- int i = mdwopt(argc, argv, "+vpqC", opts, 0, 0, 0);
+ int i = mdwopt(argc, argv, "+vpqCj", opts, 0, 0, 0);
if (i < 0)
break;
switch (i) {
case 'C':
f |= f_nocheck;
break;
+ case 'j':
+ f |= FHF_JUNK;
+ break;
default:
f |= f_bogus;
break;
if (!(f & f_nocheck) && verb && (err = s->ops->check(s)) != 0)
printf("WARN public key fails check: %s", err);
+ fhash_init(&fh, GH_CLASS(s->h), f | FHF_BINARY);
for (;;) {
switch (e) {
case T_COMMENT:
case T_FILE:
DRESET(&d);
DENSURE(&d, GH_CLASS(s->h)->hashsz);
- if (fhash(GH_CLASS(s->h), f | FHF_BINARY, b.d.buf, d.buf)) {
+ if (fhash(&fh, b.d.buf, d.buf)) {
if (verb > 1) {
printf("BAD error reading file `%s': %s\n",
b.d.buf, strerror(errno));
}
}
done:
+ if ((f & FHF_JUNK) && fhash_junk(&fh, checkjunk, 0))
+ f |= f_bogus;
+ fhash_free(&fh);
bdestroy(&b);
dstr_destroy(&d);
freesig(s);