Support for GnuPG's gpg binary (in addition to gpgv). gpg (from
GnuPG 1.x) still validates signatures made with weak digest
algorithms like MD5 whereas current versions of gpgv no longer do.
Patch from Thomas Hochstein.
Use https for the isc.org web site.
Changes include:
- Disambiguate numbered lists from description lists in POD to silent
a pod2man warning.
- Add a --findid=<string> flag to explicitly search for <string> in the
output from PGP's analysis of the message. In case the signature is
valid but does not contain <string>, pgpverify exits with the new
exit status 4.
- Use the INN::Config Perl module instead of innshellvars.pl to
accomodate the new build process of INN 2.5.
plus coding style, comment style, and whitespace cleanups.
Pod::Simple is now more aggressive about disambiguating numbered
lists from text lists, so add more Z<> markup to make it clear that
exit statuses shouldn't be turned into a numbered list.
verification code with code that uses detached signatures. Signatures
generated by GnuPG couldn't be verified using attached signatures without
adding a Hash header, and this was the path of least resistance plus
avoids munging problems in the future. Code taken from PGP::Sign.
page to POD and expand it, and include it directly in the script.
Reorganize the script so that it begins to be more structured with proper
subs, and make it pass use strict. Fixed support for the -test switch.
using GnuPG's program interface by Marco d'Itri. Always use Sys::Syslog
without any setlogsock call for Perl 5.6.0 or later, since Sys::Syslog in
those versions of Perl uses the C library interface and is now portable.
Default to expecting the key ring in $inn'newsetc/pgp if it exists. Fix a
portability problem for Perl 4 introduced in 1.12.
of /usr/bin/logger (the latter of which, on Solaris at least, is some sort
of brain damaged POSIX.2 command which doesn't use syslog). Made syslog
work for dec_osf (version 4, at least). Fixed up priority of '.' operator
vs. bitwise operators.
$syslog_method configurable variables. Configurably allow date stamp on
stderr error messages. Added locking for multiple concurrent pgp
instances. More clear error message if pgp exits abnormally. Identify
PGP 5 "BAD signature" string. Minor diddling for INN (path to
innshellvars.pl changed).
is doubled, \r\n at line end) by stripping NNTP encoding. Exit 255 with
pointer to $HOME or $PGPPATH if pgp can't find key ring. (Probably
doesn't match the necessary error message with ViaCrypt PGP.) Failures
also report message-id so the article can be looked up to retry.
(Though I do believe news software oughtn't be unfolding them.) Checks to
ensure that the temporary file is really a file, and not a link or some
other weirdness.
