[Pkg-gnupg-commit] [gnupg2] 139/241: gpg: Correctly handle keyblocks followed by legacy keys.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Dec 9 20:32:08 UTC 2015
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit ad9befab12376b3a49cde410996ac9f0013d0871
Author: Neal H. Walfield <neal at g10code.com>
Date: Tue Nov 17 12:55:42 2015 +0100
gpg: Correctly handle keyblocks followed by legacy keys.
* g10/keyring.c (keyring_get_keyblock): If we encounter a legacy
packet after already having some non-legacy packets, then treat the
legacy packet as a keyblock boundary, not as part of the keyblock.
* g10/t-keydb-get-keyblock.c: New file.
* g10/t-keydb-get-keyblock.gpg: New file.
* g10/Makefile.am (EXTRA_DIST): Add t-keydb-get-keyblock.gpg.
(module_tests): Add t-keydb-get-keyblock.
(t_keydb_get_keyblock_SOURCES): New variable.
(t_keydb_get_keyblock_LDADD): Likewise.
--
Signed-off-by: Neal H. Walfield
GnuPG-bug-id: 2151
---
g10/Makefile.am | 9 +++++--
g10/keyring.c | 14 +++++++++-
g10/t-keydb-get-keyblock.c | 60 +++++++++++++++++++++++++++++++++++++++++++
g10/t-keydb-get-keyblock.gpg | Bin 0 -> 138824 bytes
4 files changed, 80 insertions(+), 3 deletions(-)
diff --git a/g10/Makefile.am b/g10/Makefile.am
index 2fe5c9a..10714f6 100644
--- a/g10/Makefile.am
+++ b/g10/Makefile.am
@@ -20,7 +20,8 @@
EXTRA_DIST = options.skel dirmngr-conf.skel distsigkey.gpg \
ChangeLog-2011 gpg-w32info.rc \
- gpg.w32-manifest.in test.c t-keydb-keyring.kbx
+ gpg.w32-manifest.in test.c t-keydb-keyring.kbx \
+ t-keydb-get-keyblock.gpg
AM_CPPFLAGS = -I$(top_srcdir)/common
@@ -157,12 +158,16 @@ gpgv2_LDADD = $(LDADD) $(LIBGCRYPT_LIBS) \
gpgv2_LDFLAGS = $(extra_bin_ldflags)
t_common_ldadd =
-module_tests = t-rmd160 t-keydb
+module_tests = t-rmd160 t-keydb t-keydb-get-keyblock
t_rmd160_SOURCES = t-rmd160.c rmd160.c
t_rmd160_LDADD = $(t_common_ldadd)
t_keydb_SOURCES = t-keydb.c test-stubs.c $(common_source)
t_keydb_LDADD = $(LDADD) $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) \
$(LIBICONV) $(t_common_ldadd)
+t_keydb_get_keyblock_SOURCES = t-keydb-get-keyblock.c test-stubs.c \
+ $(common_source)
+t_keydb_get_keyblock_LDADD = $(LDADD) $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) \
+ $(LIBICONV) $(t_common_ldadd)
$(PROGRAMS): $(needed_libs) ../common/libgpgrl.a
diff --git a/g10/keyring.c b/g10/keyring.c
index 9a3638b..e9e3ffc 100644
--- a/g10/keyring.c
+++ b/g10/keyring.c
@@ -419,7 +419,19 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb)
continue;
}
if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY)
- break; /* Upper layer needs to handle this. */
+ {
+ if (in_cert)
+ /* It is not this key that is problematic, but the
+ following key. */
+ {
+ rc = 0;
+ hd->found.n_packets --;
+ }
+ else
+ /* Upper layer needs to handle this. */
+ ;
+ break;
+ }
if (rc) {
log_error ("keyring_get_keyblock: read error: %s\n",
gpg_strerror (rc) );
diff --git a/g10/t-keydb-get-keyblock.c b/g10/t-keydb-get-keyblock.c
new file mode 100644
index 0000000..2fbcb73
--- /dev/null
+++ b/g10/t-keydb-get-keyblock.c
@@ -0,0 +1,60 @@
+/* t-keydb-get-keyblock.c - Tests for keydb.c.
+ * Copyright (C) 2015 g10 Code GmbH
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "test.c"
+
+#include "keydb.h"
+
+static void
+do_test (int argc, char *argv[])
+{
+ char *fname;
+ int rc;
+ KEYDB_HANDLE hd1;
+ KEYDB_SEARCH_DESC desc1;
+ KBNODE kb1;
+
+ (void) argc;
+ (void) argv;
+
+ /* t-keydb-get-keyblock.gpg contains two keys: a modern key followed
+ by a legacy key. If we get the keyblock for the modern key, we
+ shouldn't get
+
+ - */
+ fname = prepend_srcdir ("t-keydb-get-keyblock.gpg");
+ rc = keydb_add_resource (fname, 0);
+ test_free (fname);
+ if (rc)
+ ABORT ("Failed to open keyring.");
+
+ hd1 = keydb_new ();
+
+ rc = classify_user_id ("8061 5870 F5BA D690 3336 86D0 F2AD 85AC 1E42 B367",
+ &desc1, 0);
+ if (rc)
+ ABORT ("Failed to convert fingerprint for 1E42B367");
+
+ rc = keydb_search (hd1, &desc1, 1, NULL);
+ if (rc)
+ ABORT ("Failed to lookup key associated with 1E42B367");
+
+ rc = keydb_get_keyblock (hd1, &kb1);
+ TEST_P ("", ! rc);
+}
diff --git a/g10/t-keydb-get-keyblock.gpg b/g10/t-keydb-get-keyblock.gpg
new file mode 100644
index 0000000..521487e
Binary files /dev/null and b/g10/t-keydb-get-keyblock.gpg differ
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list