[Pkg-gnupg-commit] [gnupg2] 139/241: gpg: Correctly handle keyblocks followed by legacy keys.

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Dec 9 20:32:08 UTC 2015 

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch master
in repository gnupg2.

commit ad9befab12376b3a49cde410996ac9f0013d0871
Author: Neal H. Walfield <neal at g10code.com>
Date:   Tue Nov 17 12:55:42 2015 +0100

    gpg: Correctly handle keyblocks followed by legacy keys.
    
    * g10/keyring.c (keyring_get_keyblock): If we encounter a legacy
    packet after already having some non-legacy packets, then treat the
    legacy packet as a keyblock boundary, not as part of the keyblock.
    * g10/t-keydb-get-keyblock.c: New file.
    * g10/t-keydb-get-keyblock.gpg: New file.
    * g10/Makefile.am (EXTRA_DIST): Add t-keydb-get-keyblock.gpg.
    (module_tests): Add t-keydb-get-keyblock.
    (t_keydb_get_keyblock_SOURCES): New variable.
    (t_keydb_get_keyblock_LDADD): Likewise.
    
    --
    Signed-off-by: Neal H. Walfield
    GnuPG-bug-id: 2151
---
 g10/Makefile.am              |   9 +++++--
 g10/keyring.c                |  14 +++++++++-
 g10/t-keydb-get-keyblock.c   |  60 +++++++++++++++++++++++++++++++++++++++++++
 g10/t-keydb-get-keyblock.gpg | Bin 0 -> 138824 bytes
 4 files changed, 80 insertions(+), 3 deletions(-)

diff --git a/g10/Makefile.am b/g10/Makefile.am
index 2fe5c9a..10714f6 100644
--- a/g10/Makefile.am
+++ b/g10/Makefile.am
@@ -20,7 +20,8 @@
 
 EXTRA_DIST = options.skel dirmngr-conf.skel distsigkey.gpg \
 	     ChangeLog-2011 gpg-w32info.rc \
-	     gpg.w32-manifest.in test.c t-keydb-keyring.kbx
+	     gpg.w32-manifest.in test.c t-keydb-keyring.kbx \
+	     t-keydb-get-keyblock.gpg
 
 AM_CPPFLAGS = -I$(top_srcdir)/common
 
@@ -157,12 +158,16 @@ gpgv2_LDADD = $(LDADD) $(LIBGCRYPT_LIBS) \
 gpgv2_LDFLAGS = $(extra_bin_ldflags)
 
 t_common_ldadd =
-module_tests = t-rmd160 t-keydb
+module_tests = t-rmd160 t-keydb t-keydb-get-keyblock
 t_rmd160_SOURCES = t-rmd160.c rmd160.c
 t_rmd160_LDADD = $(t_common_ldadd)
 t_keydb_SOURCES = t-keydb.c test-stubs.c $(common_source)
 t_keydb_LDADD = $(LDADD) $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) \
 	      $(LIBICONV) $(t_common_ldadd)
+t_keydb_get_keyblock_SOURCES = t-keydb-get-keyblock.c test-stubs.c \
+	      $(common_source)
+t_keydb_get_keyblock_LDADD = $(LDADD) $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) \
+	      $(LIBICONV) $(t_common_ldadd)
 
 
 $(PROGRAMS): $(needed_libs) ../common/libgpgrl.a
diff --git a/g10/keyring.c b/g10/keyring.c
index 9a3638b..e9e3ffc 100644
--- a/g10/keyring.c
+++ b/g10/keyring.c
@@ -419,7 +419,19 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb)
 	    continue;
 	}
         if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY)
-          break;  /* Upper layer needs to handle this.  */
+          {
+            if (in_cert)
+              /* It is not this key that is problematic, but the
+                 following key.  */
+              {
+                rc = 0;
+                hd->found.n_packets --;
+              }
+            else
+              /* Upper layer needs to handle this.  */
+              ;
+            break;
+          }
 	if (rc) {
             log_error ("keyring_get_keyblock: read error: %s\n",
                        gpg_strerror (rc) );
diff --git a/g10/t-keydb-get-keyblock.c b/g10/t-keydb-get-keyblock.c
new file mode 100644
index 0000000..2fbcb73
--- /dev/null
+++ b/g10/t-keydb-get-keyblock.c
@@ -0,0 +1,60 @@
+/* t-keydb-get-keyblock.c - Tests for keydb.c.
+ * Copyright (C) 2015 g10 Code GmbH
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "test.c"
+
+#include "keydb.h"
+
+static void
+do_test (int argc, char *argv[])
+{
+  char *fname;
+  int rc;
+  KEYDB_HANDLE hd1;
+  KEYDB_SEARCH_DESC desc1;
+  KBNODE kb1;
+
+  (void) argc;
+  (void) argv;
+
+  /* t-keydb-get-keyblock.gpg contains two keys: a modern key followed
+     by a legacy key.  If we get the keyblock for the modern key, we
+     shouldn't get
+
+     - */
+  fname = prepend_srcdir ("t-keydb-get-keyblock.gpg");
+  rc = keydb_add_resource (fname, 0);
+  test_free (fname);
+  if (rc)
+    ABORT ("Failed to open keyring.");
+
+  hd1 = keydb_new ();
+
+  rc = classify_user_id ("8061 5870 F5BA D690 3336  86D0 F2AD 85AC 1E42 B367",
+			 &desc1, 0);
+  if (rc)
+    ABORT ("Failed to convert fingerprint for 1E42B367");
+
+  rc = keydb_search (hd1, &desc1, 1, NULL);
+  if (rc)
+    ABORT ("Failed to lookup key associated with 1E42B367");
+
+  rc = keydb_get_keyblock (hd1, &kb1);
+  TEST_P ("", ! rc);
+}
diff --git a/g10/t-keydb-get-keyblock.gpg b/g10/t-keydb-get-keyblock.gpg
new file mode 100644
index 0000000..521487e
Binary files /dev/null and b/g10/t-keydb-get-keyblock.gpg differ

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

More information about the Pkg-gnupg-commit mailing list