[Pkg-gnupg-commit] [gnupg2] 01/01: avoid infinite loop when doing --gen-revoke by fingerprint

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sat Dec 12 22:17:25 UTC 2015


This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch master
in repository gnupg2.

commit 0a7996f2b708d0d1c859d3eaf18de9f64bde8978
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date:   Sat Dec 12 16:53:50 2015 -0500

    avoid infinite loop when doing --gen-revoke by fingerprint
---
 debian/changelog                                   |  6 +++++
 ...ite-loop-when-doing-gen-revoke-by-fingerp.patch | 26 ++++++++++++++++++++++
 debian/patches/series                              |  1 +
 3 files changed, 33 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 3fcf02a..732ea47 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+gnupg2 (2.1.10-3) unstable; urgency=medium
+
+  * avoid infinite loop when doing --gen-revoke by fingerprint
+
+ -- Daniel Kahn Gillmor <dkg at fifthhorseman.net>  Sat, 12 Dec 2015 16:53:40 -0500
+
 gnupg2 (2.1.10-2) unstable; urgency=medium
 
   * actually use sks-keyservers CA by default if the user asks for
diff --git a/debian/patches/0007-avoid-infinite-loop-when-doing-gen-revoke-by-fingerp.patch b/debian/patches/0007-avoid-infinite-loop-when-doing-gen-revoke-by-fingerp.patch
new file mode 100644
index 0000000..70a0db6
--- /dev/null
+++ b/debian/patches/0007-avoid-infinite-loop-when-doing-gen-revoke-by-fingerp.patch
@@ -0,0 +1,26 @@
+From: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
+Date: Sat, 12 Dec 2015 16:52:17 -0500
+Subject: avoid infinite loop when doing --gen-revoke by fingerprint
+
+* g10/revoke.c (gen_revoke): avoid looping if search by full
+  fingerprint finds the key in question.
+
+https://bugs.gnupg.org/gnupg/issue2187
+---
+ g10/revoke.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/g10/revoke.c b/g10/revoke.c
+index ba87f35..45fab7a 100644
+--- a/g10/revoke.c
++++ b/g10/revoke.c
+@@ -640,7 +640,8 @@ gen_revoke (const char *uname)
+     }
+ 
+   rc = keydb_search (kdbhd, &desc, 1, NULL);
+-  if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND)
++  if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND
++      || desc.mode == KEYDB_SEARCH_MODE_FPR20)
+     /* Not ambiguous.  */
+     {
+     }
diff --git a/debian/patches/series b/debian/patches/series
index 47b785e..1084b7b 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,3 +4,4 @@
 0004-fix-keystrlen-when-no-keyid-format-option-has-been-g.patch
 0005-include-sks-keyservers-CA-where-it-should-have-been-.patch
 0006-Use-sks-keyservers-CA-by-default-for-the-hkps-pool.patch
+0007-avoid-infinite-loop-when-doing-gen-revoke-by-fingerp.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git



More information about the Pkg-gnupg-commit mailing list