[Pkg-gnupg-commit] [gnupg2] 05/49: gpg: Workaround for junk after --trusted-key.

[Daniel Kahn Gillmor]

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch master
in repository gnupg2.

commit b509d81cab030cca6abf0d878e1fc884eda344e6
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Sep 28 14:10:12 2017 +0200

    gpg: Workaround for junk after --trusted-key.
    
    * g10/trust.c (register_trusted_key): Cut off everthing starting as a
    hash sign.
    --
    
    This problem is fallout from
    commit f99830b72812395da5451152bdd2f2d90a7cb7fb
    which fixes
    GnuPG-bug-id: 1206
    
    The same could happen with other options taking keyids but we won't
    change that because a trailing '#' does not indicate a comment.  So
    this is really only a workaround and eventually we will
    deprecate --trusted-key anyway or require a fingerprint as a value.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>
---
 g10/trust.c | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/g10/trust.c b/g10/trust.c
index ee6078b..6d4f0e7 100644
--- a/g10/trust.c
+++ b/g10/trust.c
@@ -66,6 +66,26 @@ register_trusted_key (const char *string)
 #ifdef NO_TRUST_MODELS
   (void)string;
 #else
+
+  /* Some users have conf files with entries like
+   *   trusted-key 0x1234567812345678    # foo
+   * That is obviously wrong.  Before fixing bug#1206 trailing garbage
+   * on a key specification if was ignored.  We detect the above use case
+   * here and  cut off the junk-looking-like-a comment.  */
+  if (strchr (string, '#'))
+    {
+      char *buf;
+
+      buf = xtrystrdup (string);
+      if (buf)
+        {
+          *strchr (buf, '#') = 0;
+          tdb_register_trusted_key (buf);
+          xfree (buf);
+          return;
+        }
+    }
+
   tdb_register_trusted_key (string);
 #endif
 }

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git