[svn] GnuPG - r4423 - branches/STABLE-BRANCH-1-4/g10

svn author dshaw cvs at cvs.gnupg.org
Thu Feb 1 20:32:18 CET 2007


Author: dshaw
Date: 2007-02-01 20:32:16 +0100 (Thu, 01 Feb 2007)
New Revision: 4423

Modified:
   branches/STABLE-BRANCH-1-4/g10/ChangeLog
   branches/STABLE-BRANCH-1-4/g10/gpg.c
   branches/STABLE-BRANCH-1-4/g10/keyedit.c
   branches/STABLE-BRANCH-1-4/g10/keygen.c
   branches/STABLE-BRANCH-1-4/g10/main.h
   branches/STABLE-BRANCH-1-4/g10/sign.c
Log:
* main.h, keygen.c (ask_expire_interval, parse_expire_string): Pass in
the time to use to calculate the expiration offset, rather than
querying it internally.  Change all callers.


Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/ChangeLog	2007-02-01 04:21:07 UTC (rev 4422)
+++ branches/STABLE-BRANCH-1-4/g10/ChangeLog	2007-02-01 19:32:16 UTC (rev 4423)
@@ -1,3 +1,9 @@
+2007-02-01  David Shaw  <dshaw at jabberwocky.com>
+
+	* main.h, keygen.c (ask_expire_interval, parse_expire_string):
+	Pass in the time to use to calculate the expiration offset, rather
+	than querying it internally.  Change all callers.
+
 2007-01-31  David Shaw  <dshaw at jabberwocky.com>
 
 	* keygen.c (do_generate_keypair, proc_parameter_file,

Modified: branches/STABLE-BRANCH-1-4/g10/gpg.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/gpg.c	2007-02-01 04:21:07 UTC (rev 4422)
+++ branches/STABLE-BRANCH-1-4/g10/gpg.c	2007-02-01 19:32:16 UTC (rev 4423)
@@ -2397,7 +2397,7 @@
 	  case oDefSigExpire:
 	    if(*pargs.r.ret_str!='\0')
 	      {
-		if(parse_expire_string(pargs.r.ret_str)==(u32)-1)
+		if(parse_expire_string(0,pargs.r.ret_str)==(u32)-1)
 		  log_error(_("`%s' is not a valid signature expiration\n"),
 			    pargs.r.ret_str);
 		else
@@ -2409,7 +2409,7 @@
 	  case oDefCertExpire:
 	    if(*pargs.r.ret_str!='\0')
 	      {
-		if(parse_expire_string(pargs.r.ret_str)==(u32)-1)
+		if(parse_expire_string(0,pargs.r.ret_str)==(u32)-1)
 		  log_error(_("`%s' is not a valid signature expiration\n"),
 			    pargs.r.ret_str);
 		else

Modified: branches/STABLE-BRANCH-1-4/g10/keyedit.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/keyedit.c	2007-02-01 04:21:07 UTC (rev 4422)
+++ branches/STABLE-BRANCH-1-4/g10/keyedit.c	2007-02-01 19:32:16 UTC (rev 4423)
@@ -866,9 +866,9 @@
 	if(!duration && !selfsig)
 	  {
 	    if(opt.ask_cert_expire)
-	      duration=ask_expire_interval(1,opt.def_cert_expire);
+	      duration=ask_expire_interval(timestamp,1,opt.def_cert_expire);
 	    else
-	      duration=parse_expire_string(opt.def_cert_expire);
+	      duration=parse_expire_string(timestamp,opt.def_cert_expire);
 	  }
 
 	if(duration)
@@ -3514,6 +3514,7 @@
     PKT_user_id *uid;
     KBNODE node;
     u32 keyid[2];
+    u32 timestamp=make_timestamp();
 
     if( count_selected_keys( sec_keyblock ) ) {
 	tty_printf(_("Please remove selections from the secret keys.\n"));
@@ -3534,9 +3535,9 @@
 	no_primary_warning(pub_keyblock);
       }
 
-    expiredate=ask_expire_interval(0,NULL);
+    expiredate=ask_expire_interval(timestamp,0,NULL);
     if(expiredate)
-      expiredate+=make_timestamp();
+      expiredate+=timestamp;
 
     node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
     sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
@@ -3596,6 +3597,13 @@
 		if( !sn )
 		    log_info(_("No corresponding signature in secret ring\n"));
 
+		/* Note the potential oddity that the expiration date
+		   is calculated from the time when this function
+		   started ("timestamp"), but the signature is
+		   calculated from the time within
+		   update_keysig_packet().  On a slow or loaded
+		   machine, these two values may not match, making the
+		   expiration date off by a second or two. */
 		if( mainkey )
 		  rc = update_keysig_packet(&newsig, sig, main_pk, uid, NULL,
 					    sk, keygen_add_key_expire, main_pk);

Modified: branches/STABLE-BRANCH-1-4/g10/keygen.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/keygen.c	2007-02-01 04:21:07 UTC (rev 4422)
+++ branches/STABLE-BRANCH-1-4/g10/keygen.c	2007-02-01 19:32:16 UTC (rev 4423)
@@ -1584,17 +1584,17 @@
  * similar.
  */
 u32
-parse_expire_string( const char *string )
+parse_expire_string(u32 timestamp,const char *string)
 {
     int mult;
-    u32 seconds,abs_date=0,curtime = make_timestamp();
+    u32 seconds,abs_date=0;
 
     if( !*string )
       seconds = 0;
     else if ( !strncmp (string, "seconds=", 8) )
       seconds = atoi (string+8);
-    else if( (abs_date = scan_isodatestr(string)) && abs_date > curtime )
-      seconds = abs_date - curtime;
+    else if( (abs_date = scan_isodatestr(string)) && abs_date > timestamp )
+      seconds = abs_date - timestamp;
     else if( (mult=check_valid_days(string)) )
       seconds = atoi(string) * 86400L * mult;
     else
@@ -1605,7 +1605,7 @@
 
 /* object == 0 for a key, and 1 for a sig */
 u32
-ask_expire_interval(int object,const char *def_expire)
+ask_expire_interval(u32 timestamp,int object,const char *def_expire)
 {
     u32 interval;
     char *answer;
@@ -1645,8 +1645,6 @@
     answer = NULL;
     for(;;)
       {
-	u32 curtime=make_timestamp();
-
 	xfree(answer);
 	if(object==0)
 	  answer = cpr_get("keygen.valid",_("Key is valid for? (0) "));
@@ -1669,7 +1667,7 @@
 	  }
 	cpr_kill_prompt();
 	trim_spaces(answer);
-	interval = parse_expire_string( answer );
+	interval = parse_expire_string( timestamp, answer );
 	if( interval == (u32)-1 )
 	  {
 	    tty_printf(_("invalid value\n"));
@@ -1687,11 +1685,11 @@
 	    tty_printf(object==0
 		       ? _("Key expires at %s\n")
 		       : _("Signature expires at %s\n"),
-		       asctimestamp((ulong)(curtime + interval) ) );
+		       asctimestamp((ulong)(timestamp + interval) ) );
 	    /* FIXME: This check yields warning on alhas: Write a
 	       configure check and to this check here only for 32 bit
 	       machines */
-	    if( (time_t)((ulong)(curtime+interval)) < 0 )
+	    if( (time_t)((ulong)(timestamp+interval)) < 0 )
 	      tty_printf(_("Your system can't display dates beyond 2038.\n"
 			   "However, it will be correctly handled up to 2106.\n"));
 	  }
@@ -2314,7 +2312,7 @@
     {
       u32 seconds;
 
-      seconds = parse_expire_string( r->u.value );
+      seconds = parse_expire_string( timestamp, r->u.value );
       if( seconds == (u32)-1 )
 	{
 	  log_error("%s:%d: invalid expire date\n", fname, r->lnr );
@@ -2706,7 +2704,7 @@
       para = r;
     }
    
-  expire = ask_expire_interval(0,NULL);
+  expire = ask_expire_interval(timestamp,0,NULL);
   r = xmalloc_clear( sizeof *r + 20 );
   r->key = pKEYEXPIRE;
   r->u.expire = expire;
@@ -3233,7 +3231,7 @@
     algo = ask_algo( 1, &use );
     assert(algo);
     nbits = ask_keysize( algo );
-    expire = ask_expire_interval(0,NULL);
+    expire = ask_expire_interval(timestamp,0,NULL);
     if( !cpr_enabled() && !cpr_get_answer_is_yes("keygen.sub.okay",
 						  _("Really create? (y/N) ")))
 	goto leave;

Modified: branches/STABLE-BRANCH-1-4/g10/main.h
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/main.h	2007-02-01 04:21:07 UTC (rev 4422)
+++ branches/STABLE-BRANCH-1-4/g10/main.h	2007-02-01 19:32:16 UTC (rev 4423)
@@ -170,8 +170,8 @@
 void show_basic_key_info (KBNODE keyblock);
 
 /*-- keygen.c --*/
-u32 parse_expire_string(const char *string);
-u32 ask_expire_interval(int object,const char *def_expire);
+u32 parse_expire_string(u32 timestamp,const char *string);
+u32 ask_expire_interval(u32 timestamp,int object,const char *def_expire);
 void generate_keypair( const char *fname, const char *card_serialno,
                        const char *backup_encryption_dir );
 int keygen_set_std_prefs (const char *string,int personal);

Modified: branches/STABLE-BRANCH-1-4/g10/sign.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/sign.c	2007-02-01 04:21:07 UTC (rev 4422)
+++ branches/STABLE-BRANCH-1-4/g10/sign.c	2007-02-01 19:32:16 UTC (rev 4423)
@@ -775,9 +775,9 @@
     if(!opt.force_v3_sigs && !RFC1991)
       {
 	if(opt.ask_sig_expire && !opt.batch)
-	  duration=ask_expire_interval(1,opt.def_sig_expire);
+	  duration=ask_expire_interval(create_time,1,opt.def_sig_expire);
 	else
-	  duration=parse_expire_string(opt.def_sig_expire);
+	  duration=parse_expire_string(create_time,opt.def_sig_expire);
       }
 
     if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
@@ -1085,9 +1085,9 @@
     if(!opt.force_v3_sigs && !RFC1991)
       {
 	if(opt.ask_sig_expire && !opt.batch)
-	  duration=ask_expire_interval(1,opt.def_sig_expire);
+	  duration=ask_expire_interval(create_time,1,opt.def_sig_expire);
 	else
-	  duration=parse_expire_string(opt.def_sig_expire);
+	  duration=parse_expire_string(create_time,opt.def_sig_expire);
       }
 
     if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
@@ -1245,9 +1245,9 @@
     if(!opt.force_v3_sigs && !RFC1991)
       {
 	if(opt.ask_sig_expire && !opt.batch)
-	  duration=ask_expire_interval(1,opt.def_sig_expire);
+	  duration=ask_expire_interval(create_time,1,opt.def_sig_expire);
 	else
-	  duration=parse_expire_string(opt.def_sig_expire);
+	  duration=parse_expire_string(create_time,opt.def_sig_expire);
       }
 
     rc = build_sk_list (locusr, &sk_list, 1, PUBKEY_USAGE_SIG);




More information about the Gnupg-commits mailing list