[svn] GnuPG - r4504 - trunk/g10
svn author wk
cvs at cvs.gnupg.org
Wed May 16 13:10:37 CEST 2007
Author: wk
Date: 2007-05-16 13:10:07 +0200 (Wed, 16 May 2007)
New Revision: 4504
Modified:
trunk/g10/ChangeLog
trunk/g10/sig-check.c
Log:
Fix for bug 797.
Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog 2007-05-15 19:47:15 UTC (rev 4503)
+++ trunk/g10/ChangeLog 2007-05-16 11:10:07 UTC (rev 4504)
@@ -1,3 +1,8 @@
+2007-05-16 Werner Koch <wk at g10code.com>
+
+ * sig-check.c (check_backsig): Check the digest algorithm before
+ using it. Fixed bug 797.
+
2007-05-09 Werner Koch <wk at g10code.com>
* openfile.c (overwrite_filep, open_outfile) [W32]: Need to use
Modified: trunk/g10/sig-check.c
===================================================================
--- trunk/g10/sig-check.c 2007-05-15 19:47:15 UTC (rev 4503)
+++ trunk/g10/sig-check.c 2007-05-16 11:10:07 UTC (rev 4504)
@@ -438,22 +438,25 @@
gcry_md_hd_t md;
int rc;
+ /* Always check whether the algorithm is available. Although
+ gcry_md_open woyuld throw an error, some libgcrypt versions will
+ print a debug message in that case too. */
+ if ((rc=openpgp_md_test_algo (backsig->digest_algo)))
+ return rc;
+
if(!opt.no_sig_cache && backsig->flags.checked)
+ return backsig->flags.valid? 0 : gpg_error (GPG_ERR_BAD_SIGNATURE);
+
+ rc = gcry_md_open (&md, backsig->digest_algo,0);
+ if (!rc)
{
- if((rc=openpgp_md_test_algo (backsig->digest_algo)))
- return rc;
-
- return backsig->flags.valid? 0 : gpg_error (GPG_ERR_BAD_SIGNATURE);
+ hash_public_key(md,main_pk);
+ hash_public_key(md,sub_pk);
+ rc=do_check(sub_pk,backsig,md,NULL,NULL,NULL);
+ cache_sig_result(backsig,rc);
+ gcry_md_close(md);
}
- if (gcry_md_open (&md, backsig->digest_algo,0))
- BUG ();
- hash_public_key(md,main_pk);
- hash_public_key(md,sub_pk);
- rc=do_check(sub_pk,backsig,md,NULL,NULL,NULL);
- cache_sig_result(backsig,rc);
- gcry_md_close(md);
-
return rc;
}
More information about the Gnupg-commits
mailing list