[svn] GnuPG - r4746 - trunk/g10

Wed Apr 16 10:23:25 CEST 2008

Author: wk
Date: 2008-04-16 10:23:23 +0200 (Wed, 16 Apr 2008)
New Revision: 4746

Modified:
   trunk/g10/ChangeLog
   trunk/g10/getkey.c
   trunk/g10/gpg.c
Log:
If there are multiple 0x19 backsigs, take the most recent one. (from 1.4).
add log-file and debug-level to the --gpgconf-list.


Modified: trunk/g10/ChangeLog
===================================================================

--- trunk/g10/ChangeLog	2008-04-15 15:57:39 UTC (rev 4745)
+++ trunk/g10/ChangeLog	2008-04-16 08:23:23 UTC (rev 4746)
@@ -1,3 +1,8 @@
+2008-04-15  David Shaw  <dshaw at jabberwocky.com>
+
+	* getkey.c (merge_selfsigs_subkey): If there are multiple 0x19
+	backsigs, take the most recent one.
+
 2008-04-08  Werner Koch  <wk at g10code.com>
 
 	* options.h (opt): Add AKL_NODEFAULT and AKL_LOCAL.

Modified: trunk/g10/getkey.c
===================================================================
--- trunk/g10/getkey.c	2008-04-15 15:57:39 UTC (rev 4745)
+++ trunk/g10/getkey.c	2008-04-16 08:23:23 UTC (rev 4746)
@@ -2081,7 +2081,27 @@
       }
 }
 
+/* Convert a buffer to a signature.  Useful for 0x19 embedded sigs.
+   Caller must free the signature when they are done. */
+static PKT_signature *
+buf_to_sig(const byte *buf,size_t len)
+{
+  PKT_signature *sig=xmalloc_clear(sizeof(PKT_signature));
+  IOBUF iobuf=iobuf_temp_with_content(buf,len);
+  int save_mode=set_packet_list_mode(0);
 
+  if(parse_signature(iobuf,PKT_SIGNATURE,len,sig)!=0)
+    {
+      xfree(sig);
+      sig=NULL;
+    }
+
+  set_packet_list_mode(save_mode);
+  iobuf_close(iobuf);
+
+  return sig;
+}
+
 static void
 merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
 {
@@ -2187,48 +2207,74 @@
 
     subpk->is_valid = 1;
 
-    /* Find the first 0x19 embedded signature on our self-sig. */
+    /* Find the most recent 0x19 embedded signature on our self-sig. */
     if(subpk->backsig==0)
       {
 	int seq=0;
 	size_t n;
+	PKT_signature *backsig=NULL;
 
+	sigdate=0;
+
 	/* We do this while() since there may be other embedded
 	   signatures in the future.  We only want 0x19 here. */
+
 	while((p=enum_sig_subpkt(sig->hashed,
 				 SIGSUBPKT_SIGNATURE,&n,&seq,NULL)))
 	  if(n>3 && ((p[0]==3 && p[2]==0x19) || (p[0]==4 && p[1]==0x19)))
-	    break;
+	    {
+	      PKT_signature *tempsig=buf_to_sig(p,n);
+	      if(tempsig)
+		{
+		  if(tempsig->timestamp>sigdate)
+		    {
+		      if(backsig)
+			free_seckey_enc(backsig);
 
-	if(p==NULL)
-	  {
-	    seq=0;
-	    /* It is safe to have this in the unhashed area since the
-	       0x19 is located on the selfsig for convenience, not
-	       security. */
-	    while((p=enum_sig_subpkt(sig->unhashed,SIGSUBPKT_SIGNATURE,
-				     &n,&seq,NULL)))
-	      if(n>3 && ((p[0]==3 && p[2]==0x19) || (p[0]==4 && p[1]==0x19)))
-		break;
-	  }
+		      backsig=tempsig;
+		      sigdate=backsig->timestamp;
+		    }
+		  else
+		    free_seckey_enc(tempsig);
+		}
+	    }
 
-	if(p)
+	seq=0;
+
+	/* It is safe to have this in the unhashed area since the 0x19
+	   is located on the selfsig for convenience, not security. */
+
+	while((p=enum_sig_subpkt(sig->unhashed,SIGSUBPKT_SIGNATURE,
+				 &n,&seq,NULL)))
+	  if(n>3 && ((p[0]==3 && p[2]==0x19) || (p[0]==4 && p[1]==0x19)))
+	    {
+	      PKT_signature *tempsig=buf_to_sig(p,n);
+	      if(tempsig)
+		{
+		  if(tempsig->timestamp>sigdate)
+		    {
+		      if(backsig)
+			free_seckey_enc(backsig);
+
+		      backsig=tempsig;
+		      sigdate=backsig->timestamp;
+		    }
+		  else
+		    free_seckey_enc(tempsig);
+		}
+	    }
+
+	if(backsig)
 	  {
-	    PKT_signature *backsig=xmalloc_clear(sizeof(PKT_signature));
-	    IOBUF backsig_buf=iobuf_temp_with_content(p,n);
-	    int save_mode=set_packet_list_mode(0);
+	    /* At ths point, backsig contains the most recent 0x19 sig.
+	       Let's see if it is good. */
 
-	    if(parse_signature(backsig_buf,PKT_SIGNATURE,n,backsig)==0)
-	      {
-		if(check_backsig(mainpk,subpk,backsig)==0)
-		  subpk->backsig=2;
-		else
-		  subpk->backsig=1;
-	      }
+	    /* 2==valid, 1==invalid, 0==didn't check */
+	    if(check_backsig(mainpk,subpk,backsig)==0)
+	      subpk->backsig=2;
+	    else
+	      subpk->backsig=1;
 
-	    set_packet_list_mode(save_mode);
-
-	    iobuf_close(backsig_buf);
 	    free_seckey_enc(backsig);
 	  }
       }

Modified: trunk/g10/gpg.c
===================================================================
--- trunk/g10/gpg.c	2008-04-15 15:57:39 UTC (rev 4745)
+++ trunk/g10/gpg.c	2008-04-16 08:23:23 UTC (rev 4746)
@@ -1552,7 +1552,10 @@
   printf ("encrypt-to:%lu:\n", GC_OPT_FLAG_NONE);
   printf ("auto-key-locate:%lu:\n", GC_OPT_FLAG_NONE);
   printf ("allow-pka-lookup:%lu:\n", GC_OPT_FLAG_NONE);
+  printf ("log-file:%lu:\n", GC_OPT_FLAG_NONE);
+  printf ("debug-level:%lu:\"none:\n", GC_OPT_FLAG_DEFAULT);
 
+
   xfree (configfile_esc);
 }
 


