[svn] GnuPG - r5330 - branches/STABLE-BRANCH-2-0/g10

Fri May 7 14:17:19 CEST 2010

Author: wk
Date: 2010-05-07 14:17:18 +0200 (Fri, 07 May 2010)
New Revision: 5330

Modified:
   branches/STABLE-BRANCH-2-0/g10/ChangeLog
   branches/STABLE-BRANCH-2-0/g10/import.c
Log:
Take care of already existing bogus 0x1f signatures.


Modified: branches/STABLE-BRANCH-2-0/g10/ChangeLog
===================================================================

--- branches/STABLE-BRANCH-2-0/g10/ChangeLog	2010-05-07 11:15:26 UTC (rev 5329)
+++ branches/STABLE-BRANCH-2-0/g10/ChangeLog	2010-05-07 12:17:18 UTC (rev 5330)
@@ -2,6 +2,8 @@
 
 	* import.c (chk_self_sigs): Check direct key signatures.  Fixes
 	bug#1223.
+	(fix_bad_direct_key_sigs): New.
+	(import_one): Use it here.
 
 	* import.c (chk_self_sigs): Re-indent and slighly re-arrange code.
 	Use test macros for the sig class.

Modified: branches/STABLE-BRANCH-2-0/g10/import.c
===================================================================
--- branches/STABLE-BRANCH-2-0/g10/import.c	2010-05-07 11:15:26 UTC (rev 5329)
+++ branches/STABLE-BRANCH-2-0/g10/import.c	2010-05-07 12:17:18 UTC (rev 5330)
@@ -520,6 +520,46 @@
 }
 
 
+/* Versions of GnuPG before 1.4.11 and 2.0.16 allowed to import bogus
+   direct key signatures.  A side effect of this was that a later
+   import of the same good direct key signatures was not possible
+   because the cmp_signature check in merge_blocks considered them
+   equal.  Although direct key signatures are now checked during
+   import, there might still be bogus signatures sitting in a keyring.
+   We need to detect and delete them before doing a merge.  This
+   fucntion returns the number of removed sigs.  */
+static int
+fix_bad_direct_key_sigs (KBNODE keyblock, u32 *keyid)
+{
+  gpg_error_t err;
+  KBNODE node;
+  int count = 0;
+
+  for (node = keyblock->next; node; node=node->next)
+    {
+      if (node->pkt->pkttype == PKT_USER_ID)
+        break;
+      if (node->pkt->pkttype == PKT_SIGNATURE
+          && IS_KEY_SIG (node->pkt->pkt.signature))
+        {
+          err = check_key_signature (keyblock, node, NULL);
+          if (err && gpg_err_code (err) != GPG_ERR_PUBKEY_ALGO )
+            {
+              /* If we don't know the error, we can't decide; this is
+                 not a problem because cmp_signature can't compare the
+                 signature either.  */
+              log_info ("key %s: invalid direct key signature removed\n",
+                        keystr (keyid));
+              delete_kbnode (node);
+              count++;
+            }
+        }
+    }
+
+  return count;
+}
+
+
 static void
 print_import_ok (PKT_public_key *pk, PKT_secret_key *sk, unsigned int reason)
 {
@@ -886,10 +926,15 @@
 	    goto leave;
 	  }
 
+        /* Make sure the original direct key sigs are all sane.  */
+        n_sigs_cleaned = fix_bad_direct_key_sigs (keyblock_orig, keyid);
+        if (n_sigs_cleaned)
+          commit_kbnode (&keyblock_orig);
+            
 	/* and try to merge the block */
 	clear_kbnode_flags( keyblock_orig );
 	clear_kbnode_flags( keyblock );
-	n_uids = n_sigs = n_subk = n_sigs_cleaned = n_uids_cleaned = 0;
+	n_uids = n_sigs = n_subk = n_uids_cleaned = 0;
 	rc = merge_blocks( fname, keyblock_orig, keyblock,
 			   keyid, &n_uids, &n_sigs, &n_subk );
 	if( rc )


