[git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-421-g25036ec

Wed May 14 18:17:34 CEST 2014

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  25036ec6abbc0c9d0003dcfe227724038c35a304 (commit)
       via  71fa6a35107d4d4547eb9155d7c2612b6a6a16fb (commit)
       via  455a4a2212302c05095e736b127f647e95714fe7 (commit)
       via  b2945c451d3d3f25ba11a9fe88c6cbf3f88c2fb5 (commit)
      from  4aeb02562c9db4b96366220b781e2b4fa2d6fd3b (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 25036ec6abbc0c9d0003dcfe227724038c35a304
Author: Werner Koch <wk at gnupg.org>
Date:   Wed May 14 16:32:49 2014 +0200

    gpg: Fix uninitialized access to search descindex with gpg keyboxes.
    
    * kbx/keybox-search.c (keybox_search): Add arg  R_DESCINDEX.  Chnage
    both callers.
    * g10/keydb.c (keydb_search): Always set DESCINDEX.
    --
    
    This only affects the new keybox for OpenPGP keys in 2.1.  The bug
    exhibited itself by running GPA's backup command on Windows.

diff --git a/g10/keydb.c b/g10/keydb.c
index 9085012..688c24c 100644
--- a/g10/keydb.c
+++ b/g10/keydb.c
@@ -1319,6 +1319,9 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc,
 {
   gpg_error_t rc;
 
+  if (descindex)
+    *descindex = 0; /* Make sure it is always set on return.  */
+
   if (!hd)
     return gpg_error (GPG_ERR_INV_ARG);
 
@@ -1333,6 +1336,7 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc,
       && keyblock_cache.kid[0] == desc[0].u.kid[0]
       && keyblock_cache.kid[1] == desc[0].u.kid[1])
     {
+      /* (DESCINDEX is already set).  */
       if (DBG_CLOCK)
         log_clock ("keydb_search leave (cached)");
       return 0;
@@ -1352,7 +1356,8 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc,
                                ndesc, descindex);
           break;
         case KEYDB_RESOURCE_TYPE_KEYBOX:
-          rc = keybox_search (hd->active[hd->current].u.kb, desc, ndesc);
+          rc = keybox_search (hd->active[hd->current].u.kb, desc,
+                              ndesc, descindex);
           break;
         }
       if (rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF)
diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c
index 7980794..ba284f9 100644
--- a/kbx/keybox-search.c
+++ b/kbx/keybox-search.c
@@ -720,7 +720,8 @@ keybox_search_reset (KEYBOX_HANDLE hd)
 /* Note: When in ephemeral mode the search function does visit all
    blobs but in standard mode, blobs flagged as ephemeral are ignored.  */
 int
-keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
+keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc,
+               size_t *r_descindex)
 {
   int rc;
   size_t n;
@@ -945,6 +946,10 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
 	}
       continue;
     found:
+      /* Record which DESC we matched on.  Note this value is only
+	 meaningful if this function returns with no errors. */
+      if(r_descindex)
+	*r_descindex = n;
       for (n=any_skip?0:ndesc; n < ndesc; n++)
         {
 /*            if (desc[n].skipfnc */
diff --git a/kbx/keybox.h b/kbx/keybox.h
index 5b29437..4c447a5 100644
--- a/kbx/keybox.h
+++ b/kbx/keybox.h
@@ -83,7 +83,8 @@ int keybox_get_cert (KEYBOX_HANDLE hd, ksba_cert_t *ret_cert);
 int keybox_get_flags (KEYBOX_HANDLE hd, int what, int idx, unsigned int *value);
 
 int keybox_search_reset (KEYBOX_HANDLE hd);
-int keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc);
+int keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc,
+                   size_t *r_descindex);
 
 
 /*-- keybox-update.c --*/
@@ -109,8 +110,6 @@ int keybox_compress (KEYBOX_HANDLE hd);
 
 #if 0
 int keybox_locate_writable (KEYBOX_HANDLE hd);
-int keybox_search_reset (KEYBOX_HANDLE hd);
-int keybox_search (KEYBOX_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc);
 int keybox_rebuild_cache (void *);
 #endif
 
diff --git a/sm/keydb.c b/sm/keydb.c
index de9c95c..845ebba 100644
--- a/sm/keydb.c
+++ b/sm/keydb.c
@@ -798,7 +798,7 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc)
           BUG(); /* we should never see it here */
           break;
         case KEYDB_RESOURCE_TYPE_KEYBOX:
-          rc = keybox_search (hd->active[hd->current].u.kr, desc, ndesc);
+          rc = keybox_search (hd->active[hd->current].u.kr, desc, ndesc, NULL);
           break;
         }
       if (rc == -1) /* EOF -> switch to next resource */

commit 71fa6a35107d4d4547eb9155d7c2612b6a6a16fb
Author: Werner Koch <wk at gnupg.org>
Date:   Wed May 14 10:26:30 2014 +0200

    w32: Make make_absfilename work with drive letters.
    
    * common/stringhelp.c (do_make_filename) [HAVE_DRIVE_LETTERS]: Fix.

diff --git a/common/stringhelp.c b/common/stringhelp.c
index 4d7c3a6..e1ddf2c 100644
--- a/common/stringhelp.c
+++ b/common/stringhelp.c
@@ -496,7 +496,9 @@ do_make_filename (int xmode, const char *first_part, va_list arg_ptr)
     {
 #ifdef HAVE_DRIVE_LETTERS
       p = strchr (name, ':');
-      if (!p)
+      if (p)
+        p++;
+      else
         p = name;
 #else
       p = name;

commit 455a4a2212302c05095e736b127f647e95714fe7
Author: Werner Koch <wk at gnupg.org>
Date:   Wed May 14 08:55:58 2014 +0200

    gpg: Remove useless diagnostic in MDC verification.
    
    * g10/decrypt-data.c (decrypt_data): Do not distinguish between a bad
    MDC packer header and a bad MDC.
    --
    
    The separate diagnostic was introduced for debugging a problems.  For
    explaining an MDC error a single error message is easier to
    understand.

diff --git a/g10/decrypt-data.c b/g10/decrypt-data.c
index 22a6aef..9c6ae73 100644
--- a/g10/decrypt-data.c
+++ b/g10/decrypt-data.c
@@ -243,14 +243,10 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek)
       gcry_md_write (dfx->mdc_hash, dfx->defer, 2);
       gcry_md_final (dfx->mdc_hash);
 
-      if (dfx->defer[0] != '\xd3' || dfx->defer[1] != '\x14' )
-        {
-          log_error("mdc_packet with invalid encoding\n");
-          rc = gpg_error (GPG_ERR_INV_PACKET);
-        }
-      else if (datalen != 20
-               || memcmp (gcry_md_read (dfx->mdc_hash, 0),
-                          dfx->defer+2,datalen ))
+      if (   dfx->defer[0] != '\xd3'
+          || dfx->defer[1] != '\x14'
+          || datalen != 20
+          || memcmp (gcry_md_read (dfx->mdc_hash, 0), dfx->defer+2, datalen))
         rc = gpg_error (GPG_ERR_BAD_SIGNATURE);
       /* log_printhex("MDC message:", dfx->defer, 22); */
       /* log_printhex("MDC calc:", gcry_md_read (dfx->mdc_hash,0), datalen); */

commit b2945c451d3d3f25ba11a9fe88c6cbf3f88c2fb5
Author: Werner Koch <wk at gnupg.org>
Date:   Wed May 14 08:49:37 2014 +0200

    gpg: Fix glitch entering a full expiration time.
    
    * g10/keygen.c (ask_expire_interval): Get the current time after the
    prompt.
    --
    
    This almost avoid that an entered full ISO timestamp is not used as
    given but off by the time the user required to enter the timestamp.
    
    GnuPG-bug-id: 1639

diff --git a/g10/keygen.c b/g10/keygen.c
index 314cf9b..0c95435 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -2302,7 +2302,7 @@ ask_expire_interval(int object,const char *def_expire)
     answer = NULL;
     for(;;)
       {
-	u32 curtime=make_timestamp();
+	u32 curtime;
 
 	xfree(answer);
 	if(object==0)
@@ -2326,6 +2326,7 @@ ask_expire_interval(int object,const char *def_expire)
 	  }
 	cpr_kill_prompt();
 	trim_spaces(answer);
+        curtime = make_timestamp ();
 	interval = parse_expire_string( answer );
 	if( interval == (u32)-1 )
 	  {

-----------------------------------------------------------------------

Summary of changes:
 common/stringhelp.c |    4 +++-
 g10/decrypt-data.c  |   12 ++++--------
 g10/keydb.c         |    7 ++++++-
 g10/keygen.c        |    3 ++-
 kbx/keybox-search.c |    7 ++++++-
 kbx/keybox.h        |    5 ++---
 sm/keydb.c          |    2 +-
 7 files changed, 24 insertions(+), 16 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org


