[git] GPGME - branch, master, updated. gpgme-1.5.1-17-g162c87f
by Werner Koch
cvs at cvs.gnupg.org
Fri Nov 21 21:30:03 CET 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, master has been updated
via 162c87f069ebeecec4244fdfe56a19c566641356 (commit)
via c62ce32b9c01ee9ceb1d69e7344fb79a9162d232 (commit)
via 81ce87111f5a3f966188629abb07a4d0702e6db0 (commit)
via 5942b0c7e0593b82b4c4a142c214d7a2649de104 (commit)
from a9ae0d142864a91d732a8f215e4ccdc791309335 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 162c87f069ebeecec4244fdfe56a19c566641356
Author: Werner Koch <wk at gnupg.org>
Date: Fri Nov 21 21:29:11 2014 +0100
Post release updates
--
diff --git a/NEWS b/NEWS
index aed5a29..65f0283 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,7 @@
+Noteworthy changes in version 1.5.3 (unreleased) [C24/A13/R_]
+-------------------------------------------------------------
+
+
Noteworthy changes in version 1.5.2 (2014-11-21) [C24/A13/R1]
-------------------------------------------------------------
diff --git a/configure.ac b/configure.ac
index 0ffe847..7bef516 100644
--- a/configure.ac
+++ b/configure.ac
@@ -29,7 +29,7 @@ min_automake_version="1.11"
# for the LT versions.
m4_define(mym4_version_major, [1])
m4_define(mym4_version_minor, [5])
-m4_define(mym4_version_micro, [2])
+m4_define(mym4_version_micro, [3])
# Below is m4 magic to extract and compute the revision number, the
# decimalized short revision number, a beta version string, and a flag
diff --git a/doc/Makefile.am b/doc/Makefile.am
index 19b8c82..2df35b4 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -31,6 +31,6 @@ online: gpgme.html gpgme.pdf
echo "Uploading current manuals to www.gnupg.org ..."; \
user=werner ; \
(cd gpgme.html && rsync -vr --exclude='.svn' . \
- $${user}@cvs.gnupg.org:webspace/manuals/gpgme/ ); \
- rsync -v gpgme.pdf $${user}@cvs.gnupg.org:webspace/manuals/
+ $${user}@ftp.gnupg.org:webspace/manuals/gpgme/ ); \
+ rsync -v gpgme.pdf $${user}@ftp.gnupg.org:webspace/manuals/
commit c62ce32b9c01ee9ceb1d69e7344fb79a9162d232
Author: Werner Koch <wk at gnupg.org>
Date: Fri Nov 21 21:19:26 2014 +0100
Release 1.5.2.
* configure.ac: Set LT version to C24/A13/R1.
diff --git a/NEWS b/NEWS
index af12743..aed5a29 100644
--- a/NEWS
+++ b/NEWS
@@ -1,8 +1,12 @@
-Noteworthy changes in version 1.5.2 (unreleased) [C__/A__/R_]
+Noteworthy changes in version 1.5.2 (2014-11-21) [C24/A13/R1]
-------------------------------------------------------------
* gpgme-tool is now installed.
+ * Fix external listing for modern keyservers.
+
+ * Minor other fixes.
+
Noteworthy changes in version 1.5.1 (2014-07-30) [C24/A13/R0]
-------------------------------------------------------------
diff --git a/configure.ac b/configure.ac
index 5cf46f7..0ffe847 100644
--- a/configure.ac
+++ b/configure.ac
@@ -59,7 +59,7 @@ LIBGPGME_LT_CURRENT=24
# Subtract 2 from this value if you want to make the LFS transition an
# ABI break. [Note to self: Remove this comment with the next regular break.]
LIBGPGME_LT_AGE=13
-LIBGPGME_LT_REVISION=0
+LIBGPGME_LT_REVISION=1
# If the API is changed in an incompatible way: increment the next counter.
GPGME_CONFIG_API_VERSION=1
commit 81ce87111f5a3f966188629abb07a4d0702e6db0
Author: Werner Koch <wk at gnupg.org>
Date: Wed Nov 19 10:34:32 2014 +0100
Update the previous commit
* src/sign.c (gpgme_op_sign_result): Reformat and take care of failed
malloc.
--
Although _gpgme_debug_trace() is current always true, the code should
be run always and not just in trace mode. Also added error checking
to malloc and strdup. And while at replace some while by for loop for
easier readability.
diff --git a/src/sign.c b/src/sign.c
index 034a869..ffbde56 100644
--- a/src/sign.c
+++ b/src/sign.c
@@ -54,7 +54,8 @@ typedef struct
} *op_data_t;
-static void release_signatures (gpgme_new_signature_t sig)
+static void
+release_signatures (gpgme_new_signature_t sig)
{
while (sig)
{
@@ -65,6 +66,7 @@ static void release_signatures (gpgme_new_signature_t sig)
}
}
+
static void
release_op_data (void *hook)
{
@@ -90,6 +92,10 @@ gpgme_op_sign_result (gpgme_ctx_t ctx)
void *hook;
op_data_t opd;
gpgme_error_t err;
+ gpgme_invalid_key_t inv_key, key;
+ gpgme_new_signature_t sig;
+ unsigned int inv_signers = 0;
+ unsigned int signatures = 0;
TRACE_BEG (DEBUG_CTX, "gpgme_op_sign_result", ctx);
@@ -101,91 +107,81 @@ gpgme_op_sign_result (gpgme_ctx_t ctx)
return NULL;
}
- if (_gpgme_debug_trace ())
- {
- gpgme_invalid_key_t inv_key = opd->result.invalid_signers;
- gpgme_new_signature_t sig = opd->result.signatures;
- int inv_signers = 0;
- int signatures = 0;
-
- while (inv_key)
- {
- inv_signers++;
- inv_key = inv_key->next;
- }
- while (sig)
- {
- signatures++;
- sig = sig->next;
- }
+ for (inv_key = opd->result.invalid_signers; inv_key; inv_key = inv_key->next)
+ inv_signers++;
+ for (sig = opd->result.signatures; sig; sig = sig->next)
+ signatures++;
- if (gpgme_signers_count (ctx)
- && signatures + inv_signers != gpgme_signers_count (ctx))
+ if (gpgme_signers_count (ctx)
+ && signatures + inv_signers != gpgme_signers_count (ctx))
+ {
+ /* In this case at least one signatures was not created perhaps
+ due to a bad passphrase etc. Thus the entire message is
+ broken and should not be used. We add the already created
+ signatures to the invalid signers list and thus this case can
+ be detected. */
+ TRACE_LOG3 ("result: invalid signers: %u, signatures: %u, count: %u",
+ inv_signers, signatures, gpgme_signers_count (ctx));
+
+ for (sig = opd->result.signatures; sig; sig = sig->next)
{
- TRACE_LOG3 ("result: invalid signers: %i, signatures: %i, count: %i",
- inv_signers, signatures, gpgme_signers_count (ctx));
-
- sig = opd->result.signatures;
- while (sig)
+ key = calloc (1, sizeof *key);
+ if (!key)
+ {
+ TRACE_SUC0 ("out of core; result=(null)");
+ return NULL;
+ }
+ if (sig->fpr)
{
- gpgme_invalid_key_t key;
-
- key = malloc (sizeof (*key));
key->fpr = strdup (sig->fpr);
- key->reason = GPG_ERR_GENERAL;
- key->next = NULL;
-
- inv_key = opd->result.invalid_signers;
- if (!inv_key)
+ if (!key->fpr)
{
- opd->result.invalid_signers = inv_key = key;
- sig = sig->next;
- continue;
+ free (key);
+ TRACE_SUC0 ("out of core; result=(null)");
+ return NULL;
}
-
- while (inv_key)
- {
- if (!inv_key->next)
- {
- inv_key->next = key;
- break;
- }
-
- inv_key = inv_key->next;
- }
-
- sig = sig->next;
}
+ key->reason = GPG_ERR_GENERAL;
- release_signatures (opd->result.signatures);
- opd->result.signatures = NULL;
+ inv_key = opd->result.invalid_signers;
+ if (inv_key)
+ {
+ for (; inv_key->next; inv_key = inv_key->next)
+ ;
+ inv_key->next = key;
+ }
+ else
+ opd->result.invalid_signers = key;
}
+ release_signatures (opd->result.signatures);
+ opd->result.signatures = NULL;
+ }
+
+ if (_gpgme_debug_trace())
+ {
TRACE_LOG2 ("result: invalid signers: %i, signatures: %i",
inv_signers, signatures);
- inv_key = opd->result.invalid_signers;
- while (inv_key)
+ for (inv_key=opd->result.invalid_signers; inv_key; inv_key=inv_key->next)
{
TRACE_LOG3 ("result: invalid signer: fpr=%s, reason=%s <%s>",
inv_key->fpr, gpgme_strerror (inv_key->reason),
gpgme_strsource (inv_key->reason));
- inv_key = inv_key->next;
}
- sig = opd->result.signatures;
- while (sig)
+ for (sig = opd->result.signatures; sig; sig = sig->next)
{
TRACE_LOG6 ("result: signature: type=%i, pubkey_algo=%i, "
"hash_algo=%i, timestamp=%li, fpr=%s, sig_class=%i",
sig->type, sig->pubkey_algo, sig->hash_algo,
sig->timestamp, sig->fpr, sig->sig_class);
- sig = sig->next;
}
- }
+ }
TRACE_SUC1 ("result=%p", &opd->result);
return &opd->result;
}
+
static gpgme_error_t
parse_sig_created (char *args, gpgme_new_signature_t *sigp,
commit 5942b0c7e0593b82b4c4a142c214d7a2649de104
Author: Ben Kibbey <bjk at luxsci.net>
Date: Sun Nov 9 16:42:54 2014 -0500
Fix returning new signatures when there are none.
* src/sign.c (gpgme_op_sign_result): Test that invalid and valid
signatures add up to gpgme_signers_count().
--
When invalid and valid signatures do not equal gpgme_signers_count() it
means that there was a bad passphrase during signing after the first
signer. This leaves the result.signatures from previous signers intact
which isn't correct since gpg will report:
gpg: number of one-pass packets does not match number of signature
packets
gpg: can't handle this ambiguous signature data
during verify. So when this happens append the valid signatures to the
.invalid_signers list with .reason set to GPG_ERR_GENERAL.
diff --git a/src/sign.c b/src/sign.c
index c55441d..034a869 100644
--- a/src/sign.c
+++ b/src/sign.c
@@ -54,12 +54,22 @@ typedef struct
} *op_data_t;
+static void release_signatures (gpgme_new_signature_t sig)
+{
+ while (sig)
+ {
+ gpgme_new_signature_t next = sig->next;
+ free (sig->fpr);
+ free (sig);
+ sig = next;
+ }
+}
+
static void
release_op_data (void *hook)
{
op_data_t opd = (op_data_t) hook;
gpgme_invalid_key_t invalid_signer = opd->result.invalid_signers;
- gpgme_new_signature_t sig = opd->result.signatures;
while (invalid_signer)
{
@@ -70,13 +80,7 @@ release_op_data (void *hook)
invalid_signer = next;
}
- while (sig)
- {
- gpgme_new_signature_t next = sig->next;
- free (sig->fpr);
- free (sig);
- sig = next;
- }
+ release_signatures (opd->result.signatures);
}
@@ -115,6 +119,48 @@ gpgme_op_sign_result (gpgme_ctx_t ctx)
sig = sig->next;
}
+ if (gpgme_signers_count (ctx)
+ && signatures + inv_signers != gpgme_signers_count (ctx))
+ {
+ TRACE_LOG3 ("result: invalid signers: %i, signatures: %i, count: %i",
+ inv_signers, signatures, gpgme_signers_count (ctx));
+
+ sig = opd->result.signatures;
+ while (sig)
+ {
+ gpgme_invalid_key_t key;
+
+ key = malloc (sizeof (*key));
+ key->fpr = strdup (sig->fpr);
+ key->reason = GPG_ERR_GENERAL;
+ key->next = NULL;
+
+ inv_key = opd->result.invalid_signers;
+ if (!inv_key)
+ {
+ opd->result.invalid_signers = inv_key = key;
+ sig = sig->next;
+ continue;
+ }
+
+ while (inv_key)
+ {
+ if (!inv_key->next)
+ {
+ inv_key->next = key;
+ break;
+ }
+
+ inv_key = inv_key->next;
+ }
+
+ sig = sig->next;
+ }
+
+ release_signatures (opd->result.signatures);
+ opd->result.signatures = NULL;
+ }
+
TRACE_LOG2 ("result: invalid signers: %i, signatures: %i",
inv_signers, signatures);
inv_key = opd->result.invalid_signers;
-----------------------------------------------------------------------
Summary of changes:
NEWS | 10 +++++-
configure.ac | 4 +--
doc/Makefile.am | 4 +--
src/sign.c | 104 ++++++++++++++++++++++++++++++++++++++-----------------
4 files changed, 86 insertions(+), 36 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
More information about the Gnupg-commits
mailing list