[git] GnuPG - branch, master, updated. gnupg-2.1.1-33-g7be1b7d

by Werner Koch cvs at cvs.gnupg.org
Mon Jan 19 15:47:34 CET 2015 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  7be1b7d8017cb7ebf1a3855edec0ef5e342cc9c5 (commit)
       via  c5956592c171e6fe988e74161aa99636b7f12e4b (commit)
       via  3da53e70b1bbde6b5956e2e5a7a2b0c28ffbe61c (commit)
      from  16a1330fa16f6b23e2661c0175c431ab40da45ff (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 7be1b7d8017cb7ebf1a3855edec0ef5e342cc9c5
Author: Werner Koch <wk at gnupg.org>
Date:   Mon Jan 19 14:58:06 2015 +0100

    kbx: Minor cleanup for the previous fix.
    
    * kbx/keybox-search.c (blob_get_keyid): Rename to
    blob_get_first_keyid. Check number of keys and remove blob type check.
    --
    
    There is no need to check the blob type.  We already know that it is a
    key blob type and keyids are used for X.509 and OpenPGP.  Also added
    check for number of keys because the other parser functions do it as
    well.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c
index 2126ece..0a3ed43 100644
--- a/kbx/keybox-search.c
+++ b/kbx/keybox-search.c
@@ -79,21 +79,21 @@ blob_get_blob_flags (KEYBOXBLOB blob)
 }
 
 
+/* Return the first keyid from the blob.  Returns true if
+   available.  */
 static int
-blob_get_keyid (KEYBOXBLOB blob, u32 *kid)
+blob_get_first_keyid (KEYBOXBLOB blob, u32 *kid)
 {
   const unsigned char *buffer;
-  size_t length, keyinfolen;
+  size_t length, nkeys, keyinfolen;
 
   buffer = _keybox_get_blob_image (blob, &length);
   if (length < 48)
     return 0; /* blob too short */
 
-  if (buffer[4] != KEYBOX_BLOBTYPE_PGP)
-    return 0; /* don't know what to do with X.509 blobs */
-
+  nkeys = get16 (buffer + 16);
   keyinfolen = get16 (buffer + 18);
-  if (keyinfolen < 28)
+  if (!nkeys || keyinfolen < 28)
     return 0; /* invalid blob */
 
   kid[0] = get32 (buffer + 32);
@@ -994,7 +994,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc,
           u32 kid[2];
 
           if (desc[n].skipfnc
-              && blob_get_keyid (blob, kid)
+              && blob_get_first_keyid (blob, kid)
               && desc[n].skipfnc (desc[n].skipfncvalue, kid, NULL))
             break;
         }

commit c5956592c171e6fe988e74161aa99636b7f12e4b
Author: Damien Goutte-Gattat <dgouttegattat at incenp.org>
Date:   Fri Jan 16 16:56:35 2015 +0100

    kbx: Call skipfnc callback to filter out keys
    
    * kbx/keybox-search.c (blob_get_keyid): New.
    (keybox-search): Call skipfnc callback function.
    --
    
    This patch (tentatively) fixes
    GnuPG-bug-id: 1794
    
    The keybox_search function in kbx/keybox-search.c currently ignores
    the skipfnc callback, but the validate_key_list function in
    g10/trustdb.c uses such a callback to exclude ultimately trusted keys.

diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c
index 6e72d0b..2126ece 100644
--- a/kbx/keybox-search.c
+++ b/kbx/keybox-search.c
@@ -79,6 +79,30 @@ blob_get_blob_flags (KEYBOXBLOB blob)
 }
 
 
+static int
+blob_get_keyid (KEYBOXBLOB blob, u32 *kid)
+{
+  const unsigned char *buffer;
+  size_t length, keyinfolen;
+
+  buffer = _keybox_get_blob_image (blob, &length);
+  if (length < 48)
+    return 0; /* blob too short */
+
+  if (buffer[4] != KEYBOX_BLOBTYPE_PGP)
+    return 0; /* don't know what to do with X.509 blobs */
+
+  keyinfolen = get16 (buffer + 18);
+  if (keyinfolen < 28)
+    return 0; /* invalid blob */
+
+  kid[0] = get32 (buffer + 32);
+  kid[1] = get32 (buffer + 36);
+
+  return 1;
+}
+
+
 /* Return information on the flag WHAT within the blob BUFFER,LENGTH.
    Return the offset and the length (in bytes) of the flag in
    FLAGOFF,FLAG_SIZE. */
@@ -967,9 +991,12 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc,
 	*r_descindex = n;
       for (n=any_skip?0:ndesc; n < ndesc; n++)
         {
-/*            if (desc[n].skipfnc */
-/*                && desc[n].skipfnc (desc[n].skipfncvalue, aki, NULL)) */
-/*              break; */
+          u32 kid[2];
+
+          if (desc[n].skipfnc
+              && blob_get_keyid (blob, kid)
+              && desc[n].skipfnc (desc[n].skipfncvalue, kid, NULL))
+            break;
         }
       if (n == ndesc)
         break; /* got it */

commit 3da53e70b1bbde6b5956e2e5a7a2b0c28ffbe61c
Author: Werner Koch <wk at gnupg.org>
Date:   Mon Jan 19 11:06:59 2015 +0100

    Register DCO for Damien Goutte-Gattat.
    
    --

diff --git a/AUTHORS b/AUTHORS
index 554c10a..58cfdb8 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -170,6 +170,9 @@ Andreas Schwier <andreas.schwier at cardcontact.de>
 Christian Aistleitner <christian at quelltextlich.at>
 2013-05-26:20130626112332.GA2228 at quelltextlich.at:
 
+Damien Goutte-Gattat <dgouttegattat at incenp.org>
+2015-01-17:54BA49AA.2040708 at incenp.org:
+
 Daniel Kahn Gillmor <dkg at fifthhorseman.net>
 2014-09-24:87oau6w9q7.fsf at alice.fifthhorseman.net:
 

-----------------------------------------------------------------------

Summary of changes:
 AUTHORS             |  3 +++
 kbx/keybox-search.c | 33 ++++++++++++++++++++++++++++++---
 2 files changed, 33 insertions(+), 3 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list