[git] GnuPG - branch, master, updated. gnupg-2.1.5-26-g5e1a844

by Andre Heinecke cvs at cvs.gnupg.org
Thu Jun 25 13:06:51 CEST 2015 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  5e1a844ae9b6730b4b8a2c9178ea9bc121560c28 (commit)
      from  54a0ed3d9b10a3c6dfb3d6a4d20b693a3183f8f6 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 5e1a844ae9b6730b4b8a2c9178ea9bc121560c28
Author: Andre Heinecke <aheinecke at intevation.de>
Date:   Wed Jun 24 18:55:24 2015 +0200

    sm: Fix cert storage for ephemeral certs
    
    * sm/keydb.c (keydb_store_cert): Clear ephemeral flag for
    existing certs if store should not be ephemeral.
    
    --
    
    Previously keydb_store_cert would ignore ephemeral certificates
    when asked to store a non ephemeral certificate and insert
    it again without the flags. This resulted in duplicated
    certificates in the keybox.
    
    GnuPG-bug-id: 1921
    Signed-off-by: Andre Heinecke <aheinecke at intevation.de>

diff --git a/sm/keydb.c b/sm/keydb.c
index 974625d..b3363c4 100644
--- a/sm/keydb.c
+++ b/sm/keydb.c
@@ -1110,8 +1110,9 @@ keydb_store_cert (ksba_cert_t cert, int ephemeral, int *existed)
       return gpg_error (GPG_ERR_ENOMEM);;
     }
 
-  if (ephemeral)
-    keydb_set_ephemeral (kh, 1);
+  /* Set the ephemeral flag so that the search looks at all
+     records.  */
+  keydb_set_ephemeral (kh, 1);
 
   rc = lock_all (kh);
   if (rc)
@@ -1125,6 +1126,19 @@ keydb_store_cert (ksba_cert_t cert, int ephemeral, int *existed)
         {
           if (existed)
             *existed = 1;
+          if (!ephemeral)
+            {
+              /* Remove ephemeral flags from existing certificate to "store"
+                 it permanently. */
+              rc = keydb_set_cert_flags (cert, 1, KEYBOX_FLAG_BLOB, 0,
+                                         KEYBOX_FLAG_BLOB_EPHEMERAL, 0);
+              if (rc)
+                {
+                  log_error ("clearing ephemeral flag failed: %s\n",
+                             gpg_strerror (rc));
+                  return rc;
+                }
+            }
           return 0; /* okay */
         }
       log_error (_("problem looking for existing certificate: %s\n"),
@@ -1132,6 +1146,10 @@ keydb_store_cert (ksba_cert_t cert, int ephemeral, int *existed)
       return rc;
     }
 
+  /* Reset the ephemeral flag if not requested.  */
+  if (!ephemeral)
+    keydb_set_ephemeral (kh, 0);
+
   rc = keydb_locate_writable (kh, 0);
   if (rc)
     {

-----------------------------------------------------------------------

Summary of changes:
 sm/keydb.c | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list