[git] GnuPG - branch, master, updated. gnupg-2.1.8-57-g2acceba

by Werner Koch cvs at cvs.gnupg.org
Thu Oct 1 18:02:47 CEST 2015 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  2acceba5cc299796c7b5b1851a9baeb75d9f32a1 (commit)
       via  2c60663a72f090573c4869e305b098b4b1fb23bd (commit)
      from  13a3f65968f4a8205ca664cc46b1a53de4dc489b (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 2acceba5cc299796c7b5b1851a9baeb75d9f32a1
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Oct 1 17:59:03 2015 +0200

    gpg: Fix a practical hang after use of --faked-system-time.
    
    * g10/sign.c (update_keysig_packet): Bail out if we would need to long
    for a new timestamp.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/g10/packet.h b/g10/packet.h
index 1906ec5..eb7da75 100644
--- a/g10/packet.h
+++ b/g10/packet.h
@@ -663,7 +663,7 @@ int make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
 			int (*mksubpkt)(PKT_signature *, void *),
 			void *opaque,
                         const char *cache_nonce);
-int update_keysig_packet( PKT_signature **ret_sig,
+gpg_error_t update_keysig_packet (PKT_signature **ret_sig,
                       PKT_signature *orig_sig,
                       PKT_public_key *pk,
                       PKT_user_id *uid,
diff --git a/g10/sign.c b/g10/sign.c
index 4a30f1e..782b9fc 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -1477,7 +1477,7 @@ make_keysig_packet (PKT_signature **ret_sig, PKT_public_key *pk,
  *
  * TODO: Merge this with make_keysig_packet.
  */
-int
+gpg_error_t
 update_keysig_packet( PKT_signature **ret_sig,
                       PKT_signature *orig_sig,
                       PKT_public_key *pk,
@@ -1488,7 +1488,7 @@ update_keysig_packet( PKT_signature **ret_sig,
                       void *opaque)
 {
     PKT_signature *sig;
-    int rc = 0;
+    gpg_error_t rc = 0;
     int digest_algo;
     gcry_md_hd_t md;
 
@@ -1524,11 +1524,19 @@ update_keysig_packet( PKT_signature **ret_sig,
 
     /* ... but we won't make a timestamp earlier than the existing
        one. */
-    while(sig->timestamp<=orig_sig->timestamp)
-      {
-	gnupg_sleep (1);
-	sig->timestamp=make_timestamp();
-      }
+    {
+      int tmout = 0;
+      while(sig->timestamp<=orig_sig->timestamp)
+        {
+          if (++tmout > 5 && !opt.ignore_time_conflict)
+            {
+              rc = gpg_error (GPG_ERR_TIME_CONFLICT);
+              goto leave;
+            }
+          gnupg_sleep (1);
+          sig->timestamp=make_timestamp();
+        }
+    }
 
     /* Note that already expired sigs will remain expired (with a
        duration of 1) since build-packet.c:build_sig_subpkt_from_sig
@@ -1550,6 +1558,7 @@ update_keysig_packet( PKT_signature **ret_sig,
 	rc = complete_sig (sig, pksk, md, NULL);
     }
 
+ leave:
     gcry_md_close (md);
     if( rc )
 	free_seckey_enc (sig);

commit 2c60663a72f090573c4869e305b098b4b1fb23bd
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Oct 1 17:57:39 2015 +0200

    gpg: Print more info with "check selfsig".
    
    * g10/keyedit.c (print_and_check_one_sig): Print more Some sigsub
    packets.

diff --git a/g10/keyedit.c b/g10/keyedit.c
index 8d87a01..143c748 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -46,6 +46,7 @@
 #include "i18n.h"
 #include "keyserver-internal.h"
 #include "call-agent.h"
+#include "host2net.h"
 
 static void show_prefs (PKT_user_id * uid, PKT_signature * selfsig,
 			int verbose);
@@ -287,6 +288,22 @@ print_and_check_one_sig (KBNODE keyblock, KBNODE node,
       if (sig->flags.pref_ks
           && ((opt.list_options & LIST_SHOW_KEYSERVER_URLS) || extended))
 	show_keyserver_url (sig, 3, 0);
+
+      if (extended)
+        {
+          PKT_public_key *pk = keyblock->pkt->pkt.public_key;
+          const unsigned char *s;
+          u32 expire;
+
+          s = parse_sig_subpkt (sig->hashed, SIGSUBPKT_PRIMARY_UID, NULL);
+          if (s && *s)
+            tty_printf ("             [primary]\n");
+
+          s = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
+          if (s && buf32_to_u32 (s))
+            tty_printf ("             [expires: %s]\n",
+                        isotimestamp (pk->timestamp + buf32_to_u32 (s)));
+        }
     }
 
   return (sigrc == '!');

-----------------------------------------------------------------------

Summary of changes:
 g10/keyedit.c | 17 +++++++++++++++++
 g10/packet.h  |  2 +-
 g10/sign.c    | 23 ++++++++++++++++-------
 3 files changed, 34 insertions(+), 8 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list