[git] GnuPG - branch, master, updated. gnupg-2.1.11-37-g7e7f35a
by Daniel Kahn Gillmor
cvs at cvs.gnupg.org
Thu Feb 18 12:24:56 CET 2016
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 7e7f35a2d7d40267a4dd30791df77420efeebfa7 (commit)
via 813df2fe6656e55bea4d0be07cc964a140218412 (commit)
from e1ceff16765b0342531709cf97d03ef0158c29d5 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 7e7f35a2d7d40267a4dd30791df77420efeebfa7
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date: Mon Feb 8 15:44:07 2016 -0500
gpgparsemail: Allow weirdly-mixed pkcs7 signatures.
* tools/gpgparsemail.c: Add and check info->signing_protocol_2.
--
Some mailers in the wild will generate messages that have the a weird
structure where they use the x- prefix in one part and drop it in
another.
For example, the main MIME part as a whole has:
Content-Type: multipart/signed;
protocol="application/x-pkcs7-signature"
but the signature sub-part has:
Content-Type: application/pkcs7-signature
(or vice versa, where the x- prefix is in the sub-part but not the
protocol= section on the main MIME object)
This change also avoids allocating strings for these comparisons,
since the const strings in question are already available in the built
executable, and no dynamic labels are needed.
===
- 2 lines reformatted to keep them below 90 cols. - wk
diff --git a/tools/gpgparsemail.c b/tools/gpgparsemail.c
index 98bbad0..57a6203 100644
--- a/tools/gpgparsemail.c
+++ b/tools/gpgparsemail.c
@@ -67,7 +67,9 @@ struct parse_info_s {
int smfm_state; /* State of PGP/MIME or S/MIME parsing. */
int is_smime; /* This is S/MIME and not PGP/MIME. */
- char *signing_protocol;
+ const char *signing_protocol;
+ const char *signing_protocol_2; /* there are two ways to present
+ PKCS7 */
int hashing_level; /* The nesting level we are hashing. */
int hashing;
FILE *hash_file;
@@ -139,15 +141,15 @@ xmalloc (size_t n)
/* return p; */
/* } */
-static char *
-xstrdup (const char *string)
-{
- void *p = malloc (strlen (string)+1);
- if (!p)
- die ("out of core: %s", strerror (errno));
- strcpy (p, string);
- return p;
-}
+/* static char * */
+/* xstrdup (const char *string) */
+/* { */
+/* void *p = malloc (strlen (string)+1); */
+/* if (!p) */
+/* die ("out of core: %s", strerror (errno)); */
+/* strcpy (p, string); */
+/* return p; */
+/* } */
#ifndef HAVE_STPCPY
static char *
@@ -364,8 +366,8 @@ mime_signed_begin (struct parse_info_s *info, rfc822parse_t msg,
{
info->smfm_state = 1;
info->is_smime = 0;
- free (info->signing_protocol);
- info->signing_protocol = xstrdup (s);
+ info->signing_protocol = "application/pgp-signature";
+ info->signing_protocol_2 = NULL;
}
}
else if (!strcmp (s, "application/pkcs7-signature")
@@ -377,8 +379,8 @@ mime_signed_begin (struct parse_info_s *info, rfc822parse_t msg,
{
info->smfm_state = 1;
info->is_smime = 1;
- free (info->signing_protocol);
- info->signing_protocol = xstrdup (s);
+ info->signing_protocol = "application/pkcs7-signature";
+ info->signing_protocol_2 = "application/x-pkcs7-signature";
}
}
else if (verbose)
@@ -516,10 +518,15 @@ message_cb (void *opaque, rfc822parse_event_t event, rfc822parse_t msg)
char *buf = xmalloc (strlen (s1) + strlen (s2) + 2);
strcpy (stpcpy (stpcpy (buf, s1), "/"), s2);
assert (info->signing_protocol);
- if (strcmp (buf, info->signing_protocol))
- err ("invalid %s structure; expected '%s', found '%s'",
+ if (strcmp (buf, info->signing_protocol) &&
+ (!info->signing_protocol_2
+ || strcmp (buf,info->signing_protocol_2)))
+ err ("invalid %s structure; expected %s%s%s, found '%s'",
info->is_smime? "S/MIME":"PGP/MIME",
- info->signing_protocol, buf);
+ info->signing_protocol,
+ info->signing_protocol_2 ? " or " : "",
+ info->signing_protocol_2 ? info->signing_protocol_2:"",
+ buf);
else
{
printf ("c begin_signature\n");
commit 813df2fe6656e55bea4d0be07cc964a140218412
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date: Thu Feb 11 07:08:55 2016 -0500
gpg: Clean up dangling agent_open and agent_closed declarations.
* g10/keydb.h: Remove agent_open, agent_close declarations/
* g10/migrate.c: #include <unistd.h> for access()
--
agent_open() is only defined statically in common/simple-pw-query.c,
it is neither used nor referenced anywhere else. agent_close doesn't
exist anywhere. The removal of these declarations removes an
unecessary inclusion of libassuan.h.
migrate.c was relying on keydb.h -> libassuan.h -> unistd.h for the
declaration of access(), so we now handle that explicitly instead.
diff --git a/g10/keydb.h b/g10/keydb.h
index 9b4a1cf..8d4e36c 100644
--- a/g10/keydb.h
+++ b/g10/keydb.h
@@ -22,8 +22,6 @@
#ifndef G10_KEYDB_H
#define G10_KEYDB_H
-#include <assuan.h>
-
#include "types.h"
#include "util.h"
#include "packet.h"
@@ -248,8 +246,6 @@ gpg_error_t build_sk_list (ctrl_t ctrl, strlist_t locusr,
/*-- passphrase.h --*/
unsigned char encode_s2k_iterations (int iterations);
-assuan_context_t agent_open (int try, const char *orig_codeset);
-void agent_close (assuan_context_t ctx);
int have_static_passphrase(void);
const char *get_static_passphrase (void);
void set_passphrase_from_string(const char *pass);
diff --git a/g10/migrate.c b/g10/migrate.c
index 96ca5c2..48cbdd0 100644
--- a/g10/migrate.c
+++ b/g10/migrate.c
@@ -22,6 +22,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
+#include <unistd.h>
#include <assert.h>
#include "gpg.h"
-----------------------------------------------------------------------
Summary of changes:
g10/keydb.h | 4 ----
g10/migrate.c | 1 +
tools/gpgparsemail.c | 41 ++++++++++++++++++++++++-----------------
3 files changed, 25 insertions(+), 21 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list