[git] GnuPG - branch, master, updated. gnupg-2.1.21-77-g2739647

by Justus Winter cvs at cvs.gnupg.org
Mon Jun 26 14:57:31 CEST 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  273964798592cd479c111f47e8ce46d5b1999d6a (commit)
       via  b49b1a87ac2695e3892fb001878da59fbc92fa37 (commit)
      from  1ead1ca818bddabc3bca22c195be667993eb3e2e (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 273964798592cd479c111f47e8ce46d5b1999d6a
Author: Justus Winter <justus at g10code.com>
Date:   Mon Jun 26 14:54:39 2017 +0200

    agent: Support unprotected ssh keys.
    
    * agent/command-ssh.c (ssh_key_to_protected_buffer): If the empty
    passphrase is supplied, do not protect the key.
    
    GnuPG-bug-id: 2856
    Signed-off-by: Justus Winter <justus at g10code.com>

diff --git a/agent/command-ssh.c b/agent/command-ssh.c
index e450aed..c5897ef 100644
--- a/agent/command-ssh.c
+++ b/agent/command-ssh.c
@@ -2980,6 +2980,7 @@ ssh_key_extract_comment (gcry_sexp_t key, char **r_comment)
 
 /* This function converts the key contained in the S-Expression KEY
    into a buffer, which is protected by the passphrase PASSPHRASE.
+   If PASSPHRASE is the empty passphrase, the key is not protected.
    Returns usual error code.  */
 static gpg_error_t
 ssh_key_to_protected_buffer (gcry_sexp_t key, const char *passphrase,
@@ -3000,7 +3001,17 @@ ssh_key_to_protected_buffer (gcry_sexp_t key, const char *passphrase,
   gcry_sexp_sprint (key, GCRYSEXP_FMT_CANON, buffer_new, buffer_new_n);
   /* FIXME: guarantee?  */
 
-  err = agent_protect (buffer_new, passphrase, buffer, buffer_n, 0, -1);
+  if (*passphrase)
+    err = agent_protect (buffer_new, passphrase, buffer, buffer_n, 0, -1);
+  else
+    {
+      /* The key derivation function does not support zero length
+       * strings.  Store key unprotected if the user wishes so.  */
+      *buffer = buffer_new;
+      *buffer_n = buffer_new_n;
+      buffer_new = NULL;
+      err = 0;
+    }
 
  out:
 

commit b49b1a87ac2695e3892fb001878da59fbc92fa37
Author: Justus Winter <justus at g10code.com>
Date:   Mon Jun 26 12:51:28 2017 +0200

    tests: Improve test.
    
    * tests/openpgp/ssh-export.scm: Split output at any whitespace.
    
    Signed-off-by: Justus Winter <justus at g10code.com>

diff --git a/tests/openpgp/ssh-export.scm b/tests/openpgp/ssh-export.scm
index 7f51447..136c6e0 100755
--- a/tests/openpgp/ssh-export.scm
+++ b/tests/openpgp/ssh-export.scm
@@ -44,8 +44,8 @@
 (call-check `(, at GPG --yes --import ,(:file key)))
 
 (let* ((result (call-check `(, at GPG --export-ssh-key ,(:fpr key))))
-       ;; XXX: We should split at any whitespace here.
-       (parts (string-split (string-trim char-whitespace? result) #\space)))
+       (parts (string-splitp (string-trim char-whitespace? result)
+			     char-whitespace? -1)))
   (assert (string=? (car parts) (:kind key)))
   ;; XXX: We should not use a short keyid as the comment when
   ;; exporting an ssh key.

-----------------------------------------------------------------------

Summary of changes:
 agent/command-ssh.c          | 13 ++++++++++++-
 tests/openpgp/ssh-export.scm |  4 ++--
 2 files changed, 14 insertions(+), 3 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list