[git] GnuPG - branch, master, updated. gnupg-2.1.19-36-g591b6a9

by Justus Winter cvs at cvs.gnupg.org
Tue Mar 7 13:55:56 CET 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  591b6a9d879cbcabb089d89a26d3c3e0306054e1 (commit)
      from  80fb1a8a05b2194af16027555b09bbd5d48ec9ac (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 591b6a9d879cbcabb089d89a26d3c3e0306054e1
Author: Justus Winter <justus at g10code.com>
Date:   Thu Mar 2 14:14:55 2017 +0100

    gpg: Do not allow the user to revoke the last valid UID.
    
    * g10/keyedit.c (keyedit_quick_revuid): Merge self signatures, then
    make sure that we do not revoke the last valid UID.
    (menu_revuid): Make sure that we do not revoke the last valid UID.
    * tests/openpgp/quick-key-manipulation.scm: Demonstrate that
    '--quick-revoke-uid' can not be used to revoke the last valid UID.
    
    GnuPG-bug-id: 2960
    Signed-off-by: Justus Winter <justus at g10code.com>

diff --git a/g10/keyedit.c b/g10/keyedit.c
index c10a011..660e8bf 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -2966,6 +2966,7 @@ keyedit_quick_revuid (ctrl_t ctrl, const char *username, const char *uidtorev)
   kbnode_t node;
   int modified = 0;
   size_t revlen;
+  size_t valid_uids;
 
 #ifdef HAVE_W32_SYSTEM
   /* See keyedit_menu for why we need this.  */
@@ -3019,7 +3020,16 @@ keyedit_quick_revuid (ctrl_t ctrl, const char *username, const char *uidtorev)
     }
 
   fix_keyblock (&keyblock);
-  setup_main_keyids (keyblock);
+  merge_keys_and_selfsig (keyblock);
+
+  /* Too make sure that we do not revoke the last valid UID, we first
+     count how many valid UIDs there are.  */
+  valid_uids = 0;
+  for (node = keyblock; node; node = node->next)
+    valid_uids +=
+      node->pkt->pkttype == PKT_USER_ID
+      && ! node->pkt->pkt.user_id->is_revoked
+      && ! node->pkt->pkt.user_id->is_expired;
 
   revlen = strlen (uidtorev);
   /* find the right UID */
@@ -3031,6 +3041,15 @@ keyedit_quick_revuid (ctrl_t ctrl, const char *username, const char *uidtorev)
         {
           struct revocation_reason_info *reason;
 
+          /* Make sure that we do not revoke the last valid UID.  */
+          if (valid_uids == 1
+              && ! node->pkt->pkt.user_id->is_revoked
+              && ! node->pkt->pkt.user_id->is_expired)
+            {
+              log_error (_("Cannot revoke the last valid user ID.\n"));
+              goto leave;
+            }
+
           reason = get_default_uid_revocation_reason ();
           err = core_revuid (ctrl, keyblock, node, reason, &modified);
           release_revocation_reason_info (reason);
@@ -6429,6 +6448,7 @@ menu_revuid (ctrl_t ctrl, kbnode_t pub_keyblock)
   int changed = 0;
   int rc;
   struct revocation_reason_info *reason = NULL;
+  size_t valid_uids;
 
   /* Note that this is correct as per the RFCs, but nevertheless
      somewhat meaningless in the real world.  1991 did define the 0x30
@@ -6445,11 +6465,30 @@ menu_revuid (ctrl_t ctrl, kbnode_t pub_keyblock)
 	  goto leave;
       }
 
+  /* Too make sure that we do not revoke the last valid UID, we first
+     count how many valid UIDs there are.  */
+  valid_uids = 0;
+  for (node = pub_keyblock; node; node = node->next)
+    valid_uids +=
+      node->pkt->pkttype == PKT_USER_ID
+      && ! node->pkt->pkt.user_id->is_revoked
+      && ! node->pkt->pkt.user_id->is_expired;
+
  reloop: /* (better this way because we are modifying the keyring) */
   for (node = pub_keyblock; node; node = node->next)
     if (node->pkt->pkttype == PKT_USER_ID && (node->flag & NODFLG_SELUID))
       {
         int modified = 0;
+
+        /* Make sure that we do not revoke the last valid UID.  */
+        if (valid_uids == 1
+            && ! node->pkt->pkt.user_id->is_revoked
+            && ! node->pkt->pkt.user_id->is_expired)
+          {
+            log_error (_("Cannot revoke the last valid user ID.\n"));
+            goto leave;
+          }
+
         rc = core_revuid (ctrl, pub_keyblock, node, reason, &modified);
         if (rc)
           goto leave;
diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm
index 08ef626..9fd5b6b 100755
--- a/tests/openpgp/quick-key-manipulation.scm
+++ b/tests/openpgp/quick-key-manipulation.scm
@@ -81,6 +81,11 @@
        (call-check `(, at GPG --quick-revoke-uid ,(exact bravo) ,charlie))
        (error "Expected an error, but get none."))
 
+(info "Checking that we get an error revoking the last valid user ID.")
+(catch '()
+       (call-check `(, at GPG --quick-revoke-uid ,(exact bravo) ,bravo))
+       (error "Expected an error, but get none."))
+
 (assert (= 1 (count-uids-of-secret-key bravo)))
 
 (info "Checking that we can change the expiration time.")

-----------------------------------------------------------------------

Summary of changes:
 g10/keyedit.c                            | 41 +++++++++++++++++++++++++++++++-
 tests/openpgp/quick-key-manipulation.scm |  5 ++++
 2 files changed, 45 insertions(+), 1 deletion(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list