[git] GPGME - branch, master, updated. gpgme-1.10.0-54-g343d3e2

by Werner Koch cvs at cvs.gnupg.org
Tue Mar 20 11:19:04 CET 2018 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".

The branch, master has been updated
       via  343d3e2232a22d0999e1693f0f95e5e290005829 (commit)
       via  9e1e6554834d0e803dd0889deaef4f11047c7e47 (commit)
      from  ad95288d3b3efc38998841add4fe658c84701f98 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 343d3e2232a22d0999e1693f0f95e5e290005829
Author: Werner Koch <wk at gnupg.org>
Date:   Tue Mar 20 10:41:18 2018 +0100

    core: Do not clobber R_KEY in gpgme_get_key on error.
    
    * src/keylist.c (gpgme_get_key): Assign a value to the return
    parameter only on success.
    --
    
    This problem could be triggered by an ambiguous key.  The problem is
    that the key returned in that case is for one not expected and worse
    it has not been ref-ed.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/src/keylist.c b/src/keylist.c
index 24a9b0b..7956935 100644
--- a/src/keylist.c
+++ b/src/keylist.c
@@ -1261,7 +1261,7 @@ gpgme_get_key (gpgme_ctx_t ctx, const char *fpr, gpgme_key_t *r_key,
 {
   gpgme_ctx_t listctx;
   gpgme_error_t err;
-  gpgme_key_t key;
+  gpgme_key_t result, key;
 
   TRACE_BEG2 (DEBUG_CTX, "gpgme_get_key", ctx,
 	      "fpr=%s, secret=%i", fpr, secret);
@@ -1295,7 +1295,7 @@ gpgme_get_key (gpgme_ctx_t ctx, const char *fpr, gpgme_key_t *r_key,
 
   err = gpgme_op_keylist_start (listctx, fpr, secret);
   if (!err)
-    err = gpgme_op_keylist_next (listctx, r_key);
+    err = gpgme_op_keylist_next (listctx, &result);
   if (!err)
     {
     try_next_key:
@@ -1305,9 +1305,9 @@ gpgme_get_key (gpgme_ctx_t ctx, const char *fpr, gpgme_key_t *r_key,
       else
 	{
           if (!err
-              && *r_key && (*r_key)->subkeys && (*r_key)->subkeys->fpr
+              && result && result->subkeys && result->subkeys->fpr
               && key && key->subkeys && key->subkeys->fpr
-              && !strcmp ((*r_key)->subkeys->fpr, key->subkeys->fpr))
+              && !strcmp (result->subkeys->fpr, key->subkeys->fpr))
             {
               /* The fingerprint is identical.  We assume that this is
                  the same key and don't mark it as an ambiguous.  This
@@ -1323,12 +1323,14 @@ gpgme_get_key (gpgme_ctx_t ctx, const char *fpr, gpgme_key_t *r_key,
 	      gpgme_key_unref (key);
 	      err = gpg_error (GPG_ERR_AMBIGUOUS_NAME);
 	    }
-	  gpgme_key_unref (*r_key);
+	  gpgme_key_unref (result);
+          result = NULL;
 	}
     }
   gpgme_release (listctx);
   if (! err)
     {
+      *r_key = result;
       TRACE_LOG2 ("key=%p (%s)", *r_key,
 		  ((*r_key)->subkeys && (*r_key)->subkeys->fpr) ?
 		  (*r_key)->subkeys->fpr : "invalid");

commit 9e1e6554834d0e803dd0889deaef4f11047c7e47
Author: Werner Koch <wk at gnupg.org>
Date:   Tue Mar 20 10:34:56 2018 +0100

    core: Fix ABI regression in recent commit.
    
    * src/gpgme.h.in (_gpgme_op_import_result): Move new field
    'skipped_v3_keys' to the end.
    --
    
    The ABI break has not made it into a release.
    
    Also document the new field.
    
    Fixes-commit: a630a1e3e74c926163864b013cb164b4cd1866fc
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/doc/gpgme.texi b/doc/gpgme.texi
index cd7bb4b..37cf16a 100644
--- a/doc/gpgme.texi
+++ b/doc/gpgme.texi
@@ -4811,6 +4811,12 @@ The number of keys not imported.
 @item gpgme_import_status_t imports
 A list of gpgme_import_status_t objects which contain more information
 about the keys for which an import was attempted.
+
+ at item int skipped_v3_keys
+For security reasons modern versions of GnuPG do not anymore support
+v3 keys (created with PGP 2.x) and ignores them on import.  This
+counter provides the number of such skipped v3 keys.
+
 @end table
 @end deftp
 
diff --git a/src/gpgme.h.in b/src/gpgme.h.in
index 73f2c94..e319879 100644
--- a/src/gpgme.h.in
+++ b/src/gpgme.h.in
@@ -1637,11 +1637,11 @@ struct _gpgme_op_import_result
   /* Number of keys not imported.  */
   int not_imported;
 
-  /* Number of v3 keys skipped.  */
-  int skipped_v3_keys;
-
   /* List of keys for which an import was attempted.  */
   gpgme_import_status_t imports;
+
+  /* Number of v3 keys skipped.  */
+  int skipped_v3_keys;
 };
 typedef struct _gpgme_op_import_result *gpgme_import_result_t;
 

-----------------------------------------------------------------------

Summary of changes:
 doc/gpgme.texi |  6 ++++++
 src/gpgme.h.in |  6 +++---
 src/keylist.c  | 12 +++++++-----
 3 files changed, 16 insertions(+), 8 deletions(-)


hooks/post-receive
-- 
GnuPG Made Easy
http://git.gnupg.org

More information about the Gnupg-commits mailing list