Minor 1.0.6c bugfix

David Shaw dshaw at jabberwocky.com
Tue Nov 27 00:24:01 CET 2001


Hi folks,

I was playing around with key signatures and found a minor trustdb
bug.  The test for signature expiration is reversed - if a key
signature has an expiration date set, GnuPG treats the sig as expired
until the expiration date arrives and then it treats it as not
expired.

Fix (for the CVS version) attached.

David

-- 
   David Shaw  |  dshaw at jabberwocky.com  |  WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson
-------------- next part --------------
Index: ChangeLog
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/ChangeLog,v
retrieving revision 1.162.2.170
diff -u -r1.162.2.170 ChangeLog
--- ChangeLog	2001/11/09 09:36:22	1.162.2.170
+++ ChangeLog	2001/11/26 23:13:33
@@ -1,3 +1,8 @@
+2001-11-26  David Shaw  <dshaw at jabberwocky.com>
+
+	* trustdb.c (mark_usable_uid_certs): Fix segfault from bad
+	initialization and fix reversed key signature expiration check.
+
 2001-11-09  Werner Koch  <wk at gnupg.org>
 
 	* export.c (do_export_stream): Put all given names into a search
Index: trustdb.c
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/trustdb.c,v
retrieving revision 1.81.2.26
diff -u -r1.81.2.26 trustdb.c
--- trustdb.c	2001/11/08 13:25:48	1.81.2.26
+++ trustdb.c	2001/11/26 23:13:33
@@ -995,7 +995,7 @@
                        u32 curtime, u32 *next_expire)
 {
   KBNODE node;
-  PKT_signature *sig = node->pkt->pkt.signature;
+  PKT_signature *sig;
   
   /* first check all signatures */
   for (node=uidnode->next; node; node = node->next)
@@ -1076,7 +1076,8 @@
                     
           p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_EXPIRE, NULL );
           expire = p? sig->timestamp + buffer_to_u32(p) : 0;
-          if ( expire < curtime )
+
+          if (expire==0 || expire > curtime )
             {
               signode->flag |= (1<<8); /* yeah, found a good cert */
               if (expire && expire < *next_expire)


More information about the Gnupg-devel mailing list