[GPGME PATCH] doc, tests: Require use of ctx_flag before use of session_key.

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Nov 16 06:10:22 CET 2016


* doc/gpgme.texi: Document requirements of verifying that it is OK to
use session_key.
* tests/run-decrypt.c: Ensure that we fail if we're unable to access
the session key, so that we do not violate the guidance above.

Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
---
 doc/gpgme.texi      |  5 +++++
 tests/run-decrypt.c | 20 ++++++++++++++++++--
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/doc/gpgme.texi b/doc/gpgme.texi
index fd396e0..8820312 100644
--- a/doc/gpgme.texi
+++ b/doc/gpgme.texi
@@ -4814,6 +4814,11 @@ set to export session keys (see @code{gpgme_set_ctx_flag,
 "export-session-key"}), and a session key was available for the most
 recent decryption operation.  Otherwise, this is a null pointer.
 
+You must not try to access this member of the struct unless
+ at code{gpgme_set_ctx_flag (ctx, "export-session-key")} returns
+ at code{GPG_ERR_NO_ERROR} or @code{gpgme_get_ctx_flag (ctx,
+"export-session-key")} returns @code{"1"}.
+
 @end table
 @end deftp
 
diff --git a/tests/run-decrypt.c b/tests/run-decrypt.c
index 65624d0..b9042bb 100644
--- a/tests/run-decrypt.c
+++ b/tests/run-decrypt.c
@@ -174,9 +174,25 @@ main (int argc, char **argv)
       gpgme_set_ctx_flag (ctx, "full-status", "1");
     }
   if (export_session_key)
-    gpgme_set_ctx_flag (ctx, "export-session-key", "1");
+    {
+      err = gpgme_set_ctx_flag (ctx, "export-session-key", "1");
+      if (err)
+        {
+          fprintf (stderr, PGM ": error requesting exported session key: %s\n",
+                   gpgme_strerror (err));
+          exit (1);
+        }
+    }
   if (override_session_key)
-    gpgme_set_ctx_flag (ctx, "override-session-key", override_session_key);
+    {
+      err = gpgme_set_ctx_flag (ctx, "overrride-session-key", "1");
+      if (err)
+        {
+          fprintf (stderr, PGM ": error overriding session key: %s\n",
+                   gpgme_strerror (err));
+          exit (1);
+        }
+    }
 
   err = gpgme_data_new_from_stream (&in, fp_in);
   if (err)
-- 
2.10.2




More information about the Gnupg-devel mailing list