[gmime] Fixed parsing of the SESSION_KEY from gpg



commit ed6cae2713b6cfcc6eaaaca6bf676b90ff57064a
Author: Jeffrey Stedfast <jestedfa microsoft com>
Date:   Mon Dec 5 09:39:27 2016 -0500

    Fixed parsing of the SESSION_KEY from gpg
    
    2016-12-05  Jeffrey Stedfast  <fejj gnome org>
    
        * gmime/gmime-gpg-context.c (gpg_ctx_parse_status): Advance over the SESSION_KEY
        identifier before calling next_token() so that next_token() actually gets the
        sesstion key token that we want. Also fixed to free any existing session_key
        if gpg somehow sends us multiple SESSION_KEY responses.
    
        Thanks to Daniel Kahn Gillmor for this patch.

 ChangeLog                 |    9 +++++++++
 gmime/gmime-gpg-context.c |   12 +++++++++++-
 2 files changed, 20 insertions(+), 1 deletions(-)
---
diff --git a/ChangeLog b/ChangeLog
index d0b9256..d9ad9cc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+2016-12-05  Jeffrey Stedfast  <fejj gnome org>
+
+       * gmime/gmime-gpg-context.c (gpg_ctx_parse_status): Advance over the SESSION_KEY
+       identifier before calling next_token() so that next_token() actually gets the
+       sesstion key token that we want. Also fixed to free any existing session_key
+       if gpg somehow sends us multiple SESSION_KEY responses.
+
+       Thanks to Daniel Kahn Gillmor for this patch.
+
 2016-12-03  Jeffrey Stedfast  <fejj gnome org>
 
        * gmime/gmime-gpg-context.c (next_token): Now takes a 'secret' argument to
diff --git a/gmime/gmime-gpg-context.c b/gmime/gmime-gpg-context.c
index e19603f..d8a4b2c 100644
--- a/gmime/gmime-gpg-context.c
+++ b/gmime/gmime-gpg-context.c
@@ -295,7 +295,10 @@ struct _GpgCtx {
        int stdout_fd;
        int stderr_fd;
        int status_fd;
-       int secret_fd;  /* used for sign/decrypt/verify */
+       int secret_fd;  /* used for exactly one of:
+                        * (a) sending a password to gpg when signing or encrypting
+                        * (b) sending a detatched signature to gpg when verifying
+                        */
        
        /* status-fd buffer */
        char *statusbuf;
@@ -1341,6 +1344,13 @@ gpg_ctx_parse_status (struct _GpgCtx *gpg, GError **err)
                        } else if (!strncmp (status, "BADMDC", 6)) {
                                /* nothing to do, this will only be sent after DECRYPTION_FAILED */
                        } else if (!strncmp (status, "SESSION_KEY", 11)) {
+                               if (gpg->session_key) {
+                                       memset (gpg->session_key, 0, strlen (gpg->session_key));
+                                       g_free (gpg->session_key);
+                               }
+
+                               status += 11;
+                               
                                status = next_token (status, TRUE, &gpg->session_key);
                        } else {
                                gpg_ctx_parse_signer_info (gpg, status);


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]