commit 30e2832fdc6f788e04afe1244dc6a541b64f07ee · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

Merge pull request #160794 from SuperSandro2000/update-gpgme

authored by Sandro and committed by GitHub 4 years ago 30e2832f 7f28a596

+2 -129

2 changed files

expand all

unified split

pkgs

development

libraries

gpgme

default.nix

test_t-edit-sign.diff

+2 -4

pkgs/development/libraries/gpgme/default.nix

··· 13 13 14 14 stdenv.mkDerivation rec { 15 15 pname = "gpgme"; 16 - version = "1.16.0"; 16 + version = "1.17.0"; 17 17 18 18 src = fetchurl { 19 19 url = "mirror://gnupg/gpgme/${pname}-${version}.tar.bz2"; 20 - sha256 = "1l4yw9fqc1blvx1sq1jnfvp1jijla3ca2jw90p4x9m8hvfpc933c"; 20 + sha256 = "1xb9k88rrafdi0n95nzx0d6bz7hcn9b44hciqbigrqkvxc6gblsf"; 21 21 }; 22 22 23 23 patches = [ 24 - # probably included in > 1.16.0 25 - ./test_t-edit-sign.diff 26 24 # https://dev.gnupg.org/rMc4cf527ea227edb468a84bf9b8ce996807bd6992 27 25 ./fix_gpg_list_keys.diff 28 26 # https://lists.gnupg.org/pipermail/gnupg-devel/2020-April/034591.html

-125

pkgs/development/libraries/gpgme/test_t-edit-sign.diff

··· 1 - From 81a33ea5e1b86d586b956e893a5b25c4cd41c969 Mon Sep 17 00:00:00 2001 2 - From: =?UTF-8?q?Ingo=20Kl=C3=B6cker?= <dev@ingo-kloecker.de> 3 - Date: Sat, 26 Jun 2021 18:02:47 +0200 4 - Subject: [PATCH] core: Fix use-after-free issue in test 5 - 6 - * tests/gpg/t-edit-sign.c (sign_key, verify_key_signature): New. 7 - (main): Factored out signing and verifying the result. 8 - -- 9 - 10 - Factoring the two steps of the test into different functions fixes the 11 - use-after-free issue that was caused by accidentaly using a variable 12 - of the first step in the second step. 13 - 14 - GnuPG-bug-id: 5509 15 - --- 16 - tests/gpg/t-edit-sign.c | 54 ++++++++++++++++++++++++++++------------- 17 - 1 file changed, 37 insertions(+), 17 deletions(-) 18 - 19 - diff --git a/tests/gpg/t-edit-sign.c b/tests/gpg/t-edit-sign.c 20 - index 2f983622..e0494c54 100644 21 - --- a/tests/gpg/t-edit-sign.c 22 - +++ b/tests/gpg/t-edit-sign.c 23 - @@ -107,31 +107,19 @@ interact_fnc (void *opaque, const char *status, const char *args, int fd) 24 - } 25 - 26 - 27 - -int 28 - -main (int argc, char **argv) 29 - +void 30 - +sign_key (const char *key_fpr, const char *signer_fpr) 31 - { 32 - gpgme_ctx_t ctx; 33 - gpgme_error_t err; 34 - gpgme_data_t out = NULL; 35 - - const char *signer_fpr = "A0FF4590BB6122EDEF6E3C542D727CC768697734"; /* Alpha Test */ 36 - gpgme_key_t signing_key = NULL; 37 - - const char *key_fpr = "D695676BDCEDCC2CDD6152BCFE180B1DA9E3B0B2"; /* Bravo Test */ 38 - gpgme_key_t key = NULL; 39 - - gpgme_key_t signed_key = NULL; 40 - - gpgme_user_id_t signed_uid = NULL; 41 - - gpgme_key_sig_t key_sig = NULL; 42 - char *agent_info; 43 - - int mode; 44 - - 45 - - (void)argc; 46 - - (void)argv; 47 - - 48 - - init_gpgme (GPGME_PROTOCOL_OpenPGP); 49 - 50 - err = gpgme_new (&ctx); 51 - fail_if_err (err); 52 - 53 - - /* Sign the key */ 54 - agent_info = getenv("GPG_AGENT_INFO"); 55 - if (!(agent_info && strchr (agent_info, ':'))) 56 - gpgme_set_passphrase_cb (ctx, passphrase_cb, 0); 57 - @@ -159,8 +147,23 @@ main (int argc, char **argv) 58 - gpgme_data_release (out); 59 - gpgme_key_unref (key); 60 - gpgme_key_unref (signing_key); 61 - + gpgme_release (ctx); 62 - +} 63 - + 64 - + 65 - +void 66 - +verify_key_signature (const char *key_fpr, const char *signer_keyid) 67 - +{ 68 - + gpgme_ctx_t ctx; 69 - + gpgme_error_t err; 70 - + gpgme_key_t signed_key = NULL; 71 - + gpgme_user_id_t signed_uid = NULL; 72 - + gpgme_key_sig_t key_sig = NULL; 73 - + int mode; 74 - + 75 - + err = gpgme_new (&ctx); 76 - + fail_if_err (err); 77 - 78 - - /* Verify the key signature */ 79 - mode = gpgme_get_keylist_mode (ctx); 80 - mode |= GPGME_KEYLIST_MODE_SIGS; 81 - err = gpgme_set_keylist_mode (ctx, mode); 82 - @@ -168,7 +171,7 @@ main (int argc, char **argv) 83 - err = gpgme_get_key (ctx, key_fpr, &signed_key, 0); 84 - fail_if_err (err); 85 - 86 - - signed_uid = key->uids; 87 - + signed_uid = signed_key->uids; 88 - if (!signed_uid) 89 - { 90 - fprintf (stderr, "Signed key has no user IDs\n"); 91 - @@ -180,7 +183,7 @@ main (int argc, char **argv) 92 - exit (1); 93 - } 94 - key_sig = signed_uid->signatures->next; 95 - - if (strcmp ("2D727CC768697734", key_sig->keyid)) 96 - + if (strcmp (signer_keyid, key_sig->keyid)) 97 - { 98 - fprintf (stderr, "Unexpected key ID in second user ID sig: %s\n", 99 - key_sig->keyid); 100 - @@ -196,6 +199,23 @@ main (int argc, char **argv) 101 - 102 - gpgme_key_unref (signed_key); 103 - gpgme_release (ctx); 104 - +} 105 - + 106 - + 107 - +int 108 - +main (int argc, char **argv) 109 - +{ 110 - + const char *signer_fpr = "A0FF4590BB6122EDEF6E3C542D727CC768697734"; /* Alpha Test */ 111 - + const char *signer_keyid = signer_fpr + strlen(signer_fpr) - 16; 112 - + const char *key_fpr = "D695676BDCEDCC2CDD6152BCFE180B1DA9E3B0B2"; /* Bravo Test */ 113 - + 114 - + (void)argc; 115 - + (void)argv; 116 - + 117 - + init_gpgme (GPGME_PROTOCOL_OpenPGP); 118 - + 119 - + sign_key (key_fpr, signer_fpr); 120 - + verify_key_signature (key_fpr, signer_keyid); 121 - 122 - return 0; 123 - } 124 - -- 125 - 2.32.0