From: Daiki Ueno <ueno@gnu.org>
To: =?iso-2022-jp-2?B?GyQoRCkoGyhCdWthc3o=?= Stelmach <stlman@poczta.fm>
Cc: ding@gnus.org
Subject: Re: [BUG] mml2015-epg-find-usable-key finds unusable key
Date: Fri, 15 Feb 2013 13:05:11 +0900 [thread overview]
Message-ID: <m3mwv6z0g8.fsf-ueno@gnu.org> (raw)
In-Reply-To: <87fw106la1.fsf%stlman@poczta.fm> (=?iso-2022-jp-2?B?Ig==?= =?iso-2022-jp-2?B?GyQoRCkoGyhCdWthc3o=?= Stelmach"'s message of "Wed, 13 Feb 2013 20:55:50 +0100")
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset=iso-2022-jp-2, Size: 4850 bytes --]
^[$(D)(^[(Bukasz Stelmach <stlman@poczta.fm> writes:
> It looks like there is a sort of bug in mml2015-epg-encrypt at line
> 1117.
>
> http://git.gnus.org/cgit/gnus.git/tree/lisp/mml2015.el?id=6e422932976e94d6dbb7ad602c5be3eb481fe46c#n1117)
>
> The whole form that begins at line 1113 converts list of recipients
> provided as email addresses, key IDs or anything gpg can digest into epg
> "objects". Unfortunately there is one corner case that makes this code
> fail. That is when a key is valid but a uid on it has been revoked.
Thanks for the report.
> epg.el is a part of emacs, mml2015.el belongs to gnus. IMHO it is
> mml2015-epg-find-usable-key that should be fixed. The function should
> accept and additional (optional?) parameter with a recipient uid as
> passed to epg-list-keys and reject keys with all uids matching the
> recipient parameter revoked.
Sounds reasonable. I plan to apply the attached patch.
Regards,
--
Daiki Ueno
From 9440de44c8dc03a5b77e662539d3d388f6718549 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Fri, 15 Feb 2013 12:58:09 +0900
Subject: [PATCH] mml2015.el (mml2015-epg-find-usable-key): handle revoked
user-id
---
lisp/ChangeLog | 9 +++++++++
lisp/mml2015.el | 57 +++++++++++++++++++++++++++++++++++++++++----------------
2 files changed, 50 insertions(+), 16 deletions(-)
diff --git a/lisp/ChangeLog b/lisp/ChangeLog
index 5edf6f6..3fda767 100644
--- a/lisp/ChangeLog
+++ b/lisp/ChangeLog
@@ -1,3 +1,12 @@
+2013-02-15 Daiki Ueno <ueno@gnu.org>
+
+ * mml2015.el (mml2015-epg-check-user-id): New function.
+ (mml2015-epg-check-sub-key): New function split from
+ mml2015-epg-find-usable-key.
+ (mml2015-epg-find-usable-key): Accept context, recipient, and usage, to
+ handle the case when user-id is unusable (all callers changed).
+ Reported by ^[$(D)(^[(Bukasz Stelmach <stlman@poczta.fm>.
+
2013-02-14 Katsumi Yamaoka <yamaoka@jpl.org>
* gnus-util.el (gnus-define-keys): Convert [?\S-\ ] to [(shift space)]
diff --git a/lisp/mml2015.el b/lisp/mml2015.el
index 275a486..6310ff3 100644
--- a/lisp/mml2015.el
+++ b/lisp/mml2015.el
@@ -786,21 +786,47 @@ If set, it overrides the setting of `mml2015-sign-with-sender'."
(cons password-cache-key-id mml2015-epg-secret-key-id-list))
(copy-sequence passphrase)))))
-(defun mml2015-epg-find-usable-key (keys usage)
- (catch 'found
+(defun mml2015-epg-check-user-id (key recipient)
+ (let ((pointer (epg-key-user-id-list key))
+ result)
+ (while pointer
+ (if (and (equal (car (mail-header-parse-address
+ (epg-user-id-string (car pointer))))
+ (car (mail-header-parse-address
+ recipient)))
+ (not (memq (epg-user-id-validity (car pointer))
+ '(revoked expired))))
+ (setq result t
+ pointer nil)
+ (setq pointer (cdr pointer))))
+ result))
+
+(defun mml2015-epg-check-sub-key (key usage)
+ (let ((pointer (epg-key-sub-key-list key))
+ result)
+ ;; The primary key will be marked as disabled, when the entire
+ ;; key is disabled (see 12 Field, Format of colon listings, in
+ ;; gnupg/doc/DETAILS)
+ (unless (memq 'disabled (epg-sub-key-capability (car pointer)))
+ (while pointer
+ (if (and (memq usage (epg-sub-key-capability (car pointer)))
+ (not (memq (epg-sub-key-validity (car pointer))
+ '(revoked expired))))
+ (setq result t
+ pointer nil)
+ (setq pointer (cdr pointer)))))
+ result))
+
+(defun mml2015-epg-find-usable-key (context recipient usage)
+ (let ((keys (epg-list-keys context recipient))
+ key)
(while keys
- (let ((pointer (epg-key-sub-key-list (car keys))))
- ;; The primary key will be marked as disabled, when the entire
- ;; key is disabled (see 12 Field, Format of colon listings, in
- ;; gnupg/doc/DETAILS)
- (unless (memq 'disabled (epg-sub-key-capability (car pointer)))
- (while pointer
- (if (and (memq usage (epg-sub-key-capability (car pointer)))
- (not (memq (epg-sub-key-validity (car pointer))
- '(revoked expired))))
- (throw 'found (car keys)))
- (setq pointer (cdr pointer)))))
- (setq keys (cdr keys)))))
+ (if (and (mml2015-epg-check-user-id (car keys) recipient)
+ (mml2015-epg-check-sub-key (car keys) usage))
+ (setq key (car keys)
+ keys nil)
+ (setq keys (cdr keys))))
+ key))
;; XXX: since gpg --list-secret-keys does not return validity of each
;; key, `mml2015-epg-find-usable-key' defined above is not enough for
@@ -1115,8 +1141,7 @@ If no one is selected, symmetric encryption will be performed. "
(mapcar
(lambda (recipient)
(setq recipient-key (mml2015-epg-find-usable-key
- (epg-list-keys context recipient)
- 'encrypt))
+ context recipient 'encrypt))
(unless (or recipient-key
(y-or-n-p
(format "No public key for %s; skip it? "
--
1.8.1.2
next prev parent reply other threads:[~2013-02-15 4:05 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-02-13 19:55 Łukasz Stelmach
2013-02-14 19:28 ` Łukasz Stelmach
2013-02-15 4:05 ` Daiki Ueno [this message]
2013-02-15 7:59 ` Łukasz Stelmach
2013-02-15 9:14 ` Daiki Ueno
2013-02-16 18:35 ` Łukasz Stelmach
2013-02-16 21:11 ` Łukasz Stelmach
2013-02-17 3:12 ` Daiki Ueno
2013-02-17 7:47 ` Łukasz Stelmach
2013-02-17 9:02 ` Daiki Ueno
2013-02-17 10:20 ` Daiki Ueno
2013-02-17 21:29 ` Łukasz Stelmach
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m3mwv6z0g8.fsf-ueno@gnu.org \
--to=ueno@gnu.org \
--cc=ding@gnus.org \
--cc=stlman@poczta.fm \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).