[Users] [Bug 3040] New: [PATCH] Handle revoked GPG private keys
noreply at thewildbeast.co.uk
noreply at thewildbeast.co.uk
Mon Dec 23 06:50:18 CET 2013
http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3040
Bug ID: 3040
Summary: [PATCH] Handle revoked GPG private keys
Classification: Unclassified
Product: Claws Mail
Version: other
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P3
Component: Plugins/Privacy
Assignee: users at lists.claws-mail.org
Reporter: palmer at dabbelt.com
Created attachment 1311
-->
http://www.thewildbeast.co.uk/claws-mail/bugzilla/attachment.cgi?id=1311&action=edit
Fix revoked GPG key handling
It appears that GPGME only sets the 'key->revoked' field when
searching for public/private keys, not when searching just for private
keys. This patch changes the GPG plugin's key search code to search
for private/public keys, throw out keys incapable of signing (which I
hope maps to public-only keys), and then proceed to check if the key
has been revoked.
This patch is probably bigger than it needs to be because I couldn't
understand the original key searching code so I had to change quite a
bit of it. The minimal patch should just be to change
"gpgme_op_keylist_start(..., 1)" to "gpgme_op_keylist_start(..., 0)"
and then add it checks for "key->can_sign" in the correct places. The
problem is that the old code threaded through the GPGME error code as
a mechanism for deciding if the key was valid or not, which seemed too
tricky for me :).
The attached patch applies against both claws-mail-3.9.0 (from Gentoo) and
against the current git HEAD (02b5ac9). The bug manifests itself with both
gpgme-1.3.2 (stable in Gentoo) and gpgme-1.4.3 (unstable in Gentoo).
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Users
mailing list