diff options
author | Sandro <sandro.jaeckel@gmail.com> | 2022-02-19 01:03:00 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-02-19 01:03:00 +0100 |
commit | 30e2832fdc6f788e04afe1244dc6a541b64f07ee (patch) | |
tree | 2a1a5027de6e73757cd95c66695cb56bf4b80b40 /pkgs | |
parent | 7f28a5962adfbeca85ea74d91a76996f1ba5a3d2 (diff) | |
parent | 05fdc9cce0dc59e62a8951460f7d00e1550d7e8e (diff) |
Merge pull request #160794 from SuperSandro2000/update-gpgme
Diffstat (limited to 'pkgs')
-rw-r--r-- | pkgs/development/libraries/gpgme/default.nix | 6 | ||||
-rw-r--r-- | pkgs/development/libraries/gpgme/test_t-edit-sign.diff | 125 |
2 files changed, 2 insertions, 129 deletions
diff --git a/pkgs/development/libraries/gpgme/default.nix b/pkgs/development/libraries/gpgme/default.nix index 263807c2fc1de..20f80ce76038b 100644 --- a/pkgs/development/libraries/gpgme/default.nix +++ b/pkgs/development/libraries/gpgme/default.nix @@ -13,16 +13,14 @@ in stdenv.mkDerivation rec { pname = "gpgme"; - version = "1.16.0"; + version = "1.17.0"; src = fetchurl { url = "mirror://gnupg/gpgme/${pname}-${version}.tar.bz2"; - sha256 = "1l4yw9fqc1blvx1sq1jnfvp1jijla3ca2jw90p4x9m8hvfpc933c"; + sha256 = "1xb9k88rrafdi0n95nzx0d6bz7hcn9b44hciqbigrqkvxc6gblsf"; }; patches = [ - # probably included in > 1.16.0 - ./test_t-edit-sign.diff # https://dev.gnupg.org/rMc4cf527ea227edb468a84bf9b8ce996807bd6992 ./fix_gpg_list_keys.diff # https://lists.gnupg.org/pipermail/gnupg-devel/2020-April/034591.html diff --git a/pkgs/development/libraries/gpgme/test_t-edit-sign.diff b/pkgs/development/libraries/gpgme/test_t-edit-sign.diff deleted file mode 100644 index 55075b9eb1267..0000000000000 --- a/pkgs/development/libraries/gpgme/test_t-edit-sign.diff +++ /dev/null @@ -1,125 +0,0 @@ -From 81a33ea5e1b86d586b956e893a5b25c4cd41c969 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ingo=20Kl=C3=B6cker?= <dev@ingo-kloecker.de> -Date: Sat, 26 Jun 2021 18:02:47 +0200 -Subject: [PATCH] core: Fix use-after-free issue in test - -* tests/gpg/t-edit-sign.c (sign_key, verify_key_signature): New. -(main): Factored out signing and verifying the result. --- - -Factoring the two steps of the test into different functions fixes the -use-after-free issue that was caused by accidentaly using a variable -of the first step in the second step. - -GnuPG-bug-id: 5509 ---- - tests/gpg/t-edit-sign.c | 54 ++++++++++++++++++++++++++++------------- - 1 file changed, 37 insertions(+), 17 deletions(-) - -diff --git a/tests/gpg/t-edit-sign.c b/tests/gpg/t-edit-sign.c -index 2f983622..e0494c54 100644 ---- a/tests/gpg/t-edit-sign.c -+++ b/tests/gpg/t-edit-sign.c -@@ -107,31 +107,19 @@ interact_fnc (void *opaque, const char *status, const char *args, int fd) - } - - --int --main (int argc, char **argv) -+void -+sign_key (const char *key_fpr, const char *signer_fpr) - { - gpgme_ctx_t ctx; - gpgme_error_t err; - gpgme_data_t out = NULL; -- const char *signer_fpr = "A0FF4590BB6122EDEF6E3C542D727CC768697734"; /* Alpha Test */ - gpgme_key_t signing_key = NULL; -- const char *key_fpr = "D695676BDCEDCC2CDD6152BCFE180B1DA9E3B0B2"; /* Bravo Test */ - gpgme_key_t key = NULL; -- gpgme_key_t signed_key = NULL; -- gpgme_user_id_t signed_uid = NULL; -- gpgme_key_sig_t key_sig = NULL; - char *agent_info; -- int mode; -- -- (void)argc; -- (void)argv; -- -- init_gpgme (GPGME_PROTOCOL_OpenPGP); - - err = gpgme_new (&ctx); - fail_if_err (err); - -- /* Sign the key */ - agent_info = getenv("GPG_AGENT_INFO"); - if (!(agent_info && strchr (agent_info, ':'))) - gpgme_set_passphrase_cb (ctx, passphrase_cb, 0); -@@ -159,8 +147,23 @@ main (int argc, char **argv) - gpgme_data_release (out); - gpgme_key_unref (key); - gpgme_key_unref (signing_key); -+ gpgme_release (ctx); -+} -+ -+ -+void -+verify_key_signature (const char *key_fpr, const char *signer_keyid) -+{ -+ gpgme_ctx_t ctx; -+ gpgme_error_t err; -+ gpgme_key_t signed_key = NULL; -+ gpgme_user_id_t signed_uid = NULL; -+ gpgme_key_sig_t key_sig = NULL; -+ int mode; -+ -+ err = gpgme_new (&ctx); -+ fail_if_err (err); - -- /* Verify the key signature */ - mode = gpgme_get_keylist_mode (ctx); - mode |= GPGME_KEYLIST_MODE_SIGS; - err = gpgme_set_keylist_mode (ctx, mode); -@@ -168,7 +171,7 @@ main (int argc, char **argv) - err = gpgme_get_key (ctx, key_fpr, &signed_key, 0); - fail_if_err (err); - -- signed_uid = key->uids; -+ signed_uid = signed_key->uids; - if (!signed_uid) - { - fprintf (stderr, "Signed key has no user IDs\n"); -@@ -180,7 +183,7 @@ main (int argc, char **argv) - exit (1); - } - key_sig = signed_uid->signatures->next; -- if (strcmp ("2D727CC768697734", key_sig->keyid)) -+ if (strcmp (signer_keyid, key_sig->keyid)) - { - fprintf (stderr, "Unexpected key ID in second user ID sig: %s\n", - key_sig->keyid); -@@ -196,6 +199,23 @@ main (int argc, char **argv) - - gpgme_key_unref (signed_key); - gpgme_release (ctx); -+} -+ -+ -+int -+main (int argc, char **argv) -+{ -+ const char *signer_fpr = "A0FF4590BB6122EDEF6E3C542D727CC768697734"; /* Alpha Test */ -+ const char *signer_keyid = signer_fpr + strlen(signer_fpr) - 16; -+ const char *key_fpr = "D695676BDCEDCC2CDD6152BCFE180B1DA9E3B0B2"; /* Bravo Test */ -+ -+ (void)argc; -+ (void)argv; -+ -+ init_gpgme (GPGME_PROTOCOL_OpenPGP); -+ -+ sign_key (key_fpr, signer_fpr); -+ verify_key_signature (key_fpr, signer_keyid); - - return 0; - } --- -2.32.0 |