From 197c7a3e47c38811c6dd266136785cf644f76d55 Mon Sep 17 00:00:00 2001
From: David Shaw <dshaw@jabberwocky.com>
Date: Tue, 23 May 2006 03:58:53 +0000
Subject: [PATCH] * parse-packet.c (dump_sig_subpkt, parse_signature),
 build-packet.c (build_sig_subpkt_from_sig), getkey.c (fixup_uidnode,
 merge_selfsigs_main, merge_selfsigs_subkey), keygen.c
 (keygen_add_key_expire): Fix meaning of key expiration and sig expiration
 subpackets - zero means "never expire" according to 2440, not "expire
 instantly".

---
 g10/ChangeLog      |  8 ++++++--
 g10/build-packet.c |  3 ++-
 g10/getkey.c       | 14 +++++++-------
 g10/keygen.c       |  2 +-
 g10/parse-packet.c | 24 +++++++++++++++++-------
 g10/sign.c         |  2 +-
 6 files changed, 34 insertions(+), 19 deletions(-)

diff --git a/g10/ChangeLog b/g10/ChangeLog
index 97eaa5e63..87b815f48 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,7 +1,11 @@
 2006-05-22  David Shaw  <dshaw@jabberwocky.com>
 
-	* import.c (import_one): Fix bug when importing a new key from a
-	file.
+	* parse-packet.c (dump_sig_subpkt, parse_signature),
+	build-packet.c (build_sig_subpkt_from_sig), getkey.c
+	(fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey),
+	keygen.c (keygen_add_key_expire): Fix meaning of key expiration
+	and sig expiration subpackets - zero means "never expire"
+	according to 2440, not "expire instantly".
 
 	* getkey.c (get_pubkey_byname), import.c (import_one): Fix key
 	selection problem when auto-key-locate returns a list of keys, not
diff --git a/g10/build-packet.c b/g10/build-packet.c
index 5c239b79e..a7ac5d829 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -824,7 +824,8 @@ build_sig_subpkt_from_sig( PKT_signature *sig )
 	if(sig->expiredate>sig->timestamp)
 	  u=sig->expiredate-sig->timestamp;
 	else
-	  u=0;
+	  u=1; /* A 1-second expiration time is the shortest one
+		  OpenPGP has */
 
 	buf[0] = (u >> 24) & 0xff;
 	buf[1] = (u >> 16) & 0xff;
diff --git a/g10/getkey.c b/g10/getkey.c
index f7c988a33..74c0a74d6 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -1506,12 +1506,12 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated )
     /* store the key flags in the helper variable for later processing */
     uid->help_key_usage=parse_key_usage(sig);
 
-    /* ditto or the key expiration */
-    uid->help_key_expire = 0;
+    /* ditto for the key expiration */
     p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
-    if ( p ) { 
-        uid->help_key_expire = keycreated + buffer_to_u32(p);
-    }
+    if( p && buffer_to_u32(p) )
+      uid->help_key_expire = keycreated + buffer_to_u32(p);
+    else
+      uid->help_key_expire = 0;
 
     /* Set the primary user ID flag - we will later wipe out some
      * of them to only have one in our keyblock */
@@ -1723,7 +1723,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
 	key_usage=parse_key_usage(sig);
 
 	p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
-	if ( p )
+	if( p && buffer_to_u32(p) )
 	  {
 	    key_expire = keytimestamp + buffer_to_u32(p);
 	    key_expire_seen = 1;
@@ -2127,7 +2127,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
     subpk->pubkey_usage = key_usage;
     
     p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
-    if ( p ) 
+    if ( p && buffer_to_u32(p) )
         key_expire = keytimestamp + buffer_to_u32(p);
     else
         key_expire = 0;
diff --git a/g10/keygen.c b/g10/keygen.c
index 971f8398c..7733132ef 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -221,7 +221,7 @@ keygen_add_key_expire( PKT_signature *sig, void *opaque )
         if(pk->expiredate > pk->timestamp)
 	  u= pk->expiredate - pk->timestamp;
 	else
-	  u= 0;
+	  u= 1;
 
 	buf[0] = (u >> 24) & 0xff;
 	buf[1] = (u >> 16) & 0xff;
diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index b67ad7f82..4cb878b14 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -1,6 +1,6 @@
 /* parse-packet.c  - read packets
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
- *               2005 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
+ *               2006 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -822,8 +822,13 @@ dump_sig_subpkt( int hashed, int type, int critical,
 	break;
       case SIGSUBPKT_SIG_EXPIRE:
 	if( length >= 4 )
-	    fprintf (listfp, "sig expires after %s",
-				     strtimevalue( buffer_to_u32(buffer) ) );
+	  {
+	    if(buffer_to_u32(buffer))
+	      fprintf (listfp, "sig expires after %s",
+		       strtimevalue( buffer_to_u32(buffer) ) );
+	    else
+	      fprintf (listfp, "sig does not expire");
+	  }
 	break;
       case SIGSUBPKT_EXPORTABLE:
 	if( length )
@@ -847,8 +852,13 @@ dump_sig_subpkt( int hashed, int type, int critical,
 	break;
       case SIGSUBPKT_KEY_EXPIRE:
 	if( length >= 4 )
-	    fprintf (listfp, "key expires after %s",
-				    strtimevalue( buffer_to_u32(buffer) ) );
+	  {
+	    if(buffer_to_u32(buffer))
+	      fprintf (listfp, "key expires after %s",
+		       strtimevalue( buffer_to_u32(buffer) ) );
+	    else
+	      fprintf (listfp, "key does not expire");
+	  }
 	break;
       case SIGSUBPKT_PREF_SYM:
 	fputs("pref-sym-algos:", listfp );
@@ -1353,7 +1363,7 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
 	  log_info ("signature packet without keyid\n");
 
 	p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_SIG_EXPIRE,NULL);
-	if(p)
+	if(p && buffer_to_u32(p))
 	  sig->expiredate=sig->timestamp+buffer_to_u32(p);
 	if(sig->expiredate && sig->expiredate<=make_timestamp())
 	  sig->flags.expired=1;
diff --git a/g10/sign.c b/g10/sign.c
index 5ef791004..d3d0c29b6 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -1544,7 +1544,7 @@ update_keysig_packet( PKT_signature **ret_sig,
       }
 
     /* Note that already expired sigs will remain expired (with a
-       duration of 0) since build-packet.c:build_sig_subpkt_from_sig
+       duration of 1) since build-packet.c:build_sig_subpkt_from_sig
        detects this case. */
 
     if( sig->version >= 4 )