security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00
Code Activity

gpg: New option --debug-ignore-expiration to help with testing.

Browse Source 
* g10/gpg.c (oDebugIgnoreExpiration): New.
(opts): Add option.
(main): Set flag.
* g10/options.h (opt): Add field ignore_expiration.
* g10/pkclist.c (do_we_trust): Handle the option.
* g10/getkey.c (skip_unusable): Ditto.
(finish_lookup): Ditto.
--

GnuPG-bug-id: 2703
This commit is contained in:
Werner Koch 2023-05-09 08:17:30 +02:00
parent ef2c3d50fa
commit c30d5829c9
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
5 changed files with 26 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
doc/gpg.texi
View File

@ -3185,12 +3185,17 @@ and may thus be changed or removed at any time without notice.
To facilitate software tests and experiments this option allows to To facilitate software tests and experiments this option allows to
specify a limit of up to 4 EiB (@code{--chunk-size 62}). specify a limit of up to 4 EiB (@code{--chunk-size 62}).
@item --debug-ignore-expiration
@opindex debug-ignore-expiration
This option tries to override certain key expiration dates. It is
only useful for certain regression tests.
@item --faked-system-time @var{epoch} @item --faked-system-time @var{epoch}
@opindex faked-system-time @opindex faked-system-time
This option is only useful for testing; it sets the system time back or This option is only useful for testing; it sets the system time back
forth to @var{epoch} which is the number of seconds elapsed since the year or forth to @var{epoch} which is the number of seconds elapsed since
1970. Alternatively @var{epoch} may be given as a full ISO time string the year 1970. Alternatively @var{epoch} may be given as a full ISO
(e.g. "20070924T154812"). time string (e.g. "20070924T154812").
If you suffix @var{epoch} with an exclamation mark (!), the system time If you suffix @var{epoch} with an exclamation mark (!), the system time
will appear to be frozen at the specified time. will appear to be frozen at the specified time.

7
g10/getkey.c
View File

@ -685,7 +685,7 @@ skip_unusable (void *opaque, u32 * keyid, int uid_no)
pk = keyblock->pkt->pkt.public_key; pk = keyblock->pkt->pkt.public_key;
/* Is the key revoked or expired? */ /* Is the key revoked or expired? */
if (pk->flags.revoked || pk->has_expired) if (pk->flags.revoked || (pk->has_expired && !opt.ignore_expiration))
unusable = 1; unusable = 1;
/* Is the user ID in question revoked or expired? */ /* Is the user ID in question revoked or expired? */
@ -704,7 +704,8 @@ skip_unusable (void *opaque, u32 * keyid, int uid_no)
if (uids_seen != uid_no) if (uids_seen != uid_no)
continue; continue;
if (user_id->flags.revoked || user_id->flags.expired) if (user_id->flags.revoked
|| (user_id->flags.expired && !opt.ignore_expiration))
unusable = 1; unusable = 1;
break; break;
@ -3736,7 +3737,7 @@ finish_lookup (kbnode_t keyblock, unsigned int req_usage, int want_exact,
n_revoked_or_expired++; n_revoked_or_expired++;
continue; continue;
} }
if (pk->has_expired) if (pk->has_expired && !opt.ignore_expiration)
{ {
if (DBG_LOOKUP) if (DBG_LOOKUP)
log_debug ("\tsubkey has expired\n"); log_debug ("\tsubkey has expired\n");

8
g10/gpg.c
View File

@ -234,6 +234,7 @@ enum cmd_and_opt_values
oDebugIOLBF, oDebugIOLBF,
oDebugSetIobufSize, oDebugSetIobufSize,
oDebugAllowLargeChunks, oDebugAllowLargeChunks,
oDebugIgnoreExpiration,
oStatusFD, oStatusFD,
oStatusFile, oStatusFile,
oAttributeFD, oAttributeFD,
@ -607,7 +608,6 @@ static gpgrt_opt_t opts[] = {
N_("|FILE|write server mode logs to FILE")), N_("|FILE|write server mode logs to FILE")),
ARGPARSE_s_s (oLoggerFile, "logger-file", "@"), /* 1.4 compatibility. */ ARGPARSE_s_s (oLoggerFile, "logger-file", "@"), /* 1.4 compatibility. */
ARGPARSE_s_n (oLogTime, "log-time", "@"), ARGPARSE_s_n (oLogTime, "log-time", "@"),
ARGPARSE_s_n (oQuickRandom, "debug-quick-random", "@"),
ARGPARSE_header ("Configuration", ARGPARSE_header ("Configuration",
@ -929,6 +929,8 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_n (oRFC2440Text, "rfc2440-text", "@"), ARGPARSE_s_n (oRFC2440Text, "rfc2440-text", "@"),
ARGPARSE_s_n (oNoRFC2440Text, "no-rfc2440-text", "@"), ARGPARSE_s_n (oNoRFC2440Text, "no-rfc2440-text", "@"),
ARGPARSE_p_u (oKbxBufferSize, "kbx-buffer-size", "@"), ARGPARSE_p_u (oKbxBufferSize, "kbx-buffer-size", "@"),
ARGPARSE_s_n (oQuickRandom, "debug-quick-random", "@"),
ARGPARSE_s_n (oDebugIgnoreExpiration, "debug-ignore-expiration", "@"),
ARGPARSE_header (NULL, ""), /* Stop the header group. */ ARGPARSE_header (NULL, ""), /* Stop the header group. */
@ -2851,6 +2853,10 @@ main (int argc, char **argv)
allow_large_chunks = 1; allow_large_chunks = 1;
break; break;
case oDebugIgnoreExpiration:
opt.ignore_expiration = 1;
break;
case oCompatibilityFlags: case oCompatibilityFlags:
if (parse_compatibility_flags (pargs.r.ret_str, &opt.compat_flags, if (parse_compatibility_flags (pargs.r.ret_str, &opt.compat_flags,
compatibility_flags)) compatibility_flags))

1
g10/options.h
View File

@ -208,6 +208,7 @@ struct
int ignore_valid_from; int ignore_valid_from;
int ignore_crc_error; int ignore_crc_error;
int ignore_mdc_error; int ignore_mdc_error;
int ignore_expiration;
int command_fd; int command_fd;
const char *override_session_key; const char *override_session_key;
int show_session_key; int show_session_key;

6
g10/pkclist.c
View File

@ -417,7 +417,11 @@ do_we_trust( PKT_public_key *pk, unsigned int trustlevel )
if(trustlevel & TRUST_FLAG_REVOKED if(trustlevel & TRUST_FLAG_REVOKED
|| trustlevel & TRUST_FLAG_SUB_REVOKED || trustlevel & TRUST_FLAG_SUB_REVOKED
|| (trustlevel & TRUST_MASK) == TRUST_EXPIRED) || (trustlevel & TRUST_MASK) == TRUST_EXPIRED)
BUG(); {
if (opt.ignore_expiration)
return 0;
BUG ();
}
if( opt.trust_model==TM_ALWAYS ) if( opt.trust_model==TM_ALWAYS )
{ {