* build-packet.c (build_sig_subpkt): Handle setting sig flags for certain

subpacket types (notation, policy url, exportable, revocable).  keyedit.c
(sign_mk_attrib): Flags no longer need to be set here.

* packet.h, parse-packet.c (parse_one_sig_subpkt), build-packet.c
(build_sig_subpkt): Call parse_one_sig_subpkt to sanity check buffer
lengths before building a sig subpacket.

g10/ChangeLog

@@ -1,3 +1,14 @@
+2002-05-27  David Shaw  <dshaw@jabberwocky.com>
+
+	* build-packet.c (build_sig_subpkt): Handle setting sig flags for
+	certain subpacket types (notation, policy url, exportable,
+	revocable).  keyedit.c (sign_mk_attrib): Flags no longer need to
+	be set here.
+
+	* packet.h, parse-packet.c (parse_one_sig_subpkt), build-packet.c
+	(build_sig_subpkt): Call parse_one_sig_subpkt to sanity check
+	buffer lengths before building a sig subpacket.
+
 2002-05-26  David Shaw  <dshaw@jabberwocky.com>
 
 	* sign.c (mk_notation_and_policy): Include secret key to enable %s

g10/build-packet.c

@@ -706,6 +706,10 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
     critical = (type & SIGSUBPKT_FLAG_CRITICAL);
     type &= ~SIGSUBPKT_FLAG_CRITICAL;
 
+    /* Sanity check buffer sizes */
+    if(parse_one_sig_subpkt(buffer,buflen,type)<0)
+      BUG();
+
     switch(type)
       {
       case SIGSUBPKT_NOTATION:
@@ -721,6 +725,36 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
 	break;
       }
 
+    /* Any special magic that needs to be done for this type so the
+       packet doesn't need to be reparsed? */
+    switch(type)
+      {
+      case SIGSUBPKT_NOTATION:
+	sig->flags.notation=1;
+	break;
+
+      case SIGSUBPKT_POLICY:
+	sig->flags.policy_url=1;
+	break;
+
+      case SIGSUBPKT_EXPORTABLE:
+	if(buffer[0])
+	  sig->flags.exportable=1;
+	else
+	  sig->flags.exportable=0;
+	break;
+
+      case SIGSUBPKT_REVOCABLE:
+	if(buffer[0])
+	  sig->flags.revocable=1;
+	else
+	  sig->flags.revocable=0;
+	break;
+
+      default:
+	break;
+      }
+
     if( (buflen+1) >= 8384 )
 	nlen = 5; /* write 5 byte length header */
     else if( (buflen+1) >= 192 )

g10/keyedit.c

@@ -242,13 +242,11 @@ sign_mk_attrib( PKT_signature *sig, void *opaque )
     byte buf[8];
 
     if( attrib->non_exportable ) {
-        sig->flags.exportable=0;
 	buf[0] = 0; /* not exportable */
 	build_sig_subpkt( sig, SIGSUBPKT_EXPORTABLE, buf, 1 );
     }
 
     if( attrib->non_revocable ) {
-        sig->flags.revocable=0;
 	buf[0] = 0; /* not revocable */
 	build_sig_subpkt( sig, SIGSUBPKT_REVOCABLE, buf, 1 );
     }

g10/packet.h

@@ -394,6 +394,7 @@ const byte *parse_sig_subpkt ( const subpktarea_t *buffer,
 const byte *parse_sig_subpkt2 ( PKT_signature *sig,
                                 sigsubpkttype_t reqtype,
                                 size_t *ret_n );
+int parse_one_sig_subpkt( const byte *buffer, size_t n, int type );
 void parse_revkeys(PKT_signature *sig);
 int parse_attribute_subpkts(PKT_user_id *uid);
 void make_attribute_uidname(PKT_user_id *uid);

g10/parse-packet.c

@@ -904,7 +904,7 @@ dump_sig_subpkt( int hashed, int type, int critical,
  *	    -2 unsupported type
  *	    -3 subpacket too short
  */
-static int
+int
 parse_one_sig_subpkt( const byte *buffer, size_t n, int type )
 {
     switch( type ) {