From ef8f2e2f6f10c1fdc37bbefde3f2a44b3a67fdd7 Mon Sep 17 00:00:00 2001
From: David Shaw <dshaw@jabberwocky.com>
Date: Thu, 1 Feb 2007 19:32:16 +0000
Subject: [PATCH] * main.h, keygen.c (ask_expire_interval,
 parse_expire_string): Pass in the time to use to calculate the expiration
 offset, rather than querying it internally.  Change all callers.

---
 g10/ChangeLog |  6 ++++++
 g10/gpg.c     |  4 ++--
 g10/keyedit.c | 16 ++++++++++++----
 g10/keygen.c  | 24 +++++++++++-------------
 g10/main.h    |  4 ++--
 g10/sign.c    | 12 ++++++------
 6 files changed, 39 insertions(+), 27 deletions(-)

diff --git a/g10/ChangeLog b/g10/ChangeLog
index 03822575c..44f7dbccb 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,9 @@
+2007-02-01  David Shaw  <dshaw@jabberwocky.com>
+
+	* main.h, keygen.c (ask_expire_interval, parse_expire_string):
+	Pass in the time to use to calculate the expiration offset, rather
+	than querying it internally.  Change all callers.
+
 2007-01-31  David Shaw  <dshaw@jabberwocky.com>
 
 	* keygen.c (do_generate_keypair, proc_parameter_file,
diff --git a/g10/gpg.c b/g10/gpg.c
index 9f3f8b460..37d9f11ec 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -2397,7 +2397,7 @@ main (int argc, char **argv )
 	  case oDefSigExpire:
 	    if(*pargs.r.ret_str!='\0')
 	      {
-		if(parse_expire_string(pargs.r.ret_str)==(u32)-1)
+		if(parse_expire_string(0,pargs.r.ret_str)==(u32)-1)
 		  log_error(_("`%s' is not a valid signature expiration\n"),
 			    pargs.r.ret_str);
 		else
@@ -2409,7 +2409,7 @@ main (int argc, char **argv )
 	  case oDefCertExpire:
 	    if(*pargs.r.ret_str!='\0')
 	      {
-		if(parse_expire_string(pargs.r.ret_str)==(u32)-1)
+		if(parse_expire_string(0,pargs.r.ret_str)==(u32)-1)
 		  log_error(_("`%s' is not a valid signature expiration\n"),
 			    pargs.r.ret_str);
 		else
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 1313ee392..d1bf987f7 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -866,9 +866,9 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 	if(!duration && !selfsig)
 	  {
 	    if(opt.ask_cert_expire)
-	      duration=ask_expire_interval(1,opt.def_cert_expire);
+	      duration=ask_expire_interval(timestamp,1,opt.def_cert_expire);
 	    else
-	      duration=parse_expire_string(opt.def_cert_expire);
+	      duration=parse_expire_string(timestamp,opt.def_cert_expire);
 	  }
 
 	if(duration)
@@ -3514,6 +3514,7 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
     PKT_user_id *uid;
     KBNODE node;
     u32 keyid[2];
+    u32 timestamp=make_timestamp();
 
     if( count_selected_keys( sec_keyblock ) ) {
 	tty_printf(_("Please remove selections from the secret keys.\n"));
@@ -3534,9 +3535,9 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
 	no_primary_warning(pub_keyblock);
       }
 
-    expiredate=ask_expire_interval(0,NULL);
+    expiredate=ask_expire_interval(timestamp,0,NULL);
     if(expiredate)
-      expiredate+=make_timestamp();
+      expiredate+=timestamp;
 
     node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
     sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
@@ -3596,6 +3597,13 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
 		if( !sn )
 		    log_info(_("No corresponding signature in secret ring\n"));
 
+		/* Note the potential oddity that the expiration date
+		   is calculated from the time when this function
+		   started ("timestamp"), but the signature is
+		   calculated from the time within
+		   update_keysig_packet().  On a slow or loaded
+		   machine, these two values may not match, making the
+		   expiration date off by a second or two. */
 		if( mainkey )
 		  rc = update_keysig_packet(&newsig, sig, main_pk, uid, NULL,
 					    sk, keygen_add_key_expire, main_pk);
diff --git a/g10/keygen.c b/g10/keygen.c
index 954371dc2..b7c108515 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -1584,17 +1584,17 @@ ask_keysize( int algo )
  * similar.
  */
 u32
-parse_expire_string( const char *string )
+parse_expire_string(u32 timestamp,const char *string)
 {
     int mult;
-    u32 seconds,abs_date=0,curtime = make_timestamp();
+    u32 seconds,abs_date=0;
 
     if( !*string )
       seconds = 0;
     else if ( !strncmp (string, "seconds=", 8) )
       seconds = atoi (string+8);
-    else if( (abs_date = scan_isodatestr(string)) && abs_date > curtime )
-      seconds = abs_date - curtime;
+    else if( (abs_date = scan_isodatestr(string)) && abs_date > timestamp )
+      seconds = abs_date - timestamp;
     else if( (mult=check_valid_days(string)) )
       seconds = atoi(string) * 86400L * mult;
     else
@@ -1605,7 +1605,7 @@ parse_expire_string( const char *string )
 
 /* object == 0 for a key, and 1 for a sig */
 u32
-ask_expire_interval(int object,const char *def_expire)
+ask_expire_interval(u32 timestamp,int object,const char *def_expire)
 {
     u32 interval;
     char *answer;
@@ -1645,8 +1645,6 @@ ask_expire_interval(int object,const char *def_expire)
     answer = NULL;
     for(;;)
       {
-	u32 curtime=make_timestamp();
-
 	xfree(answer);
 	if(object==0)
 	  answer = cpr_get("keygen.valid",_("Key is valid for? (0) "));
@@ -1669,7 +1667,7 @@ ask_expire_interval(int object,const char *def_expire)
 	  }
 	cpr_kill_prompt();
 	trim_spaces(answer);
-	interval = parse_expire_string( answer );
+	interval = parse_expire_string( timestamp, answer );
 	if( interval == (u32)-1 )
 	  {
 	    tty_printf(_("invalid value\n"));
@@ -1687,11 +1685,11 @@ ask_expire_interval(int object,const char *def_expire)
 	    tty_printf(object==0
 		       ? _("Key expires at %s\n")
 		       : _("Signature expires at %s\n"),
-		       asctimestamp((ulong)(curtime + interval) ) );
+		       asctimestamp((ulong)(timestamp + interval) ) );
 	    /* FIXME: This check yields warning on alhas: Write a
 	       configure check and to this check here only for 32 bit
 	       machines */
-	    if( (time_t)((ulong)(curtime+interval)) < 0 )
+	    if( (time_t)((ulong)(timestamp+interval)) < 0 )
 	      tty_printf(_("Your system can't display dates beyond 2038.\n"
 			   "However, it will be correctly handled up to 2106.\n"));
 	  }
@@ -2314,7 +2312,7 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
     {
       u32 seconds;
 
-      seconds = parse_expire_string( r->u.value );
+      seconds = parse_expire_string( timestamp, r->u.value );
       if( seconds == (u32)-1 )
 	{
 	  log_error("%s:%d: invalid expire date\n", fname, r->lnr );
@@ -2706,7 +2704,7 @@ generate_keypair (const char *fname, const char *card_serialno,
       para = r;
     }
    
-  expire = ask_expire_interval(0,NULL);
+  expire = ask_expire_interval(timestamp,0,NULL);
   r = xmalloc_clear( sizeof *r + 20 );
   r->key = pKEYEXPIRE;
   r->u.expire = expire;
@@ -3233,7 +3231,7 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
     algo = ask_algo( 1, &use );
     assert(algo);
     nbits = ask_keysize( algo );
-    expire = ask_expire_interval(0,NULL);
+    expire = ask_expire_interval(timestamp,0,NULL);
     if( !cpr_enabled() && !cpr_get_answer_is_yes("keygen.sub.okay",
 						  _("Really create? (y/N) ")))
 	goto leave;
diff --git a/g10/main.h b/g10/main.h
index 86f59f355..b6892049f 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -170,8 +170,8 @@ void keyedit_menu( const char *username, STRLIST locusr,
 void show_basic_key_info (KBNODE keyblock);
 
 /*-- keygen.c --*/
-u32 parse_expire_string(const char *string);
-u32 ask_expire_interval(int object,const char *def_expire);
+u32 parse_expire_string(u32 timestamp,const char *string);
+u32 ask_expire_interval(u32 timestamp,int object,const char *def_expire);
 void generate_keypair( const char *fname, const char *card_serialno,
                        const char *backup_encryption_dir );
 int keygen_set_std_prefs (const char *string,int personal);
diff --git a/g10/sign.c b/g10/sign.c
index 126f5e8f7..a149dab4a 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -775,9 +775,9 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
     if(!opt.force_v3_sigs && !RFC1991)
       {
 	if(opt.ask_sig_expire && !opt.batch)
-	  duration=ask_expire_interval(1,opt.def_sig_expire);
+	  duration=ask_expire_interval(create_time,1,opt.def_sig_expire);
 	else
-	  duration=parse_expire_string(opt.def_sig_expire);
+	  duration=parse_expire_string(create_time,opt.def_sig_expire);
       }
 
     if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
@@ -1085,9 +1085,9 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
     if(!opt.force_v3_sigs && !RFC1991)
       {
 	if(opt.ask_sig_expire && !opt.batch)
-	  duration=ask_expire_interval(1,opt.def_sig_expire);
+	  duration=ask_expire_interval(create_time,1,opt.def_sig_expire);
 	else
-	  duration=parse_expire_string(opt.def_sig_expire);
+	  duration=parse_expire_string(create_time,opt.def_sig_expire);
       }
 
     if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
@@ -1245,9 +1245,9 @@ sign_symencrypt_file (const char *fname, STRLIST locusr)
     if(!opt.force_v3_sigs && !RFC1991)
       {
 	if(opt.ask_sig_expire && !opt.batch)
-	  duration=ask_expire_interval(1,opt.def_sig_expire);
+	  duration=ask_expire_interval(create_time,1,opt.def_sig_expire);
 	else
-	  duration=parse_expire_string(opt.def_sig_expire);
+	  duration=parse_expire_string(create_time,opt.def_sig_expire);
       }
 
     rc = build_sk_list (locusr, &sk_list, 1, PUBKEY_USAGE_SIG);