mirror of git://git.gnupg.org/gnupg.git
agent: Fix passphrase cache lookups.
CACHE_MODE_ANY is supposed to match any cache mode except CACHE_MODE_IGNORE, but the code used '==' to compare cache modes. * agent/cache.c (cache_mode_equal): New function. (agent_set_cache): Use the new function to compare cache modes. (agent_get_cache): Likewise. * tests/openpgp/Makefile.am (TESTS): Add new test. * tests/openpgp/issue2015.scm: New file. GnuPG-bug-id: 2015 Signed-off-by: Justus Winter <justus@g10code.com>
This commit is contained in:
parent
7f4dd24b88
commit
f474249366
|
@ -299,6 +299,15 @@ agent_flush_cache (void)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* Compare two cache modes. */
|
||||||
|
static int
|
||||||
|
cache_mode_equal (cache_mode_t a, cache_mode_t b)
|
||||||
|
{
|
||||||
|
/* CACHE_MODE_ANY matches any mode other than CACHE_MODE_IGNORE. */
|
||||||
|
return ((a == CACHE_MODE_ANY && b != CACHE_MODE_IGNORE)
|
||||||
|
|| (b == CACHE_MODE_ANY && a != CACHE_MODE_IGNORE) || a == b);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Store the string DATA in the cache under KEY and mark it with a
|
/* Store the string DATA in the cache under KEY and mark it with a
|
||||||
maximum lifetime of TTL seconds. If there is already data under
|
maximum lifetime of TTL seconds. If there is already data under
|
||||||
|
@ -333,7 +342,7 @@ agent_put_cache (const char *key, cache_mode_t cache_mode,
|
||||||
{
|
{
|
||||||
if (((cache_mode != CACHE_MODE_USER
|
if (((cache_mode != CACHE_MODE_USER
|
||||||
&& cache_mode != CACHE_MODE_NONCE)
|
&& cache_mode != CACHE_MODE_NONCE)
|
||||||
|| r->cache_mode == cache_mode)
|
|| cache_mode_equal (r->cache_mode, cache_mode))
|
||||||
&& !strcmp (r->key, key))
|
&& !strcmp (r->key, key))
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -416,7 +425,7 @@ agent_get_cache (const char *key, cache_mode_t cache_mode)
|
||||||
if (r->pw
|
if (r->pw
|
||||||
&& ((cache_mode != CACHE_MODE_USER
|
&& ((cache_mode != CACHE_MODE_USER
|
||||||
&& cache_mode != CACHE_MODE_NONCE)
|
&& cache_mode != CACHE_MODE_NONCE)
|
||||||
|| r->cache_mode == cache_mode)
|
|| cache_mode_equal (r->cache_mode, cache_mode))
|
||||||
&& !strcmp (r->key, key))
|
&& !strcmp (r->key, key))
|
||||||
{
|
{
|
||||||
/* Note: To avoid races KEY may not be accessed anymore below. */
|
/* Note: To avoid races KEY may not be accessed anymore below. */
|
||||||
|
|
|
@ -81,6 +81,7 @@ TESTS = setup.scm \
|
||||||
use-exact-key.scm \
|
use-exact-key.scm \
|
||||||
default-key.scm \
|
default-key.scm \
|
||||||
export.scm \
|
export.scm \
|
||||||
|
issue2015.scm \
|
||||||
finish.scm
|
finish.scm
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,29 @@
|
||||||
|
#!/usr/bin/env gpgscm
|
||||||
|
|
||||||
|
;; Copyright (C) 2016 g10 Code GmbH
|
||||||
|
;;
|
||||||
|
;; This file is part of GnuPG.
|
||||||
|
;;
|
||||||
|
;; GnuPG is free software; you can redistribute it and/or modify
|
||||||
|
;; it under the terms of the GNU General Public License as published by
|
||||||
|
;; the Free Software Foundation; either version 3 of the License, or
|
||||||
|
;; (at your option) any later version.
|
||||||
|
;;
|
||||||
|
;; GnuPG is distributed in the hope that it will be useful,
|
||||||
|
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
;; GNU General Public License for more details.
|
||||||
|
;;
|
||||||
|
;; You should have received a copy of the GNU General Public License
|
||||||
|
;; along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
(load (with-path "defs.scm"))
|
||||||
|
|
||||||
|
(info "Checking passphrase cache (issue2015)...")
|
||||||
|
(call-check `(,(tool 'gpg-preset-passphrase)
|
||||||
|
--preset --passphrase some_passphrase some_id))
|
||||||
|
|
||||||
|
(let ((response (call-popen `(,(tool 'gpg-connect-agent))
|
||||||
|
"GET_PASSPHRASE --no-ask some_id X X X")))
|
||||||
|
(unless (string=? response "OK 736F6D655F70617373706872617365\n")
|
||||||
|
(error "Could not retrieve passphrase from cache:" response)))
|
Loading…
Reference in New Issue