agent: Fix passphrase cache lookups.

CACHE_MODE_ANY is supposed to match any cache mode except CACHE_MODE_IGNORE, but the code used '==' to compare cache modes. * agent/cache.c (cache_mode_equal): New function. (agent_set_cache): Use the new function to compare cache modes. (agent_get_cache): Likewise. * tests/openpgp/Makefile.am (TESTS): Add new test. * tests/openpgp/issue2015.scm: New file. GnuPG-bug-id: 2015 Signed-off-by: Justus Winter <justus@g10code.com>
2025-01-03 12:11:33 +01:00 · 2016-07-18 12:51:38 +02:00 · 2016-07-18 12:51:38 +02:00 · f474249366
commit f474249366
parent 7f4dd24b88
3 changed files with 41 additions and 2 deletions
--- a/agent/cache.c
+++ b/agent/cache.c
@ -299,6 +299,15 @@ agent_flush_cache (void)
 }


+/* Compare two cache modes.  */
+static int
+cache_mode_equal (cache_mode_t a, cache_mode_t b)
+{
+  /* CACHE_MODE_ANY matches any mode other than CACHE_MODE_IGNORE.  */
+  return ((a == CACHE_MODE_ANY && b != CACHE_MODE_IGNORE)
+          || (b == CACHE_MODE_ANY && a != CACHE_MODE_IGNORE) || a == b);
+}
+

 /* Store the string DATA in the cache under KEY and mark it with a
   maximum lifetime of TTL seconds.  If there is already data under
@ -333,7 +342,7 @@ agent_put_cache (const char *key, cache_mode_t cache_mode,
    {
      if (((cache_mode != CACHE_MODE_USER
            && cache_mode != CACHE_MODE_NONCE)
-           || r->cache_mode == cache_mode)
+           || cache_mode_equal (r->cache_mode, cache_mode))
          && !strcmp (r->key, key))
        break;
    }
@ -416,7 +425,7 @@ agent_get_cache (const char *key, cache_mode_t cache_mode)
      if (r->pw
          && ((cache_mode != CACHE_MODE_USER
               && cache_mode != CACHE_MODE_NONCE)
-              || r->cache_mode == cache_mode)
+              || cache_mode_equal (r->cache_mode, cache_mode))
          && !strcmp (r->key, key))
        {
          /* Note: To avoid races KEY may not be accessed anymore below.  */
--- a/tests/openpgp/Makefile.am
+++ b/tests/openpgp/Makefile.am
@ -81,6 +81,7 @@ TESTS = setup.scm \
 	use-exact-key.scm \
 	default-key.scm \
 	export.scm \
+	issue2015.scm \
 	finish.scm


--- a/tests/openpgp/issue2015.scm
+++ b/tests/openpgp/issue2015.scm
@ -0,0 +1,29 @@
+#!/usr/bin/env gpgscm
+
+;; Copyright (C) 2016 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+(load (with-path "defs.scm"))
+
+(info "Checking passphrase cache (issue2015)...")
+(call-check `(,(tool 'gpg-preset-passphrase)
+	      --preset --passphrase some_passphrase some_id))
+
+(let ((response (call-popen `(,(tool 'gpg-connect-agent))
+			    "GET_PASSPHRASE --no-ask some_id X X X")))
+  (unless (string=? response "OK 736F6D655F70617373706872617365\n")
+	  (error "Could not retrieve passphrase from cache:" response)))