gpg: Fix a practical hang after use of --faked-system-time.
authorWerner Koch <wk@gnupg.org>
Thu, 1 Oct 2015 15:59:03 +0000 (17:59 +0200)
committerWerner Koch <wk@gnupg.org>
Thu, 1 Oct 2015 15:59:22 +0000 (17:59 +0200)
* g10/sign.c (update_keysig_packet): Bail out if we would need to long
for a new timestamp.

Signed-off-by: Werner Koch <wk@gnupg.org>
g10/packet.h
g10/sign.c

index 1906ec5..eb7da75 100644 (file)
@@ -663,7 +663,7 @@ int make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
                        int (*mksubpkt)(PKT_signature *, void *),
                        void *opaque,
                         const char *cache_nonce);
-int update_keysig_packet( PKT_signature **ret_sig,
+gpg_error_t update_keysig_packet (PKT_signature **ret_sig,
                       PKT_signature *orig_sig,
                       PKT_public_key *pk,
                       PKT_user_id *uid,
index 4a30f1e..782b9fc 100644 (file)
@@ -1477,7 +1477,7 @@ make_keysig_packet (PKT_signature **ret_sig, PKT_public_key *pk,
  *
  * TODO: Merge this with make_keysig_packet.
  */
-int
+gpg_error_t
 update_keysig_packet( PKT_signature **ret_sig,
                       PKT_signature *orig_sig,
                       PKT_public_key *pk,
@@ -1488,7 +1488,7 @@ update_keysig_packet( PKT_signature **ret_sig,
                       void *opaque)
 {
     PKT_signature *sig;
-    int rc = 0;
+    gpg_error_t rc = 0;
     int digest_algo;
     gcry_md_hd_t md;
 
@@ -1524,11 +1524,19 @@ update_keysig_packet( PKT_signature **ret_sig,
 
     /* ... but we won't make a timestamp earlier than the existing
        one. */
-    while(sig->timestamp<=orig_sig->timestamp)
-      {
-       gnupg_sleep (1);
-       sig->timestamp=make_timestamp();
-      }
+    {
+      int tmout = 0;
+      while(sig->timestamp<=orig_sig->timestamp)
+        {
+          if (++tmout > 5 && !opt.ignore_time_conflict)
+            {
+              rc = gpg_error (GPG_ERR_TIME_CONFLICT);
+              goto leave;
+            }
+          gnupg_sleep (1);
+          sig->timestamp=make_timestamp();
+        }
+    }
 
     /* Note that already expired sigs will remain expired (with a
        duration of 1) since build-packet.c:build_sig_subpkt_from_sig
@@ -1550,6 +1558,7 @@ update_keysig_packet( PKT_signature **ret_sig,
        rc = complete_sig (sig, pksk, md, NULL);
     }
 
+ leave:
     gcry_md_close (md);
     if( rc )
        free_seckey_enc (sig);