gpg: Fix regression in notation data regression.
authorWerner Koch <wk@gnupg.org>
Mon, 15 Dec 2014 08:50:19 +0000 (09:50 +0100)
committerWerner Koch <wk@gnupg.org>
Mon, 15 Dec 2014 08:50:19 +0000 (09:50 +0100)
* g10/misc.c (pct_expando): Reorder conditions for clarity.
* g10/sign.c (write_signature_packets): Fix notation data creation.
--

Also re-added the check for signature version > 3.

Reported-by: MFPA
Signed-off-by: Werner Koch <wk@gnupg.org>
g10/misc.c
g10/sign.c

index c47d6dc..6a45c69 100644 (file)
@@ -867,23 +867,25 @@ pct_expando(const char *string,struct expando_args *args)
                }
              break;
 
-           case 'p': /* primary pk fingerprint of a sk */
-           case 'f': /* pk fingerprint */
-           case 'g': /* sk fingerprint */
+           case 'f': /* Fingerprint of key being signed */
+           case 'p': /* Fingerprint of the primary key making the signature. */
+           case 'g': /* Fingerprint of thge key making the signature.  */
              {
                byte array[MAX_FINGERPRINT_LEN];
                size_t len;
                int i;
 
-               if((*(ch+1))=='p' && args->pksk)
+               if ((*(ch+1))=='f' && args->pk)
+                 fingerprint_from_pk (args->pk, array, &len);
+               else if ((*(ch+1))=='p' && args->pksk)
                  {
                    if(args->pksk->flags.primary)
                      fingerprint_from_pk (args->pksk, array, &len);
                    else if (args->pksk->main_keyid[0]
                              || args->pksk->main_keyid[1])
                      {
-                        /* FIXME: Document teh code and check whether
-                           it is still needed.  */
+                        /* Not the primary key: Find the fingerprint
+                           of the primary key.  */
                        PKT_public_key *pk=
                          xmalloc_clear(sizeof(PKT_public_key));
 
@@ -893,11 +895,9 @@ pct_expando(const char *string,struct expando_args *args)
                          memset (array, 0, (len=MAX_FINGERPRINT_LEN));
                        free_public_key (pk);
                      }
-                   else
+                   else /* Oops: info about the primary key missing.  */
                      memset(array,0,(len=MAX_FINGERPRINT_LEN));
                  }
-               else if((*(ch+1))=='f' && args->pk)
-                 fingerprint_from_pk (args->pk, array, &len);
                else if((*(ch+1))=='g' && args->pksk)
                  fingerprint_from_pk (args->pksk, array, &len);
                else
index 2e62f04..2724513 100644 (file)
@@ -700,8 +700,11 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash,
       if (gcry_md_copy (&md, hash))
         BUG ();
 
-      build_sig_subpkt_from_sig (sig);
-      mk_notation_policy_etc (sig, pk, NULL);
+      if (sig->version >= 4)
+        {
+          build_sig_subpkt_from_sig (sig);
+          mk_notation_policy_etc (sig, NULL, pk);
+        }
 
       hash_sigversion_to_magic (md, sig);
       gcry_md_final (md);