From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 62179 invoked by alias); 30 Nov 2017 13:51:37 -0000 Mailing-List: contact cygwin-apps-cvs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: cygwin-apps-cvs-owner@sourceware.org Received: (qmail 62159 invoked by uid 9996); 30 Nov 2017 13:51:37 -0000 Date: Thu, 30 Nov 2017 13:51:00 -0000 Message-ID: <20171130135137.62126.qmail@sourceware.org> From: kbrown@sourceware.org To: cygwin-apps-cvs@sourceware.org Subject: [setup - the official Cygwin setup program] branch master, updated. release_2.882-13-gb2aa53c X-Git-Refname: refs/heads/master X-Git-Reftype: branch X-Git-Oldrev: c4ae0173519718c2f9788724be8c956dc1b6b452 X-Git-Newrev: b2aa53c2350696f7c4995ca2ec9c93c504cc7195 X-SW-Source: 2017-q4/txt/msg00039.txt.bz2 https://sourceware.org/git/gitweb.cgi?p=cygwin-apps/setup.git;h=b2aa53c2350696f7c4995ca2ec9c93c504cc7195 commit b2aa53c2350696f7c4995ca2ec9c93c504cc7195 Author: Ken Brown Date: Tue Nov 28 08:54:37 2017 -0500 Remove references to "last-extrakeys" Extra gpg keys used to be stored in a file /etc/setup/last-extrakeys. These keys are now saved in the "extrakeys" user setting, but there were still references to "last-extrakeys" in comments and in a help string. https://sourceware.org/git/gitweb.cgi?p=cygwin-apps/setup.git;h=55ea101de40f84cf52160d2d07ee9a170ee7b0e5 commit 55ea101de40f84cf52160d2d07ee9a170ee7b0e5 Author: Ken Brown Date: Tue Nov 28 08:45:44 2017 -0500 Change the interpretation of '#' in setup.rc '#' was treated as a comment character in all circumstances. Since saved gpg keys contain '#', this caused the "extrakeys" user setting to get truncated. Change this so that '#' only indicates a comment if it's the first non-whitespace character in a line. https://sourceware.org/git/gitweb.cgi?p=cygwin-apps/setup.git;h=e8c42399c8c0d2c2b25ddcb975635422968b1119 commit e8c42399c8c0d2c2b25ddcb975635422968b1119 Author: Ken Brown Date: Mon Nov 27 13:14:15 2017 -0500 Fix the reading and writing of the "extrakeys" user setting ExtraKeysSetting::keybuffer is terminated by LF rather than NUL. So we have to replace NUL by LF after calling UserSettings::get("extrakeys") in the ExtraKeysSetting constructor. Otherwise the last saved key is discarded. Also, bufsize has to be set appropriately before the call to count_keys(), or else all saved keys are discarded. Similarly, the final LF in keybuffer has to be replaced by NUL in the ExtraKeysSetting destructor before the call to UserSettings::set("extrakeys", keybuffer). Otherwise we get garbage at the end of the "extrakeys" setting in setup.rc. Diff: --- KeysSetting.cc | 9 ++++++++- KeysSetting.h | 2 +- UserSettings.cc | 8 ++++---- crypto.cc | 8 ++++---- 4 files changed, 17 insertions(+), 10 deletions(-) diff --git a/KeysSetting.cc b/KeysSetting.cc index a21c3c4..ec8e4f9 100644 --- a/KeysSetting.cc +++ b/KeysSetting.cc @@ -36,7 +36,10 @@ ExtraKeysSetting::ExtraKeysSetting (): const char *p = UserSettings::instance().get ("extrakeys"); if (p) { + bufsize = strlen (p) + 1; // Include final NUL. keybuffer = strdup (p); + // Replace final NUL by LF. + keybuffer[bufsize - 1] = 0x0a; // Calling count_keys gets the count but also sizes the buffer // correctly, discarding any trailing non-LF-terminated data. bufsize = count_keys (); @@ -46,7 +49,11 @@ ExtraKeysSetting::ExtraKeysSetting (): ExtraKeysSetting::~ExtraKeysSetting () { if (keybuffer) - UserSettings::instance().set ("extrakeys", keybuffer); + { + // Replace final LF by NUL. + keybuffer[bufsize - 1] = '\0'; + UserSettings::instance().set ("extrakeys", keybuffer); + } } void diff --git a/KeysSetting.h b/KeysSetting.h index 9cd0f9a..f7b9336 100644 --- a/KeysSetting.h +++ b/KeysSetting.h @@ -34,7 +34,7 @@ class ExtraKeysSetting size_t numkeys; static ExtraKeysSetting *global; public: - // Loads keys from last-extrakeys + // Loads keys from the "extrakeys" user setting. ExtraKeysSetting (); // Saves them back again. ~ExtraKeysSetting (); diff --git a/UserSettings.cc b/UserSettings.cc index f4917ec..b90d795 100644 --- a/UserSettings.cc +++ b/UserSettings.cc @@ -42,14 +42,14 @@ public: UserSettings *UserSettings::global; +// '#' indicates a comment if it's the first non-whitespace character. static char * trim (char *p) { p += strspn (p, " \t"); - char *q = strchr (p, '#'); - if (q) - *q = '\0'; - for (q = strchr (p, '\0') - 1; q >= p && (*q == ' ' || *q == '\t' || *q == '\r' || *q == '\n'); q--) + if (*p == '#') + *p = '\0'; + for (char *q = strchr (p, '\0') - 1; q >= p && (*q == ' ' || *q == '\t' || *q == '\r' || *q == '\n'); q--) *q = '\0'; return p; } diff --git a/crypto.cc b/crypto.cc index a606283..5a10e16 100644 --- a/crypto.cc +++ b/crypto.cc @@ -48,7 +48,7 @@ static StringArrayOption SexprExtraKeyOption ('S', "sexpr-pubkey", "Extra public key in s-expr format"); static BoolOption UntrustedKeysOption (false, 'u', "untrusted-keys", - "Use untrusted keys from last-extrakeys"); + "Use untrusted saved extra keys"); static BoolOption KeepUntrustedKeysOption (false, 'U', "keep-untrusted-keys", "Use untrusted keys and retain all"); @@ -466,9 +466,9 @@ verify_ini_file_sig (io_stream *ini_file, io_stream *ini_sig_file, HWND owner) msg ("key:%d\n'%s'", n, sexprbuf); #endif /* CRYPTODEBUGGING */ - /* Next we should extract the keys from the last-extrakeys - file, and flush it; we'll only return them to it if they - get used. OTOH, should we do this at all? The extrakeys + /* Next we should extract the keys from the extrakeys user + setting, and flush it; we'll only return them to it if they + get used. OTOH, should we do this at all? The user settings file isn't heavily protected. So we only trust the extra keys if we're told to by the user. We still read them in and write them back out, which canonicalises and eliminates