From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 75129 invoked by alias); 28 Nov 2017 14:56:26 -0000 Mailing-List: contact cygwin-apps-help@cygwin.com; run by ezmlm Precedence: bulk Sender: cygwin-apps-owner@cygwin.com List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Mail-Followup-To: cygwin-apps@cygwin.com Received: (qmail 75012 invoked by uid 89); 28 Nov 2017 14:56:25 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-7.0 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_2,KB_WAM_FROM_NAME_SINGLEWORD,SPF_HELO_PASS,SPF_PASS,T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 spammy=H*r:may, H*r:forged X-HELO: limerock02.mail.cornell.edu Received: from limerock02.mail.cornell.edu (HELO limerock02.mail.cornell.edu) (128.84.13.242) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Tue, 28 Nov 2017 14:56:14 +0000 X-CornellRouted: This message has been Routed already. Received: from authusersmtp.mail.cornell.edu (granite3.serverfarm.cornell.edu [10.16.197.8]) by limerock02.mail.cornell.edu (8.14.4/8.14.4_cu) with ESMTP id vASEuBV3021309; Tue, 28 Nov 2017 09:56:12 -0500 Received: from nothing.nyroc.rr.com (mta-68-175-129-7.twcny.rr.com [68.175.129.7] (may be forged)) (authenticated bits=0) by authusersmtp.mail.cornell.edu (8.14.4/8.12.10) with ESMTP id vASEu4rj023766 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 28 Nov 2017 09:56:11 -0500 From: Ken Brown To: cygwin-apps@cygwin.com Subject: [PATCH setup 0/3] Fix "extrakeys" issues Date: Tue, 28 Nov 2017 14:56:00 -0000 Message-Id: <20171128145605.12860-1-kbrown@cornell.edu> X-PMX-Cornell-Gauge: Gauge=XXXXX X-PMX-CORNELL-AUTH-RESULTS: dkim-out=none; X-IsSubscribed: yes X-SW-Source: 2017-11/txt/msg00123.txt.bz2 The "extrakeys" user setting contains saved extra gpg keys. It was introduced in 2009 to replace the use of a file /etc/setup/last-extrakeys. It has apparently never worked right. Here are the issues I've found: - User settings are read and written as NUL-terminated strings, but extra keys are terminated by LF instead. On writing, this causes garbage to be written into setup.rc. On reading, this causes the final saved key to be discarded. - The ExtraKeysSetting constructor calls count_keys() without setting bufsize to a positive value. This causes *all* saved keys to be discarded. - Saved keys contain several '#' characters. These are treated as comment characters in setup.rc, so that all keys are truncated when read. - There are still references to the "last-extrakeys" file in comments and in a help string. This patch series attempts to fix all these problems. In the case of '#', the fix is to treat '#' as a comment character only if it's the first non-whitespace character on a line. I don't think this will cause problems for any existing uses of '#', but I haven't done a thorough check of this yet. Ken Brown (3): Fix the reading and writing of the "extrakeys" user setting Change the interpretation of '#' in setup.rc Remove references to "last-extrakeys" KeysSetting.cc | 9 ++++++++- KeysSetting.h | 2 +- UserSettings.cc | 8 ++++---- crypto.cc | 8 ++++---- 4 files changed, 17 insertions(+), 10 deletions(-) -- 2.15.0