* build-packet.c (build_sig_subpkt): Handle setting sig flags for certain

subpacket types (notation, policy url, exportable, revocable).  keyedit.c
(sign_mk_attrib): Flags no longer need to be set here.

* packet.h, parse-packet.c (parse_one_sig_subpkt), build-packet.c
(build_sig_subpkt): Call parse_one_sig_subpkt to sanity check buffer
lengths before building a sig subpacket.

5 files changed, 47 insertions, 3 deletions

diff --git a/g10/ChangeLog b/g10/ChangeLog
index 1ad1c84bc..970ca1477 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,14 @@
+2002-05-27  David Shaw  <[email protected]>
+
+	* build-packet.c (build_sig_subpkt): Handle setting sig flags for
+	certain subpacket types (notation, policy url, exportable,
+	revocable).  keyedit.c (sign_mk_attrib): Flags no longer need to
+	be set here.
+
+	* packet.h, parse-packet.c (parse_one_sig_subpkt), build-packet.c
+	(build_sig_subpkt): Call parse_one_sig_subpkt to sanity check
+	buffer lengths before building a sig subpacket.
+
 2002-05-26  David Shaw  <[email protected]>
 
 	* sign.c (mk_notation_and_policy): Include secret key to enable %s
diff --git a/g10/build-packet.c b/g10/build-packet.c
index 0a4d97d8a..e24ac3b2a 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -706,6 +706,10 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
     critical = (type & SIGSUBPKT_FLAG_CRITICAL);
     type &= ~SIGSUBPKT_FLAG_CRITICAL;
 
+    /* Sanity check buffer sizes */
+    if(parse_one_sig_subpkt(buffer,buflen,type)<0)
+      BUG();
+
     switch(type)
       {
       case SIGSUBPKT_NOTATION:
@@ -721,6 +725,36 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
 	break;
       }
 
+    /* Any special magic that needs to be done for this type so the
+       packet doesn't need to be reparsed? */
+    switch(type)
+      {
+      case SIGSUBPKT_NOTATION:
+	sig->flags.notation=1;
+	break;
+
+      case SIGSUBPKT_POLICY:
+	sig->flags.policy_url=1;
+	break;
+
+      case SIGSUBPKT_EXPORTABLE:
+	if(buffer[0])
+	  sig->flags.exportable=1;
+	else
+	  sig->flags.exportable=0;
+	break;
+
+      case SIGSUBPKT_REVOCABLE:
+	if(buffer[0])
+	  sig->flags.revocable=1;
+	else
+	  sig->flags.revocable=0;
+	break;
+
+      default:
+	break;
+      }
+
     if( (buflen+1) >= 8384 )
 	nlen = 5; /* write 5 byte length header */
     else if( (buflen+1) >= 192 )
diff --git a/g10/keyedit.c b/g10/keyedit.c
index c4ff4e4b3..e8fc25069 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -242,13 +242,11 @@ sign_mk_attrib( PKT_signature *sig, void *opaque )
     byte buf[8];
 
     if( attrib->non_exportable ) {
-        sig->flags.exportable=0;
 	buf[0] = 0; /* not exportable */
 	build_sig_subpkt( sig, SIGSUBPKT_EXPORTABLE, buf, 1 );
     }
 
     if( attrib->non_revocable ) {
-        sig->flags.revocable=0;
 	buf[0] = 0; /* not revocable */
 	build_sig_subpkt( sig, SIGSUBPKT_REVOCABLE, buf, 1 );
     }
diff --git a/g10/packet.h b/g10/packet.h
index 01d32db87..70480b292 100644
--- a/g10/packet.h
+++ b/g10/packet.h
@@ -394,6 +394,7 @@ const byte *parse_sig_subpkt ( const subpktarea_t *buffer,
 const byte *parse_sig_subpkt2 ( PKT_signature *sig,
                                 sigsubpkttype_t reqtype,
                                 size_t *ret_n );
+int parse_one_sig_subpkt( const byte *buffer, size_t n, int type );
 void parse_revkeys(PKT_signature *sig);
 int parse_attribute_subpkts(PKT_user_id *uid);
 void make_attribute_uidname(PKT_user_id *uid);
diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index df42e6282..18ce1db43 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -904,7 +904,7 @@ dump_sig_subpkt( int hashed, int type, int critical,
  *	    -2 unsupported type
  *	    -3 subpacket too short
  */
-static int
+int
 parse_one_sig_subpkt( const byte *buffer, size_t n, int type )
 {
     switch( type ) {