From 0173cd5a9810622e38b76123528e83024fb59a0c Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Wed, 6 Dec 2006 10:16:50 +0000
Subject: Fixes for CVE-2006-6235

---
 g10/mainproc.c | 17 +----------------
 1 file changed, 1 insertion(+), 16 deletions(-)

(limited to 'g10/mainproc.c')

diff --git a/g10/mainproc.c b/g10/mainproc.c
index c4eb3b0ca..dc7988987 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -290,23 +290,8 @@ proc_symkey_enc( CTX c, PACKET *pkt )
 	  }
 	else
 	  {
-            int canceled;
-
 	    c->dek = passphrase_to_dek (NULL, 0, algo, &enc->s2k, 0,
-                                        NULL, &canceled);
-            if (canceled)
-              {
-                /* For unknown reasons passphrase_to_dek does only
-                   return NULL if a new passphrase has been requested
-                   and has not been repeated correctly.  Thus even
-                   with a cancel requested (by means of the gpg-agent)
-                   it won't return NULL but an empty passphrase.  We
-                   take the most conservative approach for now and
-                   work around it right here. */
-                xfree (c->dek);
-                c->dek = NULL;
-              }
-
+                                        NULL, NULL);
 	    if(c->dek)
 	      {
 		c->dek->symmetric=1;
-- 
cgit v1.2.3