From 95d0f3e5eebd85dcf226dca14891a1215bfe93ae Mon Sep 17 00:00:00 2001 From: "Neal H. Walfield" Date: Thu, 13 Oct 2016 20:54:06 +0200 Subject: g10: Be more careful when checking if a binding is signed by a UTK. * g10/tofu.c (signed_by_utk): When checking if a key is signed by an ultimately trusted key, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. -- Signed-off-by: Neal H. Walfield --- g10/tofu.c | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) (limited to 'g10/tofu.c') diff --git a/g10/tofu.c b/g10/tofu.c index dcee6e70f..d437c5a72 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -1308,14 +1308,37 @@ cross_sigs (const char *email, kbnode_t a, kbnode_t b) /* Return whether the key was signed by an ultimately trusted key. */ static int -signed_by_utk (kbnode_t a) +signed_by_utk (const char *email, kbnode_t a) { kbnode_t n; + int saw_email = 0; for (n = a; n; n = n->next) { PKT_signature *sig; + if (n->pkt->pkttype == PKT_USER_ID) + { + if (saw_email) + /* We're done: we've processed all signatures on the + user id. */ + break; + else + { + /* See if this is the matching user id. */ + PKT_user_id *user_id = n->pkt->pkt.user_id; + char *email2 = email_from_user_id (user_id->name); + + if (strcmp (email, email2) == 0) + saw_email = 1; + + xfree (email2); + } + } + + if (! saw_email) + continue; + if (n->pkt->pkttype != PKT_SIGNATURE) continue; @@ -2221,7 +2244,7 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, } else { - is_signed_by_utk = signed_by_utk (kb); + is_signed_by_utk = signed_by_utk (email, kb); release_kbnode (kb); } } -- cgit v1.2.3