diff options
| author | Demi Marie Obenour <demi@invisiblethingslab.com> | 2022-04-14 15:38:11 -0400 |
|---|---|---|
| committer | Panu Matilainen <pmatilai@redhat.com> | 2022-04-25 10:29:56 +0300 |
| commit | 329e2ec47f6cd3bc7ecf85abd9f2ab179c59914f (patch) | |
| tree | 820b0569d938818cb880790d71d1fad526a67cb6 | |
| parent | 81ed99cfc6c2d608a368354a702a26b90b1efd1d (diff) | |
| download | rpm-329e2ec47f6cd3bc7ecf85abd9f2ab179c59914f.tar.gz | |
Fix OpenPGP key ID parsing regression
This fixes a regression in 598a771d8b4f4f480d4990ccf59b978d537201dd,
which caused RPM to parse key flags from a hashed key ID subpacket. As
a result, RPM would wrongly reject a signature that had both key ID and
key usage flags subpackets in the hashed section.
(backported from commit 7f830132fe717d4b31c035bb3d08379451e3cd81)
| -rw-r--r-- | rpmio/rpmpgp.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c index deea65eae..242b34e19 100644 --- a/rpmio/rpmpgp.c +++ b/rpmio/rpmpgp.c @@ -528,6 +528,7 @@ static int pgpPrtSubType(const uint8_t *h, size_t hlen, pgpSigType sigtype, _digp->saved |= PGPDIG_SAVED_ID; memcpy(_digp->signid, p+1, sizeof(_digp->signid)); } + break; case PGPSUBTYPE_KEY_FLAGS: /* Key usage flags */ /* Subpackets in the unhashed section cannot be trusted */ if (!hashed) |