View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000043Main CAcert WebsiteGPG/PGPpublic2005-09-06 20:152013-01-13 14:53
Reporterhomer Assigned To 
PrioritynormalSeverityminorReproducibilityN/A
Status closedResolutionduplicate 
Fixed in Version2005 
Summary0000043: Do not check for the existance of email addresses that are from revoked OpenPGP sub-keys
Description * Do not check for the existance of email addresses that are from revoked OpenPGP sub-keys, and do not sign revoked sub-keys afterwards. (Currently the workaround for the users is to backup the key, delete the subkeys, upload the new subkey, get the signature, and join it with the backup.
TagsNo tags attached.
Attached Files
gpg_revoke.diff (1,073 bytes)    
--- cacert_orig/www/gpg.php	2005-02-16 19:12:13.000000000 +0100
+++ cacert/www/gpg.php	2005-08-21 03:10:00.000000000 +0200
@@ -36,21 +36,33 @@
 	if($oldid == "0")
 	{
 		$gpgkey = $_POST['CSR'];
-		$gpg = `echo "$gpgkey"|gpg --with-colons --homedir /tmp 2>&1`;
+		$gpg = `echo "$gpgkey"|gpg --with-colons -v --homedir /tmp 2>&1`;
+		$gpgarray = explode("\n", $gpg);
 		$lines = "";
-		foreach(explode("\n", $gpg) as $line)
+		$skip = 0;
+		for($i=count($gpgarray)-1; $i >= 0; $i--)
 		{
-			if(substr($line, 0, 3) == "pub" || substr($line, 0, 3) == "uid")
+			if(substr($gpgarray[$i], 0, 3) == "rev")
 			{
+				$skip=1;
+				continue;
+			}
+			if(substr(gpgarray[$i], 0, 3) == "pub" || substr(gpgarray[$i], 0, 3) == "uid")
+			{
+				if($skip)
+				{
+					$skip = 0;
+					continue;
+				}
 				if($lines != "")
 					$lines .= "\n";
-				$lines .= $line;
+				$lines .= gpgarray[$i];
 			}
 		}
 		$gpg = $lines;
 		$expires = 0;
 
-		foreach(explode("\n", $gpg) as $line)
+		foreach($gpgarray as $line)
 		{
 			$name = $comment = "";
 			$bits = explode(":", $line);
gpg_revoke.diff (1,073 bytes)   
Reviewed by
Test Instructions

Relationships

duplicate of 0000012 closedSourcerer revoked subkeys are also tried to be signed 

Activities

gowdy

2005-10-25 14:09

reporter   ~0000023

I have the same problem, although I don't think I've revoked my old email addresses in the key. Can you add the commands used to apply the workaround please?

Issue History

Date Modified Username Field Change
2005-09-06 20:15 homer New Issue
2005-10-25 14:09 gowdy Note Added: 0000023
2005-11-22 21:13 duane Relationship added duplicate of 0000012
2005-11-22 21:13 duane Status new => closed
2005-11-22 21:13 duane Resolution open => duplicate
2006-02-26 09:39 Sourcerer File Added: gpg_revoke.diff
2013-01-13 14:53 Werner Dworak Fixed in Version => 2005
2013-01-13 14:53 Werner Dworak Description Updated