Page MenuHome GnuPG
Create Task
Maniphest T309

0.3.16 appears to return current time as timestamp if a key does not expire
Closed, ResolvedPublic
Actions

Description

Release: 0.3.16

Environment

Red Hat Linux 9

GnuPG 1.2.4

Description

In the changelog for gpgme 0.3.16 there is the following:

2003-11-18 Werner Koch <wk@gnupg.org>

  • conversion.c (_gpgme_parse_timestamp): New. Now also handles ISO 8601 timestamps as used by gnupg 1.9.2.
  • keylist.c (parse_timestamp): Removed. Replaced calls by _gpgme_parse_timestamp.
  • verify.c (_gpgme_verify_status_handler): Replaced strtoul by _gpgme_parse_timestamp.
  • sign.c (append_xml_siginfo): Ditto.

    It seems that the new function in conversion.c replaces that used in 0.3.15 and earlier, the result is that under some circumstances an erroneous timestamp is returned. Particularly, Sylpheed Claws will show all keys as having an expiration time of between 0 and a maximum of 10-15 seconds after the timestamp of each signed message when using gpgme 0.3.16.

    It would appear that this is because a null expiration string causes the current time to be returned as the expiration timestamp.

How To Repeat

Run Sylpheed Claws with gpgme support compiled in, gpgme-0.3.16 displays the problem described

Fix

Unknown

Release Note

0.3.* is not supported anymore - use stable versions like 1.0

Event Timeline

bdm added projects: Bug Report, gpgme.May 9 2004, 12:54 AM
werner closed this task as Resolved.Jan 21 2005, 11:14 AM
werner added a subscriber: werner.

Upgrade to a stable version