* keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a

passphrase as if it was used (move from next_pw to last_pw).

* pubkey-enc.c (get_session_key): Use it here to handle the case where a
passphrase happens to be correct for a secret key, but yet that key isn't
the anonymous recipient (i.e. the secret key could be decrypted, but not
the session key).  This also handles the case where a secret key is
located on a card and a secret key with no passphrase.  Note this does not
fix bug 594 (anonymous recipients on smartcard do not work) - it just
prevents the anonymous search from stopping when the card is encountered.

1 files changed, 17 insertions, 2 deletions

diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
index ad2bea64d..cffa79c62 100644
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@@ -115,11 +115,26 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
 								      only
 								      once */
 	    if( !rc )
+	      {
 		rc = get_it( k, dek, sk, keyid );
-	    if( !rc ) {
+		/* Successfully checked the secret key (either it was
+		   a card, had no passphrase, or had the right
+		   passphrase) but couldn't decrypt the session key,
+		   so thus that key is not the anonymous recipient.
+		   Move the next passphrase into last for the next
+		   round.  We only do this if the secret key was
+		   successfully checked as in the normal case,
+		   check_secret_key handles this for us via
+		   passphrase_to_dek */
+		if(rc)
+		  next_to_last_passphrase();
+	      }
+
+	    if( !rc )
+	      {
 		log_info(_("okay, we are the anonymous recipient.\n") );
 		break;
-	    }
+	      }
 	}
 	enum_secret_keys( &enum_context, NULL, 0, 0 ); /* free context */
     }