>Number:         35519
>Category:       pkg
>Synopsis:       libgcrypt fails option handling
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Jan 30 06:40:00 +0000 2007
>Originator:     Naoto Morishima
>Release:        NetBSD 3.1-STABLE
>Organization:
NAIST
>Environment:
NetBSD XXX 3.1_STABLE NetBSD 3.1_STABLE (GENERIC 1.661.2.14/XXX 1.3) #0: Wed Nov  8 12:33:52 JST 2006  naoto@xxx:/usr/obj/sys/arch/i386/compile/XXX.MP i386

>Description:
"--no-secmem-warning" option on gpg2 does not seem to work well,
because libgcrypt fails its handling.
>How-To-Repeat:
invoke gpg2 which is not setuid'ed with option --no-secmem-warning without setuid, 
and you will get message of "WARNING: using insecure memory!".
>Fix:
In libgcrypt-1.2.3/src/secmem.h, values for the macros GCRY_SECMEM_FLAG_NO_WARNING and GCRY_SECMEM_FLAG_SUSPEND_WARNING should be enclosed with parans as following:

--- libgcrypt-1.2.3/src/secmem.h.orig   2007-01-30 15:37:33.000000000 +0900
+++ libgcrypt-1.2.3/src/secmem.h        2007-01-30 15:37:40.000000000 +0900
@@ -32,7 +32,7 @@
 int _gcry_private_is_secure (const void *p) GCC_ATTR_PURE;
 
 /* Flags for _gcry_secmem_{set,get}_flags.  */
-#define GCRY_SECMEM_FLAG_NO_WARNING      1 << 0
-#define GCRY_SECMEM_FLAG_SUSPEND_WARNING 1 << 1
+#define GCRY_SECMEM_FLAG_NO_WARNING      (1 << 0)
+#define GCRY_SECMEM_FLAG_SUSPEND_WARNING (1 << 1)
 
 #endif /* G10_SECMEM_H */