security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-18 14:17:03 +01:00
Code Activity

* certlist.c (gpgsm_add_to_certlist): Check that the specified

Browse Source 
name identifies a certificate unambiguously.
(gpgsm_find_cert): Ditto.
* server.c (cmd_listkeys): Check that the data stream is available.
(cmd_listsecretkeys): Ditto.
(has_option): New.
(cmd_sign): Fix ambiguousity in option recognition.
* gpgsm.c (main): Enable --logger-fd.
* encrypt.c (gpgsm_encrypt): Increased buffer size for better
performance.
* call-agent.c (gpgsm_agent_pksign): Check the S-Exp received from
the agent.
* keylist.c (list_cert_colon): Filter out control characters.
This commit is contained in:
Werner Koch 2002-02-07 18:43:22 +00:00
parent 6aa7267865
commit 2a28f5d0ae
10 changed files with 79 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
common/errors.h
View File

@ -84,6 +84,7 @@ enum {
GNUPG_Unknown_Sexp = 55, GNUPG_Unknown_Sexp = 55,
GNUPG_Unsupported_Protection = 56, GNUPG_Unsupported_Protection = 56,
GNUPG_Corrupted_Protection = 57, GNUPG_Corrupted_Protection = 57,
GNUPG_Ambiguous_Name = 58
}; };
/* Status codes - fixme: should go into another file */ /* Status codes - fixme: should go into another file */

21
sm/ChangeLog
View File

@ -1,3 +1,24 @@
2002-02-07 Werner Koch <wk@gnupg.org>
* certlist.c (gpgsm_add_to_certlist): Check that the specified
name identifies a certificate unambiguously.
(gpgsm_find_cert): Ditto.
* server.c (cmd_listkeys): Check that the data stream is available.
(cmd_listsecretkeys): Ditto.
(has_option): New.
(cmd_sign): Fix ambiguousity in option recognition.
* gpgsm.c (main): Enable --logger-fd.
* encrypt.c (gpgsm_encrypt): Increased buffer size for better
performance.
* call-agent.c (gpgsm_agent_pksign): Check the S-Exp received from
the agent.
* keylist.c (list_cert_colon): Filter out control characters.
2002-02-06 Werner Koch <wk@gnupg.org> 2002-02-06 Werner Koch <wk@gnupg.org>
* decrypt.c (gpgsm_decrypt): Bail out after an decryption error. * decrypt.c (gpgsm_decrypt): Bail out after an decryption error.

6
sm/call-agent.c
View File

@ -273,7 +273,11 @@ gpgsm_agent_pksign (const char *keygrip,
} }
*r_buf = get_membuf (&data, r_buflen); *r_buf = get_membuf (&data, r_buflen);
/* FIXME: check that the returned S-Exp is valid! */ if (!gcry_sexp_canon_len (*r_buf, *r_buflen, NULL, NULL))
{
xfree (*r_buf); *r_buf = NULL;
return GNUPG_Invalid_Value;
}
return *r_buf? 0 : GNUPG_Out_Of_Core; return *r_buf? 0 : GNUPG_Out_Of_Core;
} }

2
sm/certcheck.c
View File

@ -255,7 +255,7 @@ gpgsm_create_cms_signature (KsbaCert cert, GCRY_MD_HD md, int mdalgo,
gcry_md_get_algo_dlen (mdalgo), mdalgo, gcry_md_get_algo_dlen (mdalgo), mdalgo,
r_sigval, &siglen); r_sigval, &siglen);
xfree (grip); xfree (grip);
/* FIXME: we should check that the returnes S-Exp is valid fits int /* FIXME: we should check that the returned S-Exp is valid fits int
siglen. It ould probaly be a good idea to scan and print it siglen. It ould probaly be a good idea to scan and print it
again to make this sure and be sure that we have canoncical again to make this sure and be sure that we have canoncical
encoding */ encoding */

24
sm/certlist.c
View File

@ -43,7 +43,6 @@ gpgsm_add_to_certlist (const char *name, CERTLIST *listaddr)
KEYDB_HANDLE kh = NULL; KEYDB_HANDLE kh = NULL;
KsbaCert cert = NULL; KsbaCert cert = NULL;
/* fixme: check that we identify excactly one cert with the name */
rc = keydb_classify_name (name, &desc); rc = keydb_classify_name (name, &desc);
if (!rc) if (!rc)
{ {
@ -55,6 +54,14 @@ gpgsm_add_to_certlist (const char *name, CERTLIST *listaddr)
rc = keydb_search (kh, &desc, 1); rc = keydb_search (kh, &desc, 1);
if (!rc) if (!rc)
rc = keydb_get_cert (kh, &cert); rc = keydb_get_cert (kh, &cert);
if (!rc)
{
rc = keydb_search (kh, &desc, 1);
if (rc == -1)
rc = 0;
else if (!rc)
rc = GNUPG_Ambiguous_Name;
}
if (!rc) if (!rc)
rc = gpgsm_validate_path (cert); rc = gpgsm_validate_path (cert);
if (!rc) if (!rc)
@ -100,7 +107,6 @@ gpgsm_find_cert (const char *name, KsbaCert *r_cert)
KEYDB_HANDLE kh = NULL; KEYDB_HANDLE kh = NULL;
*r_cert = NULL; *r_cert = NULL;
/* fixme: check that we identify excactly one cert with the name */
rc = keydb_classify_name (name, &desc); rc = keydb_classify_name (name, &desc);
if (!rc) if (!rc)
{ {
@ -112,9 +118,23 @@ gpgsm_find_cert (const char *name, KsbaCert *r_cert)
rc = keydb_search (kh, &desc, 1); rc = keydb_search (kh, &desc, 1);
if (!rc) if (!rc)
rc = keydb_get_cert (kh, r_cert); rc = keydb_get_cert (kh, r_cert);
if (!rc)
{
rc = keydb_search (kh, &desc, 1);
if (rc == -1)
rc = 0;
else
{
if (!rc)
rc = GNUPG_Ambiguous_Name;
ksba_cert_release (*r_cert);
*r_cert = NULL;
}
}
} }
} }
keydb_release (kh); keydb_release (kh);
return rc == -1? GNUPG_No_Public_Key: rc; return rc == -1? GNUPG_No_Public_Key: rc;
} }

5
sm/encrypt.c
View File

@ -510,9 +510,8 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp)
} }
encparm.dek = dek; encparm.dek = dek;
/* fixme: we should use a larger buffer - the small one is better /* Use a ~8k (AES) or ~4k (3DES) buffer */
for testing */ encparm.bufsize = 500 * dek->ivlen;
encparm.bufsize = 10 * dek->ivlen;
encparm.buffer = xtrymalloc (encparm.bufsize); encparm.buffer = xtrymalloc (encparm.bufsize);
if (!encparm.buffer) if (!encparm.buffer)
{ {

6
sm/gpgsm.c
View File

@ -573,7 +573,7 @@ main ( int argc, char **argv)
struct server_control_s ctrl; struct server_control_s ctrl;
CERTLIST recplist = NULL; CERTLIST recplist = NULL;
/* FIXME: trap_unaligned ();*/ /* fixme: trap_unaligned ();*/
set_strusage (my_strusage); set_strusage (my_strusage);
gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
/* Please note that we may running SUID(ROOT), so be very CAREFUL /* Please note that we may running SUID(ROOT), so be very CAREFUL
@ -592,7 +592,7 @@ main ( int argc, char **argv)
may_coredump = disable_core_dumps (); may_coredump = disable_core_dumps ();
/* FIXME: init_signals();*/ /* Fixme: init_signals();*/
create_dotlock (NULL); /* register locking cleanup */ create_dotlock (NULL); /* register locking cleanup */
i18n_init(); i18n_init();
@ -791,7 +791,7 @@ main ( int argc, char **argv)
case oDebugWait: debug_wait = pargs.r.ret_int; break; case oDebugWait: debug_wait = pargs.r.ret_int; break;
case oStatusFD: ctrl.status_fd = pargs.r.ret_int; break; case oStatusFD: ctrl.status_fd = pargs.r.ret_int; break;
case oLoggerFD: /* fixme: log_set_logfile (NULL, pargs.r.ret_int );*/ break; case oLoggerFD: log_set_fd (pargs.r.ret_int ); break;
case oWithFingerprint: case oWithFingerprint:
with_fpr=1; /*fall thru*/ with_fpr=1; /*fall thru*/
case oFingerprint: case oFingerprint:

6
sm/keylist.c
View File

@ -165,7 +165,7 @@ list_cert_colon (KsbaCert cert, FILE *fp, int have_secret)
putc (':', fp); putc (':', fp);
if ((p = ksba_cert_get_issuer (cert,0))) if ((p = ksba_cert_get_issuer (cert,0)))
{ {
fputs (p, fp); /* FIXME: Escape colons and linefeeds */ print_sanitized_string (fp, p, ':');
xfree (p); xfree (p);
} }
putc (':', fp); putc (':', fp);
@ -188,7 +188,7 @@ list_cert_colon (KsbaCert cert, FILE *fp, int have_secret)
for (idx=0; (p = ksba_cert_get_subject (cert,idx)); idx++) for (idx=0; (p = ksba_cert_get_subject (cert,idx)); idx++)
{ {
fprintf (fp, "uid:%c::::::::", trustletter); fprintf (fp, "uid:%c::::::::", trustletter);
fputs (p, fp); /* FIXME: Escape colons and linefeeds */ print_sanitized_string (fp, p, ':');
putc (':', fp); putc (':', fp);
putc (':', fp); putc (':', fp);
putc ('\n', fp); putc ('\n', fp);
@ -202,7 +202,7 @@ list_cert_colon (KsbaCert cert, FILE *fp, int have_secret)
if (pp) if (pp)
{ {
fprintf (fp, "uid:%c::::::::", trustletter); fprintf (fp, "uid:%c::::::::", trustletter);
fputs (pp, fp); /* FIXME: Escape colons and linefeeds */ print_sanitized_string (fp, pp, ':');
putc (':', fp); putc (':', fp);
putc (':', fp); putc (':', fp);
putc ('\n', fp); putc ('\n', fp);

27
sm/server.c
View File

@ -42,6 +42,17 @@ struct server_local_s {
CERTLIST recplist; CERTLIST recplist;
}; };
/* Check whether the option NAME appears in LINE */
static int
has_option (const char *line, const char *name)
{
const char *s;
int n = strlen (name);
s = strstr (line, name);
return (s && (s == line || spacep (s-1)) && (!s[n] || spacep (s+n)));
}
static void static void
close_message_fd (CTRL ctrl) close_message_fd (CTRL ctrl)
@ -289,7 +300,7 @@ cmd_sign (ASSUAN_CONTEXT ctx, char *line)
if (out_fd == -1) if (out_fd == -1)
return set_error (No_Output, NULL); return set_error (No_Output, NULL);
detached = !!strstr (line, "--detached"); /* fixme: this is ambiguous */ detached = has_option (line, "--detached");
out_fp = fdopen ( dup(out_fd), "w"); out_fp = fdopen ( dup(out_fd), "w");
if (!out_fp) if (!out_fp)
@ -362,11 +373,12 @@ static int
cmd_listkeys (ASSUAN_CONTEXT ctx, char *line) cmd_listkeys (ASSUAN_CONTEXT ctx, char *line)
{ {
CTRL ctrl = assuan_get_pointer (ctx); CTRL ctrl = assuan_get_pointer (ctx);
FILE *fp = assuan_get_data_fp (ctx);
if (!fp)
return set_error (General_Error, "no data stream");
ctrl->with_colons = 1; ctrl->with_colons = 1;
/* fixme: check that the returned data_fp is not NULL */ gpgsm_list_keys (assuan_get_pointer (ctx), NULL, fp, 3);
gpgsm_list_keys (assuan_get_pointer (ctx), NULL,
assuan_get_data_fp (ctx), 3);
return 0; return 0;
} }
@ -375,11 +387,12 @@ static int
cmd_listsecretkeys (ASSUAN_CONTEXT ctx, char *line) cmd_listsecretkeys (ASSUAN_CONTEXT ctx, char *line)
{ {
CTRL ctrl = assuan_get_pointer (ctx); CTRL ctrl = assuan_get_pointer (ctx);
FILE *fp = assuan_get_data_fp (ctx);
ctrl->with_colons = 1; ctrl->with_colons = 1;
/* fixme: check that the returned data_fp is not NULL */ if (!fp)
gpgsm_list_keys (assuan_get_pointer (ctx), NULL, return set_error (General_Error, "no data stream");
assuan_get_data_fp (ctx), 2); gpgsm_list_keys (assuan_get_pointer (ctx), NULL, fp, 2);
return 0; return 0;
} }

2
sm/verify.c
View File

@ -34,7 +34,7 @@
#include "keydb.h" #include "keydb.h"
#include "i18n.h" #include "i18n.h"
/* FIXME: Move this to jnlib */ /* fixme: Move this to jnlib */
static char * static char *
strtimestamp (time_t atime) strtimestamp (time_t atime)
{ {