mirror of
git://git.gnupg.org/gnupg.git
synced 2025-02-01 16:33:02 +01:00
* options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Add
--min-cert-check-level option to specify minimum cert check level. Defaults to 1 (so no sigs are ignored). 0x10 sigs cannot be ignored. * options.h, g10.c (main), plaintext.c (handle_plaintext): Add --max-output option to help people deal with decompression bombs.
This commit is contained in:
parent
95b6aacacc
commit
2f0a98ad35
@ -1,3 +1,13 @@
|
|||||||
|
2004-02-23 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Add
|
||||||
|
--min-cert-check-level option to specify minimum cert check
|
||||||
|
level. Defaults to 1 (so no sigs are ignored). 0x10 sigs cannot
|
||||||
|
be ignored.
|
||||||
|
|
||||||
|
* options.h, g10.c (main), plaintext.c (handle_plaintext): Add
|
||||||
|
--max-output option to help people deal with decompression bombs.
|
||||||
|
|
||||||
2004-02-15 David Shaw <dshaw@jabberwocky.com>
|
2004-02-15 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
* build-packet.c (do_user_id): Do not force a header for attribute
|
* build-packet.c (do_user_id): Do not force a header for attribute
|
||||||
|
17
g10/g10.c
17
g10/g10.c
@ -74,6 +74,7 @@ enum cmd_and_opt_values
|
|||||||
oCompress = 'z',
|
oCompress = 'z',
|
||||||
oSetNotation = 'N',
|
oSetNotation = 'N',
|
||||||
oBatch = 500,
|
oBatch = 500,
|
||||||
|
oMaxOutput,
|
||||||
oSigNotation,
|
oSigNotation,
|
||||||
oCertNotation,
|
oCertNotation,
|
||||||
oShowNotation,
|
oShowNotation,
|
||||||
@ -145,6 +146,7 @@ enum cmd_and_opt_values
|
|||||||
oAnswerYes,
|
oAnswerYes,
|
||||||
oAnswerNo,
|
oAnswerNo,
|
||||||
oDefCertCheckLevel,
|
oDefCertCheckLevel,
|
||||||
|
oMinCertCheckLevel,
|
||||||
oKeyring,
|
oKeyring,
|
||||||
oSecretKeyring,
|
oSecretKeyring,
|
||||||
oShowKeyring,
|
oShowKeyring,
|
||||||
@ -401,6 +403,7 @@ static ARGPARSE_OPTS opts[] = {
|
|||||||
{ oAskCertExpire, "ask-cert-expire", 0, "@"},
|
{ oAskCertExpire, "ask-cert-expire", 0, "@"},
|
||||||
{ oNoAskCertExpire, "no-ask-cert-expire", 0, "@"},
|
{ oNoAskCertExpire, "no-ask-cert-expire", 0, "@"},
|
||||||
{ oOutput, "output", 2, N_("use as output file")},
|
{ oOutput, "output", 2, N_("use as output file")},
|
||||||
|
{ oMaxOutput, "max-output", 16|4, "@" },
|
||||||
{ oVerbose, "verbose", 0, N_("verbose") },
|
{ oVerbose, "verbose", 0, N_("verbose") },
|
||||||
{ oQuiet, "quiet", 0, N_("be somewhat more quiet") },
|
{ oQuiet, "quiet", 0, N_("be somewhat more quiet") },
|
||||||
{ oNoTTY, "no-tty", 0, N_("don't use the terminal at all") },
|
{ oNoTTY, "no-tty", 0, N_("don't use the terminal at all") },
|
||||||
@ -530,6 +533,7 @@ static ARGPARSE_OPTS opts[] = {
|
|||||||
{ oCompressKeys, "compress-keys",0, "@"},
|
{ oCompressKeys, "compress-keys",0, "@"},
|
||||||
{ oCompressSigs, "compress-sigs",0, "@"},
|
{ oCompressSigs, "compress-sigs",0, "@"},
|
||||||
{ oDefCertCheckLevel, "default-cert-check-level", 1, "@"},
|
{ oDefCertCheckLevel, "default-cert-check-level", 1, "@"},
|
||||||
|
{ oMinCertCheckLevel, "min-cert-check-level", 1, "@"},
|
||||||
{ oAlwaysTrust, "always-trust", 0, "@"},
|
{ oAlwaysTrust, "always-trust", 0, "@"},
|
||||||
{ oTrustModel, "trust-model", 2, "@"},
|
{ oTrustModel, "trust-model", 2, "@"},
|
||||||
{ oEmuChecksumBug, "emulate-checksum-bug", 0, "@"},
|
{ oEmuChecksumBug, "emulate-checksum-bug", 0, "@"},
|
||||||
@ -1320,6 +1324,7 @@ main( int argc, char **argv )
|
|||||||
opt.keyserver_options.include_subkeys=1;
|
opt.keyserver_options.include_subkeys=1;
|
||||||
opt.keyserver_options.include_revoked=1;
|
opt.keyserver_options.include_revoked=1;
|
||||||
opt.mangle_dos_filenames = 1;
|
opt.mangle_dos_filenames = 1;
|
||||||
|
opt.min_cert_check_level=1;
|
||||||
#if defined (_WIN32)
|
#if defined (_WIN32)
|
||||||
set_homedir ( read_w32_registry_string( NULL,
|
set_homedir ( read_w32_registry_string( NULL,
|
||||||
"Software\\GNU\\GnuPG", "HomeDir" ));
|
"Software\\GNU\\GnuPG", "HomeDir" ));
|
||||||
@ -1525,6 +1530,7 @@ main( int argc, char **argv )
|
|||||||
|
|
||||||
case oArmor: opt.armor = 1; opt.no_armor=0; break;
|
case oArmor: opt.armor = 1; opt.no_armor=0; break;
|
||||||
case oOutput: opt.outfile = pargs.r.ret_str; break;
|
case oOutput: opt.outfile = pargs.r.ret_str; break;
|
||||||
|
case oMaxOutput: opt.max_output = pargs.r.ret_ulong; break;
|
||||||
case oQuiet: opt.quiet = 1; break;
|
case oQuiet: opt.quiet = 1; break;
|
||||||
case oNoTTY: tty_no_terminal(1); break;
|
case oNoTTY: tty_no_terminal(1); break;
|
||||||
case oDryRun: opt.dry_run = 1; break;
|
case oDryRun: opt.dry_run = 1; break;
|
||||||
@ -1592,6 +1598,7 @@ main( int argc, char **argv )
|
|||||||
case oNoArmor: opt.no_armor=1; opt.armor=0; break;
|
case oNoArmor: opt.no_armor=1; opt.armor=0; break;
|
||||||
case oNoDefKeyring: default_keyring = 0; break;
|
case oNoDefKeyring: default_keyring = 0; break;
|
||||||
case oDefCertCheckLevel: opt.def_cert_check_level=pargs.r.ret_int; break;
|
case oDefCertCheckLevel: opt.def_cert_check_level=pargs.r.ret_int; break;
|
||||||
|
case oMinCertCheckLevel: opt.min_cert_check_level=pargs.r.ret_int; break;
|
||||||
case oNoGreeting: nogreeting = 1; break;
|
case oNoGreeting: nogreeting = 1; break;
|
||||||
case oNoVerbose: g10_opt_verbose = 0;
|
case oNoVerbose: g10_opt_verbose = 0;
|
||||||
opt.verbose = 0; opt.list_sigs=0; break;
|
opt.verbose = 0; opt.list_sigs=0; break;
|
||||||
@ -2124,13 +2131,15 @@ main( int argc, char **argv )
|
|||||||
"BZIP2");
|
"BZIP2");
|
||||||
#endif
|
#endif
|
||||||
if( opt.def_compress_algo < -1 || opt.def_compress_algo > 2 )
|
if( opt.def_compress_algo < -1 || opt.def_compress_algo > 2 )
|
||||||
log_error(_("compress algorithm must be in range %d..%d\n"), 0, 2);
|
log_error(_("compress algorithm must be in range %d..%d\n"), 0, 2);
|
||||||
if( opt.completes_needed < 1 )
|
if( opt.completes_needed < 1 )
|
||||||
log_error(_("completes-needed must be greater than 0\n"));
|
log_error(_("completes-needed must be greater than 0\n"));
|
||||||
if( opt.marginals_needed < 2 )
|
if( opt.marginals_needed < 2 )
|
||||||
log_error(_("marginals-needed must be greater than 1\n"));
|
log_error(_("marginals-needed must be greater than 1\n"));
|
||||||
if( opt.max_cert_depth < 1 || opt.max_cert_depth > 255 )
|
if( opt.max_cert_depth < 1 || opt.max_cert_depth > 255 )
|
||||||
log_error(_("max-cert-depth must be in range 1 to 255\n"));
|
log_error(_("max-cert-depth must be in range 1 to 255\n"));
|
||||||
|
if( opt.min_cert_check_level < 1 || opt.min_cert_check_level > 3 )
|
||||||
|
log_error(_("min-cert-check-level must be in the range from 1 to 3\n"));
|
||||||
switch( opt.s2k_mode ) {
|
switch( opt.s2k_mode ) {
|
||||||
case 0:
|
case 0:
|
||||||
log_info(_("NOTE: simple S2K mode (0) is strongly discouraged\n"));
|
log_info(_("NOTE: simple S2K mode (0) is strongly discouraged\n"));
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
/* options.h
|
/* options.h
|
||||||
* Copyright (C) 1998, 1999, 2000, 2001, 2002,
|
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
|
||||||
* 2003 Free Software Foundation, Inc.
|
* 2004 Free Software Foundation, Inc.
|
||||||
*
|
*
|
||||||
* This file is part of GnuPG.
|
* This file is part of GnuPG.
|
||||||
*
|
*
|
||||||
@ -21,6 +21,7 @@
|
|||||||
#ifndef G10_OPTIONS_H
|
#ifndef G10_OPTIONS_H
|
||||||
#define G10_OPTIONS_H
|
#define G10_OPTIONS_H
|
||||||
|
|
||||||
|
#include <sys/types.h>
|
||||||
#include <types.h>
|
#include <types.h>
|
||||||
#include "main.h"
|
#include "main.h"
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
@ -44,6 +45,7 @@ struct {
|
|||||||
int armor;
|
int armor;
|
||||||
int compress;
|
int compress;
|
||||||
char *outfile;
|
char *outfile;
|
||||||
|
off_t max_output;
|
||||||
int dry_run;
|
int dry_run;
|
||||||
int list_only;
|
int list_only;
|
||||||
int textmode;
|
int textmode;
|
||||||
@ -73,6 +75,7 @@ struct {
|
|||||||
char *def_recipient;
|
char *def_recipient;
|
||||||
int def_recipient_self;
|
int def_recipient_self;
|
||||||
int def_cert_check_level;
|
int def_cert_check_level;
|
||||||
|
int min_cert_check_level;
|
||||||
int sk_comments;
|
int sk_comments;
|
||||||
int no_version;
|
int no_version;
|
||||||
int marginals_needed;
|
int marginals_needed;
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
/* plaintext.c - process plaintext packets
|
/* plaintext.c - process plaintext packets
|
||||||
* Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
|
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
|
||||||
|
* 2004 Free Software Foundation, Inc.
|
||||||
*
|
*
|
||||||
* This file is part of GnuPG.
|
* This file is part of GnuPG.
|
||||||
*
|
*
|
||||||
@ -24,6 +25,7 @@
|
|||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
#include <assert.h>
|
#include <assert.h>
|
||||||
|
#include <sys/types.h>
|
||||||
#ifdef HAVE_DOSISH_SYSTEM
|
#ifdef HAVE_DOSISH_SYSTEM
|
||||||
#include <fcntl.h> /* for setmode() */
|
#include <fcntl.h> /* for setmode() */
|
||||||
#endif
|
#endif
|
||||||
@ -52,6 +54,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
|
|||||||
{
|
{
|
||||||
char *fname = NULL;
|
char *fname = NULL;
|
||||||
FILE *fp = NULL;
|
FILE *fp = NULL;
|
||||||
|
off_t count=0;
|
||||||
int rc = 0;
|
int rc = 0;
|
||||||
int c;
|
int c;
|
||||||
int convert = pt->mode == 't';
|
int convert = pt->mode == 't';
|
||||||
@ -131,14 +134,23 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
|
|||||||
if( c == '\r' ) /* convert to native line ending */
|
if( c == '\r' ) /* convert to native line ending */
|
||||||
continue; /* fixme: this hack might be too simple */
|
continue; /* fixme: this hack might be too simple */
|
||||||
#endif
|
#endif
|
||||||
if( fp ) {
|
if( fp )
|
||||||
if( putc( c, fp ) == EOF ) {
|
{
|
||||||
|
if(opt.max_output && (count++)>opt.max_output)
|
||||||
|
{
|
||||||
|
log_error("Error writing to `%s': %s\n",
|
||||||
|
fname,"exceeded --max-output limit\n");
|
||||||
|
rc = G10ERR_WRITE_FILE;
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
else if( putc( c, fp ) == EOF )
|
||||||
|
{
|
||||||
log_error("Error writing to `%s': %s\n",
|
log_error("Error writing to `%s': %s\n",
|
||||||
fname, strerror(errno) );
|
fname, strerror(errno) );
|
||||||
rc = G10ERR_WRITE_FILE;
|
rc = G10ERR_WRITE_FILE;
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else { /* binary mode */
|
else { /* binary mode */
|
||||||
@ -155,15 +167,25 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
|
|||||||
}
|
}
|
||||||
if( mfx->md )
|
if( mfx->md )
|
||||||
md_write( mfx->md, buffer, len );
|
md_write( mfx->md, buffer, len );
|
||||||
if( fp ) {
|
if( fp )
|
||||||
if( fwrite( buffer, 1, len, fp ) != len ) {
|
{
|
||||||
|
if(opt.max_output && (count+=len)>opt.max_output)
|
||||||
|
{
|
||||||
|
log_error("Error writing to `%s': %s\n",
|
||||||
|
fname,"exceeded --max-output limit\n");
|
||||||
|
rc = G10ERR_WRITE_FILE;
|
||||||
|
m_free( buffer );
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
else if( fwrite( buffer, 1, len, fp ) != len )
|
||||||
|
{
|
||||||
log_error("Error writing to `%s': %s\n",
|
log_error("Error writing to `%s': %s\n",
|
||||||
fname, strerror(errno) );
|
fname, strerror(errno) );
|
||||||
rc = G10ERR_WRITE_FILE;
|
rc = G10ERR_WRITE_FILE;
|
||||||
m_free( buffer );
|
m_free( buffer );
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
pt->len -= len;
|
pt->len -= len;
|
||||||
}
|
}
|
||||||
m_free( buffer );
|
m_free( buffer );
|
||||||
@ -178,14 +200,23 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
|
|||||||
if( convert && c == '\r' )
|
if( convert && c == '\r' )
|
||||||
continue; /* fixme: this hack might be too simple */
|
continue; /* fixme: this hack might be too simple */
|
||||||
#endif
|
#endif
|
||||||
if( fp ) {
|
if( fp )
|
||||||
if( putc( c, fp ) == EOF ) {
|
{
|
||||||
|
if(opt.max_output && (count++)>opt.max_output)
|
||||||
|
{
|
||||||
|
log_error("Error writing to `%s': %s\n",
|
||||||
|
fname,"exceeded --max-output limit\n");
|
||||||
|
rc = G10ERR_WRITE_FILE;
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
else if( putc( c, fp ) == EOF )
|
||||||
|
{
|
||||||
log_error("Error writing to `%s': %s\n",
|
log_error("Error writing to `%s': %s\n",
|
||||||
fname, strerror(errno) );
|
fname, strerror(errno) );
|
||||||
rc = G10ERR_WRITE_FILE;
|
rc = G10ERR_WRITE_FILE;
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else { /* binary mode */
|
else { /* binary mode */
|
||||||
@ -205,15 +236,24 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
|
|||||||
eof = 1;
|
eof = 1;
|
||||||
if( mfx->md )
|
if( mfx->md )
|
||||||
md_write( mfx->md, buffer, len );
|
md_write( mfx->md, buffer, len );
|
||||||
if( fp ) {
|
if( fp )
|
||||||
if( fwrite( buffer, 1, len, fp ) != len ) {
|
{
|
||||||
|
if(opt.max_output && (count+=len)>opt.max_output)
|
||||||
|
{
|
||||||
log_error("Error writing to `%s': %s\n",
|
log_error("Error writing to `%s': %s\n",
|
||||||
fname, strerror(errno) );
|
fname,"exceeded --max-output limit\n");
|
||||||
rc = G10ERR_WRITE_FILE;
|
rc = G10ERR_WRITE_FILE;
|
||||||
m_free( buffer );
|
m_free( buffer );
|
||||||
goto leave;
|
goto leave;
|
||||||
|
}
|
||||||
|
else if( fwrite( buffer, 1, len, fp ) != len ) {
|
||||||
|
log_error("Error writing to `%s': %s\n",
|
||||||
|
fname, strerror(errno) );
|
||||||
|
rc = G10ERR_WRITE_FILE;
|
||||||
|
m_free( buffer );
|
||||||
|
goto leave;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
m_free( buffer );
|
m_free( buffer );
|
||||||
}
|
}
|
||||||
@ -223,14 +263,23 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
|
|||||||
int state = 0;
|
int state = 0;
|
||||||
|
|
||||||
while( (c = iobuf_get(pt->buf)) != -1 ) {
|
while( (c = iobuf_get(pt->buf)) != -1 ) {
|
||||||
if( fp ) {
|
if( fp )
|
||||||
if( putc( c, fp ) == EOF ) {
|
{
|
||||||
|
if(opt.max_output && (count++)>opt.max_output)
|
||||||
|
{
|
||||||
log_error("Error writing to `%s': %s\n",
|
log_error("Error writing to `%s': %s\n",
|
||||||
fname, strerror(errno) );
|
fname,"exceeded --max-output limit\n");
|
||||||
rc = G10ERR_WRITE_FILE;
|
rc = G10ERR_WRITE_FILE;
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
}
|
else if( putc( c, fp ) == EOF )
|
||||||
|
{
|
||||||
|
log_error("Error writing to `%s': %s\n",
|
||||||
|
fname, strerror(errno) );
|
||||||
|
rc = G10ERR_WRITE_FILE;
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
}
|
||||||
if( !mfx->md )
|
if( !mfx->md )
|
||||||
continue;
|
continue;
|
||||||
if( state == 2 ) {
|
if( state == 2 ) {
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
/* trustdb.c
|
/* trustdb.c
|
||||||
* Copyright (C) 1998, 1999, 2000, 2001, 2002,
|
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
|
||||||
* 2003 Free Software Foundation, Inc.
|
* 2004 Free Software Foundation, Inc.
|
||||||
*
|
*
|
||||||
* This file is part of GnuPG.
|
* This file is part of GnuPG.
|
||||||
*
|
*
|
||||||
@ -1192,6 +1192,9 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
|
|||||||
continue; /* ignore self-signatures */
|
continue; /* ignore self-signatures */
|
||||||
if (!IS_UID_SIG(sig) && !IS_UID_REV(sig))
|
if (!IS_UID_SIG(sig) && !IS_UID_REV(sig))
|
||||||
continue; /* we only look at these signature classes */
|
continue; /* we only look at these signature classes */
|
||||||
|
if(sig->sig_class>=0x11 && sig->sig_class<=0x13 &&
|
||||||
|
sig->sig_class-0x10<opt.min_cert_check_level)
|
||||||
|
continue;
|
||||||
if (!is_in_klist (klist, sig))
|
if (!is_in_klist (klist, sig))
|
||||||
continue; /* no need to check it then */
|
continue; /* no need to check it then */
|
||||||
if(is_ELGAMAL(sig->pubkey_algo))
|
if(is_ELGAMAL(sig->pubkey_algo))
|
||||||
|
Loading…
x
Reference in New Issue
Block a user