1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

agent: Raise the maximum password length. Don't hard code it.

* agent/agent.h (MAX_PASSPHRASE_LEN): Define.
* agent/command-ssh.c (ssh_identity_register): Use it instead of a
hard-coded literal.
* agent/cvt-openpgp.c (convert_from_openpgp_main): Likewise.
* agent/findkey.c (unprotect): Likewise.
* agent/genkey.c (agent_ask_new_passphrase): Likewise.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
GnuPG-bug-id: 2038
This commit is contained in:
Neal H. Walfield 2015-08-24 16:14:09 +02:00
parent 3cf02192a8
commit 348a6ebb63
5 changed files with 17 additions and 12 deletions

View File

@ -47,6 +47,11 @@
/* Maximum length of a digest. */ /* Maximum length of a digest. */
#define MAX_DIGEST_LEN 64 #define MAX_DIGEST_LEN 64
/* The maximum length of a passphrase (in bytes). Note: this is
further contrained by the Assuan line length (and any other text on
the same line). However, the Assuan line length is 1k bytes so
this shouldn't be a problem in practice. */
#define MAX_PASSPHRASE_LEN 255
/* A large struct name "opt" to keep global flags */ /* A large struct name "opt" to keep global flags */

View File

@ -3094,17 +3094,17 @@ ssh_identity_register (ctrl_t ctrl, ssh_key_type_spec_t *spec,
goto out; goto out;
} }
pi = gcry_calloc_secure (2, sizeof (*pi) + 100 + 1); pi = gcry_calloc_secure (2, sizeof (*pi) + MAX_PASSPHRASE_LEN + 1);
if (!pi) if (!pi)
{ {
err = gpg_error_from_syserror (); err = gpg_error_from_syserror ();
goto out; goto out;
} }
pi2 = pi + (sizeof *pi + 100 + 1); pi2 = pi + (sizeof *pi + MAX_PASSPHRASE_LEN + 1);
pi->max_length = 100; pi->max_length = MAX_PASSPHRASE_LEN + 1;
pi->max_tries = 1; pi->max_tries = 1;
pi->with_repeat = 1; pi->with_repeat = 1;
pi2->max_length = 100; pi2->max_length = MAX_PASSPHRASE_LEN + 1;
pi2->max_tries = 1; pi2->max_tries = 1;
pi2->check_cb = reenter_compare_cb; pi2->check_cb = reenter_compare_cb;
pi2->check_cb_arg = pi->pin; pi2->check_cb_arg = pi->pin;

View File

@ -918,10 +918,10 @@ convert_from_openpgp_main (ctrl_t ctrl, gcry_sexp_t s_pgp,
struct pin_entry_info_s *pi; struct pin_entry_info_s *pi;
struct try_do_unprotect_arg_s pi_arg; struct try_do_unprotect_arg_s pi_arg;
pi = xtrycalloc_secure (1, sizeof (*pi) + 100); pi = xtrycalloc_secure (1, sizeof (*pi) + MAX_PASSPHRASE_LEN + 1);
if (!pi) if (!pi)
return gpg_error_from_syserror (); return gpg_error_from_syserror ();
pi->max_length = 100; pi->max_length = MAX_PASSPHRASE_LEN + 1;
pi->min_digits = 0; /* We want a real passphrase. */ pi->min_digits = 0; /* We want a real passphrase. */
pi->max_digits = 16; pi->max_digits = 16;
pi->max_tries = 3; pi->max_tries = 3;

View File

@ -450,10 +450,10 @@ unprotect (ctrl_t ctrl, const char *cache_nonce, const char *desc_text,
} }
} }
pi = gcry_calloc_secure (1, sizeof (*pi) + 100); pi = gcry_calloc_secure (1, sizeof (*pi) + MAX_PASSPHRASE_LEN + 1);
if (!pi) if (!pi)
return gpg_error_from_syserror (); return gpg_error_from_syserror ();
pi->max_length = 100; pi->max_length = MAX_PASSPHRASE_LEN + 1;
pi->min_digits = 0; /* we want a real passphrase */ pi->min_digits = 0; /* we want a real passphrase */
pi->max_digits = 16; pi->max_digits = 16;
pi->max_tries = 3; pi->max_tries = 3;

View File

@ -374,13 +374,13 @@ agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt,
return err; return err;
} }
pi = gcry_calloc_secure (2, sizeof (*pi) + 100); pi = gcry_calloc_secure (2, sizeof (*pi) + MAX_PASSPHRASE_LEN + 1);
pi2 = pi + (sizeof *pi + 100); pi2 = pi + (sizeof *pi + MAX_PASSPHRASE_LEN + 1);
pi->max_length = 100; pi->max_length = MAX_PASSPHRASE_LEN + 1;
pi->max_tries = 3; pi->max_tries = 3;
pi->with_qualitybar = 1; pi->with_qualitybar = 1;
pi->with_repeat = 1; pi->with_repeat = 1;
pi2->max_length = 100; pi2->max_length = MAX_PASSPHRASE_LEN + 1;
pi2->max_tries = 3; pi2->max_tries = 3;
pi2->check_cb = reenter_compare_cb; pi2->check_cb = reenter_compare_cb;
pi2->check_cb_arg = pi->pin; pi2->check_cb_arg = pi->pin;