1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

bug fixes

This commit is contained in:
Werner Koch 2001-08-31 12:51:41 +00:00
parent bab40b52cd
commit 3f465d5d7a
9 changed files with 108 additions and 30 deletions

12
NEWS
View File

@ -24,11 +24,15 @@
* Merged Stefan's patches for RISC OS in. See comments in * Merged Stefan's patches for RISC OS in. See comments in
scripts/build-riscos. scripts/build-riscos.
* It is now possible to sign and convenional encrypt a message (-cs). * It is now possible to sign and conventional encrypt a message (-cs).
* The MDC feature flag is supported and can be set by using * The MDC feature flag is supported and can be set by using
the "updpref" edit command. the "updpref" edit command.
* The status messages GOODSIG and BADSIG are now returning the primary
UID, encoded using %XX escaping (but with spaces left as spaces,
so that it should not break too much)
Noteworthy changes in version 1.0.6 (2001-05-29) Noteworthy changes in version 1.0.6 (2001-05-29)
------------------------------------------------ ------------------------------------------------
@ -96,8 +100,8 @@ Noteworthy changes in version 1.0.5 (2001-04-29)
* The verification status of self-signatures are now cached. To * The verification status of self-signatures are now cached. To
increase the speed of key list operations for existing keys you increase the speed of key list operations for existing keys you
can do the following in your GnuPG homedir (~/.gnupg): can do the following in your GnuPG homedir (~/.gnupg):
$ cp pubring.gpg pubring.gpg.save && $ gpg --export-all >x && \ cp pubring.gpg pubring.gpg.save && gpg --export-all >x && \
rm pubring.gpg && gpg --import x rm pubring.gpg && gpg --import x
Only v4 keys (i.e not the old RSA keys) benefit from this caching. Only v4 keys (i.e not the old RSA keys) benefit from this caching.
* New translations: Estonian, Turkish. * New translations: Estonian, Turkish.

9
TODO
View File

@ -1,6 +1,4 @@
* need a BAD_PASSPHRASE status for -c
* add listing of notation data * add listing of notation data
* Check the changes to the gpg random gatherer on all W32 platforms. * Check the changes to the gpg random gatherer on all W32 platforms.
@ -12,8 +10,6 @@
* set default charset from nl_langinfo. * set default charset from nl_langinfo.
* check all mpi_read() for error returns.
* Check that no secret temporary results are stored in the result parameter * Check that no secret temporary results are stored in the result parameter
of the mpi functions. We have already done this for mpi-mul.c of the mpi functions. We have already done this for mpi-mul.c
@ -82,11 +78,6 @@
* Add option to put the list of recipients (from the encryption * Add option to put the list of recipients (from the encryption
layer) into the signatures notation data. layer) into the signatures notation data.
* v3 RSA keys do work but the user IDs are shown as [?] which
cheking the signatures. Reported by Dave Dykstra. Print
"[uncertain]" + user ID
Scheduled for 1.1 Scheduled for 1.1
----------------- -----------------
* export by user-IDs does only export the first matching name which leads * export by user-IDs does only export the first matching name which leads

View File

@ -83,13 +83,16 @@ more arguments in future versions.
GOODSIG <long keyid> <username> GOODSIG <long keyid> <username>
The signature with the keyid is good. The signature with the keyid is good. For each signature only
For each signature only one of the three codes GOODSIG, BADSIG one of the three codes GOODSIG, BADSIG or ERRSIG will be
or ERRSIG will be emitted and they may be used as a marker for emitted and they may be used as a marker for a new signature.
a new signature. The username is the primary one encoded in UTF-8 and %XX
escaped.
BADSIG <long keyid> <username> BADSIG <long keyid> <username>
The signature with the keyid has not been verified okay. The signature with the keyid has not been verified okay.
The username is the primary one encoded in UTF-8 and %XX
escaped.
ERRSIG <long keyid> <pubkey_algo> <hash_algo> \ ERRSIG <long keyid> <pubkey_algo> <hash_algo> \
<sig_class> <timestamp> <rc> <sig_class> <timestamp> <rc>

View File

@ -788,7 +788,10 @@ Assume "yes" on most questions.
<term>--always-trust</term> <term>--always-trust</term>
<listitem><para> <listitem><para>
Skip key validation and assume that used keys are always fully trusted. Skip key validation and assume that used keys are always fully trusted.
You won't use this unless you have installed some external validation scheme. You won't use this unless you have installed some external validation
scheme. This option also suppresses the "[uncertain]" tag printed
with signature checks when there is no evidence that the user ID
is bound to the key.
</para></listitem></varlistentry> </para></listitem></varlistentry>

View File

@ -1,3 +1,13 @@
2001-08-31 Werner Koch <wk@gnupg.org>
* parse-packet.c (parse_key,parse_pubkeyenc)
(parse_signature): Return error on reading bad MPIs.
* mainproc.c (check_sig_and_print): Always print the user ID even
if it is not bound by a signature. Use the primary UID in the
status messages and encode them in UTF-8
* status.c (write_status_text_and_buffer): New.
2001-08-30 Werner Koch <wk@gnupg.org> 2001-08-30 Werner Koch <wk@gnupg.org>
* packet.h (sigsubpkttype_t): Add SIGSUBPKT_FEATURES. * packet.h (sigsubpkttype_t): Add SIGSUBPKT_FEATURES.

View File

@ -1275,14 +1275,13 @@ check_sig_and_print( CTX c, KBNODE node )
} }
if( !rc || rc == G10ERR_BAD_SIGN ) { if( !rc || rc == G10ERR_BAD_SIGN ) {
KBNODE un, keyblock; KBNODE un, keyblock;
char *us;
int count=0; int count=0;
char keyid_str[50];
keyblock = get_pubkeyblock( sig->keyid ); keyblock = get_pubkeyblock( sig->keyid );
us = get_long_user_id_string( sig->keyid ); sprintf (keyid_str, "%08lX%08lX [uncertain] ",
write_status_text( rc? STATUS_BADSIG : STATUS_GOODSIG, us ); (ulong)sig->keyid[0], (ulong)sig->keyid[1]);
m_free(us);
/* find and print the primary user ID */ /* find and print the primary user ID */
for( un=keyblock; un; un = un->next ) { for( un=keyblock; un; un = un->next ) {
@ -1293,6 +1292,13 @@ check_sig_and_print( CTX c, KBNODE node )
if ( !un->pkt->pkt.user_id->is_primary ) if ( !un->pkt->pkt.user_id->is_primary )
continue; continue;
keyid_str[17] = 0; /* cut off the "[uncertain]" part */
write_status_text_and_buffer (rc? STATUS_BADSIG:STATUS_GOODSIG,
keyid_str,
un->pkt->pkt.user_id->name,
un->pkt->pkt.user_id->len,
-1 );
log_info(rc? _("BAD signature from \"") log_info(rc? _("BAD signature from \"")
: _("Good signature from \"")); : _("Good signature from \""));
print_utf8_string( log_stream(), un->pkt->pkt.user_id->name, print_utf8_string( log_stream(), un->pkt->pkt.user_id->name,
@ -1301,9 +1307,30 @@ check_sig_and_print( CTX c, KBNODE node )
count++; count++;
} }
if( !count ) { /* just in case that we have no userid */ if( !count ) { /* just in case that we have no userid */
for( un=keyblock; un; un = un->next ) {
if( un->pkt->pkttype == PKT_USER_ID )
break;
}
if (opt.always_trust || !un)
keyid_str[17] = 0; /* cut off the "[uncertain]" part */
write_status_text_and_buffer (rc? STATUS_BADSIG:STATUS_GOODSIG,
keyid_str,
un? un->pkt->pkt.user_id->name:"[?]",
un? un->pkt->pkt.user_id->len:3,
-1 );
log_info(rc? _("BAD signature from \"") log_info(rc? _("BAD signature from \"")
: _("Good signature from \"")); : _("Good signature from \""));
fputs("[?]\"\n", log_stream() ); if (!opt.always_trust && un) {
fputs(_("[uncertain]"), log_stream() );
putc(' ', log_stream() );
}
print_utf8_string( log_stream(),
un? un->pkt->pkt.user_id->name:"[?]",
un? un->pkt->pkt.user_id->len:3 );
fputs("\"\n", log_stream() );
} }
/* If we have a good signature and already printed /* If we have a good signature and already printed

View File

@ -703,6 +703,8 @@ parse_pubkeyenc( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
mpi_print(stdout, k->data[i], mpi_print_mode ); mpi_print(stdout, k->data[i], mpi_print_mode );
putchar('\n'); putchar('\n');
} }
if (!k->data[i])
rc = G10ERR_INVALID_PACKET;
} }
} }
@ -1237,6 +1239,8 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
mpi_print(stdout, sig->data[i], mpi_print_mode ); mpi_print(stdout, sig->data[i], mpi_print_mode );
putchar('\n'); putchar('\n');
} }
if (!sig->data[i])
rc = G10ERR_INVALID_PACKET;
} }
} }
@ -1404,7 +1408,11 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
mpi_print(stdout, sk->skey[i], mpi_print_mode ); mpi_print(stdout, sk->skey[i], mpi_print_mode );
putchar('\n'); putchar('\n');
} }
if (!sk->skey[i])
rc = G10ERR_INVALID_PACKET;
} }
if (rc) /* one of the MPIs were bad */
goto leave;
sk->protect.algo = iobuf_get_noeof(inp); pktlen--; sk->protect.algo = iobuf_get_noeof(inp); pktlen--;
if( sk->protect.algo ) { if( sk->protect.algo ) {
sk->is_protected = 1; sk->is_protected = 1;
@ -1551,7 +1559,7 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
else { /* v3 method: the mpi length is not encrypted */ else { /* v3 method: the mpi length is not encrypted */
for(i=npkey; i < nskey; i++ ) { for(i=npkey; i < nskey; i++ ) {
n = pktlen; sk->skey[i] = mpi_read(inp, &n, 0 ); pktlen -=n; n = pktlen; sk->skey[i] = mpi_read(inp, &n, 0 ); pktlen -=n;
if( sk->is_protected ) if( sk->is_protected && sk->skey[i] )
mpi_set_protect_flag(sk->skey[i]); mpi_set_protect_flag(sk->skey[i]);
if( list_mode ) { if( list_mode ) {
printf( "\tskey[%d]: ", i); printf( "\tskey[%d]: ", i);
@ -1562,7 +1570,11 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
putchar('\n'); putchar('\n');
} }
} }
if (!sk->skey[i])
rc = G10ERR_INVALID_PACKET;
} }
if (rc)
goto leave;
sk->csum = read_16(inp); pktlen -= 2; sk->csum = read_16(inp); pktlen -= 2;
if( list_mode ) { if( list_mode ) {
@ -1587,7 +1599,11 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
mpi_print(stdout, pk->pkey[i], mpi_print_mode ); mpi_print(stdout, pk->pkey[i], mpi_print_mode );
putchar('\n'); putchar('\n');
} }
if (!pk->pkey[i])
rc = G10ERR_INVALID_PACKET;
} }
if (rc)
goto leave;
} }
leave: leave:

View File

@ -212,28 +212,43 @@ write_status_text ( int no, const char *text)
/* /*
* Write a status line with a buffer using %XX escapes. * Write a status line with a buffer using %XX escapes. If WRAP is >
* If WRAP is > 0 wrap the line after this length. * 0 wrap the line after this length. If STRING is not NULL it will
* be prepended to the buffer, no escaping is done for string.
* A wrap of -1 forces spaces not to be encoded as %20.
*/ */
void void
write_status_buffer ( int no, const char *buffer, size_t len, int wrap ) write_status_text_and_buffer ( int no, const char *string,
const char *buffer, size_t len, int wrap )
{ {
const char *s, *text; const char *s, *text;
int esc; int esc, first;
int lower_limit = ' ';
size_t n, count, dowrap; size_t n, count, dowrap;
if( !statusfp ) if( !statusfp )
return; /* not enabled */ return; /* not enabled */
if (wrap == -1) {
lower_limit--;
wrap = 0;
}
text = get_status_string (no); text = get_status_string (no);
count = dowrap = 1; count = dowrap = first = 1;
do { do {
if (dowrap) { if (dowrap) {
fprintf (statusfp, "[GNUPG:] %s ", text ); fprintf (statusfp, "[GNUPG:] %s ", text );
count = dowrap = 0; count = dowrap = 0;
if (first && string) {
fputs (string, statusfp);
count += strlen (string);
}
first = 0;
} }
for (esc=0, s=buffer, n=len; n && !esc; s++, n-- ) { for (esc=0, s=buffer, n=len; n && !esc; s++, n-- ) {
if ( *s == '%' || *(const byte*)s <= ' ' ) if ( *s == '%' || *(const byte*)s <= lower_limit
|| *(const byte*)s == 127 )
esc = 1; esc = 1;
if ( wrap && ++count > wrap ) { if ( wrap && ++count > wrap ) {
dowrap=1; dowrap=1;
@ -259,6 +274,13 @@ write_status_buffer ( int no, const char *buffer, size_t len, int wrap )
fflush (statusfp); fflush (statusfp);
} }
void
write_status_buffer ( int no, const char *buffer, size_t len, int wrap )
{
write_status_text_and_buffer (no, NULL, buffer, len, wrap);
}
#ifdef USE_SHM_COPROCESSING #ifdef USE_SHM_COPROCESSING

View File

@ -98,6 +98,8 @@ void write_status ( int no );
void write_status_text ( int no, const char *text ); void write_status_text ( int no, const char *text );
void write_status_buffer ( int no, void write_status_buffer ( int no,
const char *buffer, size_t len, int wrap ); const char *buffer, size_t len, int wrap );
void write_status_text_and_buffer ( int no, const char *text,
const char *buffer, size_t len, int wrap );
#ifdef USE_SHM_COPROCESSING #ifdef USE_SHM_COPROCESSING
void init_shm_coprocessing ( ulong requested_shm_size, int lock_mem ); void init_shm_coprocessing ( ulong requested_shm_size, int lock_mem );