security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

Relax mailbox name checking. Fixes bug#1315.

This commit is contained in:
Werner Koch 2011-02-03 18:05:56 +01:00
parent d9e2dcc1a9
commit 71e7a1644e
2 changed files with 43 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
g10/ChangeLog
View File

@ -1,5 +1,8 @@
2011-02-03 Werner Koch <wk@g10code.com>
* misc.c (has_invalid_email_chars): Relax mailbox name checking.
Fixes bug#1315.
* sign.c (do_sign): Use openpgp_pk_algo_name.
* keygen.c (ask_algo): Show ECC algos only in expert mode. Add

81
g10/misc.c
View File

@ -40,7 +40,7 @@
#ifdef HAVE_W32_SYSTEM
#include <time.h>
#include <process.h>
#include <windows.h>
#include <windows.h>
#include <shlobj.h>
#ifndef CSIDL_APPDATA
#define CSIDL_APPDATA 0x001a
@ -82,7 +82,7 @@ string_count_chr (const char *string, int c)
#ifdef ENABLE_SELINUX_HACKS
/* A object and a global variable to keep track of files marked as
secured. */
struct secured_file_item
struct secured_file_item
{
struct secured_file_item *next;
ino_t ino;
@ -107,7 +107,7 @@ register_secured_file (const char *fname)
/* Note that we stop immediatley if something goes wrong here. */
if (stat (fname, &buf))
log_fatal (_("fstat of `%s' failed in %s: %s\n"), fname,
log_fatal (_("fstat of `%s' failed in %s: %s\n"), fname,
"register_secured_file", strerror (errno));
/* log_debug ("registering `%s' i=%lu.%lu\n", fname, */
/* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
@ -161,8 +161,8 @@ unregister_secured_file (const char *fname)
}
/* Return true if FD is corresponds to a secured file. Using -1 for
FS is allowed and will return false. */
int
FS is allowed and will return false. */
int
is_secured_file (int fd)
{
#ifdef ENABLE_SELINUX_HACKS
@ -176,7 +176,7 @@ is_secured_file (int fd)
secure if something went wrong. */
if (fstat (fd, &buf))
{
log_error (_("fstat(%d) failed in %s: %s\n"), fd,
log_error (_("fstat(%d) failed in %s: %s\n"), fd,
"is_secured_file", strerror (errno));
return 1;
}
@ -196,8 +196,8 @@ is_secured_file (int fd)
/* Return true if FNAME is corresponds to a secured file. Using NULL,
"" or "-" for FS is allowed and will return false. This function is
used before creating a file, thus it won't fail if the file does
not exist. */
int
not exist. */
int
is_secured_filename (const char *fname)
{
#ifdef ENABLE_SELINUX_HACKS
@ -205,7 +205,7 @@ is_secured_filename (const char *fname)
struct secured_file_item *sf;
if (iobuf_is_pipe_filename (fname) || !*fname)
return 0;
return 0;
/* Note that we print out a error here and claim that a file is
secure if something went wrong. */
@ -346,9 +346,9 @@ map_cipher_openpgp_to_gcry (int algo)
{
switch (algo)
{
case CIPHER_ALGO_CAMELLIA128: return 310;
case CIPHER_ALGO_CAMELLIA192: return 311;
case CIPHER_ALGO_CAMELLIA256: return 312;
case CIPHER_ALGO_CAMELLIA128: return 310;
case CIPHER_ALGO_CAMELLIA192: return 311;
case CIPHER_ALGO_CAMELLIA256: return 312;
default: return algo;
}
}
@ -394,7 +394,7 @@ map_pk_gcry_to_openpgp (enum gcry_pk_algos algo)
/* Return the block length of an OpenPGP cipher algorithm. */
int
int
openpgp_cipher_blocklen (int algo)
{
/* We use the numbers from OpenPGP to be sure that we get the right
@ -434,7 +434,7 @@ openpgp_cipher_test_algo( int algo )
string representation of the algorithm name. For unknown algorithm
IDs this function returns "?". */
const char *
openpgp_cipher_algo_name (int algo)
openpgp_cipher_algo_name (int algo)
{
return gnupg_cipher_algo_name (map_cipher_openpgp_to_gcry (algo));
}
@ -445,7 +445,7 @@ openpgp_pk_test_algo( int algo )
/* Dont't allow type 20 keys unless in rfc2440 mode. */
if (!RFC2440 && algo == 20)
return gpg_error (GPG_ERR_PUBKEY_ALGO);
if (algo == GCRY_PK_ELG_E)
algo = GCRY_PK_ELG;
@ -474,13 +474,13 @@ openpgp_pk_test_algo2( int algo, unsigned int use )
GCRYCTL_TEST_ALGO, NULL, &use_buf);
}
int
int
openpgp_pk_algo_usage ( int algo )
{
int use = 0;
int use = 0;
/* They are hardwired in gpg 1.0. */
switch ( algo ) {
switch ( algo ) {
case PUBKEY_ALGO_RSA:
use = (PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG
| PUBKEY_USAGE_ENC | PUBKEY_USAGE_AUTH);
@ -499,7 +499,7 @@ openpgp_pk_algo_usage ( int algo )
case PUBKEY_ALGO_ELGAMAL_E:
use = PUBKEY_USAGE_ENC;
break;
case PUBKEY_ALGO_DSA:
case PUBKEY_ALGO_DSA:
use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH;
break;
case PUBKEY_ALGO_ECDSA:
@ -514,7 +514,7 @@ openpgp_pk_algo_usage ( int algo )
string representation of the algorithm name. For unknown algorithm
IDs this function returns "?". */
const char *
openpgp_pk_algo_name (int algo)
openpgp_pk_algo_name (int algo)
{
return gcry_pk_algo_name (map_pk_openpgp_to_gcry (algo));
}
@ -538,7 +538,7 @@ openpgp_md_test_algo( int algo )
string representation of the algorithm name. For unknown algorithm
IDs this function returns "?". */
const char *
openpgp_md_algo_name (int algo)
openpgp_md_algo_name (int algo)
{
if (algo < 0 || algo > 110)
return "?";
@ -564,7 +564,7 @@ idea_cipher_warn(int show)
#endif
static unsigned long
static unsigned long
get_signature_count (PKT_public_key *pk)
{
#ifdef ENABLE_CARD_SUPPORT
@ -663,7 +663,7 @@ pct_expando(const char *string,struct expando_args *args)
sprintf (&ret[idx],"%lu", get_signature_count (args->pksk));
idx+=strlen(&ret[idx]);
done=1;
}
}
break;
case 'p': /* primary pk fingerprint of a sk */
@ -735,7 +735,7 @@ pct_expando(const char *string,struct expando_args *args)
case 't': /* e.g. "jpg" */
str=image_type_to_string(args->imagetype,0);
break;
case 'T': /* e.g. "image/jpeg" */
str=image_type_to_string(args->imagetype,2);
break;
@ -834,7 +834,7 @@ deprecated_command (const char *name)
void
obsolete_option (const char *configname, unsigned int configlineno,
obsolete_option (const char *configname, unsigned int configlineno,
const char *name)
{
if(configname)
@ -850,9 +850,9 @@ obsolete_option (const char *configname, unsigned int configlineno,
* Wrapper around gcry_cipher_map_name to provide a fallback using the
* "Sn" syntax as used by the preference strings.
*/
int
string_to_cipher_algo (const char *string)
{
int
string_to_cipher_algo (const char *string)
{
int val;
val = map_cipher_gcry_to_openpgp (gcry_cipher_map_name (string));
@ -873,9 +873,9 @@ string_to_cipher_algo (const char *string)
* Wrapper around gcry_md_map_name to provide a fallback using the
* "Hn" syntax as used by the preference strings.
*/
int
string_to_digest_algo (const char *string)
{
int
string_to_digest_algo (const char *string)
{
int val;
val = gcry_md_map_name (string);
@ -962,7 +962,7 @@ check_compress_algo(int algo)
{
case 0: return 0;
#ifdef HAVE_ZIP
case 1:
case 1:
case 2: return 0;
#endif
#ifdef HAVE_BZIP2
@ -1283,13 +1283,14 @@ has_invalid_email_chars (const char *s)
const char *valid_chars=
"01234567890_-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
for ( ; *s; s++ )
for ( ; *s; s++ )
{
if ( (*s & 0x80) )
continue; /* We only care about ASCII. */
if ( *s == '@' )
at_seen=1;
else if ( !at_seen && !( !!strchr( valid_chars, *s ) || *s == '+' ) )
else if ( !at_seen && !(strchr (valid_chars, *s)
|| strchr ("!#$%&'*+/=?^`{|}~", *s)))
return 1;
else if ( at_seen && !strchr( valid_chars, *s ) )
return 1;
@ -1429,7 +1430,7 @@ int
pubkey_get_nenc (int algo)
{
size_t n;
/* ECC is special. */
if (algo == PUBKEY_ALGO_ECDSA)
return 0;
@ -1499,7 +1500,7 @@ int
mpi_print (estream_t fp, gcry_mpi_t a, int mode)
{
int n=0;
if (!a)
return es_fprintf (fp, "[MPI_NULL]");
if (!mode)
@ -1524,7 +1525,7 @@ mpi_print (estream_t fp, gcry_mpi_t a, int mode)
else
{
unsigned char *buffer;
if (gcry_mpi_aprint (GCRYMPI_FMT_HEX, &buffer, NULL, a))
BUG ();
es_fputs (buffer, fp);
@ -1537,7 +1538,7 @@ mpi_print (estream_t fp, gcry_mpi_t a, int mode)
/* pkey[1] or skey[1] is Q for ECDSA, which is an uncompressed point,
i.e. 04 <x> <y> */
unsigned int
unsigned int
ecdsa_qbits_from_Q (unsigned int qbits)
{
if ((qbits%8) > 3)
@ -1550,5 +1551,3 @@ ecdsa_qbits_from_Q (unsigned int qbits)
qbits /= 2;
return qbits;
}