From 71e7a1644e37b7e3758f6de0607fdb636ca6f4b1 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Thu, 3 Feb 2011 18:05:56 +0100 Subject: [PATCH] Relax mailbox name checking. Fixes bug#1315. --- g10/ChangeLog | 3 ++ g10/misc.c | 81 +++++++++++++++++++++++++-------------------------- 2 files changed, 43 insertions(+), 41 deletions(-) diff --git a/g10/ChangeLog b/g10/ChangeLog index 771e9e00b..3f8874fb3 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,5 +1,8 @@ 2011-02-03 Werner Koch + * misc.c (has_invalid_email_chars): Relax mailbox name checking. + Fixes bug#1315. + * sign.c (do_sign): Use openpgp_pk_algo_name. * keygen.c (ask_algo): Show ECC algos only in expert mode. Add diff --git a/g10/misc.c b/g10/misc.c index dcd2bd10b..f2ab98408 100644 --- a/g10/misc.c +++ b/g10/misc.c @@ -40,7 +40,7 @@ #ifdef HAVE_W32_SYSTEM #include #include -#include +#include #include #ifndef CSIDL_APPDATA #define CSIDL_APPDATA 0x001a @@ -82,7 +82,7 @@ string_count_chr (const char *string, int c) #ifdef ENABLE_SELINUX_HACKS /* A object and a global variable to keep track of files marked as secured. */ -struct secured_file_item +struct secured_file_item { struct secured_file_item *next; ino_t ino; @@ -107,7 +107,7 @@ register_secured_file (const char *fname) /* Note that we stop immediatley if something goes wrong here. */ if (stat (fname, &buf)) - log_fatal (_("fstat of `%s' failed in %s: %s\n"), fname, + log_fatal (_("fstat of `%s' failed in %s: %s\n"), fname, "register_secured_file", strerror (errno)); /* log_debug ("registering `%s' i=%lu.%lu\n", fname, */ /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */ @@ -161,8 +161,8 @@ unregister_secured_file (const char *fname) } /* Return true if FD is corresponds to a secured file. Using -1 for - FS is allowed and will return false. */ -int + FS is allowed and will return false. */ +int is_secured_file (int fd) { #ifdef ENABLE_SELINUX_HACKS @@ -176,7 +176,7 @@ is_secured_file (int fd) secure if something went wrong. */ if (fstat (fd, &buf)) { - log_error (_("fstat(%d) failed in %s: %s\n"), fd, + log_error (_("fstat(%d) failed in %s: %s\n"), fd, "is_secured_file", strerror (errno)); return 1; } @@ -196,8 +196,8 @@ is_secured_file (int fd) /* Return true if FNAME is corresponds to a secured file. Using NULL, "" or "-" for FS is allowed and will return false. This function is used before creating a file, thus it won't fail if the file does - not exist. */ -int + not exist. */ +int is_secured_filename (const char *fname) { #ifdef ENABLE_SELINUX_HACKS @@ -205,7 +205,7 @@ is_secured_filename (const char *fname) struct secured_file_item *sf; if (iobuf_is_pipe_filename (fname) || !*fname) - return 0; + return 0; /* Note that we print out a error here and claim that a file is secure if something went wrong. */ @@ -346,9 +346,9 @@ map_cipher_openpgp_to_gcry (int algo) { switch (algo) { - case CIPHER_ALGO_CAMELLIA128: return 310; - case CIPHER_ALGO_CAMELLIA192: return 311; - case CIPHER_ALGO_CAMELLIA256: return 312; + case CIPHER_ALGO_CAMELLIA128: return 310; + case CIPHER_ALGO_CAMELLIA192: return 311; + case CIPHER_ALGO_CAMELLIA256: return 312; default: return algo; } } @@ -394,7 +394,7 @@ map_pk_gcry_to_openpgp (enum gcry_pk_algos algo) /* Return the block length of an OpenPGP cipher algorithm. */ -int +int openpgp_cipher_blocklen (int algo) { /* We use the numbers from OpenPGP to be sure that we get the right @@ -434,7 +434,7 @@ openpgp_cipher_test_algo( int algo ) string representation of the algorithm name. For unknown algorithm IDs this function returns "?". */ const char * -openpgp_cipher_algo_name (int algo) +openpgp_cipher_algo_name (int algo) { return gnupg_cipher_algo_name (map_cipher_openpgp_to_gcry (algo)); } @@ -445,7 +445,7 @@ openpgp_pk_test_algo( int algo ) /* Dont't allow type 20 keys unless in rfc2440 mode. */ if (!RFC2440 && algo == 20) return gpg_error (GPG_ERR_PUBKEY_ALGO); - + if (algo == GCRY_PK_ELG_E) algo = GCRY_PK_ELG; @@ -474,13 +474,13 @@ openpgp_pk_test_algo2( int algo, unsigned int use ) GCRYCTL_TEST_ALGO, NULL, &use_buf); } -int +int openpgp_pk_algo_usage ( int algo ) { - int use = 0; - + int use = 0; + /* They are hardwired in gpg 1.0. */ - switch ( algo ) { + switch ( algo ) { case PUBKEY_ALGO_RSA: use = (PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_ENC | PUBKEY_USAGE_AUTH); @@ -499,7 +499,7 @@ openpgp_pk_algo_usage ( int algo ) case PUBKEY_ALGO_ELGAMAL_E: use = PUBKEY_USAGE_ENC; break; - case PUBKEY_ALGO_DSA: + case PUBKEY_ALGO_DSA: use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH; break; case PUBKEY_ALGO_ECDSA: @@ -514,7 +514,7 @@ openpgp_pk_algo_usage ( int algo ) string representation of the algorithm name. For unknown algorithm IDs this function returns "?". */ const char * -openpgp_pk_algo_name (int algo) +openpgp_pk_algo_name (int algo) { return gcry_pk_algo_name (map_pk_openpgp_to_gcry (algo)); } @@ -538,7 +538,7 @@ openpgp_md_test_algo( int algo ) string representation of the algorithm name. For unknown algorithm IDs this function returns "?". */ const char * -openpgp_md_algo_name (int algo) +openpgp_md_algo_name (int algo) { if (algo < 0 || algo > 110) return "?"; @@ -564,7 +564,7 @@ idea_cipher_warn(int show) #endif -static unsigned long +static unsigned long get_signature_count (PKT_public_key *pk) { #ifdef ENABLE_CARD_SUPPORT @@ -663,7 +663,7 @@ pct_expando(const char *string,struct expando_args *args) sprintf (&ret[idx],"%lu", get_signature_count (args->pksk)); idx+=strlen(&ret[idx]); done=1; - } + } break; case 'p': /* primary pk fingerprint of a sk */ @@ -735,7 +735,7 @@ pct_expando(const char *string,struct expando_args *args) case 't': /* e.g. "jpg" */ str=image_type_to_string(args->imagetype,0); break; - + case 'T': /* e.g. "image/jpeg" */ str=image_type_to_string(args->imagetype,2); break; @@ -834,7 +834,7 @@ deprecated_command (const char *name) void -obsolete_option (const char *configname, unsigned int configlineno, +obsolete_option (const char *configname, unsigned int configlineno, const char *name) { if(configname) @@ -850,9 +850,9 @@ obsolete_option (const char *configname, unsigned int configlineno, * Wrapper around gcry_cipher_map_name to provide a fallback using the * "Sn" syntax as used by the preference strings. */ -int -string_to_cipher_algo (const char *string) -{ +int +string_to_cipher_algo (const char *string) +{ int val; val = map_cipher_gcry_to_openpgp (gcry_cipher_map_name (string)); @@ -873,9 +873,9 @@ string_to_cipher_algo (const char *string) * Wrapper around gcry_md_map_name to provide a fallback using the * "Hn" syntax as used by the preference strings. */ -int -string_to_digest_algo (const char *string) -{ +int +string_to_digest_algo (const char *string) +{ int val; val = gcry_md_map_name (string); @@ -962,7 +962,7 @@ check_compress_algo(int algo) { case 0: return 0; #ifdef HAVE_ZIP - case 1: + case 1: case 2: return 0; #endif #ifdef HAVE_BZIP2 @@ -1283,13 +1283,14 @@ has_invalid_email_chars (const char *s) const char *valid_chars= "01234567890_-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; - for ( ; *s; s++ ) + for ( ; *s; s++ ) { if ( (*s & 0x80) ) continue; /* We only care about ASCII. */ if ( *s == '@' ) at_seen=1; - else if ( !at_seen && !( !!strchr( valid_chars, *s ) || *s == '+' ) ) + else if ( !at_seen && !(strchr (valid_chars, *s) + || strchr ("!#$%&'*+/=?^`{|}~", *s))) return 1; else if ( at_seen && !strchr( valid_chars, *s ) ) return 1; @@ -1429,7 +1430,7 @@ int pubkey_get_nenc (int algo) { size_t n; - + /* ECC is special. */ if (algo == PUBKEY_ALGO_ECDSA) return 0; @@ -1499,7 +1500,7 @@ int mpi_print (estream_t fp, gcry_mpi_t a, int mode) { int n=0; - + if (!a) return es_fprintf (fp, "[MPI_NULL]"); if (!mode) @@ -1524,7 +1525,7 @@ mpi_print (estream_t fp, gcry_mpi_t a, int mode) else { unsigned char *buffer; - + if (gcry_mpi_aprint (GCRYMPI_FMT_HEX, &buffer, NULL, a)) BUG (); es_fputs (buffer, fp); @@ -1537,7 +1538,7 @@ mpi_print (estream_t fp, gcry_mpi_t a, int mode) /* pkey[1] or skey[1] is Q for ECDSA, which is an uncompressed point, i.e. 04 */ -unsigned int +unsigned int ecdsa_qbits_from_Q (unsigned int qbits) { if ((qbits%8) > 3) @@ -1550,5 +1551,3 @@ ecdsa_qbits_from_Q (unsigned int qbits) qbits /= 2; return qbits; } - -