1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

gpgparsemail: Allow weirdly-mixed pkcs7 signatures.

* tools/gpgparsemail.c: Add and check info->signing_protocol_2.

--
Some mailers in the wild will generate messages that have the a weird
structure where they use the x- prefix in one part and drop it in
another.

For example, the main MIME part as a whole has:

Content-Type: multipart/signed;
   protocol="application/x-pkcs7-signature"

but the signature sub-part has:

  Content-Type: application/pkcs7-signature

(or vice versa, where the x- prefix is in the sub-part but not the
protocol= section on the main MIME object)

This change also avoids allocating strings for these comparisons,
since the const strings in question are already available in the built
executable, and no dynamic labels are needed.

===
- 2 lines reformatted to keep them below 90 cols. - wk
This commit is contained in:
Daniel Kahn Gillmor 2016-02-08 15:44:07 -05:00 committed by Werner Koch
parent 813df2fe66
commit 7e7f35a2d7
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B

View File

@ -67,7 +67,9 @@ struct parse_info_s {
int smfm_state; /* State of PGP/MIME or S/MIME parsing. */
int is_smime; /* This is S/MIME and not PGP/MIME. */
char *signing_protocol;
const char *signing_protocol;
const char *signing_protocol_2; /* there are two ways to present
PKCS7 */
int hashing_level; /* The nesting level we are hashing. */
int hashing;
FILE *hash_file;
@ -139,15 +141,15 @@ xmalloc (size_t n)
/* return p; */
/* } */
static char *
xstrdup (const char *string)
{
void *p = malloc (strlen (string)+1);
if (!p)
die ("out of core: %s", strerror (errno));
strcpy (p, string);
return p;
}
/* static char * */
/* xstrdup (const char *string) */
/* { */
/* void *p = malloc (strlen (string)+1); */
/* if (!p) */
/* die ("out of core: %s", strerror (errno)); */
/* strcpy (p, string); */
/* return p; */
/* } */
#ifndef HAVE_STPCPY
static char *
@ -364,8 +366,8 @@ mime_signed_begin (struct parse_info_s *info, rfc822parse_t msg,
{
info->smfm_state = 1;
info->is_smime = 0;
free (info->signing_protocol);
info->signing_protocol = xstrdup (s);
info->signing_protocol = "application/pgp-signature";
info->signing_protocol_2 = NULL;
}
}
else if (!strcmp (s, "application/pkcs7-signature")
@ -377,8 +379,8 @@ mime_signed_begin (struct parse_info_s *info, rfc822parse_t msg,
{
info->smfm_state = 1;
info->is_smime = 1;
free (info->signing_protocol);
info->signing_protocol = xstrdup (s);
info->signing_protocol = "application/pkcs7-signature";
info->signing_protocol_2 = "application/x-pkcs7-signature";
}
}
else if (verbose)
@ -516,10 +518,15 @@ message_cb (void *opaque, rfc822parse_event_t event, rfc822parse_t msg)
char *buf = xmalloc (strlen (s1) + strlen (s2) + 2);
strcpy (stpcpy (stpcpy (buf, s1), "/"), s2);
assert (info->signing_protocol);
if (strcmp (buf, info->signing_protocol))
err ("invalid %s structure; expected '%s', found '%s'",
if (strcmp (buf, info->signing_protocol) &&
(!info->signing_protocol_2
|| strcmp (buf,info->signing_protocol_2)))
err ("invalid %s structure; expected %s%s%s, found '%s'",
info->is_smime? "S/MIME":"PGP/MIME",
info->signing_protocol, buf);
info->signing_protocol,
info->signing_protocol_2 ? " or " : "",
info->signing_protocol_2 ? info->signing_protocol_2:"",
buf);
else
{
printf ("c begin_signature\n");