security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-08 12:44:23 +01:00
Code Activity

* g10.c (main): Show errors for failure in export, send-keys, recv-keys,

Browse Source 
and refresh-keys.

* keyserver.c (keyserver_work): Range check the TCP port for HKP.

* options.h, g10.c (main): Give algorithm warnings for algorithms chosen
against the --pgpX and --openpgp rules.

* keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in --openpgp
mode.

* sign.c (sign_file), pkclist.c (algo_available): Allow passing a hint of
0.
This commit is contained in:
David Shaw 2003-05-03 03:17:00 +00:00
parent 1db0d1e0a2
commit 879014e14b
7 changed files with 165 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
g10/ChangeLog
View File

@ -1,6 +1,20 @@
2003-05-02 David Shaw <dshaw@jabberwocky.com>
* sign.c (sign_file): Fix bug that causes spurious compression
* g10.c (main): Show errors for failure in export, send-keys,
recv-keys, and refresh-keys.
* keyserver.c (keyserver_work): Range check the TCP port for HKP.
* options.h, g10.c (main): Give algorithm warnings for algorithms
chosen against the --pgpX and --openpgp rules.
* keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in
--openpgp mode.
* sign.c (sign_file), pkclist.c (algo_available): Allow passing a
hint of 0.
* sign.c (sign_file): Fix bug that causes a spurious compression
preference warning.
* sign.c (clearsign_file): Fix bug that prevents proper warning

88
g10/g10.c
View File

@ -1458,7 +1458,7 @@ main( int argc, char **argv )
opt.def_cipher_algo = 0;
opt.def_digest_algo = 0;
opt.cert_digest_algo = 0;
opt.def_compress_algo = 1;
opt.def_compress_algo = -1;
opt.s2k_mode = 3; /* iterated+salted */
opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
opt.s2k_cipher_algo = CIPHER_ALGO_3DES;
@ -1844,7 +1844,6 @@ main( int argc, char **argv )
opt.escape_from=1;
opt.force_v3_sigs=1;
opt.ask_sig_expire=0;
opt.def_compress_algo=1;
opt.force_mdc=0;
opt.disable_mdc=1;
}
@ -1854,12 +1853,10 @@ main( int argc, char **argv )
opt.escape_from=1;
opt.force_v3_sigs=1;
opt.ask_sig_expire=0;
opt.def_compress_algo=1;
}
else if(PGP8)
{
opt.escape_from=1;
opt.def_compress_algo=1;
}
/* must do this after dropping setuid, because string_to...
@ -1942,6 +1939,66 @@ main( int argc, char **argv )
if( log_get_errorcount(0) )
g10_exit(2);
/* Check our chosen algorithms against the list of legal
algorithms. */
if(!GNUPG)
{
const char *badalg=NULL;
preftype_t badtype=PREFTYPE_NONE;
if(opt.def_cipher_algo
&& !algo_available(PREFTYPE_SYM,opt.def_cipher_algo,NULL))
{
badalg=cipher_algo_to_string(opt.def_cipher_algo);
badtype=PREFTYPE_SYM;
}
else if(opt.def_digest_algo
&& !algo_available(PREFTYPE_HASH,opt.def_digest_algo,NULL))
{
badalg=digest_algo_to_string(opt.def_digest_algo);
badtype=PREFTYPE_HASH;
}
else if(opt.cert_digest_algo
&& !algo_available(PREFTYPE_HASH,opt.cert_digest_algo,NULL))
{
badalg=digest_algo_to_string(opt.cert_digest_algo);
badtype=PREFTYPE_HASH;
}
else if(opt.def_compress_algo!=-1
&& !algo_available(PREFTYPE_ZIP,opt.def_compress_algo,NULL))
{
badalg=compress_algo_to_string(opt.def_compress_algo);
badtype=PREFTYPE_ZIP;
}
if(badalg)
{
switch(badtype)
{
case PREFTYPE_SYM:
log_info(_("you may not use cipher algorithm \"%s\" "
"while in %s mode\n"),
badalg,compliance_option_string());
break;
case PREFTYPE_HASH:
log_info(_("you may not use digest algorithm \"%s\" "
"while in %s mode\n"),
badalg,compliance_option_string());
break;
case PREFTYPE_ZIP:
log_info(_("you may not use compression algorithm \"%s\" "
"while in %s mode\n"),
badalg,compliance_option_string());
break;
default:
BUG();
}
compliance_failure();
}
}
/* set the random seed file */
if( use_random_seed ) {
char *p = make_filename(opt.homedir, "random_seed", NULL );
@ -2273,11 +2330,20 @@ main( int argc, char **argv )
for( ; argc; argc--, argv++ )
add_to_strlist2( &sl, *argv, utf8_strings );
if( cmd == aSendKeys )
keyserver_export( sl );
rc=keyserver_export( sl );
else if( cmd == aRecvKeys )
keyserver_import( sl );
rc=keyserver_import( sl );
else
export_pubkeys( sl, opt.export_options );
rc=export_pubkeys( sl, opt.export_options );
if(rc)
{
if(cmd==aSendKeys)
log_error(_("keyserver send failed: %s\n"),g10_errstr(rc));
else if(cmd==aRecvKeys)
log_error(_("keyserver receive failed: %s\n"),g10_errstr(rc));
else
log_error(_("key export failed: %s\n"),g10_errstr(rc));
}
free_strlist(sl);
break;
@ -2286,7 +2352,9 @@ main( int argc, char **argv )
for( ; argc; argc--, argv++ )
append_to_strlist2( &sl, *argv, utf8_strings );
keyserver_search( sl );
rc=keyserver_search( sl );
if(rc)
log_error(_("keyserver search failed: %s\n"),g10_errstr(rc));
free_strlist(sl);
break;
@ -2294,7 +2362,9 @@ main( int argc, char **argv )
sl = NULL;
for( ; argc; argc--, argv++ )
add_to_strlist2( &sl, *argv, utf8_strings );
keyserver_refresh(sl);
rc=keyserver_refresh(sl);
if(rc)
log_error(_("keyserver refresh failed: %s\n"),g10_errstr(rc));
free_strlist(sl);
break;

5
g10/keydb.h
View File

@ -164,8 +164,9 @@ void show_revocation_reason( PKT_public_key *pk, int mode );
int check_signatures_trust( PKT_signature *sig );
void release_pk_list( PK_LIST pk_list );
int build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use );
int select_algo_from_prefs( PK_LIST pk_list, int preftype,
int request, void *hint );
int algo_available( preftype_t preftype, int algo, void *hint );
int select_algo_from_prefs( PK_LIST pk_list, int preftype,
int request, void *hint );
int select_mdc_from_pklist (PK_LIST pk_list);
/*-- skclist.c --*/

9
g10/keyserver.c
View File

@ -194,6 +194,11 @@ parse_keyserver_uri(char *uri,const char *configname,unsigned int configlineno)
ch++;
}
/* It would seem to be reasonable to limit the range of the
ports to values between 1-65535, but RFC 1738 and 1808
imply there is no limit. Of course, the real world has
limits. */
}
/* (any path part of the URI is discarded for now as no keyserver
@ -679,6 +684,10 @@ keyserver_work(int action,STRLIST list,KEYDB_SEARCH_DESC *desc,int count)
log_error(_("no keyserver known (use option --keyserver)\n"));
return G10ERR_BAD_URI;
}
else if(opt.keyserver_port && (strlen(opt.keyserver_port)>5
|| atoi(opt.keyserver_port)<1
|| atoi(opt.keyserver_port)>65535))
return G10ERR_BAD_URI;
else
{
void *stats_handle = import_new_stats_handle ();

9
g10/options.h
View File

@ -204,11 +204,12 @@ struct {
#define DBG_HASHING (opt.debug & DBG_HASHING_VALUE)
#define DBG_EXTPROG (opt.debug & DBG_EXTPROG_VALUE)
#define GNUPG (opt.compliance==CO_GNUPG)
#define RFC1991 (opt.compliance==CO_RFC1991 || opt.compliance==CO_PGP2)
#define RFC2440 (opt.compliance==CO_RFC2440)
#define PGP2 (opt.compliance==CO_PGP2)
#define PGP6 (opt.compliance==CO_PGP6)
#define PGP7 (opt.compliance==CO_PGP7)
#define PGP8 (opt.compliance==CO_PGP8)
#define PGP2 (opt.compliance==CO_PGP2)
#define PGP6 (opt.compliance==CO_PGP6)
#define PGP7 (opt.compliance==CO_PGP7)
#define PGP8 (opt.compliance==CO_PGP8)
#endif /*G10_OPTIONS_H*/

90
g10/pkclist.c
View File

@ -1088,46 +1088,60 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )
intersection"), and PGP has no mechanism to fix such a broken
preference list, so I'm including it. -dms */
static int
algo_available( int preftype, int algo, void *hint )
int
algo_available( preftype_t preftype, int algo, void *hint )
{
if( preftype == PREFTYPE_SYM ) {
if( PGP6 && ( algo != 1 && algo != 2 && algo != 3) )
return 0;
if( (PGP7 || PGP8)
&& (algo != 1 && algo != 2 && algo != 3
&& algo != 7 && algo != 8 && algo != 9 && algo != 10) )
return 0;
return algo && !check_cipher_algo( algo );
}
else if( preftype == PREFTYPE_HASH ) {
int bits=0;
if(hint)
bits=*(int *)hint;
if(bits && (bits != md_digest_length(algo)))
return 0;
if( (PGP6 || PGP7) && (algo != 1 && algo != 2 && algo != 3) )
return 0;
if( PGP8 && (algo != 1 && algo != 2 && algo != 3 && algo != 8))
return 0;
return algo && !check_digest_algo( algo );
}
else if( preftype == PREFTYPE_ZIP ) {
if ( ( PGP6 || PGP7 || PGP8 )
&& ( algo !=0 && algo != 1) )
return 0;
return !check_compress_algo( algo );
}
else
if( preftype == PREFTYPE_SYM )
{
if(PGP6 && (algo != CIPHER_ALGO_IDEA
&& algo != CIPHER_ALGO_3DES
&& algo != CIPHER_ALGO_CAST5))
return 0;
if((PGP7 || PGP8) && (algo != CIPHER_ALGO_IDEA
&& algo != CIPHER_ALGO_3DES
&& algo != CIPHER_ALGO_CAST5
&& algo != CIPHER_ALGO_AES
&& algo != CIPHER_ALGO_AES192
&& algo != CIPHER_ALGO_AES256
&& algo != CIPHER_ALGO_TWOFISH))
return 0;
return algo && !check_cipher_algo( algo );
}
else if( preftype == PREFTYPE_HASH )
{
if(hint && ((*(int *)hint) != md_digest_length(algo)))
return 0;
if((PGP6 || PGP7) && (algo != DIGEST_ALGO_MD5
&& algo != DIGEST_ALGO_SHA1
&& algo != DIGEST_ALGO_RMD160))
return 0;
if(PGP8 && (algo != DIGEST_ALGO_MD5
&& algo != DIGEST_ALGO_SHA1
&& algo != DIGEST_ALGO_RMD160
&& algo != DIGEST_ALGO_SHA256))
return 0;
/* TIGER is not allowed any longer according to 2440bis. */
if( RFC2440 && algo == DIGEST_ALGO_TIGER )
return 0;
return algo && !check_digest_algo( algo );
}
else if( preftype == PREFTYPE_ZIP )
{
if((PGP6 || PGP7 || PGP8) && (algo != COMPRESS_ALGO_NONE
&& algo != COMPRESS_ALGO_ZIP))
return 0;
return !check_compress_algo( algo );
}
else
return 0;
}

3
g10/sign.c
View File

@ -720,7 +720,8 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
hashlen=20;
if((algo=
select_algo_from_prefs(pk_list,PREFTYPE_HASH,-1,&hashlen))>0)
select_algo_from_prefs(pk_list,PREFTYPE_HASH,-1,
hashlen?&hashlen:NULL))>0)
recipient_digest_algo=algo;
}
}