security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity

Ported multiple-messages protection.

Browse Source
This commit is contained in:
Werner Koch 2007-03-05 14:56:31 +00:00
parent f6243073a8
commit 9491ab44c5
11 changed files with 112 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
NEWS
View File

@ -1,6 +1,13 @@
Noteworthy changes in version 2.0.3
------------------------------------------------
* By default, do not allow processing multiple plaintexts in a single
stream. Many programs that called GnuPG were assuming that GnuPG
did not permit this, and were thus not using the plaintext boundary
status tags that GnuPG provides. This change makes GnuPG reject
such messages by default which makes those programs safe again.
--allow-multiple-messages returns to the old behavior.
* New --verify-option show-primary-uid-only.

5
doc/ChangeLog
View File

@ -1,3 +1,8 @@
2007-03-04 David Shaw <dshaw@jabberwocky.com>
* gpg.texi (GPG Esoteric Options): Document
--allow-multiple-messages.
2007-02-26 Werner Koch <wk@g10code.com>
* gpg.texi (GPG Configuration): Document envvar LANGUAGE.

14
doc/gpg.texi
View File

@ -1985,7 +1985,7 @@ SHA224, SHA384, and SHA512 digests.
@c ******** ESOTERIC OPTIONS ***************
@c *******************************************
@node GPG Esoteric Options
@subsection Doing things one usually don't want to do.
@subsection Doing things one usually doesn't want to do.
@table @gnupgtabopt
@ -2380,11 +2380,13 @@ absolute date in the form YYYY-MM-DD. Defaults to "0".
@item --allow-secret-key-import
This is an obsolete option and is not used anywhere.
@item --allow-multisig-verification
Allow verification of concatenated signed messages. This will run a
signature verification for each data+signature block. There are some
security issues with this option and thus it is off by default. Note
that versions of GPG prior to version 1.4.3 implicitly allowed this.
@item --allow-multiple-messages
@item --no-allow-multiple-messages
Allow processing of multiple OpenPGP messages contained in a single
file or stream. Some programs that call GPG are not prepared to deal
with multiple messages being processed together, so this option
defaults to no. Note that versions of GPG prior to 1.4.7 always
allowed multiple messages.
@item --enable-special-filenames
This options enables a mode in which filenames of the form

37
g10/ChangeLog
View File

@ -1,3 +1,20 @@
2007-03-05 Werner Koch <wk@g10code.com>
Converted this file to UTF-8.
Ported David and my multiple messages changes from 1.4.7.
* options.h, gpg.c (main), mainproc.c (check_sig_and_print): Allow
multiple sig verification again as this is protected via the
multiple-messages code. New option --allow-multiple-messages and
--no variant.
* status.h (STATUS_ERROR): New status code.
* status.c (get_status_string): Ditto.
* mainproc.c (proc_plaintext): Emit it if multiple messages are
detected. Error out if more than one plaintext packet is
encountered.
* mainproc.c (literals_seen): New.
2007-02-26 Werner Koch <wk@g10code.com>
* gpg.c (main): Add verify option show-primary-uid-only.
@ -1756,7 +1773,7 @@
2003-04-10 Werner Koch <wk@gnupg.org>
* passphrase.c (read_passphrase_from_fd): Do a dummy read if the
agent is to be used. Noted by Ingo Klöcker.
agent is to be used. Noted by Ingo Klöcker.
(agent_get_passphrase): Inhibit caching when we have no
fingerprint. This is required for key generation as well as for
symmetric only encryption.
@ -2699,7 +2716,7 @@
warning.
* passphrase.c (agent_get_passphrase): Fixed signed/unsigned char
problem in %-escaping. Noted by Ingo Klöcker.
problem in %-escaping. Noted by Ingo Klöcker.
2002-10-03 David Shaw <dshaw@jabberwocky.com>
@ -7027,12 +7044,12 @@ Fri Feb 11 17:44:40 CET 2000 Werner Koch <wk@gnupg.de>
Thu Feb 10 17:39:44 CET 2000 Werner Koch <wk@gnupg.de>
* keyedit.c (menu_expire): Fixed segv due to unitialized sub_pk.
By Rémi.
By Rémi.
Thu Feb 10 11:39:41 CET 2000 Werner Koch <wk@gnupg.de>
* keylist.c (list_keyblock): Don't print warnings in the middle of
regulat output lines. By Rémi.
regulat output lines. By Rémi.
* sig-check.c: Include options.h
@ -7622,7 +7639,7 @@ Mon May 31 19:41:10 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10.c (main): Fix for SHM init (Michael).
* compress.c, encr-data.c, mdfilter.c,
plaintext.c, free-packet.c: Speed patches (Rémi).
plaintext.c, free-packet.c: Speed patches (Rémi).
Thu May 27 09:40:55 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
@ -7647,7 +7664,7 @@ Wed May 26 14:36:29 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
Tue May 25 19:50:32 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* sign.c (sign_file): Always use compression algo 1 for signed
onyl file becuase we can´ be sure the the verifier supports other
onyl file becuase we can´ be sure the the verifier supports other
algorithms.
* build-packet.c (build_sig_subpkt): Support for notation data.
@ -7837,7 +7854,7 @@ Wed Apr 7 20:51:39 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
(protect_secret_key). Ditto.
* misc.c (print_cipher_algo_note): Twofish is now a standard algo.
* keygen.c (do_create): Fixed spelling (Gaël Quéri)
* keygen.c (do_create): Fixed spelling (Gaël Quéri)
(ask_keysize): Only allow keysizes up to 4096
* ringedit.c (add_keyblock_resource): chmod newly created secrings.
@ -7880,7 +7897,7 @@ Wed Mar 17 13:09:03 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* trustdb.c (insert_trust_record): Always use the primary key.
* encode.c (encode_simple): Added text_mode filter (Rémi Guyomarch)
* encode.c (encode_simple): Added text_mode filter (Rémi Guyomarch)
(encode_crypt): Ditto.
* mainproc.c (proc_pubkey_enc): Added status ENC_TO.
@ -9261,7 +9278,7 @@ Wed Apr 8 13:40:33 1998 Werner Koch (wk@isil.d.shuttle.de)
Wed Apr 8 09:47:21 1998 Werner Koch (wk@isil.d.shuttle.de)
* sig-check.c (do_check): Applied small fix from Ulf Möller.
* sig-check.c (do_check): Applied small fix from Ulf Möller.
Tue Apr 7 19:28:07 1998 Werner Koch (wk@isil.d.shuttle.de)
@ -9640,7 +9657,7 @@ Thu Feb 12 22:24:42 1998 Werner Koch (wk@frodo)
Copyright 1998,1999,2000,2001,2002,2003,2004,2005,
2006 Free Software Foundation, Inc.
2006,2007 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without

17
g10/gpg.c
View File

@ -357,6 +357,8 @@ enum cmd_and_opt_values
oAllowMultisigVerification,
oEnableDSA2,
oDisableDSA2,
oAllowMultipleMessages,
oNoAllowMultipleMessages,
oNoop
};
@ -692,6 +694,8 @@ static ARGPARSE_OPTS opts[] = {
{ oAllowMultisigVerification, "allow-multisig-verification", 0, "@"},
{ oEnableDSA2, "enable-dsa2", 0, "@"},
{ oDisableDSA2, "disable-dsa2", 0, "@"},
{ oAllowMultipleMessages, "allow-multiple-messages", 0, "@"},
{ oNoAllowMultipleMessages, "no-allow-multiple-messages", 0, "@"},
/* These two are aliases to help users of the PGP command line
product use gpg with minimal pain. Many commands are common
@ -2807,13 +2811,18 @@ main (int argc, char **argv )
release_akl();
break;
case oAllowMultisigVerification:
opt.allow_multisig_verification = 1;
break;
case oEnableDSA2: opt.flags.dsa2=1; break;
case oDisableDSA2: opt.flags.dsa2=0; break;
case oAllowMultisigVerification:
case oAllowMultipleMessages:
opt.flags.allow_multiple_messages=1;
break;
case oNoAllowMultipleMessages:
opt.flags.allow_multiple_messages=0;
break;
case oNoop: break;
default : pargs.err = configfp? 1:2; break;

45
g10/mainproc.c
View File

@ -98,10 +98,9 @@ struct mainproc_context
static int do_proc_packets( CTX c, IOBUF a );
static void list_node( CTX c, KBNODE node );
static void proc_tree( CTX c, KBNODE node );
static int literals_seen;
static void
release_list( CTX c )
@ -596,6 +595,8 @@ proc_plaintext( CTX c, PACKET *pkt )
int any, clearsig, only_md5, rc;
KBNODE n;
literals_seen++;
if( pt->namelen == 8 && !memcmp( pt->name, "_CONSOLE", 8 ) )
log_info(_("NOTE: sender requested \"for-your-eyes-only\"\n"));
else if( opt.verbose )
@ -683,12 +684,29 @@ proc_plaintext( CTX c, PACKET *pkt )
gcry_md_start_debug ( c->mfx.md2, "verify2" );
}
rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
if ( gpg_err_code (rc) == GPG_ERR_EACCES && !c->sigs_only )
rc=0;
if (literals_seen>1)
{
/* Can't write output but we hash it anyway to check the
signature. */
rc = handle_plaintext( pt, &c->mfx, 1, clearsig );
log_info (_("WARNING: multiple plaintexts seen\n"));
if (!opt.flags.allow_multiple_messages)
{
write_status_text (STATUS_ERROR, "proc_pkt.plaintext 89_BAD_DATA");
log_inc_errorcount ();
rc = gpg_error (GPG_ERR_UNEXPECTED);
}
}
if(!rc)
{
rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
if ( gpg_err_code (rc) == GPG_ERR_EACCES && !c->sigs_only )
{
/* Can't write output but we hash it anyway to check the
signature. */
rc = handle_plaintext( pt, &c->mfx, 1, clearsig );
}
}
if( rc )
@ -1512,8 +1530,17 @@ check_sig_and_print( CTX c, KBNODE node )
n_sig++;
if (!n_sig)
goto ambiguous;
if (n && !opt.allow_multisig_verification)
goto ambiguous;
/* If we wanted to disallow multiple sig verification, we'd do
something like this:
if (n && !opt.allow_multisig_verification)
goto ambiguous;
However, now that we have --allow-multiple-messages, this
can stay allowable as we can't get here unless multiple
messages (i.e. multiple literals) are allowed. */
if (n_onepass != n_sig)
{
log_info ("number of one-pass packets does not match "

3
g10/options.h
View File

@ -227,6 +227,7 @@ struct
unsigned int use_embedded_filename:1;
unsigned int utf8_filename:1;
unsigned int dsa2:1;
unsigned int allow_multiple_messages:1;
} flags;
/* Linked list of ways to find a key if the key isn't on the local
@ -238,8 +239,6 @@ struct
struct akl *next;
} *auto_key_locate;
/* True if multiple concatenated signatures may be verified. */
int allow_multisig_verification;
int passwd_repeat;
} opt;

1
g10/status.c
View File

@ -148,6 +148,7 @@ get_status_string ( int no )
case STATUS_PKA_TRUST_BAD : s = "PKA_TRUST_BAD"; break;
case STATUS_PKA_TRUST_GOOD : s = "PKA_TRUST_GOOD"; break;
case STATUS_BEGIN_SIGNING : s = "BEGIN_SIGNING"; break;
case STATUS_ERROR : s = "ERROR"; break;
default: s = "?"; break;
}
return s;

2
g10/status.h
View File

@ -120,6 +120,8 @@
#define STATUS_BEGIN_SIGNING 84
#define STATUS_ERROR 85
/*-- status.c --*/
void set_status_fd ( int fd );

6
tests/openpgp/ChangeLog
View File

@ -1,3 +1,9 @@
2007-03-04 David Shaw <dshaw@jabberwocky.com> (wk)
* verify.test: Use --allow-multiple-messages instead of
--allow-multisig-verification. Two clearsigs in a row counds as a
multiple-message test.
2006-11-16 Werner Koch <wk@g10code.com>
* Makefile.am (plain-large): Use gpg.texi instead of FAQ which

12
tests/openpgp/verify.test
View File

@ -121,8 +121,8 @@ IHBlb3BsZS4K
# Two standard signed messages in a row
tests="$tests msg_olsols_asc_multisig"
msg_olsols_asc_multisig='-----BEGIN PGP MESSAGE-----
tests="$tests msg_olsols_asc_multiple"
msg_olsols_asc_multiple='-----BEGIN PGP MESSAGE-----
kA0DAAIRLXJ8x2hpdzQBrQEHYgNtc2dEDFJaSSB0aGluayB0aGF0IGFsbCByaWdo
dC10aGlua2luZyBwZW9wbGUgaW4gdGhpcyBjb3VudHJ5IGFyZSBzaWNrIGFuZAp0
@ -215,8 +215,8 @@ EOF
`
# Two clear text signatures in a row
tests="$tests msg_clsclss_asc"
msg_clsclss_asc="${msg_cls_asc}
tests="$tests msg_clsclss_asc_multiple"
msg_clsclss_asc_multiple="${msg_cls_asc}
${msg_clss_asc}"
@ -233,8 +233,8 @@ for i in $tests ; do
msg_*_asc)
$GPG --verify x || error "verify of $i failed"
;;
msg_*_asc_multisig)
$GPG --verify --allow-multisig-verification x \
msg_*_asc_multiple)
$GPG --verify --allow-multiple-messages x \
|| error "verify of $i failed"
$GPG --verify x && error "verify of $i succeeded but should not"
;;