Cleanups and minor fixes.

g10/ChangeLog

@@ -1,3 +1,47 @@
+2002-09-10  Werner Koch  <wk@gnupg.org>
+
+	* encode.c (encode_simple): Make sure we don't use an ESK packet
+	when we don't have a salt in the S2K.
+
+	* misc.c (pct_expando) <case f>: Make sure that LEN is initialized.
+
+	* exec.c (exec_finish): Use ticks to denote filenames in messages.
+	(make_tempdir, exec_write): Changed format of messages.
+
+	* keyserver.c (print_keyinfo): Release USERID in on error.
+	(keyserver_work) [!DISABLE_KEYSERVER_HELPERS]: Exclude the unused
+	code.
+
+2002-09-09  Werner Koch  <wk@gnupg.org>
+
+	* parse-packet.c (make_attribute_uidname): Add new ar MAX_NAMELEN
+	for sanity checks.  Changed both callers. Limit the size of an %s.
+
+	* options.skel: Comment lock-once out, so that this file does not
+	change anything when copied to a new home directory.
+	* openfile.c (try_make_homedir): Don't exit after copying the
+	option skeleton.
+
+	* options.h: Don't use a comma when declaring variables over more
+	than one line.
+
+	* mainproc.c (symkey_decrypt_sesskey): Check length of the session
+	key.
+
+	* hkp.c (dehtmlize): Use ascii_tolower to protect against weird
+	locales.  Cast the argument for isspace for the sake of broken
+	HP/UXes.
+	(parse_hkp_index): s/ascii_memcasecmp/ascii_strncasecmp/.
+
+	* g10.c: Removed option --emulate-3des-s2k-bug.
+
+	* passphrase.c (hash_passphrase): Was used here.
+
+	* export.c (parse_export_options)
+	* keyserver.c (parse_keyserver_options)
+	* import.c (parse_import_options)
+	* g10.c (check_permissions): s/ascii_memcasecmp/ascii_strncasecmp/.
+
 2002-09-09  David Shaw  <dshaw@jabberwocky.com>
 
 	* g10.c (add_group): Use '=' to separate group name from group
@@ -54,7 +98,7 @@
 	compressed packets.
 
 	* build-packet.c (do_mdc): Removed. Was not used.
-	(do_encrypted_mdc): Count the version number and the MDC packet.
+	(do_encrypted_mdc): Count in the version number and the MDC packet.
 
 2002-08-28  David Shaw  <dshaw@jabberwocky.com>
 
@@ -1047,7 +1091,7 @@
 
 2002-05-05  Timo Schulz  <ts@winpt.org>
 
-        * mainproc.c (proc_symkey_enc): Don't ask for a passphrase
+	* mainproc.c (proc_symkey_enc): Don't ask for a passphrase
         in the list only mode.
 	
 2002-05-05  David Shaw  <dshaw@jabberwocky.com>

g10/encode.c

@@ -205,6 +205,12 @@ encode_simple( const char *filename, int mode, int compat )
 	    log_error(_("error creating passphrase: %s\n"), g10_errstr(rc) );
 	    return rc;
 	}
+        if (!compat && s2k->mode != 1 && s2k->mode != 3) {
+            compat = 1;
+            log_info (_("can't use a symmetric ESK packet "
+                        "due to the S2K mode\n"));
+        }
+
         if ( !compat ) {            
             seskeylen = cipher_get_keylen( opt.def_cipher_algo ?
                                            opt.def_cipher_algo:

g10/exec.c

@@ -178,7 +178,7 @@ static int make_tempdir(struct exec_info *info)
 #endif
 
   if(mkdtemp(info->tempdir)==NULL)
-    log_error(_("%s: can't create directory: %s\n"),
+    log_error(_("can't create directory `%s': %s\n"),
 	      info->tempdir,strerror(errno));
   else
     {
@@ -262,6 +262,7 @@ static int expand_args(struct exec_info *info,const char *args_in)
 
 	  if(append)
 	    {
+              /* FIXME: Why do we need a loop? -wk */
 	      while(strlen(append)+len>size-1)
 		{
 		  size+=100;
@@ -464,13 +465,13 @@ int exec_write(struct exec_info **info,const char *program,
 #endif /* !EXEC_TEMPFILE_ONLY */
 
   if(DBG_EXTPROG)
-    log_debug("using temp file \"%s\"\n",(*info)->tempfile_in);
+    log_debug("using temp file `%s'\n",(*info)->tempfile_in);
 
   /* It's not fork/exec/pipe, so create a temp file */
   (*info)->tochild=fopen((*info)->tempfile_in,binary?"wb":"w");
   if((*info)->tochild==NULL)
     {
-      log_error(_("%s: can't create: %s\n"),
+      log_error(_("can't create '%s': %s\n"),
 		(*info)->tempfile_in,strerror(errno));
       ret=G10ERR_WRITE_FILE;
       goto fail;
@@ -583,19 +584,19 @@ int exec_finish(struct exec_info *info)
       if(info->tempfile_in)
 	{
 	  if(unlink(info->tempfile_in)==-1)
-	    log_info(_("WARNING: unable to remove tempfile (%s) \"%s\": %s\n"),
+	    log_info(_("WARNING: unable to remove tempfile (%s) `%s': %s\n"),
 		     "in",info->tempfile_in,strerror(errno));
 	}
   
       if(info->tempfile_out)
 	{
 	  if(unlink(info->tempfile_out)==-1)
-	    log_info(_("WARNING: unable to remove tempfile (%s) \"%s\": %s\n"),
+	    log_info(_("WARNING: unable to remove tempfile (%s) `%s': %s\n"),
 		     "out",info->tempfile_out,strerror(errno));
 	}
 
       if(rmdir(info->tempdir)==-1)
-	log_info(_("WARNING: unable to remove temp directory \"%s\": %s\n"),
+	log_info(_("WARNING: unable to remove temp directory `%s': %s\n"),
 		 info->tempdir,strerror(errno));
     }
 
@@ -609,3 +610,4 @@ int exec_finish(struct exec_info *info)
   return ret;
 }
 #endif /* ! NO_EXEC */
+

g10/export.c

@@ -61,7 +61,7 @@ parse_export_options(char *str,unsigned int *options)
     {
       int i,rev=0;
 
-      if(ascii_memcasecmp("no-",tok,3)==0)
+      if(ascii_strncasecmp("no-",tok,3)==0)
 	{
 	  rev=1;
 	  tok+=3;

g10/g10.c

@@ -292,7 +292,6 @@ enum cmd_and_opt_values { aNull = 0,
     oPersonalCipherPreferences,
     oPersonalDigestPreferences,
     oPersonalCompressPreferences,
-    oEmu3DESS2KBug,  /* will be removed in 1.1 */
     oEmuMDEncodeBug,
     oDisplay,
     oTTYname,
@@ -581,7 +580,6 @@ static ARGPARSE_OPTS opts[] = {
     { oPersonalCipherPreferences,  "personal-cipher-preferences", 2, "@"},
     { oPersonalDigestPreferences,  "personal-digest-preferences", 2, "@"},
     { oPersonalCompressPreferences,  "personal-compress-preferences", 2, "@"},
-    { oEmu3DESS2KBug,  "emulate-3des-s2k-bug", 0, "@"},
     { oEmuMDEncodeBug,	"emulate-md-encode-bug", 0, "@"},
     { oDisplay,    "display",     2, "@" },
     { oTTYname,    "ttyname",     2, "@" },
@@ -876,8 +874,8 @@ check_permissions(const char *path,int item)
      to avoid user confusion with an extra options file warning which
      could be rectified if the homedir itself had proper
      permissions. */
-  if(item!=0 && homedir_cache>-1 &&
-     ascii_memcasecmp(opt.homedir,tmppath,strlen(opt.homedir))==0)
+  if(item!=0 && homedir_cache>-1
+     && ascii_strncasecmp(opt.homedir,tmppath,strlen(opt.homedir))==0)
     {
       ret=homedir_cache;
       goto end;
@@ -1435,16 +1433,15 @@ main( int argc, char **argv )
 	  case oPGP7: opt.pgp7 = 1; break;
 	  case oNoPGP7: opt.pgp7 = 0; break;
 	  case oEmuChecksumBug: opt.emulate_bugs |= EMUBUG_GPGCHKSUM; break;
-	  case oEmu3DESS2KBug:	opt.emulate_bugs |= EMUBUG_3DESS2K; break;
 	  case oEmuMDEncodeBug: opt.emulate_bugs |= EMUBUG_MDENCODE; break;
 	  case oCompressSigs: opt.compress_sigs = 1; break;
 	  case oRunAsShmCP:
 #ifndef __riscos__
-	  #ifndef USE_SHM_COPROCESSING
+# ifndef USE_SHM_COPROCESSING
 	    /* not possible in the option file,
 	     * but we print the warning here anyway */
 	    log_error("shared memory coprocessing is not available\n");
-	  #endif
+# endif
 #else /* __riscos__ */
             not_implemented("run-as-shm-coprocess");
 #endif /* __riscos__ */

g10/hkp.c

@@ -276,25 +276,25 @@ dehtmlize(char *line)
 	  break;
 
 	case '&':
-	  if((*(line+1)!='\0' && tolower(*(line+1))=='l') &&
-	     (*(line+2)!='\0' && tolower(*(line+2))=='t') &&
+	  if((*(line+1)!='\0' && ascii_tolower(*(line+1))=='l') &&
+	     (*(line+2)!='\0' && ascii_tolower(*(line+2))=='t') &&
 	     (*(line+3)!='\0' && *(line+3)==';'))
 	    {
 	      parsed[parsedindex++]='<';
 	      line+=4;
 	      break;
 	    }
-	  else if((*(line+1)!='\0' && tolower(*(line+1))=='g') &&
-		  (*(line+2)!='\0' && tolower(*(line+2))=='t') &&
+	  else if((*(line+1)!='\0' && ascii_tolower(*(line+1))=='g') &&
+		  (*(line+2)!='\0' && ascii_tolower(*(line+2))=='t') &&
 		  (*(line+3)!='\0' && *(line+3)==';'))
 	    {
 	      parsed[parsedindex++]='>';
 	      line+=4;
 	      break;
 	    }
-	  else if((*(line+1)!='\0' && tolower(*(line+1))=='a') &&
-		  (*(line+2)!='\0' && tolower(*(line+2))=='m') &&
-		  (*(line+3)!='\0' && tolower(*(line+3))=='p') &&
+	  else if((*(line+1)!='\0' && ascii_tolower(*(line+1))=='a') &&
+		  (*(line+2)!='\0' && ascii_tolower(*(line+2))=='m') &&
+		  (*(line+3)!='\0' && ascii_tolower(*(line+3))=='p') &&
 		  (*(line+4)!='\0' && *(line+4)==';'))
 	    {
 	      parsed[parsedindex++]='&';
@@ -317,7 +317,7 @@ dehtmlize(char *line)
   if(parsedindex>0)
     {
       parsedindex--;
-      while(isspace(parsed[parsedindex]))
+      while(isspace(((unsigned char*)parsed)[parsedindex]))
 	{
 	  parsed[parsedindex]='\0';
 	  parsedindex--;
@@ -355,8 +355,8 @@ parse_hkp_index(IOBUF buffer,char *line)
      response.  This only complains about problems within the key
      section itself.  Headers and footers should not matter. */
   if(open && line[0]!='\0' &&
-     ascii_memcasecmp(line,"pub ",4)!=0 &&
-     ascii_memcasecmp(line,"    ",4)!=0)
+     ascii_strncasecmp(line,"pub ",4)!=0 &&
+     ascii_strncasecmp(line,"    ",4)!=0)
     {
       m_free(key);
       m_free(uid);
@@ -402,7 +402,7 @@ parse_hkp_index(IOBUF buffer,char *line)
 	}
     }
 
-  if(ascii_memcasecmp(line,"pub ",4)==0)
+  if(ascii_strncasecmp(line,"pub ",4)==0)
     {
       char *tok,*temp;
 

g10/import.c

@@ -104,7 +104,7 @@ parse_import_options(char *str,unsigned int *options)
     {
       int i,rev=0;
 
-      if(ascii_memcasecmp("no-",tok,3)==0)
+      if(ascii_strncasecmp("no-",tok,3)==0)
 	{
 	  rev=1;
 	  tok+=3;

g10/keyserver.c

@@ -82,7 +82,7 @@ parse_keyserver_options(char *options)
 	      hit=1;
 	      break;
 	    }
-	  else if(ascii_memcasecmp("no-",tok,3)==0 &&
+	  else if(ascii_strncasecmp("no-",tok,3)==0 &&
 		  ascii_strcasecmp(&tok[3],keyserver_opts[i].name)==0)
 	    {
 	      *(keyserver_opts[i].flag)=0;
@@ -267,27 +267,27 @@ print_keyinfo(int count,char *keystring,KEYDB_SEARCH_DESC *desc)
   userid=utf8_to_native(tok,strlen(tok),0);
 
   if((tok=strsep(&keystring,":"))==NULL)
-    return -1;
+    goto fail;
 
   flags=atoi(tok);
 
   if((tok=strsep(&keystring,":"))==NULL)
-    return -1;
+    goto fail;
 
   createtime=atoi(tok);
 
   if((tok=strsep(&keystring,":"))==NULL)
-    return -1;
+    goto fail;
 
   expiretime=atoi(tok);
 
   if((tok=strsep(&keystring,":"))==NULL)
-    return -1;
+    goto fail;
 
   modifytime=atoi(tok);
 
   if((keytype=strsep(&keystring,":"))==NULL)
-    return -1;
+    goto fail;
 
   /* The last one */
   if(keystring!=NULL)
@@ -320,6 +320,10 @@ print_keyinfo(int count,char *keystring,KEYDB_SEARCH_DESC *desc)
   printf("\n");
 
   return 0;
+
+ fail:
+  m_free (userid);
+  return -1;
 }
 
 #define KEYSERVER_ARGS_KEEP " -o \"%O\" \"%I\""
@@ -557,7 +561,7 @@ keyserver_spawn(int action,STRLIST list,
       if(*ptr=='\0')
 	break;
 
-      if(ascii_memcasecmp(ptr,"VERSION ",8)==0)
+      if(ascii_strncasecmp(ptr,"VERSION ",8)==0)
 	{
 	  gotversion=1;
 
@@ -568,13 +572,13 @@ keyserver_spawn(int action,STRLIST list,
 	      goto fail;
 	    }
 	}
-      else if(ascii_memcasecmp(ptr,"PROGRAM ",8)==0)
+      else if(ascii_strncasecmp(ptr,"PROGRAM ",8)==0)
 	{
-	  if(ascii_memcasecmp(&ptr[8],VERSION,strlen(VERSION))!=0)
+	  if(ascii_strncasecmp(&ptr[8],VERSION,strlen(VERSION))!=0)
 	    log_info(_("WARNING: keyserver handler from a different "
 		       "version of GnuPG (%s)\n"),&ptr[8]);
 	}
-      else if(ascii_memcasecmp(ptr,"OPTION OUTOFBAND",16)==0)
+      else if(ascii_strncasecmp(ptr,"OPTION OUTOFBAND",16)==0)
 	outofband=1; /* Currently the only OPTION */
     }
 
@@ -695,7 +699,7 @@ keyserver_work(int action,STRLIST list,KEYDB_SEARCH_DESC *desc,int count)
 #ifdef DISABLE_KEYSERVER_HELPERS
   log_error(_("external keyserver calls are not supported in this build\n"));
   return G10ERR_KEYSERVER;
-#endif
+#else
 
   /* It's not the internal HKP code, so try and spawn a handler for it */
 
@@ -733,6 +737,7 @@ keyserver_work(int action,STRLIST list,KEYDB_SEARCH_DESC *desc,int count)
     }
 
   return 0;
+#endif /* ! DISABLE_KEYSERVER_HELPERS*/
 }
 
 int 

g10/mainproc.c

@@ -242,9 +242,10 @@ static void
 symkey_decrypt_sesskey( DEK *dek, byte *sesskey, size_t slen )
 {
     CIPHER_HANDLE hd;
+    int n;
 
     if ( slen < 17 || slen > 33 ) {
-        log_error( "weird size for an encrypted session key (%d)\n", slen );
+        log_error ( _("weird size for an encrypted session key (%d)\n"), slen);
         return;   
     }
     hd = cipher_open( dek->algo, CIPHER_MODE_CFB, 1 );
@@ -254,9 +255,13 @@ symkey_decrypt_sesskey( DEK *dek, byte *sesskey, size_t slen )
     cipher_close( hd );
     /* check first byte (the cipher algo) */
     if ( sesskey[0] > 10 ) {
-        log_error( "invalid symkey algorithm detected (%d)\n", sesskey[0] );
+        log_error ( _("invalid symkey algorithm detected (%d)\n"),
+                    sesskey[0] );
         return;
     }
+    n = cipher_get_keylen (sesskey[0]) / 8;
+    if (n > DIM(dek->key))
+         BUG ();
     /* now we replace the dek components with the real session key
        to decrypt the contents of the sequencing packet. */
     dek->keylen = cipher_get_keylen( sesskey[0] ) / 8;

g10/misc.c

@@ -436,7 +436,7 @@ pct_expando(const char *string,struct expando_args *args)
 		if(args->pk)
 		  fingerprint_from_pk(args->pk,array,&len);
 		else
-		  memset(array,0,MAX_FINGERPRINT_LEN);
+		  memset(array,0, (len=MAX_FINGERPRINT_LEN));
 
 		if(idx+(len*2)<maxlen)
 		  {

g10/openfile.c

@@ -355,8 +355,8 @@ try_make_homedir( const char *fname )
 	else if( !opt.quiet )
 	    log_info( _("%s: directory created\n"), fname );
 	copy_options_file( fname );
-	log_info(_("you have to start GnuPG again, "
-		   "so it can read the new configuration file\n") );
-	g10_exit(1);
+/*  	log_info(_("you have to start GnuPG again, " */
+/*  		   "so it can read the new configuration file\n") ); */
+/*  	g10_exit(1); */
     }
 }

g10/options.h

@@ -137,9 +137,9 @@ struct {
     unsigned int import_options;
     unsigned int export_options;
     char *def_preference_list;
-    prefitem_t *personal_cipher_prefs,
-               *personal_digest_prefs,
-               *personal_compress_prefs;
+    prefitem_t *personal_cipher_prefs;
+    prefitem_t *personal_digest_prefs;
+    prefitem_t *personal_compress_prefs;
     int no_perm_warn;
     int no_mdc_warn;
     char *temp_dir;
@@ -181,7 +181,6 @@ struct {
 
 
 #define EMUBUG_GPGCHKSUM  1
-#define EMUBUG_3DESS2K	  2
 #define EMUBUG_MDENCODE   4
 
 #define DBG_PACKET_VALUE  1	/* debug packet reading/writing */

g10/options.skel

@@ -78,7 +78,7 @@ $Id$
 # not define this, the lock will be obtained and released every time
 # it is needed - normally this is not needed.
 
-lock-once
+#lock-once
 
 # GnuPG can send and receive keys to and from a keyserver.  These
 # servers can be HKP, email, or LDAP (if GnuPG is built with LDAP

g10/packet.h

@@ -399,7 +399,7 @@ const byte *parse_sig_subpkt2 ( PKT_signature *sig,
 int parse_one_sig_subpkt( const byte *buffer, size_t n, int type );
 void parse_revkeys(PKT_signature *sig);
 int parse_attribute_subpkts(PKT_user_id *uid);
-void make_attribute_uidname(PKT_user_id *uid);
+void make_attribute_uidname(PKT_user_id *uid, size_t max_namelen);
 PACKET *create_gpg_control ( ctrlpkttype_t type,
                              const byte *data,
                              size_t datalen );

g10/parse-packet.c

@@ -1828,9 +1828,11 @@ parse_user_id( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
     return 0;
 }
 
+
 void
-make_attribute_uidname(PKT_user_id *uid)
+make_attribute_uidname(PKT_user_id *uid, size_t max_namelen)
 {
+  assert ( max_namelen > 70 );
   if(uid->numattribs<=0)
     sprintf(uid->name,"[bad attribute packet of size %lu]",uid->attrib_len);
   else if(uid->numattribs>1)
@@ -1846,7 +1848,7 @@ make_attribute_uidname(PKT_user_id *uid)
 	  byte type;
 
 	  if(parse_image_header(uid->attribs,&type,&len))
-	    sprintf(uid->name,"[%s image of size %lu]",
+	    sprintf(uid->name,"[%.20s image of size %lu]",
 		    image_type_to_string(type,1),(ulong)len);
 	  else
 	    sprintf(uid->name,"[invalid image]");
@@ -1864,7 +1866,9 @@ parse_attribute( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
 {
     byte *p;
 
-    packet->pkt.user_id = m_alloc(sizeof *packet->pkt.user_id + 70);
+#define EXTRA_UID_NAME_SPACE 71
+    packet->pkt.user_id = m_alloc(sizeof *packet->pkt.user_id
+                                  + EXTRA_UID_NAME_SPACE);
 
     setup_user_id(packet);
 
@@ -1879,7 +1883,7 @@ parse_attribute( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
        attribute type (jpeg), but it is correct by the spec. */
     parse_attribute_subpkts(packet->pkt.user_id);
 
-    make_attribute_uidname(packet->pkt.user_id);
+    make_attribute_uidname(packet->pkt.user_id, EXTRA_UID_NAME_SPACE);
 
     if( list_mode ) {
 	printf(":attribute packet: %s\n", packet->pkt.user_id->name );

g10/passphrase.c

@@ -1115,13 +1115,7 @@ hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create )
     md = md_open( s2k->hash_algo, 1);
     for(pass=0; used < dek->keylen ; pass++ ) {
 	if( pass ) {
-	    if( (opt.emulate_bugs & EMUBUG_3DESS2K)) {
-		int tmp = md->finalized;
-		md_reset( md );
-		md->finalized = tmp;
-	    }
-	    else
-		md_reset(md);
+            md_reset(md);
 	    for(i=0; i < pass; i++ ) /* preset the hash context */
 		md_putc(md, 0 );
 	}

g10/photoid.c

@@ -59,7 +59,8 @@ PKT_user_id *generate_photo_id(PKT_public_key *pk)
   for(i=4;i<16;i++) /* The reserved bytes */
     header[i]=0;
 
-  uid=m_alloc_clear(sizeof(*uid)+50);
+#define EXTRA_UID_NAME_SPACE 71
+  uid=m_alloc_clear(sizeof(*uid)+71);
 
   printf(_("\nPick an image to use for your photo ID.  "
 	   "The image must be a JPEG file.\n"
@@ -117,7 +118,7 @@ PKT_user_id *generate_photo_id(PKT_public_key *pk)
       /* Build the packet */
       build_attribute_subpkt(uid,1,photo,len,header,16);
       parse_attribute_subpkts(uid);
-      make_attribute_uidname(uid);
+      make_attribute_uidname(uid, EXTRA_UID_NAME_SPACE);
 
       /* Showing the photo is not safe when noninteractive since the
          "user" may not be able to dismiss a viewer window! */