1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00

bug fixes

This commit is contained in:
Werner Koch 1998-02-11 23:22:09 +00:00
parent 4c0c155922
commit bc5789665a
37 changed files with 949 additions and 137 deletions

View file

@ -154,7 +154,10 @@ dry-run
keyring filename
# add this filename to the list of keyrings
# add this filename to the list of keyrings.
# If the filename begins with a tilde and a slash, these are replaced
# by the HOME directory. If the filename does not contain a slash, it
# is assumed to be in "~/.g10"
local-user user-string
# use this user-string to sign or decrypt
@ -191,6 +194,7 @@ remote-user
secret-keyring filename
# add filename to the list of secret keyrings
# see "keyring" for further informations
status-fd n
# Write status informations to this file descriptor. If this option

View file

@ -288,9 +288,11 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
if( n < buflen || c == '\n' ) {
if( n && buf[0] != '\r') { /* maybe a header */
if( strchr( buf, ':') ) { /* yes */
log_debug("armor header: ");
print_string( stderr, buf, n );
putc('\n', stderr);
if( opt.verbose ) {
log_info("armor header: ");
print_string( stderr, buf, n );
putc('\n', stderr);
}
if( clearsig && !parse_hash_header( buf ) ) {
log_error("invalid clearsig header\n");
state = fhdrERROR;
@ -321,9 +323,11 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
}
else if( c != -1 ) {
if( strchr( buf, ':') ) { /* buffer to short, but this is okay*/
log_debug("armor header: ");
print_string( stderr, buf, n );
fputs("[...]\n", stderr); /* indicate it is truncated */
if( opt.verbose ) {
log_info("armor header: ");
print_string( stderr, buf, n );
fputs("[...]\n", stderr); /* indicate it is truncated */
}
state = fhdrSKIPHeader; /* skip rest of line */
}
else /* line too long */
@ -380,7 +384,8 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
state = fhdrWAITHeader;
if( hdr_line == BEGIN_SIGNED_MSG_IDX )
clearsig = 1;
log_debug("armor: %s\n", head_strings[hdr_line]);
if( opt.verbose > 1 )
log_info("armor: %s\n", head_strings[hdr_line]);
break;
case fhdrCLEARSIG:
@ -432,15 +437,24 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
break;
case fhdrCHECKClearsig:
case fhdrCHECKClearsig2:
/* check the clearsig line */
if( n > 15 && !memcmp(buf, "-----", 5 ) )
state = fhdrENDClearsig;
else if( buf[0] == '-' && buf[1] == ' ' )
state = fhdrCHECKDashEscaped;
else {
state = state == fhdrCHECKClearsig2 ?
fhdrREADClearsig : fhdrTESTSpaces;
state = fhdrTESTSpaces;
}
break;
case fhdrCHECKClearsig2:
/* check the clearsig line */
if( n > 15 && !memcmp(buf, "-----", 5 ) )
state = fhdrENDClearsig;
else if( buf[0] == '-' && buf[1] == ' ' )
state = fhdrCHECKDashEscaped2;
else {
state = fhdrREADClearsig;
}
break;
@ -812,7 +826,7 @@ armor_filter( void *opaque, int control,
int idx, idx2;
size_t n=0;
u32 crc;
#if 1
#if 0
static FILE *fp ;
if( !fp ) {
@ -884,7 +898,7 @@ armor_filter( void *opaque, int control,
}
else
rc = radix64_read( afx, a, &n, buf, size );
#if 1
#if 0
if( n )
if( fwrite(buf, n, 1, fp ) != 1 )
BUG();

View file

@ -215,6 +215,7 @@ main( int argc, char **argv )
{ 537, "export", 0, N_("export all or the given keys") },
{ 538, "trustdb-name", 2, "\r" },
{ 539, "clearsign", 0, N_("make a clear text signature") },
{ 540, "no-secmem-warning", 0, "\r" }, /* used only by regression tests */
{0} };
ARGPARSE_ARGS pargs;
@ -231,7 +232,7 @@ main( int argc, char **argv )
FILE *configfp = NULL;
char *configname = NULL;
unsigned configlineno;
int parse_verbose = 0;
int parse_debug = 0;
int default_config =1;
int errors=0;
int default_keyring = 1;
@ -259,8 +260,8 @@ main( int argc, char **argv )
pargs.argv = &argv;
pargs.flags= 1; /* do not remove the args */
while( arg_parse( &pargs, opts) ) {
if( pargs.r_opt == 'v' )
parse_verbose++;
if( pargs.r_opt == 510 || pargs.r_opt == 511 )
parse_debug++;
else if( pargs.r_opt == 518 ) {
/* yes there is one, so we do not try the default one, but
* read the option file when it is encountered at the commandline
@ -283,7 +284,7 @@ main( int argc, char **argv )
configfp = fopen( configname, "r" );
if( !configfp ) {
if( default_config ) {
if( parse_verbose > 1 )
if( parse_debug )
log_info(_("note: no default option file '%s'\n"), configname );
}
else
@ -291,7 +292,7 @@ main( int argc, char **argv )
configname, strerror(errno) );
m_free(configname); configname = NULL;
}
if( parse_verbose > 1 && configname )
if( parse_debug && configname )
log_info(_("reading options from '%s'\n"), configname );
default_config = 0;
}
@ -370,6 +371,7 @@ main( int argc, char **argv )
case 537: set_cmd( &cmd, aExport); break;
case 538: trustdb_name = pargs.r.ret_str; break;
case 539: set_cmd( &cmd, aClearsign); break;
case 540: secmem_set_flags( secmem_get_flags() | 1 ); break;
default : errors++; pargs.err = configfp? 1:2; break;
}
}
@ -403,6 +405,13 @@ main( int argc, char **argv )
if( errors )
g10_exit(2);
if( greeting ) {
if( *(s=strusage(10)) )
tty_printf("%s", s);
if( *(s=strusage(30)) )
tty_printf("%s", s);
}
/* initialize the secure memory. */
secmem_init( 16384 );
/* Okay, we are now working under our real uid */
@ -425,23 +434,11 @@ main( int argc, char **argv )
}
if( opt.verbose > 1 )
set_packet_list_mode(1);
if( greeting ) {
if( *(s=strusage(10)) )
tty_printf("%s", s);
if( *(s=strusage(30)) )
tty_printf("%s", s);
}
if( !sec_nrings || default_keyring ) { /* add default secret rings */
char *p = make_filename("~/.g10", "secring.g10", NULL );
add_secret_keyring(p);
m_free(p);
}
if( !nrings || default_keyring ) { /* add default ring */
char *p = make_filename("~/.g10", "pubring.g10", NULL );
add_keyring(p);
m_free(p);
}
if( !sec_nrings || default_keyring ) /* add default secret rings */
add_secret_keyring("secring.g10");
if( !nrings || default_keyring ) /* add default ring */
add_keyring("pubring.g10");
if( argc ) {
fname_print = fname = *argv;

View file

@ -73,7 +73,8 @@ static int scan_keyring( PKT_public_cert *pkc, u32 *keyid,
static int scan_secret_keyring( PKT_secret_cert *skc, u32 *keyid,
const char *name, const char *filename);
/* note this function may be called before secure memory is
* available */
void
add_keyring( const char *name )
{
@ -81,19 +82,32 @@ add_keyring( const char *name )
int rc;
/* FIXME: check wether this one is available etc */
/* my be we should do this later */
sl = m_alloc( sizeof *sl + strlen(name) );
strcpy(sl->d, name );
/* maybe we should do this later */
if( *name != '/' ) { /* do tilde expansion etc */
char *p ;
if( strchr(name, '/') )
p = make_filename(name, NULL);
else
p = make_filename("~/.g10", name, NULL);
sl = m_alloc( sizeof *sl + strlen(p) );
strcpy(sl->d, p );
m_free(p);
}
else {
sl = m_alloc( sizeof *sl + strlen(name) );
strcpy(sl->d, name );
}
sl->next = keyrings;
keyrings = sl;
/* FIXME: We should remove much out of this mpdule and
/* FIXME: We should remove much out of this module and
* combine it with the keyblock stuff from ringedit.c
* For now we will simple add the filename as keyblock resource
*/
rc = add_keyblock_resource( name, 0, 0 );
rc = add_keyblock_resource( sl->d, 0, 0 );
if( rc )
log_error("keyblock resource '%s': %s\n", name, g10_errstr(rc) );
log_error("keyblock resource '%s': %s\n", sl->d, g10_errstr(rc) );
}
@ -119,8 +133,21 @@ add_secret_keyring( const char *name )
/* FIXME: check wether this one is available etc */
/* my be we should do this later */
sl = m_alloc( sizeof *sl + strlen(name) );
strcpy(sl->d, name );
if( *name != '/' ) { /* do tilde expansion etc */
char *p ;
if( strchr(name, '/') )
p = make_filename(name, NULL);
else
p = make_filename("~/.g10", name, NULL);
sl = m_alloc( sizeof *sl + strlen(p) );
strcpy(sl->d, p );
m_free(p);
}
else {
sl = m_alloc( sizeof *sl + strlen(name) );
strcpy(sl->d, name );
}
sl->next = secret_keyrings;
secret_keyrings = sl;
@ -128,9 +155,9 @@ add_secret_keyring( const char *name )
* combine it with the keyblock stuff from ringedit.c
* For now we will simple add the filename as keyblock resource
*/
rc = add_keyblock_resource( name, 0, 1 );
rc = add_keyblock_resource( sl->d, 0, 1 );
if( rc )
log_error("secret keyblock resource '%s': %s\n", name, g10_errstr(rc) );
log_error("secret keyblock resource '%s': %s\n", sl->d, g10_errstr(rc));
}

View file

@ -180,11 +180,8 @@ walk_kbnode( KBNODE root, KBNODE *context, int all )
return root;
}
n = *context;
if( n->next ) {
n = n->next;
*context = n;
}
n = (*context)->next;
*context = n;
} while( !all && n && (n->private_flag & 1) );
return n;

View file

@ -114,7 +114,7 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_cert *skc )
BUG(); /* no user id packet in tree */
uid = node->pkt->pkt.user_id;
/* get the pkc packet from the pub_tree */
node = find_kbnode( root, PKT_PUBLIC_CERT );
node = find_kbnode( pub_root, PKT_PUBLIC_CERT );
if( !node )
BUG();
pkc = node->pkt->pkt.public_cert;

View file

@ -69,9 +69,6 @@ IOBUF open_sigfile( const char *iname );
/*-- seskey.c --*/
void make_session_key( DEK *dek );
MPI encode_session_key( DEK *dek, unsigned nbits );
MPI encode_sha1_value( byte *md, unsigned len, unsigned nbits );
MPI encode_rmd160_value( byte *md, unsigned len, unsigned nbits );
MPI encode_md5_value( byte *md, unsigned len, unsigned nbits );
MPI encode_md_value( MD_HANDLE md, unsigned nbits );
/*-- comment.c --*/

View file

@ -135,7 +135,7 @@ add_user_id( CTX c, PACKET *pkt )
static int
add_signature( CTX c, PACKET *pkt )
{
KBNODE node, n1, n2;
KBNODE node;
if( pkt->pkttype == PKT_SIGNATURE && !c->cert ) {
/* This is the first signature for a following datafile.
@ -143,34 +143,25 @@ add_signature( CTX c, PACKET *pkt )
* onepass-sig packets. The drawback of PGP's method
* of prepending the signtaure to the data is,
* that it is not possible to make a signature from data read
* from stdin. (Anyway, G10 is are able to read these stuff) */
* from stdin. (Anyway, G10 is able to read these stuff) */
node = new_kbnode( pkt );
c->cert = node;
return 1;
}
else if( !c->cert )
return 0; /* oops */
return 0; /* oops (invalid packet sequence)*/
else if( !c->cert->pkt )
BUG();
BUG(); /* so nicht */
else if( c->cert->pkt->pkttype == PKT_ONEPASS_SIG ) {
/* The root is a onepass signature, so we are signing data */
/* The root is a onepass signature: we are signing data */
node = new_kbnode( pkt );
add_kbnode( c->cert, node );
return 1;
}
/* goto the last user id */
for(n2=NULL, n1=c->cert; n1->next; n1 = n1->next )
if( n1->pkt->pkttype == PKT_USER_ID )
n2 = n1;
if( !n2 ) {
log_error("no user id for signature packet\n");
return 0;
}
n1 = n2;
/* and add a new signature node id at the end */
/* add a new signature node id at the end */
node = new_kbnode( pkt );
insert_kbnode( n1, node, PKT_USER_ID );
add_kbnode( c->cert, node );
return 1;
}

View file

@ -213,11 +213,13 @@ do_we_trust( PKT_public_cert *pkc, int trustlevel )
return 1; /* yes */
case TRUST_FULLY:
log_info("This key probably belongs to the owner\n");
if( opt.verbose )
log_info("This key probably belongs to the owner\n");
return 1; /* yes */
case TRUST_ULTIMATE:
log_info("Our own keys is always good.\n");
if( opt.verbose )
log_info("This key belongs to us (we have the secret key)\n");
return 1; /* yes */
default: BUG();

View file

@ -45,10 +45,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx )
FILE *fp = NULL;
int rc = 0;
int c;
static FILE *abc;
if( !abc )
abc=fopen("plaintext.out", "wb");
if( !abc ) BUG();
int convert = pt->mode == 't';
/* create the filename as C string */
if( opt.outfile ) {
@ -82,9 +79,10 @@ if( !abc ) BUG();
rc = G10ERR_READ_FILE;
goto leave;
}
putc( c, abc );
if( mfx->md )
md_putc(mfx->md, c );
if( convert && c == '\r' )
continue; /* FIXME: this hack is too simple */
if( putc( c, fp ) == EOF ) {
log_error("Error writing to '%s': %s\n", fname, strerror(errno) );
rc = G10ERR_WRITE_FILE;
@ -94,9 +92,10 @@ if( !abc ) BUG();
}
else {
while( (c = iobuf_get(pt->buf)) != -1 ) {
putc( c, abc );
if( mfx->md )
md_putc(mfx->md, c );
if( convert && c == '\r' )
continue; /* FIXME: this hack is too simple */
if( putc( c, fp ) == EOF ) {
log_error("Error writing to '%s': %s\n",
fname, strerror(errno) );
@ -136,7 +135,7 @@ ask_for_detached_datafile( md_filter_context_t *mfx, const char *inname )
int c;
fp = open_sigfile( inname ); /* open default file */
if( !fp ) {
if( !fp && !opt.batch ) {
int any=0;
tty_printf("Detached signature.\n");
do {
@ -160,11 +159,20 @@ ask_for_detached_datafile( md_filter_context_t *mfx, const char *inname )
} while( !fp );
}
while( (c = iobuf_get(fp)) != -1 ) {
if( mfx->md )
md_putc(mfx->md, c );
if( !fp ) {
log_info("reading stdin ...\n");
while( (c = getchar()) != EOF ) {
if( mfx->md )
md_putc(mfx->md, c );
}
}
else {
while( (c = iobuf_get(fp)) != -1 ) {
if( mfx->md )
md_putc(mfx->md, c );
}
iobuf_close(fp);
}
iobuf_close(fp);
leave:
m_free(answer);

View file

@ -109,8 +109,8 @@ encode_session_key( DEK *dek, unsigned nbits )
* returns: A mpi with the session key (caller must free)
* RMD160 Object ID is 1.3.36.3.2.1
*/
MPI
encode_rmd160_value( byte *md, unsigned len, unsigned nbits )
static MPI
encode_rmd160_value( byte *md, unsigned len, unsigned nbits, int secure )
{
static byte asn[15] =
{ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x24, 0x03,
@ -128,7 +128,8 @@ encode_rmd160_value( byte *md, unsigned len, unsigned nbits )
*
* PAD consists of FF bytes.
*/
frame = mpi_alloc_secure( nframe / BYTES_PER_MPI_LIMB );
frame = secure ? mpi_alloc_secure( nframe / BYTES_PER_MPI_LIMB )
: mpi_alloc( nframe / BYTES_PER_MPI_LIMB );
n = 0;
for(i=20-1; i >= 0; i--, n++ )
mpi_putbyte(frame, n, md[i] );
@ -148,8 +149,8 @@ encode_rmd160_value( byte *md, unsigned len, unsigned nbits )
* returns: A mpi with the session key (caller must free)
* SHA-1 Objet ID is 1.3.14.3.2.26
*/
MPI
encode_sha1_value( byte *md, unsigned len, unsigned nbits )
static MPI
encode_sha1_value( byte *md, unsigned len, unsigned nbits, int secure )
{
static byte asn[15] =
{ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03,
@ -167,7 +168,8 @@ encode_sha1_value( byte *md, unsigned len, unsigned nbits )
*
* PAD consists of FF bytes.
*/
frame = mpi_alloc_secure( nframe / BYTES_PER_MPI_LIMB );
frame = secure ? mpi_alloc_secure( nframe / BYTES_PER_MPI_LIMB )
: mpi_alloc( nframe / BYTES_PER_MPI_LIMB );
n = 0;
for(i=20-1; i >= 0; i--, n++ )
mpi_putbyte(frame, n, md[i] );
@ -188,8 +190,8 @@ encode_sha1_value( byte *md, unsigned len, unsigned nbits )
* returns: A mpi with the session key (caller must free)
* MD5 Object ID is 1.2.840.113549.2.5
*/
MPI
encode_md5_value( byte *md, unsigned len, unsigned nbits )
static MPI
encode_md5_value( byte *md, unsigned len, unsigned nbits, int secure )
{
static byte asn[18] =
{ 0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86,0x48,
@ -207,7 +209,8 @@ encode_md5_value( byte *md, unsigned len, unsigned nbits )
*
* PAD consists of FF bytes.
*/
frame = mpi_alloc_secure( nframe / BYTES_PER_MPI_LIMB );
frame = secure ? mpi_alloc_secure( nframe / BYTES_PER_MPI_LIMB )
: mpi_alloc( nframe / BYTES_PER_MPI_LIMB );
n = 0;
for(i=16-1; i >= 0; i--, n++ )
mpi_putbyte(frame, n, md[i] );
@ -227,11 +230,14 @@ encode_md_value( MD_HANDLE md, unsigned nbits )
{
switch( md_get_algo( md ) ) {
case DIGEST_ALGO_MD5:
return encode_md5_value( md_read(md, DIGEST_ALGO_MD5), 16, nbits );
return encode_md5_value( md_read(md, DIGEST_ALGO_MD5),
16, nbits, md_is_secure(md) );
case DIGEST_ALGO_RMD160:
return encode_rmd160_value( md_read(md, DIGEST_ALGO_RMD160), 20, nbits );
return encode_rmd160_value( md_read(md, DIGEST_ALGO_RMD160),
20, nbits, md_is_secure(md) );
case DIGEST_ALGO_SHA1:
return encode_sha1_value( md_read(md, DIGEST_ALGO_SHA1), 20, nbits );
return encode_sha1_value( md_read(md, DIGEST_ALGO_SHA1),
20, nbits, md_is_secure(md) );
default:
BUG();
}

View file

@ -190,11 +190,13 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
/* setup the inner packet */
if( detached ) {
if( multifile ) {
STRLIST sl = filenames;
STRLIST sl;
if( opt.verbose )
log_info("signing:" );
for(; sl; sl = sl->next ) {
/* must walk reverse trough this list */
for( sl = strlist_last(filenames); sl;
sl = strlist_prev( filenames, sl ) ) {
if( !(inp = iobuf_open(sl->d)) ) {
log_error("can't open %s: %s\n", sl->d, strerror(errno) );
rc = G10ERR_OPEN_FILE;
@ -345,7 +347,7 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
armor_filter_context_t afx;
compress_filter_context_t zfx;
text_filter_context_t tfx;
MD_HANDLE textmd;
MD_HANDLE textmd = NULL;
IOBUF inp = NULL, out = NULL;
PACKET pkt;
int rc = 0;

View file

@ -1423,10 +1423,13 @@ do_check( ulong pubkeyid, TRUSTREC *dr, unsigned *trustlevel )
if( tsl->dup )
continue;
log_debug("tslist segs:" );
for(i=0; i < tsl->nseg; i++ )
fprintf(stderr, " %lu/%02x", tsl->seg[i].lid, tsl->seg[i].trust );
putc('\n',stderr);
if( opt.verbose ) {
log_info("tslist segs:" );
for(i=0; i < tsl->nseg; i++ )
fprintf(stderr, " %lu/%02x", tsl->seg[i].lid,
tsl->seg[i].trust );
putc('\n',stderr);
}
}
/* and look wether there is a trusted path.