New release

2025-07-02 22:46:30 +02:00 · 1998-09-14 15:49:56 +00:00 · 1998-09-14 15:49:56 +00:00 · c07a88da5d
commit c07a88da5d
parent bae662923c
61 changed files with 378 additions and 167 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,22 @@
+Mon Sep 14 11:40:52 1998  Werner Koch  (wk@(none))
+
+	* seskey.c (make_session_key): Now detects weak keys.
+
+	* trustdb (clear_trust_checked_flag): New.
+
+	* plaintext.c (handle_plaintext): Does no anymore suppress CR from
+	cleartext signed messages.
+
+Sun Sep 13 12:54:29 1998  Werner Koch  (wk@(none))
+
+	* trustdb.c (insert_trust_record): Fixed a stupid bug in the free
+	liunked list loops.
+
+Sat Sep 12 15:49:16 1998  Werner Koch  (wk@(none))
+
+	* status.c (remove_shmid): New.
+	(init_shm_comprocess): Now sets permission to the real uid.
+
 Wed Sep  9 11:15:03 1998  Werner Koch  (wk@(none))

 	* packet.h (PKT_pubkey_enc): New flah throw_keyid, and add logic to
--- a/g10/encr-data.c
+++ b/g10/encr-data.c
@ -29,6 +29,7 @@
 #include "mpi.h"
 #include "cipher.h"
 #include "options.h"
+#include "i18n.h"


 static int decode_filter( void *opaque, int control, IOBUF a,
@ -68,7 +69,10 @@ decrypt_data( PKT_encrypted *ed, DEK *dek )
 	log_bug("Nanu\n");   /* oops: found a bug */

    dfx.cipher_hd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 );
-    cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen  );
+    if( cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen ) )
+	log_info(_("Warning: Message was encrypted with "
+		    "a weak key in the symmetric cipher.\n"));
+
    cipher_setiv( dfx.cipher_hd, NULL );

    if( ed->len ) {
--- a/g10/import.c
+++ b/g10/import.c
@ -394,6 +394,8 @@ import_one( const char *fname, KBNODE keyblock )
 		log_error("key %08lX: trustdb insert failed: %s\n",
 					(ulong)keyid[1], g10_errstr(rc) );
 	}
+	else
+	    rc = clear_trust_checked_flag( new_key? pk : pk_orig );
    }

  leave:
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -213,6 +213,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified )
    KBNODE node, uidnode;
    PKT_public_key *primary_pk;
    int select_all = !count_selected_uids(keyblock);
+    int upd_trust = 0;

    /* build a list of all signators */
    rc=build_sk_list( locusr, &sk_list, 0, 1 );
@ -292,6 +293,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified )
 		    goto leave;
 		}
 		*ret_modified = 1; /* we changed the keyblock */
+		upd_trust = 1;

 		pkt = m_alloc_clear( sizeof *pkt );
 		pkt->pkttype = PKT_SIGNATURE;
@ -301,6 +303,10 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified )
 	    }
 	}
    } /* end loop over signators */
+    if( upd_trust && primary_pk ) {
+	rc = clear_trust_checked_flag( primary_pk );
+    }
+

  leave:
    release_sk_list( sk_list );
--- a/g10/plaintext.c
+++ b/g10/plaintext.c
@ -137,7 +137,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
 		else
 		    md_putc(mfx->md, c );
 	    }
-	    if( convert && c == '\r' )
+	    if( convert && !clearsig && c == '\r' )
 		continue; /* fixme: this hack might be too simple */
 	    if( fp ) {
 		if( putc( c, fp ) == EOF ) {
@ -157,7 +157,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
 		else
 		    md_putc(mfx->md, c );
 	    }
-	    if( convert && c == '\r' )
+	    if( convert && !clearsig && c == '\r' )
 		continue; /* fixme: this hack might be too simple */
 	    if( fp ) {
 		if( putc( c, fp ) == EOF ) {
--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@ -73,7 +73,6 @@ do_check( PKT_secret_key *sk )
 	    int ndata;
 	    byte *p, *data;

-
 	    i = pubkey_get_npkey(sk->pubkey_algo);
 	    assert( mpi_is_opaque( sk->skey[i] ) );
 	    p = mpi_get_opaque( sk->skey[i], &ndata );
@ -212,7 +211,9 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
 	else {
 	    cipher_hd = cipher_open( sk->protect.algo,
 				     CIPHER_MODE_AUTO_CFB, 1 );
-	    cipher_setkey( cipher_hd, dek->key, dek->keylen );
+	    if( cipher_setkey( cipher_hd, dek->key, dek->keylen ) )
+		log_info(_("Warning: Weak key detected"
+			   " - please change passphrase again.\n"));
 	    cipher_setiv( cipher_hd, NULL );
 	    cipher_encrypt( cipher_hd, sk->protect.iv, sk->protect.iv, 8 );
 	    if( sk->version >= 4 ) {
--- a/g10/seskey.c
+++ b/g10/seskey.c
@ -27,6 +27,7 @@
 #include "cipher.h"
 #include "mpi.h"
 #include "main.h"
+#include "i18n.h"


 /****************
@ -35,8 +36,25 @@
 void
 make_session_key( DEK *dek )
 {
+    CIPHER_HANDLE chd;
+    int i, rc;
+
    dek->keylen = cipher_get_keylen( dek->algo ) / 8;
-    randomize_buffer( dek->key, dek->keylen, 1 );
+
+    chd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 );
+    for(i=0; i < 16; i++ ) {
+	rc = cipher_setkey( chd, dek->key, dek->keylen );
+	if( !rc ) {
+	    cipher_close( chd );
+	    return;
+	}
+	log_info(_("weak key created - retrying\n") );
+	/* Renew the session key until we get a non-weak key. */
+	randomize_buffer( dek->key, dek->keylen, 1 );
+    }
+    log_fatal(_(
+	    "cannot avoid weak key for symmetric cipher; tried %d times!\n"),
+		  i);
 }


--- a/g10/status.c
+++ b/g10/status.c
@ -105,11 +105,27 @@ write_status_text ( int no, const char *text)


 #ifdef USE_SHM_COPROCESSING
+
+#ifndef IPC_RMID_DEFERRED_RELEASE
+static void
+remove_shmid( void )
+{
+    if( shm_id != -1 ) {
+	shmctl ( shm_id, IPC_RMID, 0);
+	shm_id = -1;
+    }
+}
+#endif
+
 void
 init_shm_coprocessing ( ulong requested_shm_size, int lock_mem )
 {
    char buf[100];
+    struct shmid_ds shmds;

+  #ifndef IPC_RMID_DEFERRED_RELEASE
+    atexit( remove_shmid );
+  #endif
    requested_shm_size = (requested_shm_size + 4095) & ~4095;
    if ( requested_shm_size > 2 * 4096 )
 	log_fatal("too much shared memory requested; only 8k are allowed\n");
@ -133,14 +149,24 @@ init_shm_coprocessing ( ulong requested_shm_size, int lock_mem )
 	    shm_is_locked = 1;
    }

+
+
  #ifdef IPC_RMID_DEFERRED_RELEASE
-    if ( shmctl ( shm_id, IPC_RMID, 0) )
+    if( shmctl( shm_id, IPC_RMID, 0) )
 	log_fatal("shmctl IPC_RMDID of %d failed: %s\n",
 					    shm_id, strerror(errno));
-  #else
-    #error Must add a cleanup function
  #endif

+    if( shmctl( shm_id, IPC_STAT, &shmds ) )
+	log_fatal("shmctl IPC_STAT of %d failed: %s\n",
+					    shm_id, strerror(errno));
+    if( shmds.shm_perm.uid != getuid() ) {
+	shmds.shm_perm.uid = getuid();
+	if( shmctl( shm_id, IPC_SET, &shmds ) )
+	    log_fatal("shmctl IPC_SET of %d failed: %s\n",
+						shm_id, strerror(errno));
+    }
+
    /* write info; Protocol version, id, size, locked size */
    sprintf( buf, "pv=1 pid=%d shmid=%d sz=%u lz=%u", (int)getpid(),
 	    shm_id, (unsigned)shm_size, shm_is_locked? (unsigned)shm_size:0 );
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@ -1704,9 +1704,28 @@ enum_trust_web( void **context, ulong *lid )
    if( !c ) { /* make a new context */
 	c = m_alloc_clear( sizeof *c );
 	*context = c;
-	if( *lid != last_trust_web_key && last_trust_web_key )
-	    log_bug("enum_trust_web: nyi\n"); /* <--- FIXME */
-	c->tsl = last_trust_web_tslist;
+	if( *lid == last_trust_web_key && last_trust_web_tslist )
+	    c->tsl = last_trust_web_tslist;
+	else {
+	    TRUST_SEG_LIST tsl, tsl2, tslist;
+	    int rc;
+
+	    rc = make_tsl( *lid, &tslist );
+	    if( rc ) {
+		log_error("failed to build the TSL\n");
+		return rc;
+	    }
+	    /* cache the tslist, so that we do not need to free it */
+	    if( last_trust_web_key ) {
+		for( tsl = last_trust_web_tslist; tsl; tsl = tsl2 ) {
+		    tsl2 = tsl->next;
+		    m_free(tsl);
+		}
+	    }
+	    last_trust_web_key = *lid;
+	    last_trust_web_tslist = tslist;
+	    c->tsl = last_trust_web_tslist;
+	}
 	c->index = 1;
    }

@ -1880,6 +1899,38 @@ query_trust_record( PKT_public_key *pk )
 }


+int
+clear_trust_checked_flag( PKT_public_key *pk )
+{
+    TRUSTREC rec;
+    int rc;
+
+    if( !pk->local_id ) {
+	query_trust_record( pk );
+	if( !pk->local_id )
+	    log_bug("clear_trust_checked_flag: Still no LID\n");
+    }
+
+    if( (rc=tdbio_read_record( pk->local_id, &rec, RECTYPE_DIR ))) {
+	log_error("clear_trust_checked_flag: read record failed: %s\n",
+							      g10_errstr(rc));
+	return rc;
+    }
+
+    if( !(rec.r.dir.dirflags & DIRF_CHECKED) )
+	return 0;
+
+    /* reset the flag */
+    rec.r.dir.dirflags &= ~DIRF_CHECKED;
+    rc = tdbio_write_record( &rec );
+    if( rc ) {
+	log_error("clear_trust_checked_flag: write dir record failed: %s\n",
+							      g10_errstr(rc));
+	return rc;
+    }
+    return 0;
+}
+

 /****************
 * helper function for insert_trust_record()
@ -2138,11 +2189,11 @@ insert_trust_record( PKT_public_key *orig_pk )


  leave:
-    for(rec=uidlist_head; rec; rec = rec->next ) {
+    for(rec=uidlist_head; rec; rec = rec2 ) {
 	rec2 = rec->next;
 	rel_mem_uidnode(NULL, 0, rec );
    }
-    for(rec=keylist_head; rec; rec = rec->next ) {
+    for(rec=keylist_head; rec; rec = rec2 ) {
 	rec2 = rec->next;
 	m_free(rec);
    }
--- a/g10/trustdb.h
+++ b/g10/trustdb.h
@ -56,6 +56,7 @@ byte *get_pref_data( ulong lid, const byte *namehash, size_t *ret_n );
 int is_algo_in_prefs( ulong lid, int preftype, int algo );
 int keyid_from_lid( ulong lid, u32 *keyid );
 int query_trust_record( PKT_public_key *pk );
+int clear_trust_checked_flag( PKT_public_key *pk );
 int insert_trust_record( PKT_public_key *pk );
 int update_ownertrust( ulong lid, unsigned new_trust );