fixed severe exploit

cipher/ChangeLog

@@ -1,3 +1,12 @@
+Thu Jul  9 13:01:14 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* dynload.c (load_extension): Function now nbails out if
+	the program is run setuid.
+
+Wed Jul  8 18:58:23 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* rmd160.c (rmd160_hash_buffer): New.
+
 Thu Jul  2 10:50:30 1998  Werner Koch  (wk@isil.d.shuttle.de)
 
 	* cipher.c (cipher_open): algos >=100 use standard CFB

cipher/dynload.c

@@ -22,6 +22,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <unistd.h>
 #ifdef HAVE_DL_DLOPEN
   #include <dlfcn.h>
 #endif
@@ -109,7 +110,11 @@ load_extension( EXTLIST el )
     int seq = 0;
     int class, vers;
 
+    /* make sure we are not setuid */
+    if( getuid() != geteuid() )
+	log_bug("trying to load an extension while still setuid\n");
 
+    /* now that we are not setuid anymore, we can safely load modules */
     el->handle = dlopen(el->name, RTLD_NOW);
     if( !el->handle ) {
 	log_error("%s: error loading extension: %s\n", el->name, dlerror() );

cipher/rmd160.c

@@ -26,7 +26,7 @@
 #include "util.h"
 #include "memory.h"
 #include "rmd.h"
-
+#include "cipher.h" /* only used for the rmd160_hash_buffer() prototype */
 
 /*********************************
  * RIPEMD-160 is not patented, see (as of 25.10.97)
@@ -530,6 +530,24 @@ rmd160_read( RMD160_CONTEXT *hd )
     return hd->buf;
 }
 
+
+
+/****************
+ * Shortcut functions which puts the hash value of the supplied buffer
+ * into outbuf which must have a size of 20 bytes.
+ */
+void
+rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length )
+{
+    RMD160_CONTEXT hd;
+
+    rmd160_init( &hd );
+    rmd160_write( &hd, (byte*)buffer, length );
+    rmd160_final( &hd );
+    memcpy( outbuf, hd.buf, 20 );
+}
+
+
 /****************
  * Return some information about the algorithm.  We need algo here to
  * distinguish different flavors of the algorithm.