mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
Check for garbled packets
This commit is contained in:
parent
6c09d0f462
commit
e46ad749f9
6
PROJECTS
6
PROJECTS
@ -29,6 +29,12 @@
|
||||
We should add an abstraction layer so that adding support for
|
||||
different certificate structures will become easier.
|
||||
|
||||
* "Michael T. Babcock" <mbabcock@fibrespeed.net> suggested to write
|
||||
an event log so that other software can display a key history or
|
||||
alike with GnuPG results. This should be connected to the keyrings.
|
||||
|
||||
|
||||
|
||||
Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
|
||||
|
||||
This file is free software; as a special exception the author gives
|
||||
|
23
TODO
23
TODO
@ -1,5 +1,5 @@
|
||||
|
||||
* 12345678! does not work anymore
|
||||
* 12345678! does not work anymore. Same for +wordlist.
|
||||
|
||||
* Always use the primary key to sign other keys.
|
||||
|
||||
@ -64,10 +64,6 @@
|
||||
* Replace the printing of the user name by [self-signature] when
|
||||
appropriate so that a key listing does not get clobbered.
|
||||
|
||||
* "Michael T. Babcock" <mbabcock@fibrespeed.net> suggested to write
|
||||
an event log so that other software can display a key history or
|
||||
alike with GnuPG results. This should be connected to the keyrings.
|
||||
|
||||
* Using --list-only to check for recipients while decrypting may
|
||||
yield an error about an unknown packet.
|
||||
|
||||
@ -82,6 +78,11 @@
|
||||
|
||||
* Allow to update key signatures.
|
||||
|
||||
* For FreeBSD only: spit out a message that rndcontrol (8) should be
|
||||
used to enable the use of IRQs for entropy gathering.
|
||||
|
||||
* --passphrase-fd can't work with -cs: document this or find a way
|
||||
to work around.
|
||||
|
||||
Scheduled for 1.1
|
||||
-----------------
|
||||
@ -91,8 +92,6 @@ Scheduled for 1.1
|
||||
* With option -i prompt before adding a key to the keyring and show some
|
||||
info what we are about to add.
|
||||
|
||||
* Speed up calculation of key validation.
|
||||
|
||||
* --disable-asm should still assemble _udiv_qrnnd when needed
|
||||
|
||||
* Skip RO keyrings when importing a key.
|
||||
@ -105,6 +104,9 @@ Scheduled for 1.1
|
||||
|
||||
* Get new assembler stuff from gmp 3.1
|
||||
|
||||
* Use new-format headers for compressed packets.
|
||||
|
||||
|
||||
|
||||
Nice to have
|
||||
------------
|
||||
@ -113,9 +115,6 @@ Nice to have
|
||||
* Print a warning if the directory mode is wrong.
|
||||
* Do a real fix for bug #7 or document that it is a PGP 5 error.
|
||||
* preferences of hash algorithms are not yet used.
|
||||
* Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.
|
||||
or use POSIX.4 realtime signals. Overhaul the interface and the
|
||||
test program. Use it with the test suite?
|
||||
* add test cases for invalid data (scrambled armor or other random data)
|
||||
* add checking of armor trailers
|
||||
* the pubkey encrypt functions should do some sanity checks.
|
||||
@ -124,8 +123,6 @@ Nice to have
|
||||
* for messages created with "-t", it might make sense to append the
|
||||
verification status of the message to the output (i.e. write something to
|
||||
the --output file and not only to stderr.
|
||||
* configure option where to find zlib
|
||||
* Evaluate whether it make sense to replace the namehashs either by
|
||||
using the user ID directly or by using pointers into the trustdb.
|
||||
|
||||
|
||||
|
||||
|
@ -1,3 +1,20 @@
|
||||
2001-09-18 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* parse-packet.c (parse): Stop on impossible packet lengths.
|
||||
|
||||
2001-09-17 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* mainproc.c (print_notation_data): Wrap notation data status lines
|
||||
after 50 chars.
|
||||
|
||||
* mainproc.c (proc_pubkey_enc): Make option try-all-secrets work.
|
||||
By disastry@saiknes.lv.
|
||||
|
||||
2001-09-14 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* parse-packet.c (dump_sig_subpkt): List key server preferences
|
||||
and show the revocable flag correctly. Contributed by Davod Shaw.
|
||||
|
||||
2001-09-09 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* keyedit.c (keyedit_menu): No need to define another p.
|
||||
|
@ -300,6 +300,7 @@ proc_pubkey_enc( CTX c, PACKET *pkt )
|
||||
|| enc->pubkey_algo == PUBKEY_ALGO_DSA
|
||||
|| is_RSA(enc->pubkey_algo) ) {
|
||||
if ( !c->dek && ((!enc->keyid[0] && !enc->keyid[1])
|
||||
|| opt.try_all_secrets
|
||||
|| !seckey_available( enc->keyid )) ) {
|
||||
if( opt.list_only )
|
||||
result = -1;
|
||||
@ -746,7 +747,7 @@ print_notation_data( PKT_signature *sig )
|
||||
print_string( log_stream(), p+n1, n2, 0 );
|
||||
putc( '\n', log_stream() );
|
||||
write_status_buffer ( STATUS_NOTATION_NAME, p , n1, 0 );
|
||||
write_status_buffer ( STATUS_NOTATION_DATA, p+n1, n2, 20 );
|
||||
write_status_buffer ( STATUS_NOTATION_DATA, p+n1, n2, 50 );
|
||||
}
|
||||
if( (p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_POLICY, &n ) )) {
|
||||
log_info(_("Policy: ") );
|
||||
|
@ -368,6 +368,14 @@ parse( IOBUF inp, PACKET *pkt, int onlykeypkts, off_t *retpos,
|
||||
}
|
||||
}
|
||||
|
||||
if (pktlen == 0xffffffff) {
|
||||
/* with a some probability this is caused by a problem in the
|
||||
* the uncompressing layer - in some error cases it just loops
|
||||
* and spits out 0xff bytes. */
|
||||
log_error ("%s: garbled packet detected\n", iobuf_where(inp) );
|
||||
g10_exit (2);
|
||||
}
|
||||
|
||||
if( out && pkttype ) {
|
||||
if( iobuf_write( out, hdr, hdrlen ) == -1 )
|
||||
rc = G10ERR_WRITE_FILE;
|
||||
@ -766,7 +774,8 @@ dump_sig_subpkt( int hashed, int type, int critical,
|
||||
p = "regular expression";
|
||||
break;
|
||||
case SIGSUBPKT_REVOCABLE:
|
||||
p = "revocable";
|
||||
if( length )
|
||||
printf("%srevocable", *buffer? "":"not ");
|
||||
break;
|
||||
case SIGSUBPKT_KEY_EXPIRE:
|
||||
if( length >= 4 )
|
||||
@ -829,7 +838,9 @@ dump_sig_subpkt( int hashed, int type, int critical,
|
||||
printf(" %d", buffer[i] );
|
||||
break;
|
||||
case SIGSUBPKT_KS_FLAGS:
|
||||
p = "key server preferences";
|
||||
fputs("key server preferences:",stdout);
|
||||
for(i=0;i<length;i++)
|
||||
printf(" %02X", buffer[i]);
|
||||
break;
|
||||
case SIGSUBPKT_PREF_KS:
|
||||
p = "preferred key server";
|
||||
|
@ -1,3 +1,8 @@
|
||||
2001-09-18 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* gpgsplit.c: New option --uncompress.
|
||||
(write_part): Handle old style uncompressing.
|
||||
|
||||
2001-06-20 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* gpgsplit.c: New.
|
||||
|
103
tools/gpgsplit.c
103
tools/gpgsplit.c
@ -33,12 +33,14 @@
|
||||
#ifdef HAVE_DOSISH_SYSTEM
|
||||
#include <fcntl.h> /* for setmode() */
|
||||
#endif
|
||||
#include <zlib.h>
|
||||
|
||||
#include "../g10/packet.h"
|
||||
#include "util.h"
|
||||
|
||||
static int opt_verbose;
|
||||
static const char *opt_prefix = "";
|
||||
static int opt_uncompress;
|
||||
|
||||
static void g10_exit( int rc );
|
||||
static void split_packets (const char *fname);
|
||||
@ -47,6 +49,7 @@ static void split_packets (const char *fname);
|
||||
enum cmd_and_opt_values { aNull = 0,
|
||||
oVerbose = 'v',
|
||||
oPrefix = 'p',
|
||||
oUncompress = 500,
|
||||
aTest };
|
||||
|
||||
|
||||
@ -56,6 +59,7 @@ static ARGPARSE_OPTS opts[] = {
|
||||
|
||||
{ oVerbose, "verbose", 0, "verbose" },
|
||||
{ oPrefix, "prefix", 2, "|STRING|Prepend filenames with STRING" },
|
||||
{ oUncompress, "uncompress", 0, "uncompress a packet"},
|
||||
{0} };
|
||||
|
||||
|
||||
@ -105,6 +109,7 @@ main( int argc, char **argv )
|
||||
switch( pargs.r_opt ) {
|
||||
case oVerbose: opt_verbose = 1; break;
|
||||
case oPrefix: opt_prefix = pargs.r.ret_str; break;
|
||||
case oUncompress: opt_uncompress = 1; break;
|
||||
default : pargs.err = 2; break;
|
||||
}
|
||||
}
|
||||
@ -143,7 +148,9 @@ pkttype_to_string (int pkttype)
|
||||
case PKT_SECRET_KEY : s = "secret_key"; break;
|
||||
case PKT_PUBLIC_KEY : s = "public_key"; break;
|
||||
case PKT_SECRET_SUBKEY : s = "secret_subkey"; break;
|
||||
case PKT_COMPRESSED : s = "compressed"; break;
|
||||
case PKT_COMPRESSED :
|
||||
s = opt_uncompress? "uncompressed":"compressed";
|
||||
break;
|
||||
case PKT_ENCRYPTED : s = "encrypted"; break;
|
||||
case PKT_MARKER : s = "marker"; break;
|
||||
case PKT_PLAINTEXT : s = "plaintext"; break;
|
||||
@ -232,11 +239,13 @@ write_part ( const char *fname, FILE *fpin, unsigned long pktlen,
|
||||
g10_exit (1);
|
||||
}
|
||||
|
||||
for (p=hdr; hdrlen; p++, hdrlen--) {
|
||||
if ( putc (*p, fpout) == EOF )
|
||||
goto write_error;
|
||||
if (!opt_uncompress) {
|
||||
for (p=hdr; hdrlen; p++, hdrlen--) {
|
||||
if ( putc (*p, fpout) == EOF )
|
||||
goto write_error;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
first = 1;
|
||||
while (partial) {
|
||||
size_t partlen;
|
||||
@ -311,13 +320,89 @@ write_part ( const char *fname, FILE *fpin, unsigned long pktlen,
|
||||
else { /* compressed: read to end */
|
||||
pktlen = 0;
|
||||
partial = 0;
|
||||
while ( (c=getc (fpin)) != EOF ) {
|
||||
if ( putc (c, fpout) == EOF )
|
||||
goto write_error;
|
||||
hdrlen = 0;
|
||||
if (opt_uncompress) {
|
||||
z_stream zs;
|
||||
byte *inbuf, *outbuf;
|
||||
unsigned int inbufsize, outbufsize;
|
||||
int algo, zinit_done, zrc, nread, count;
|
||||
size_t n;
|
||||
|
||||
if ((c = getc (fpin)) == EOF)
|
||||
goto read_error;
|
||||
algo = c;
|
||||
|
||||
memset (&zs, 0, sizeof zs);
|
||||
inbufsize = 2048;
|
||||
inbuf = m_alloc (inbufsize);
|
||||
outbufsize = 8192;
|
||||
outbuf = m_alloc (outbufsize);
|
||||
zs.avail_in = 0;
|
||||
zinit_done = 0;
|
||||
|
||||
do {
|
||||
if (zs.avail_in < inbufsize) {
|
||||
n = zs.avail_in;
|
||||
if (!n)
|
||||
zs.next_in = inbuf;
|
||||
count = inbufsize - n;
|
||||
for (nread=0;
|
||||
nread < count && (c=getc (fpin)) != EOF;
|
||||
nread++) {
|
||||
inbuf[n+nread] = c;
|
||||
}
|
||||
n += nread;
|
||||
if (nread < count && algo == 1) {
|
||||
inbuf[n] = 0xFF; /* chew dummy byte */
|
||||
n++;
|
||||
}
|
||||
zs.avail_in = n;
|
||||
}
|
||||
zs.next_out = outbuf;
|
||||
zs.avail_out = outbufsize;
|
||||
|
||||
if (!zinit_done) {
|
||||
zrc = algo == 1? inflateInit2 ( &zs, -13)
|
||||
: inflateInit ( &zs );
|
||||
if (zrc != Z_OK) {
|
||||
log_fatal ("zlib problem: %s\n", zs.msg? zs.msg :
|
||||
zrc == Z_MEM_ERROR ? "out of core" :
|
||||
zrc == Z_VERSION_ERROR ?
|
||||
"invalid lib version" :
|
||||
"unknown error" );
|
||||
}
|
||||
zinit_done = 1;
|
||||
}
|
||||
else {
|
||||
#ifdef Z_SYNC_FLUSH
|
||||
zrc = inflate (&zs, Z_SYNC_FLUSH);
|
||||
#else
|
||||
zrc = inflate (&zs, Z_PARTIAL_FLUSH);
|
||||
#endif
|
||||
if (zrc == Z_STREAM_END)
|
||||
; /* eof */
|
||||
else if (zrc != Z_OK && zrc != Z_BUF_ERROR) {
|
||||
if (zs.msg)
|
||||
log_fatal ("zlib inflate problem: %s\n", zs.msg );
|
||||
else
|
||||
log_fatal ("zlib inflate problem: rc=%d\n", zrc );
|
||||
}
|
||||
for (n=0; n < outbufsize - zs.avail_out; n++) {
|
||||
if (putc (outbuf[n], fpout) == EOF )
|
||||
goto write_error;
|
||||
}
|
||||
}
|
||||
} while (zrc != Z_STREAM_END && zrc != Z_BUF_ERROR);
|
||||
inflateEnd (&zs);
|
||||
}
|
||||
else {
|
||||
while ( (c=getc (fpin)) != EOF ) {
|
||||
if ( putc (c, fpout) == EOF )
|
||||
goto write_error;
|
||||
}
|
||||
}
|
||||
if (!feof (fpin))
|
||||
goto read_error;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -1,3 +1,8 @@
|
||||
2001-09-17 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* miscutil.c (print_string): Use explicit ranges and not iscntrl().
|
||||
(make_printable_string): Ditto.
|
||||
|
||||
2001-09-07 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* strgutil.c (strsep): New, taken from glibc 2.2.1.
|
||||
|
@ -182,7 +182,7 @@ void
|
||||
print_string( FILE *fp, const byte *p, size_t n, int delim )
|
||||
{
|
||||
for( ; n; n--, p++ )
|
||||
if( iscntrl( *p ) || *p == delim ) {
|
||||
if( *p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim ) {
|
||||
putc('\\', fp);
|
||||
if( *p == '\n' )
|
||||
putc('n', fp);
|
||||
@ -239,7 +239,7 @@ make_printable_string( const byte *p, size_t n, int delim )
|
||||
|
||||
/* first count length */
|
||||
for(save_n = n, save_p = p, buflen=1 ; n; n--, p++ ) {
|
||||
if( iscntrl( *p ) || *p == delim ) {
|
||||
if( *p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim ) {
|
||||
if( *p=='\n' || *p=='\r' || *p=='\f'
|
||||
|| *p=='\v' || *p=='\b' || !*p )
|
||||
buflen += 2;
|
||||
@ -254,7 +254,7 @@ make_printable_string( const byte *p, size_t n, int delim )
|
||||
/* and now make the string */
|
||||
d = buffer = m_alloc( buflen );
|
||||
for( ; n; n--, p++ ) {
|
||||
if( iscntrl( *p ) || *p == delim ) {
|
||||
if( *p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim ) {
|
||||
*d++ = '\\';
|
||||
if( *p == '\n' )
|
||||
*d++ = 'n';
|
||||
|
Loading…
x
Reference in New Issue
Block a user