mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
Check for garbled packets
This commit is contained in:
parent
6c09d0f462
commit
e46ad749f9
6
PROJECTS
6
PROJECTS
@ -29,6 +29,12 @@
|
|||||||
We should add an abstraction layer so that adding support for
|
We should add an abstraction layer so that adding support for
|
||||||
different certificate structures will become easier.
|
different certificate structures will become easier.
|
||||||
|
|
||||||
|
* "Michael T. Babcock" <mbabcock@fibrespeed.net> suggested to write
|
||||||
|
an event log so that other software can display a key history or
|
||||||
|
alike with GnuPG results. This should be connected to the keyrings.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
|
Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
|
||||||
|
|
||||||
This file is free software; as a special exception the author gives
|
This file is free software; as a special exception the author gives
|
||||||
|
23
TODO
23
TODO
@ -1,5 +1,5 @@
|
|||||||
|
|
||||||
* 12345678! does not work anymore
|
* 12345678! does not work anymore. Same for +wordlist.
|
||||||
|
|
||||||
* Always use the primary key to sign other keys.
|
* Always use the primary key to sign other keys.
|
||||||
|
|
||||||
@ -64,10 +64,6 @@
|
|||||||
* Replace the printing of the user name by [self-signature] when
|
* Replace the printing of the user name by [self-signature] when
|
||||||
appropriate so that a key listing does not get clobbered.
|
appropriate so that a key listing does not get clobbered.
|
||||||
|
|
||||||
* "Michael T. Babcock" <mbabcock@fibrespeed.net> suggested to write
|
|
||||||
an event log so that other software can display a key history or
|
|
||||||
alike with GnuPG results. This should be connected to the keyrings.
|
|
||||||
|
|
||||||
* Using --list-only to check for recipients while decrypting may
|
* Using --list-only to check for recipients while decrypting may
|
||||||
yield an error about an unknown packet.
|
yield an error about an unknown packet.
|
||||||
|
|
||||||
@ -82,6 +78,11 @@
|
|||||||
|
|
||||||
* Allow to update key signatures.
|
* Allow to update key signatures.
|
||||||
|
|
||||||
|
* For FreeBSD only: spit out a message that rndcontrol (8) should be
|
||||||
|
used to enable the use of IRQs for entropy gathering.
|
||||||
|
|
||||||
|
* --passphrase-fd can't work with -cs: document this or find a way
|
||||||
|
to work around.
|
||||||
|
|
||||||
Scheduled for 1.1
|
Scheduled for 1.1
|
||||||
-----------------
|
-----------------
|
||||||
@ -91,8 +92,6 @@ Scheduled for 1.1
|
|||||||
* With option -i prompt before adding a key to the keyring and show some
|
* With option -i prompt before adding a key to the keyring and show some
|
||||||
info what we are about to add.
|
info what we are about to add.
|
||||||
|
|
||||||
* Speed up calculation of key validation.
|
|
||||||
|
|
||||||
* --disable-asm should still assemble _udiv_qrnnd when needed
|
* --disable-asm should still assemble _udiv_qrnnd when needed
|
||||||
|
|
||||||
* Skip RO keyrings when importing a key.
|
* Skip RO keyrings when importing a key.
|
||||||
@ -105,6 +104,9 @@ Scheduled for 1.1
|
|||||||
|
|
||||||
* Get new assembler stuff from gmp 3.1
|
* Get new assembler stuff from gmp 3.1
|
||||||
|
|
||||||
|
* Use new-format headers for compressed packets.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Nice to have
|
Nice to have
|
||||||
------------
|
------------
|
||||||
@ -113,9 +115,6 @@ Nice to have
|
|||||||
* Print a warning if the directory mode is wrong.
|
* Print a warning if the directory mode is wrong.
|
||||||
* Do a real fix for bug #7 or document that it is a PGP 5 error.
|
* Do a real fix for bug #7 or document that it is a PGP 5 error.
|
||||||
* preferences of hash algorithms are not yet used.
|
* preferences of hash algorithms are not yet used.
|
||||||
* Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.
|
|
||||||
or use POSIX.4 realtime signals. Overhaul the interface and the
|
|
||||||
test program. Use it with the test suite?
|
|
||||||
* add test cases for invalid data (scrambled armor or other random data)
|
* add test cases for invalid data (scrambled armor or other random data)
|
||||||
* add checking of armor trailers
|
* add checking of armor trailers
|
||||||
* the pubkey encrypt functions should do some sanity checks.
|
* the pubkey encrypt functions should do some sanity checks.
|
||||||
@ -124,8 +123,6 @@ Nice to have
|
|||||||
* for messages created with "-t", it might make sense to append the
|
* for messages created with "-t", it might make sense to append the
|
||||||
verification status of the message to the output (i.e. write something to
|
verification status of the message to the output (i.e. write something to
|
||||||
the --output file and not only to stderr.
|
the --output file and not only to stderr.
|
||||||
* configure option where to find zlib
|
|
||||||
* Evaluate whether it make sense to replace the namehashs either by
|
|
||||||
using the user ID directly or by using pointers into the trustdb.
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -1,3 +1,20 @@
|
|||||||
|
2001-09-18 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
|
* parse-packet.c (parse): Stop on impossible packet lengths.
|
||||||
|
|
||||||
|
2001-09-17 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
|
* mainproc.c (print_notation_data): Wrap notation data status lines
|
||||||
|
after 50 chars.
|
||||||
|
|
||||||
|
* mainproc.c (proc_pubkey_enc): Make option try-all-secrets work.
|
||||||
|
By disastry@saiknes.lv.
|
||||||
|
|
||||||
|
2001-09-14 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
|
* parse-packet.c (dump_sig_subpkt): List key server preferences
|
||||||
|
and show the revocable flag correctly. Contributed by Davod Shaw.
|
||||||
|
|
||||||
2001-09-09 Werner Koch <wk@gnupg.org>
|
2001-09-09 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
* keyedit.c (keyedit_menu): No need to define another p.
|
* keyedit.c (keyedit_menu): No need to define another p.
|
||||||
|
@ -300,6 +300,7 @@ proc_pubkey_enc( CTX c, PACKET *pkt )
|
|||||||
|| enc->pubkey_algo == PUBKEY_ALGO_DSA
|
|| enc->pubkey_algo == PUBKEY_ALGO_DSA
|
||||||
|| is_RSA(enc->pubkey_algo) ) {
|
|| is_RSA(enc->pubkey_algo) ) {
|
||||||
if ( !c->dek && ((!enc->keyid[0] && !enc->keyid[1])
|
if ( !c->dek && ((!enc->keyid[0] && !enc->keyid[1])
|
||||||
|
|| opt.try_all_secrets
|
||||||
|| !seckey_available( enc->keyid )) ) {
|
|| !seckey_available( enc->keyid )) ) {
|
||||||
if( opt.list_only )
|
if( opt.list_only )
|
||||||
result = -1;
|
result = -1;
|
||||||
@ -746,7 +747,7 @@ print_notation_data( PKT_signature *sig )
|
|||||||
print_string( log_stream(), p+n1, n2, 0 );
|
print_string( log_stream(), p+n1, n2, 0 );
|
||||||
putc( '\n', log_stream() );
|
putc( '\n', log_stream() );
|
||||||
write_status_buffer ( STATUS_NOTATION_NAME, p , n1, 0 );
|
write_status_buffer ( STATUS_NOTATION_NAME, p , n1, 0 );
|
||||||
write_status_buffer ( STATUS_NOTATION_DATA, p+n1, n2, 20 );
|
write_status_buffer ( STATUS_NOTATION_DATA, p+n1, n2, 50 );
|
||||||
}
|
}
|
||||||
if( (p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_POLICY, &n ) )) {
|
if( (p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_POLICY, &n ) )) {
|
||||||
log_info(_("Policy: ") );
|
log_info(_("Policy: ") );
|
||||||
|
@ -368,6 +368,14 @@ parse( IOBUF inp, PACKET *pkt, int onlykeypkts, off_t *retpos,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (pktlen == 0xffffffff) {
|
||||||
|
/* with a some probability this is caused by a problem in the
|
||||||
|
* the uncompressing layer - in some error cases it just loops
|
||||||
|
* and spits out 0xff bytes. */
|
||||||
|
log_error ("%s: garbled packet detected\n", iobuf_where(inp) );
|
||||||
|
g10_exit (2);
|
||||||
|
}
|
||||||
|
|
||||||
if( out && pkttype ) {
|
if( out && pkttype ) {
|
||||||
if( iobuf_write( out, hdr, hdrlen ) == -1 )
|
if( iobuf_write( out, hdr, hdrlen ) == -1 )
|
||||||
rc = G10ERR_WRITE_FILE;
|
rc = G10ERR_WRITE_FILE;
|
||||||
@ -766,7 +774,8 @@ dump_sig_subpkt( int hashed, int type, int critical,
|
|||||||
p = "regular expression";
|
p = "regular expression";
|
||||||
break;
|
break;
|
||||||
case SIGSUBPKT_REVOCABLE:
|
case SIGSUBPKT_REVOCABLE:
|
||||||
p = "revocable";
|
if( length )
|
||||||
|
printf("%srevocable", *buffer? "":"not ");
|
||||||
break;
|
break;
|
||||||
case SIGSUBPKT_KEY_EXPIRE:
|
case SIGSUBPKT_KEY_EXPIRE:
|
||||||
if( length >= 4 )
|
if( length >= 4 )
|
||||||
@ -829,7 +838,9 @@ dump_sig_subpkt( int hashed, int type, int critical,
|
|||||||
printf(" %d", buffer[i] );
|
printf(" %d", buffer[i] );
|
||||||
break;
|
break;
|
||||||
case SIGSUBPKT_KS_FLAGS:
|
case SIGSUBPKT_KS_FLAGS:
|
||||||
p = "key server preferences";
|
fputs("key server preferences:",stdout);
|
||||||
|
for(i=0;i<length;i++)
|
||||||
|
printf(" %02X", buffer[i]);
|
||||||
break;
|
break;
|
||||||
case SIGSUBPKT_PREF_KS:
|
case SIGSUBPKT_PREF_KS:
|
||||||
p = "preferred key server";
|
p = "preferred key server";
|
||||||
|
@ -1,3 +1,8 @@
|
|||||||
|
2001-09-18 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
|
* gpgsplit.c: New option --uncompress.
|
||||||
|
(write_part): Handle old style uncompressing.
|
||||||
|
|
||||||
2001-06-20 Werner Koch <wk@gnupg.org>
|
2001-06-20 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
* gpgsplit.c: New.
|
* gpgsplit.c: New.
|
||||||
|
101
tools/gpgsplit.c
101
tools/gpgsplit.c
@ -33,12 +33,14 @@
|
|||||||
#ifdef HAVE_DOSISH_SYSTEM
|
#ifdef HAVE_DOSISH_SYSTEM
|
||||||
#include <fcntl.h> /* for setmode() */
|
#include <fcntl.h> /* for setmode() */
|
||||||
#endif
|
#endif
|
||||||
|
#include <zlib.h>
|
||||||
|
|
||||||
#include "../g10/packet.h"
|
#include "../g10/packet.h"
|
||||||
#include "util.h"
|
#include "util.h"
|
||||||
|
|
||||||
static int opt_verbose;
|
static int opt_verbose;
|
||||||
static const char *opt_prefix = "";
|
static const char *opt_prefix = "";
|
||||||
|
static int opt_uncompress;
|
||||||
|
|
||||||
static void g10_exit( int rc );
|
static void g10_exit( int rc );
|
||||||
static void split_packets (const char *fname);
|
static void split_packets (const char *fname);
|
||||||
@ -47,6 +49,7 @@ static void split_packets (const char *fname);
|
|||||||
enum cmd_and_opt_values { aNull = 0,
|
enum cmd_and_opt_values { aNull = 0,
|
||||||
oVerbose = 'v',
|
oVerbose = 'v',
|
||||||
oPrefix = 'p',
|
oPrefix = 'p',
|
||||||
|
oUncompress = 500,
|
||||||
aTest };
|
aTest };
|
||||||
|
|
||||||
|
|
||||||
@ -56,6 +59,7 @@ static ARGPARSE_OPTS opts[] = {
|
|||||||
|
|
||||||
{ oVerbose, "verbose", 0, "verbose" },
|
{ oVerbose, "verbose", 0, "verbose" },
|
||||||
{ oPrefix, "prefix", 2, "|STRING|Prepend filenames with STRING" },
|
{ oPrefix, "prefix", 2, "|STRING|Prepend filenames with STRING" },
|
||||||
|
{ oUncompress, "uncompress", 0, "uncompress a packet"},
|
||||||
{0} };
|
{0} };
|
||||||
|
|
||||||
|
|
||||||
@ -105,6 +109,7 @@ main( int argc, char **argv )
|
|||||||
switch( pargs.r_opt ) {
|
switch( pargs.r_opt ) {
|
||||||
case oVerbose: opt_verbose = 1; break;
|
case oVerbose: opt_verbose = 1; break;
|
||||||
case oPrefix: opt_prefix = pargs.r.ret_str; break;
|
case oPrefix: opt_prefix = pargs.r.ret_str; break;
|
||||||
|
case oUncompress: opt_uncompress = 1; break;
|
||||||
default : pargs.err = 2; break;
|
default : pargs.err = 2; break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -143,7 +148,9 @@ pkttype_to_string (int pkttype)
|
|||||||
case PKT_SECRET_KEY : s = "secret_key"; break;
|
case PKT_SECRET_KEY : s = "secret_key"; break;
|
||||||
case PKT_PUBLIC_KEY : s = "public_key"; break;
|
case PKT_PUBLIC_KEY : s = "public_key"; break;
|
||||||
case PKT_SECRET_SUBKEY : s = "secret_subkey"; break;
|
case PKT_SECRET_SUBKEY : s = "secret_subkey"; break;
|
||||||
case PKT_COMPRESSED : s = "compressed"; break;
|
case PKT_COMPRESSED :
|
||||||
|
s = opt_uncompress? "uncompressed":"compressed";
|
||||||
|
break;
|
||||||
case PKT_ENCRYPTED : s = "encrypted"; break;
|
case PKT_ENCRYPTED : s = "encrypted"; break;
|
||||||
case PKT_MARKER : s = "marker"; break;
|
case PKT_MARKER : s = "marker"; break;
|
||||||
case PKT_PLAINTEXT : s = "plaintext"; break;
|
case PKT_PLAINTEXT : s = "plaintext"; break;
|
||||||
@ -232,9 +239,11 @@ write_part ( const char *fname, FILE *fpin, unsigned long pktlen,
|
|||||||
g10_exit (1);
|
g10_exit (1);
|
||||||
}
|
}
|
||||||
|
|
||||||
for (p=hdr; hdrlen; p++, hdrlen--) {
|
if (!opt_uncompress) {
|
||||||
if ( putc (*p, fpout) == EOF )
|
for (p=hdr; hdrlen; p++, hdrlen--) {
|
||||||
goto write_error;
|
if ( putc (*p, fpout) == EOF )
|
||||||
|
goto write_error;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
first = 1;
|
first = 1;
|
||||||
@ -311,13 +320,89 @@ write_part ( const char *fname, FILE *fpin, unsigned long pktlen,
|
|||||||
else { /* compressed: read to end */
|
else { /* compressed: read to end */
|
||||||
pktlen = 0;
|
pktlen = 0;
|
||||||
partial = 0;
|
partial = 0;
|
||||||
while ( (c=getc (fpin)) != EOF ) {
|
hdrlen = 0;
|
||||||
if ( putc (c, fpout) == EOF )
|
if (opt_uncompress) {
|
||||||
goto write_error;
|
z_stream zs;
|
||||||
|
byte *inbuf, *outbuf;
|
||||||
|
unsigned int inbufsize, outbufsize;
|
||||||
|
int algo, zinit_done, zrc, nread, count;
|
||||||
|
size_t n;
|
||||||
|
|
||||||
|
if ((c = getc (fpin)) == EOF)
|
||||||
|
goto read_error;
|
||||||
|
algo = c;
|
||||||
|
|
||||||
|
memset (&zs, 0, sizeof zs);
|
||||||
|
inbufsize = 2048;
|
||||||
|
inbuf = m_alloc (inbufsize);
|
||||||
|
outbufsize = 8192;
|
||||||
|
outbuf = m_alloc (outbufsize);
|
||||||
|
zs.avail_in = 0;
|
||||||
|
zinit_done = 0;
|
||||||
|
|
||||||
|
do {
|
||||||
|
if (zs.avail_in < inbufsize) {
|
||||||
|
n = zs.avail_in;
|
||||||
|
if (!n)
|
||||||
|
zs.next_in = inbuf;
|
||||||
|
count = inbufsize - n;
|
||||||
|
for (nread=0;
|
||||||
|
nread < count && (c=getc (fpin)) != EOF;
|
||||||
|
nread++) {
|
||||||
|
inbuf[n+nread] = c;
|
||||||
|
}
|
||||||
|
n += nread;
|
||||||
|
if (nread < count && algo == 1) {
|
||||||
|
inbuf[n] = 0xFF; /* chew dummy byte */
|
||||||
|
n++;
|
||||||
|
}
|
||||||
|
zs.avail_in = n;
|
||||||
|
}
|
||||||
|
zs.next_out = outbuf;
|
||||||
|
zs.avail_out = outbufsize;
|
||||||
|
|
||||||
|
if (!zinit_done) {
|
||||||
|
zrc = algo == 1? inflateInit2 ( &zs, -13)
|
||||||
|
: inflateInit ( &zs );
|
||||||
|
if (zrc != Z_OK) {
|
||||||
|
log_fatal ("zlib problem: %s\n", zs.msg? zs.msg :
|
||||||
|
zrc == Z_MEM_ERROR ? "out of core" :
|
||||||
|
zrc == Z_VERSION_ERROR ?
|
||||||
|
"invalid lib version" :
|
||||||
|
"unknown error" );
|
||||||
|
}
|
||||||
|
zinit_done = 1;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
#ifdef Z_SYNC_FLUSH
|
||||||
|
zrc = inflate (&zs, Z_SYNC_FLUSH);
|
||||||
|
#else
|
||||||
|
zrc = inflate (&zs, Z_PARTIAL_FLUSH);
|
||||||
|
#endif
|
||||||
|
if (zrc == Z_STREAM_END)
|
||||||
|
; /* eof */
|
||||||
|
else if (zrc != Z_OK && zrc != Z_BUF_ERROR) {
|
||||||
|
if (zs.msg)
|
||||||
|
log_fatal ("zlib inflate problem: %s\n", zs.msg );
|
||||||
|
else
|
||||||
|
log_fatal ("zlib inflate problem: rc=%d\n", zrc );
|
||||||
|
}
|
||||||
|
for (n=0; n < outbufsize - zs.avail_out; n++) {
|
||||||
|
if (putc (outbuf[n], fpout) == EOF )
|
||||||
|
goto write_error;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} while (zrc != Z_STREAM_END && zrc != Z_BUF_ERROR);
|
||||||
|
inflateEnd (&zs);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
while ( (c=getc (fpin)) != EOF ) {
|
||||||
|
if ( putc (c, fpout) == EOF )
|
||||||
|
goto write_error;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if (!feof (fpin))
|
if (!feof (fpin))
|
||||||
goto read_error;
|
goto read_error;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -1,3 +1,8 @@
|
|||||||
|
2001-09-17 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
|
* miscutil.c (print_string): Use explicit ranges and not iscntrl().
|
||||||
|
(make_printable_string): Ditto.
|
||||||
|
|
||||||
2001-09-07 Werner Koch <wk@gnupg.org>
|
2001-09-07 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
* strgutil.c (strsep): New, taken from glibc 2.2.1.
|
* strgutil.c (strsep): New, taken from glibc 2.2.1.
|
||||||
|
@ -182,7 +182,7 @@ void
|
|||||||
print_string( FILE *fp, const byte *p, size_t n, int delim )
|
print_string( FILE *fp, const byte *p, size_t n, int delim )
|
||||||
{
|
{
|
||||||
for( ; n; n--, p++ )
|
for( ; n; n--, p++ )
|
||||||
if( iscntrl( *p ) || *p == delim ) {
|
if( *p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim ) {
|
||||||
putc('\\', fp);
|
putc('\\', fp);
|
||||||
if( *p == '\n' )
|
if( *p == '\n' )
|
||||||
putc('n', fp);
|
putc('n', fp);
|
||||||
@ -239,7 +239,7 @@ make_printable_string( const byte *p, size_t n, int delim )
|
|||||||
|
|
||||||
/* first count length */
|
/* first count length */
|
||||||
for(save_n = n, save_p = p, buflen=1 ; n; n--, p++ ) {
|
for(save_n = n, save_p = p, buflen=1 ; n; n--, p++ ) {
|
||||||
if( iscntrl( *p ) || *p == delim ) {
|
if( *p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim ) {
|
||||||
if( *p=='\n' || *p=='\r' || *p=='\f'
|
if( *p=='\n' || *p=='\r' || *p=='\f'
|
||||||
|| *p=='\v' || *p=='\b' || !*p )
|
|| *p=='\v' || *p=='\b' || !*p )
|
||||||
buflen += 2;
|
buflen += 2;
|
||||||
@ -254,7 +254,7 @@ make_printable_string( const byte *p, size_t n, int delim )
|
|||||||
/* and now make the string */
|
/* and now make the string */
|
||||||
d = buffer = m_alloc( buflen );
|
d = buffer = m_alloc( buflen );
|
||||||
for( ; n; n--, p++ ) {
|
for( ; n; n--, p++ ) {
|
||||||
if( iscntrl( *p ) || *p == delim ) {
|
if( *p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim ) {
|
||||||
*d++ = '\\';
|
*d++ = '\\';
|
||||||
if( *p == '\n' )
|
if( *p == '\n' )
|
||||||
*d++ = 'n';
|
*d++ = 'n';
|
||||||
|
Loading…
x
Reference in New Issue
Block a user