diff --git a/g10/ChangeLog b/g10/ChangeLog
index e75c1caa4..b6665abeb 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,18 @@
+2001-12-18 David Shaw <dshaw@jabberwocky.com>
+
+ * g10.c (idea_cipher_warn): Add a flag to show the warning always
+ or once per session and change all callers (show always except for
+ the secret key protection and unknown cipher from an encrypted
+ message errors). Also make the strings translatable.
+
+ * pubkey-enc.c (get_it): Add the IDEA cipher warning if the user
+ tries to decrypt an IDEA encrypted message without the IDEA
+ plugin.
+
+ * keyserver.c (parse_keyserver_uri): More strict checking of the
+ keyserver URI. Specifically, fail if the ":port" section is
+ anything except a number between 1 and 65535.
+
2001-12-17 David Shaw <dshaw@jabberwocky.com>
* keyserver.c (print_keyinfo): No need to check for
diff --git a/g10/g10.c b/g10/g10.c
index a6b069df7..d2865fe70 100644
--- a/g10/g10.c
+++ b/g10/g10.c
@@ -1243,7 +1243,7 @@ main( int argc, char **argv )
{
log_info(_("encrypting a message in --pgp2 mode requires "
"the IDEA cipher\n"));
- idea_cipher_warn();
+ idea_cipher_warn(1);
unusable=1;
}
else
@@ -1278,7 +1278,7 @@ main( int argc, char **argv )
if( def_cipher_string ) {
opt.def_cipher_algo = string_to_cipher_algo(def_cipher_string);
if(opt.def_cipher_algo==0 && strcasecmp(def_cipher_string,"idea")==0)
- idea_cipher_warn();
+ idea_cipher_warn(1);
m_free(def_cipher_string); def_cipher_string = NULL;
if( check_cipher_algo(opt.def_cipher_algo) )
log_error(_("selected cipher algorithm is invalid\n"));
@@ -2142,15 +2142,15 @@ check_policy_url( const char *s )
/* Special warning for the IDEA cipher */
void
-idea_cipher_warn(void)
+idea_cipher_warn(int show)
{
static int warned=0;
- if(!warned)
+ if(!warned || show)
{
- log_info("the IDEA cipher plugin is not present\n");
- log_info("please see http://www.gnupg.org/why-not-idea.html "
- "for more information\n");
+ log_info(_("the IDEA cipher plugin is not present\n"));
+ log_info(_("please see http://www.gnupg.org/why-not-idea.html "
+ "for more information\n"));
warned=1;
}
}
diff --git a/g10/gpgv.c b/g10/gpgv.c
index 0cde70ffe..3044d9e4b 100644
--- a/g10/gpgv.c
+++ b/g10/gpgv.c
@@ -302,7 +302,7 @@ passphrase_to_dek( u32 *keyid, int pubkey_algo,
/* Stub: no decrypting, so no IDEA needed */
void
-idea_cipher_warn(void) {}
+idea_cipher_warn( int show ) {}
/* Stubs to void linking to ../cipher/cipher.c */
int string_to_cipher_algo( const char *string ) { return 0; }
diff --git a/g10/keygen.c b/g10/keygen.c
index 036ae6647..f79a4a664 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -178,7 +178,7 @@ set_one_pref (ulong val, int type, int (*cf)(int), byte *buf, int *nbuf)
if (cf (val)) {
log_info (_("preference %c%lu is not valid\n"), type, val);
if(type=='S' && val==CIPHER_ALGO_IDEA)
- idea_cipher_warn();
+ idea_cipher_warn(1);
return -1;
}
for (i=0; i < *nbuf; i++ ) {
diff --git a/g10/keyserver.c b/g10/keyserver.c
index d057e1d24..1f9cf2100 100644
--- a/g10/keyserver.c
+++ b/g10/keyserver.c
@@ -24,6 +24,7 @@
#include <unistd.h>
#include <errno.h>
#include <string.h>
+#include <ctype.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <sys/stat.h>
@@ -121,13 +122,27 @@ parse_keyserver_uri(char *uri)
opt.keyserver_port="0";
else
{
+ unsigned char *ch;
+
/* Get the port */
opt.keyserver_port=strsep(&uri,"/");
- if(atoi(opt.keyserver_port)==0)
- opt.keyserver_port="0";
+
+ /* Ports are digits only */
+ ch=opt.keyserver_port;
+ while(*ch!='\0')
+ {
+ if(!isdigit(*ch))
+ return G10ERR_BAD_URI;
+
+ ch++;
+ }
+
+ if(strlen(opt.keyserver_port)==0 ||
+ atoi(opt.keyserver_port)<1 || atoi(opt.keyserver_port)>65535)
+ return G10ERR_BAD_URI;
}
- /* (any path part of the URI is discarded) */
+ /* (any path part of the URI is discarded for now) */
if(opt.keyserver_scheme[0]=='\0' || opt.keyserver_host[0]=='\0')
return G10ERR_BAD_URI;
diff --git a/g10/main.h b/g10/main.h
index 064be9347..32ed0b3e8 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -48,7 +48,7 @@ extern int g10_errors_seen;
void print_pubkey_algo_note( int algo );
void print_cipher_algo_note( int algo );
void print_digest_algo_note( int algo );
-void idea_cipher_warn(void);
+void idea_cipher_warn( int show );
const char *get_temp_dir(void);
/*-- armor.c --*/
diff --git a/g10/mainproc.c b/g10/mainproc.c
index d9fff2791..05437d422 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -432,7 +432,7 @@ proc_encrypted( CTX c, PACKET *pkt )
algo = opt.def_cipher_algo;
if (!algo)
algo = opt.s2k_cipher_algo;
- idea_cipher_warn();
+ idea_cipher_warn(1);
log_info (_("IDEA cipher unavailable, "
"optimistically attempting to use %s instead\n"),
cipher_algo_to_string(algo));
diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
index 9e3ff434c..d31e3be33 100644
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@@ -32,6 +32,7 @@
#include "cipher.h"
#include "status.h"
#include "options.h"
+#include "main.h"
#include "i18n.h"
static int get_it( PKT_pubkey_enc *k,
@@ -175,6 +176,8 @@ get_it( PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid )
if( !opt.quiet && rc == G10ERR_CIPHER_ALGO ) {
log_info(_("cipher algorithm %d%s is unknown or disabled\n"),
dek->algo, dek->algo == CIPHER_ALGO_IDEA? " (IDEA)":"");
+ if(dek->algo==CIPHER_ALGO_IDEA)
+ idea_cipher_warn(0);
}
dek->algo = 0;
goto leave;
diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c
index a7472a489..5b5f23cb6 100644
--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@@ -58,7 +58,7 @@ do_check( PKT_secret_key *sk )
if( check_cipher_algo( sk->protect.algo ) ) {
log_info(_("protection algorithm %d%s is not supported\n"),
sk->protect.algo,sk->protect.algo==1?" (IDEA)":"" );
- idea_cipher_warn();
+ idea_cipher_warn(0);
return G10ERR_CIPHER_ALGO;
}
keyid_from_sk( sk, keyid );