Sophie

Sophie

distrib > Scientific%20Linux > 5x > x86_64 > media > main-src > by-pkgid > a05f635f8bbbe665ff06237a7c5ffdb8 > files > 14

gnupg-1.4.5-18.el5_10.src.rpm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NotDashEscaped: You need GnuPG to verify this message

Protect against messages with multiple plaintext packets.  This patch
is against GnuPG 1.4.6


2007-02-26  Werner Koch  <wk@g10code.com>

	* status.h (STATUS_ERROR): New status code.
	* status.c (get_status_string): Ditto.
	* mainproc.c (proc_plaintext): Emit it if multiple messages are
        detected.

2007-02-20  David Shaw  <dshaw@jabberwocky.com>  (wk)

	* mainproc.c (literals_seen): New.
	(proc_plaintext): Error out if more than one plaintext packet is
	encountered
	* gpg.c: New option --allow-multiple-messages and --no variant.


diff -urNp orig/gnupg-1.4.6/checks/verify.test gnupg-1.4.6/checks/verify.test
--- orig/gnupg-1.4.6/checks/verify.test	2006-03-07 11:28:24.000000000 +0100
+++ gnupg-1.4.6/checks/verify.test	2007-02-27 12:20:12.000000000 +0100
@@ -231,15 +231,15 @@ for i in $tests ; do
    eval "(IFS=; echo \"\$$i\")" >x
    case "$i" in
     msg_*_asc)
-       $GPG --verify x || error "verify of $i failed"
+       $GPG --allow-multiple-messages --verify x || error "verify of $i failed"
        ;;
     msg_*_asc_multisig)
-       $GPG --verify --allow-multisig-verification x \
+       $GPG --allow-multiple-messages --verify --allow-multisig-verification x \
            || error "verify of $i failed"
-       $GPG --verify x && error "verify of $i succeeded but should not"
+       $GPG --allow-multiple-messages --verify x && error "verify of $i succeeded but should not"
        ;;
     bad_*_asc)
-       $GPG --verify x && error "verify of $i succeeded but should not"
+       $GPG --allow-multiple-messages --verify x && error "verify of $i succeeded but should not"
        ;;
     *)
        error "No handler for test case $i"
diff -urNp orig/gnupg-1.4.6/g10/gpg.c gnupg-1.4.6/g10/gpg.c
--- orig/gnupg-1.4.6/g10/gpg.c	2006-12-03 16:37:45.000000000 +0100
+++ gnupg-1.4.6/g10/gpg.c	2007-02-27 12:09:26.000000000 +0100
@@ -368,6 +368,8 @@ enum cmd_and_opt_values
     oAllowMultisigVerification,
     oEnableDSA2,
     oDisableDSA2,
+    oAllowMultipleMessages,
+    oNoAllowMultipleMessages,
 
     oNoop
   };
@@ -711,6 +713,8 @@ static ARGPARSE_OPTS opts[] = {
     { oAllowMultisigVerification, "allow-multisig-verification", 0, "@"},
     { oEnableDSA2, "enable-dsa2", 0, "@"},
     { oDisableDSA2, "disable-dsa2", 0, "@"},
+    { oAllowMultipleMessages, "allow-multiple-messages", 0, "@"},
+    { oNoAllowMultipleMessages, "no-allow-multiple-messages", 0, "@"},
 
     /* These two are aliases to help users of the PGP command line
        product use gpg with minimal pain.  Many commands are common
@@ -2782,6 +2786,14 @@ main (int argc, char **argv )
 	  case oEnableDSA2: opt.flags.dsa2=1; break;
 	  case oDisableDSA2: opt.flags.dsa2=0; break;
 
+	  case oAllowMultipleMessages:
+	    opt.flags.allow_multiple_messages=1;
+	    break;
+
+	  case oNoAllowMultipleMessages:
+	    opt.flags.allow_multiple_messages=0;
+	    break;
+
 	  case oNoop: break;
 
 	  default : pargs.err = configfp? 1:2; break;
diff -urNp orig/gnupg-1.4.6/g10/mainproc.c gnupg-1.4.6/g10/mainproc.c
--- orig/gnupg-1.4.6/g10/mainproc.c	2006-04-08 02:51:28.000000000 +0200
+++ gnupg-1.4.6/g10/mainproc.c	2007-02-27 12:09:26.000000000 +0100
@@ -84,10 +84,9 @@ struct mainproc_context
 
 
 static int do_proc_packets( CTX c, IOBUF a );
-
 static void list_node( CTX c, KBNODE node );
 static void proc_tree( CTX c, KBNODE node );
-
+static int literals_seen;
 
 static void
 release_list( CTX c )
@@ -619,6 +618,8 @@ proc_plaintext( CTX c, PACKET *pkt )
     int any, clearsig, only_md5, rc;
     KBNODE n;
 
+    literals_seen++;
+
     if( pt->namelen == 8 && !memcmp( pt->name, "_CONSOLE", 8 ) )
 	log_info(_("NOTE: sender requested \"for-your-eyes-only\"\n"));
     else if( opt.verbose )
@@ -702,16 +703,37 @@ proc_plaintext( CTX c, PACKET *pkt )
 	if ( c->mfx.md2  )
 	    md_start_debug( c->mfx.md2, "verify2" );
     }
-    if ( c->pipemode.op == 'B' )
-        rc = handle_plaintext( pt, &c->mfx, 1, 0 );
-    else {
-        rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
-        if( rc == G10ERR_CREATE_FILE && !c->sigs_only) {
-            /* can't write output but we hash it anyway to
-             * check the signature */
-            rc = handle_plaintext( pt, &c->mfx, 1, clearsig );
-        }
-    }
+
+    rc=0;
+
+    if(literals_seen>1)
+      {
+	log_info(_("WARNING: multiple plaintexts seen\n"));
+
+	if(!opt.flags.allow_multiple_messages)
+	  {
+            write_status_text (STATUS_ERROR, "proc_pkt.plaintext 89_BAD_DATA");
+	    log_inc_errorcount();
+	    rc=G10ERR_UNEXPECTED;
+	  }
+      }
+
+    if(!rc)
+      {
+	if ( c->pipemode.op == 'B' )
+	  rc = handle_plaintext( pt, &c->mfx, 1, 0 );
+	else
+	  {
+	    rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
+	    if( rc == G10ERR_CREATE_FILE && !c->sigs_only)
+	      {
+		/* can't write output but we hash it anyway to
+		 * check the signature */
+		rc = handle_plaintext( pt, &c->mfx, 1, clearsig );
+	      }
+	  }
+      }
+
     if( rc )
 	log_error( "handle plaintext failed: %s\n", g10_errstr(rc));
     free_packet(pkt);
diff -urNp orig/gnupg-1.4.6/g10/options.h gnupg-1.4.6/g10/options.h
--- orig/gnupg-1.4.6/g10/options.h	2006-12-03 16:37:45.000000000 +0100
+++ gnupg-1.4.6/g10/options.h	2007-02-27 12:09:26.000000000 +0100
@@ -226,6 +226,7 @@ struct
     unsigned int use_embedded_filename:1;
     unsigned int utf8_filename:1;
     unsigned int dsa2:1;
+    unsigned int allow_multiple_messages:1;
   } flags;
 
   /* Linked list of ways to find a key if the key isn't on the local
diff -urNp orig/gnupg-1.4.6/g10/status.c gnupg-1.4.6/g10/status.c
--- orig/gnupg-1.4.6/g10/status.c	2006-04-03 09:58:31.000000000 +0200
+++ gnupg-1.4.6/g10/status.c	2007-02-27 12:09:26.000000000 +0100
@@ -166,6 +166,7 @@ get_status_string ( int no ) 
     case STATUS_PKA_TRUST_BAD  : s = "PKA_TRUST_BAD"; break;
     case STATUS_PKA_TRUST_GOOD : s = "PKA_TRUST_GOOD"; break;
     case STATUS_BEGIN_SIGNING  : s = "BEGIN_SIGNING"; break;
+    case STATUS_ERROR          : s = "ERROR"; break;
     default: s = "?"; break;
     }
   return s;
diff -urNp orig/gnupg-1.4.6/g10/status.h gnupg-1.4.6/g10/status.h
--- orig/gnupg-1.4.6/g10/status.h	2006-04-03 10:05:24.000000000 +0200
+++ gnupg-1.4.6/g10/status.h	2007-02-27 12:09:26.000000000 +0100
@@ -120,6 +120,8 @@
 
 #define STATUS_BEGIN_SIGNING    84
 
+#define STATUS_ERROR  85
+
 
 /*-- status.c --*/
 void set_status_fd ( int fd );


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.2 (GNU/Linux)

iEYEARECAAYFAkXkFQ4ACgkQYHhOlAEKV+3QjwCfXvOs79sxJ/eWh8BPc/AnEJew
n04AoLTKcExo9/qex7o2dugzj6Iqa2rm
=Ctxu
-----END PGP SIGNATURE-----

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional