* g10.c (main): Show errors for failure in export, send-keys, recv-keys,

and refresh-keys. * keyserver.c (keyserver_work): Range check the TCP port for HKP. * options.h, g10.c (main): Give algorithm warnings for algorithms chosen against the --pgpX and --openpgp rules. * keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in --openpgp mode. * sign.c (sign_file), pkclist.c (algo_available): Allow passing a hint of 0.
author: David Shaw <[email protected]> 2003-05-03 03:17:00 +0000
committer: David Shaw <[email protected]> 2003-05-03 03:17:00 +0000
commit: 879014e14bfa1ead553a51f94be0a3b9341e904e (patch)
tree: 0563b9802c141ea245cf9c4b2e61d8138bfb3d4f
parent: * cipher.h: Add constants for compression algorithms. (diff)
download: gnupg-879014e14bfa1ead553a51f94be0a3b9341e904e.tar.gz
gnupg-879014e14bfa1ead553a51f94be0a3b9341e904e.zip
7 files changed, 156 insertions, 46 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog
index abd64b31f..7615bdce7 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,6 +1,20 @@
 2003-05-02  David Shaw  <[email protected]>
 
-	* sign.c (sign_file): Fix bug that causes spurious compression
+	* g10.c (main): Show errors for failure in export, send-keys,
+	recv-keys, and refresh-keys.
+
+	* keyserver.c (keyserver_work): Range check the TCP port for HKP.
+
+	* options.h, g10.c (main): Give algorithm warnings for algorithms
+	chosen against the --pgpX and --openpgp rules.
+
+	* keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in
+	--openpgp mode.
+
+	* sign.c (sign_file), pkclist.c (algo_available): Allow passing a
+	hint of 0.
+
+	* sign.c (sign_file): Fix bug that causes a spurious compression
 	preference warning.
 
 	* sign.c (clearsign_file): Fix bug that prevents proper warning
diff --git a/g10/g10.c b/g10/g10.c
index b8f30b115..bafa03539 100644
--- a/g10/g10.c
+++ b/g10/g10.c
@@ -1458,7 +1458,7 @@ main( int argc, char **argv )
 	    opt.def_cipher_algo = 0;
 	    opt.def_digest_algo = 0;
 	    opt.cert_digest_algo = 0;
-	    opt.def_compress_algo = 1;
+	    opt.def_compress_algo = -1;
             opt.s2k_mode = 3; /* iterated+salted */
 	    opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
 	    opt.s2k_cipher_algo = CIPHER_ALGO_3DES;
@@ -1844,7 +1844,6 @@ main( int argc, char **argv )
 	opt.escape_from=1;
 	opt.force_v3_sigs=1;
 	opt.ask_sig_expire=0;
-	opt.def_compress_algo=1;
 	opt.force_mdc=0;
 	opt.disable_mdc=1;
       }
@@ -1854,12 +1853,10 @@ main( int argc, char **argv )
 	opt.escape_from=1;
 	opt.force_v3_sigs=1;
 	opt.ask_sig_expire=0;
-	opt.def_compress_algo=1;
       }
     else if(PGP8)
       {
 	opt.escape_from=1;
-	opt.def_compress_algo=1;
       }
 
     /* must do this after dropping setuid, because string_to...
@@ -1942,6 +1939,66 @@ main( int argc, char **argv )
     if( log_get_errorcount(0) )
 	g10_exit(2);
 
+    /* Check our chosen algorithms against the list of legal
+       algorithms. */
+
+    if(!GNUPG)
+      {
+	const char *badalg=NULL;
+	preftype_t badtype=PREFTYPE_NONE;
+
+	if(opt.def_cipher_algo
+	   && !algo_available(PREFTYPE_SYM,opt.def_cipher_algo,NULL))
+	  {
+	    badalg=cipher_algo_to_string(opt.def_cipher_algo);
+	    badtype=PREFTYPE_SYM;
+	  }
+	else if(opt.def_digest_algo
+		&& !algo_available(PREFTYPE_HASH,opt.def_digest_algo,NULL))
+	  {
+	    badalg=digest_algo_to_string(opt.def_digest_algo);
+	    badtype=PREFTYPE_HASH;
+	  }
+	else if(opt.cert_digest_algo
+		&& !algo_available(PREFTYPE_HASH,opt.cert_digest_algo,NULL))
+	  {
+	    badalg=digest_algo_to_string(opt.cert_digest_algo);
+	    badtype=PREFTYPE_HASH;
+	  }
+	else if(opt.def_compress_algo!=-1
+		&& !algo_available(PREFTYPE_ZIP,opt.def_compress_algo,NULL))
+	  {
+	    badalg=compress_algo_to_string(opt.def_compress_algo);
+	    badtype=PREFTYPE_ZIP;
+	  }
+
+	if(badalg)
+	  {
+	    switch(badtype)
+	      {
+	      case PREFTYPE_SYM:
+		log_info(_("you may not use cipher algorithm \"%s\" "
+			   "while in %s mode\n"),
+			 badalg,compliance_option_string());
+		break;
+	      case PREFTYPE_HASH:
+		log_info(_("you may not use digest algorithm \"%s\" "
+			   "while in %s mode\n"),
+			 badalg,compliance_option_string());
+		break;
+	      case PREFTYPE_ZIP:
+		log_info(_("you may not use compression algorithm \"%s\" "
+			   "while in %s mode\n"),
+			 badalg,compliance_option_string());
+		break;
+	      default:
+		BUG();
+	      }
+
+	    compliance_failure();
+	  }
+      }
+
     /* set the random seed file */
     if( use_random_seed ) {
 	char *p = make_filename(opt.homedir, "random_seed", NULL );
@@ -2273,11 +2330,20 @@ main( int argc, char **argv )
 	for( ; argc; argc--, argv++ )
 	    add_to_strlist2( &sl, *argv, utf8_strings );
 	if( cmd == aSendKeys )
-	    keyserver_export( sl );
+	    rc=keyserver_export( sl );
 	else if( cmd == aRecvKeys )
-	    keyserver_import( sl );
+	    rc=keyserver_import( sl );
 	else
-	    export_pubkeys( sl, opt.export_options );
+	    rc=export_pubkeys( sl, opt.export_options );
+	if(rc)
+	  {
+	    if(cmd==aSendKeys)
+	      log_error(_("keyserver send failed: %s\n"),g10_errstr(rc));
+	    else if(cmd==aRecvKeys)
+	      log_error(_("keyserver receive failed: %s\n"),g10_errstr(rc));
+	    else
+	      log_error(_("key export failed: %s\n"),g10_errstr(rc));
+	  }
 	free_strlist(sl);
 	break;
 
@@ -2286,7 +2352,9 @@ main( int argc, char **argv )
 	for( ; argc; argc--, argv++ )
 	  append_to_strlist2( &sl, *argv, utf8_strings );
 
-	keyserver_search( sl );
+	rc=keyserver_search( sl );
+	if(rc)
+	  log_error(_("keyserver search failed: %s\n"),g10_errstr(rc));
 	free_strlist(sl);
 	break;
 
@@ -2294,7 +2362,9 @@ main( int argc, char **argv )
 	sl = NULL;
 	for( ; argc; argc--, argv++ )
 	    add_to_strlist2( &sl, *argv, utf8_strings );
-	keyserver_refresh(sl);
+	rc=keyserver_refresh(sl);
+	if(rc)
+	  log_error(_("keyserver refresh failed: %s\n"),g10_errstr(rc));
 	free_strlist(sl);
 	break;
 
diff --git a/g10/keydb.h b/g10/keydb.h
index 155fa6599..9f47123ec 100644
--- a/g10/keydb.h
+++ b/g10/keydb.h
@@ -164,8 +164,9 @@ void show_revocation_reason( PKT_public_key *pk, int mode );
 int  check_signatures_trust( PKT_signature *sig );
 void release_pk_list( PK_LIST pk_list );
 int  build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use );
-int select_algo_from_prefs( PK_LIST pk_list, int preftype,
-			    int request, void *hint );
+int  algo_available( preftype_t preftype, int algo, void *hint );
+int  select_algo_from_prefs( PK_LIST pk_list, int preftype,
+			     int request, void *hint );
 int  select_mdc_from_pklist (PK_LIST pk_list);
 
 /*-- skclist.c --*/
diff --git a/g10/keyserver.c b/g10/keyserver.c
index aba5dfbd9..4be8a1c68 100644
--- a/g10/keyserver.c
+++ b/g10/keyserver.c
@@ -194,6 +194,11 @@ parse_keyserver_uri(char *uri,const char *configname,unsigned int configlineno)
 
 	      ch++;
 	    }
+
+	  /* It would seem to be reasonable to limit the range of the
+	     ports to values between 1-65535, but RFC 1738 and 1808
+	     imply there is no limit.  Of course, the real world has
+	     limits. */
 	}
 
       /* (any path part of the URI is discarded for now as no keyserver
@@ -679,6 +684,10 @@ keyserver_work(int action,STRLIST list,KEYDB_SEARCH_DESC *desc,int count)
 	  log_error(_("no keyserver known (use option --keyserver)\n"));
 	  return G10ERR_BAD_URI;
 	}
+      else if(opt.keyserver_port && (strlen(opt.keyserver_port)>5
+				     || atoi(opt.keyserver_port)<1
+				     || atoi(opt.keyserver_port)>65535))
+	return G10ERR_BAD_URI;
       else
 	{
 	  void *stats_handle = import_new_stats_handle ();
diff --git a/g10/options.h b/g10/options.h
index 17d89e003..318c062f8 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -204,11 +204,12 @@ struct {
 #define DBG_HASHING (opt.debug & DBG_HASHING_VALUE)
 #define DBG_EXTPROG (opt.debug & DBG_EXTPROG_VALUE)
 
+#define GNUPG   (opt.compliance==CO_GNUPG)
 #define RFC1991 (opt.compliance==CO_RFC1991 || opt.compliance==CO_PGP2)
 #define RFC2440 (opt.compliance==CO_RFC2440)
-#define PGP2 (opt.compliance==CO_PGP2)
-#define PGP6 (opt.compliance==CO_PGP6)
-#define PGP7 (opt.compliance==CO_PGP7)
-#define PGP8 (opt.compliance==CO_PGP8)
+#define PGP2    (opt.compliance==CO_PGP2)
+#define PGP6    (opt.compliance==CO_PGP6)
+#define PGP7    (opt.compliance==CO_PGP7)
+#define PGP8    (opt.compliance==CO_PGP8)
 
 #endif /*G10_OPTIONS_H*/
diff --git a/g10/pkclist.c b/g10/pkclist.c
index 07bf2be5b..dbfbc031b 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -1088,46 +1088,60 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )
    intersection"), and PGP has no mechanism to fix such a broken
    preference list, so I'm including it. -dms */
 
-static int
-algo_available( int preftype, int algo, void *hint )
+int
+algo_available( preftype_t preftype, int algo, void *hint )
 {
-    if( preftype == PREFTYPE_SYM ) {
-        if( PGP6 && ( algo != 1 && algo != 2 && algo != 3) )
-	  return 0;
-
-        if( (PGP7 || PGP8)
-	    && (algo != 1 && algo != 2 && algo != 3
-		&& algo != 7 && algo != 8 && algo != 9 && algo != 10) )
-	  return 0;
+  if( preftype == PREFTYPE_SYM )
+    {
+      if(PGP6 && (algo != CIPHER_ALGO_IDEA
+		  && algo != CIPHER_ALGO_3DES
+		  && algo != CIPHER_ALGO_CAST5))
+	return 0;
+      
+      if((PGP7 || PGP8) && (algo != CIPHER_ALGO_IDEA
+			    && algo != CIPHER_ALGO_3DES
+			    && algo != CIPHER_ALGO_CAST5
+			    && algo != CIPHER_ALGO_AES
+			    && algo != CIPHER_ALGO_AES192
+			    && algo != CIPHER_ALGO_AES256
+			    && algo != CIPHER_ALGO_TWOFISH))
+	return 0;
 
-	return algo && !check_cipher_algo( algo );
+      return algo && !check_cipher_algo( algo );
     }
-    else if( preftype == PREFTYPE_HASH ) {
-        int bits=0;
+  else if( preftype == PREFTYPE_HASH )
+    {
+      if(hint && ((*(int *)hint) != md_digest_length(algo)))
+	return 0;
 
-	if(hint)
-	  bits=*(int *)hint;
+      if((PGP6 || PGP7) && (algo != DIGEST_ALGO_MD5
+			    && algo != DIGEST_ALGO_SHA1
+			    && algo != DIGEST_ALGO_RMD160))
+	return 0;
 
-	if(bits && (bits != md_digest_length(algo)))
-	  return 0;
 
-        if( (PGP6 || PGP7) && (algo != 1 && algo != 2 && algo != 3) )
-	  return 0;
+      if(PGP8 && (algo != DIGEST_ALGO_MD5
+		  && algo != DIGEST_ALGO_SHA1
+		  && algo != DIGEST_ALGO_RMD160
+		  && algo != DIGEST_ALGO_SHA256))
+	return 0;
 
-	if( PGP8 && (algo != 1 && algo != 2 && algo != 3 && algo != 8))
-	  return 0;
+      /* TIGER is not allowed any longer according to 2440bis. */
+      if( RFC2440 && algo == DIGEST_ALGO_TIGER )
+	return 0;
 
-	return algo && !check_digest_algo( algo );
+      return algo && !check_digest_algo( algo );
     }
-    else if( preftype == PREFTYPE_ZIP ) {
-        if ( ( PGP6 || PGP7 || PGP8 )
-	     && ( algo !=0 && algo != 1) )
-	  return 0;
+  else if( preftype == PREFTYPE_ZIP )
+    {
+      if((PGP6 || PGP7 || PGP8) && (algo != COMPRESS_ALGO_NONE
+				    && algo != COMPRESS_ALGO_ZIP))
+	return 0;
 
-	return !check_compress_algo( algo );
+      return !check_compress_algo( algo );
     }
-    else
-	return 0;
+  else
+    return 0;
 }
 
 
diff --git a/g10/sign.c b/g10/sign.c
index c2972b82f..4f676ff0a 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -720,7 +720,8 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
 		hashlen=20;
 
 	    if((algo=
-		select_algo_from_prefs(pk_list,PREFTYPE_HASH,-1,&hashlen))>0)
+		select_algo_from_prefs(pk_list,PREFTYPE_HASH,-1,
+				       hashlen?&hashlen:NULL))>0)
 	      recipient_digest_algo=algo;
 	  }
       }
author	David Shaw <[email protected]>	2003-05-03 03:17:00 +0000
committer	David Shaw <[email protected]>	2003-05-03 03:17:00 +0000
commit	879014e14bfa1ead553a51f94be0a3b9341e904e (patch)
tree	0563b9802c141ea245cf9c4b2e61d8138bfb3d4f
parent	* cipher.h: Add constants for compression algorithms. (diff)
download	gnupg-879014e14bfa1ead553a51f94be0a3b9341e904e.tar.gz gnupg-879014e14bfa1ead553a51f94be0a3b9341e904e.zip