Date: Tuesday, December 16, 2014 @ 20:46:15 Author: bisson Revision: 227658
upstream update Modified: gnupg/trunk/PKGBUILD Deleted: gnupg/trunk/hash-ecdsa.patch gnupg/trunk/oid2str-overflow.patch gnupg/trunk/refresh-keys.patch gnupg/trunk/subpacket-off.patch ------------------------+ PKGBUILD | 24 ---- hash-ecdsa.patch | 48 --------- oid2str-overflow.patch | 72 -------------- refresh-keys.patch | 238 ----------------------------------------------- subpacket-off.patch | 38 ------- 5 files changed, 4 insertions(+), 416 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2014-12-16 17:00:13 UTC (rev 227657) +++ PKGBUILD 2014-12-16 19:46:15 UTC (rev 227658) @@ -5,8 +5,8 @@ # Contributor: Judd Vinet <jvi...@zeroflux.org> pkgname=gnupg -pkgver=2.1.0 -pkgrel=7 +pkgver=2.1.1 +pkgrel=1 pkgdesc='Complete and free implementation of the OpenPGP standard' url='http://www.gnupg.org/' license=('GPL') @@ -16,16 +16,8 @@ makedepends=('libldap' 'libusb-compat') depends=('npth' 'libgpg-error' 'libgcrypt' 'libksba' 'libassuan' 'pinentry' 'bzip2' 'readline' 'gnutls') -source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig} - 'oid2str-overflow.patch' - 'subpacket-off.patch' - 'refresh-keys.patch' - 'hash-ecdsa.patch') -sha1sums=('2fcd0ca6889ef6cb59e3275e8411f8b7778c2f33' 'SKIP' - '774f7fe541428f45ee145c763cf5634264e3bc69' - '1a86b834904c7d18d932ad1bb44d3642990d3cbd' - '246bea8776882f4c0293685482558f6ead1cf902' - 'b9bd644276aa1c1a3fcaed82e65eecccfd1f36ed') +source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig}) +sha1sums=('3d11fd150cf86f842d077437edb119a775c7325d' 'SKIP') install=install @@ -33,14 +25,6 @@ provides=('dirmngr' "gnupg2=${pkgver}") replaces=('dirmngr' 'gnupg2') -prepare() { - cd "${srcdir}/${pkgname}-${pkgver}" - patch -p1 -i ../oid2str-overflow.patch - patch -p1 -i ../subpacket-off.patch - patch -p1 -i ../refresh-keys.patch - patch -p1 -i ../hash-ecdsa.patch -} - build() { cd "${srcdir}/${pkgname}-${pkgver}" ./configure \ Deleted: hash-ecdsa.patch =================================================================== --- hash-ecdsa.patch 2014-12-16 17:00:13 UTC (rev 227657) +++ hash-ecdsa.patch 2014-12-16 19:46:15 UTC (rev 227658) @@ -1,48 +0,0 @@ -From: Werner Koch <w...@gnupg.org> -Date: Wed, 19 Nov 2014 09:34:32 +0000 (+0100) -Subject: gpg: Fix hash detection for ECDSA. -X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=f80c2dd78d522f12b2c7afbd5c0763a97d87d2bd;hp=cd2c6f36fe5d1d1d45546f5168aead5cbe6487e0 - -gpg: Fix hash detection for ECDSA. - -* g10/sign.c (sign_file): Use DSA or ECDSA and not DSA|EdDSA. --- - -This error was introduced with -commit b7f8dec6325f1c80640f878ed3080bbc194fbc78 -while separating EdDSA from ECDSA. - -Found due to a related bug report from Brian Minton. - -Signed-off-by: Werner Koch <w...@gnupg.org> ---- - -diff --git a/g10/sign.c b/g10/sign.c -index e7d4a68..2e62f04 100644 ---- a/g10/sign.c -+++ b/g10/sign.c -@@ -899,13 +899,12 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr, - for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) - { - if (sk_rover->pk->pubkey_algo == PUBKEY_ALGO_DSA -- || (sk_rover->pk->pubkey_algo == PUBKEY_ALGO_EDDSA -- && !openpgp_oid_is_ed25519 (sk_rover->pk->pkey[1]))) -+ || sk_rover->pk->pubkey_algo == PUBKEY_ALGO_ECDSA) - { - int temp_hashlen = (gcry_mpi_get_nbits - (sk_rover->pk->pkey[1])); - -- if (sk_rover->pk->pubkey_algo == PUBKEY_ALGO_EDDSA) -+ if (sk_rover->pk->pubkey_algo == PUBKEY_ALGO_ECDSA) - temp_hashlen = ecdsa_qbits_from_Q (temp_hashlen); - temp_hashlen = (temp_hashlen+7)/8; - -@@ -915,7 +914,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr, - if (hint.digest_length<temp_hashlen) - hint.digest_length=temp_hashlen; - } -- /* FIXME: need toall gpg-agent */ -+ /* FIXME: need to check gpg-agent for this. */ - /* else if (sk_rover->pk->is_protected */ - /* && sk_rover->pk->protect.s2k.mode == 1002) */ - /* smartcard = 1; */ Deleted: oid2str-overflow.patch =================================================================== --- oid2str-overflow.patch 2014-12-16 17:00:13 UTC (rev 227657) +++ oid2str-overflow.patch 2014-12-16 19:46:15 UTC (rev 227658) @@ -1,72 +0,0 @@ -From: Werner Koch <w...@gnupg.org> -Date: Tue, 25 Nov 2014 10:58:56 +0000 (+0100) -Subject: Fix buffer overflow in openpgp_oid_to_str. -X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=8445ef24fc31e1fe0291e17f90f9f06b536e34da;hp=28dafd4714a9b01d3a6f1e6e5919bf6f909987c7 - -Fix buffer overflow in openpgp_oid_to_str. - -* common/openpgp-oid.c (openpgp_oid_to_str): Fix unsigned underflow. - -* common/t-openpgp-oid.c (BADOID): New. -(test_openpgp_oid_to_str): Add test cases. --- - -The code has an obvious error by not considering invalid encoding for -arc-2. A first byte of 0x80 can be used to make a value of less then -80 and we then subtract 80 from that value as required by the OID -encoding rules. Due to the unsigned integer this results in a pretty -long value which won't fit anymore into the allocated buffer. - -The fix is obvious. Also added a few simple test cases. Note that we -keep on using sprintf instead of snprintf because managing the -remaining length of the buffer would probably be more error prone than -assuring that the buffer is large enough. Getting rid of sprintf -altogether by using direct conversion along with membuf_t like code -might be possible. - -Reported-by: Hanno Böck -Signed-off-by: Werner Koch <w...@gnupg.org> - -Ported from libksba commit f715b9e156dfa99ae829fc694e5a0abd23ef97d7 ---- - -diff --git a/common/openpgp-oid.c b/common/openpgp-oid.c -index 010c23f..d3d1f2a 100644 ---- a/common/openpgp-oid.c -+++ b/common/openpgp-oid.c -@@ -236,6 +236,8 @@ openpgp_oid_to_str (gcry_mpi_t a) - val <<= 7; - val |= buf[n] & 0x7f; - } -+ if (val < 80) -+ goto badoid; - val -= 80; - sprintf (p, "2.%lu", val); - p += strlen (p); -diff --git a/common/t-openpgp-oid.c b/common/t-openpgp-oid.c -index 79e5a70..5cd778d 100644 ---- a/common/t-openpgp-oid.c -+++ b/common/t-openpgp-oid.c -@@ -32,6 +32,9 @@ - } while(0) - - -+#define BADOID "1.3.6.1.4.1.11591.2.12242973" -+ -+ - static void - test_openpgp_oid_from_str (void) - { -@@ -108,6 +111,12 @@ test_openpgp_oid_to_str (void) - { "1.3.132.0.35", - { 5, 0x2B, 0x81, 0x04, 0x00, 0x23 }}, - -+ { BADOID, -+ { 9, 0x80, 0x02, 0x70, 0x50, 0x25, 0x46, 0xfd, 0x0c, 0xc0 }}, -+ -+ { BADOID, -+ { 1, 0x80 }}, -+ - { NULL }}; - gcry_mpi_t a; - int idx; Deleted: refresh-keys.patch =================================================================== --- refresh-keys.patch 2014-12-16 17:00:13 UTC (rev 227657) +++ refresh-keys.patch 2014-12-16 19:46:15 UTC (rev 227658) @@ -1,238 +0,0 @@ -From eecbed004ca1e9ca23c3892c3a5e6dd174ddf93b Mon Sep 17 00:00:00 2001 -From: Werner Koch <w...@gnupg.org> -Date: Wed, 12 Nov 2014 12:14:32 +0100 -Subject: [PATCH] gpg: Fix regression in --refresh-keys - -* g10/keyserver.c (keyserver_get): Factor all code out to ... -(keyserver_get_chunk): new. Extimate line length. -(keyserver_get): Split up requests into chunks. --- - -Note that refreshing all keys still requires way to much memory -because we build an in-memory list of all keys first. It is required -to first get a list of all keys to avoid conflicts while updating the -key store in the process of receiving keys. A better strategy would -be a background process and tracking the last update in the key store. - -GnuPG-bug-id: 1755 -Signed-off-by: Werner Koch <w...@gnupg.org> ---- - g10/call-dirmngr.c | 2 +- - g10/keyserver.c | 107 ++++++++++++++++++++++++++++++++++++++++++---------- - 2 files changed, 89 insertions(+), 20 deletions(-) - -diff --git a/g10/call-dirmngr.c b/g10/call-dirmngr.c -index 5bddbbe..71f5324 100644 ---- a/g10/call-dirmngr.c -+++ b/g10/call-dirmngr.c -@@ -429,7 +429,7 @@ ks_get_data_cb (void *opaque, const void *data, size_t datalen) - error an error code is returned and NULL stored at R_FP. - - The pattern may only use search specification which a keyserver can -- use to retriev keys. Because we know the format of the pattern we -+ use to retrieve keys. Because we know the format of the pattern we - don't need to escape the patterns before sending them to the - server. - -diff --git a/g10/keyserver.c b/g10/keyserver.c -index 1b2e128..5bc1eba 100644 ---- a/g10/keyserver.c -+++ b/g10/keyserver.c -@@ -1567,17 +1567,16 @@ keyserver_search (ctrl_t ctrl, strlist_t tokens) - return err; - } - -- -- --/* Retrieve a key from a keyserver. The search pattern are in -- (DESC,NDESC). Allowed search modes are keyid, fingerprint, and -- exact searches. KEYSERVER gives an optional override keyserver. If -- (R_FPR,R_FPRLEN) are not NULL, the may retrun the fingerprint of -- one imported key. */ -+/* Helper for keyserver_get. Here we only receive a chunk of the -+ description to be processed in one batch. This is required due to -+ the limited number of patterns the dirmngr interface (KS_GET) can -+ grok and to limit the amount of temporary required memory. */ - static gpg_error_t --keyserver_get (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc, -- struct keyserver_spec *keyserver, -- unsigned char **r_fpr, size_t *r_fprlen) -+keyserver_get_chunk (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc, -+ int *r_ndesc_used, -+ void *stats_handle, -+ struct keyserver_spec *keyserver, -+ unsigned char **r_fpr, size_t *r_fprlen) - - { - gpg_error_t err = 0; -@@ -1585,12 +1584,26 @@ keyserver_get (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc, - int idx, npat; - estream_t datastream; - char *source = NULL; -+ size_t linelen; /* Estimated linelen for KS_GET. */ -+ size_t n; -+ -+#define MAX_KS_GET_LINELEN 950 /* Somewhat lower than the real limit. */ -+ -+ *r_ndesc_used = 0; - - /* Create an array filled with a search pattern for each key. The - array is delimited by a NULL entry. */ - pattern = xtrycalloc (ndesc+1, sizeof *pattern); - if (!pattern) - return gpg_error_from_syserror (); -+ -+ /* Note that we break the loop as soon as our estimation of the to -+ be used line length reaches the limit. But we do this only if we -+ have processed at leas one search requests so that an overlong -+ single request will be rejected only later by gpg_dirmngr_ks_get -+ but we are sure that R_NDESC_USED has been updated. This avoids -+ a possible indefinite loop. */ -+ linelen = 9; /* "KS_GET --" */ - for (npat=idx=0; idx < ndesc; idx++) - { - int quiet = 0; -@@ -1598,7 +1611,12 @@ keyserver_get (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc, - if (desc[idx].mode == KEYDB_SEARCH_MODE_FPR20 - || desc[idx].mode == KEYDB_SEARCH_MODE_FPR16) - { -- pattern[npat] = xtrymalloc (2+2*20+1); -+ n = 1+2+2*20; -+ if (idx && linelen + n > MAX_KS_GET_LINELEN) -+ break; /* Declare end of this chunk. */ -+ linelen += n; -+ -+ pattern[npat] = xtrymalloc (n); - if (!pattern[npat]) - err = gpg_error_from_syserror (); - else -@@ -1612,6 +1630,11 @@ keyserver_get (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc, - } - else if(desc[idx].mode == KEYDB_SEARCH_MODE_LONG_KID) - { -+ n = 1+2+16; -+ if (idx && linelen + n > MAX_KS_GET_LINELEN) -+ break; /* Declare end of this chunk. */ -+ linelen += n; -+ - pattern[npat] = xtryasprintf ("0x%08lX%08lX", - (ulong)desc[idx].u.kid[0], - (ulong)desc[idx].u.kid[1]); -@@ -1622,6 +1645,11 @@ keyserver_get (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc, - } - else if(desc[idx].mode == KEYDB_SEARCH_MODE_SHORT_KID) - { -+ n = 1+2+8; -+ if (idx && linelen + n > MAX_KS_GET_LINELEN) -+ break; /* Declare end of this chunk. */ -+ linelen += n; -+ - pattern[npat] = xtryasprintf ("0x%08lX", (ulong)desc[idx].u.kid[1]); - if (!pattern[npat]) - err = gpg_error_from_syserror (); -@@ -1630,11 +1658,17 @@ keyserver_get (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc, - } - else if(desc[idx].mode == KEYDB_SEARCH_MODE_EXACT) - { -- /* The Dirmngr uses also classify_user_id to detect the type -+ /* The Dirmngr also uses classify_user_id to detect the type - of the search string. By adding the '=' prefix we force - Dirmngr's KS_GET to consider this an exact search string. - (In gpg 1.4 and gpg 2.0 the keyserver helpers used the - KS_GETNAME command to indicate this.) */ -+ -+ n = 1+1+strlen (desc[idx].u.name); -+ if (idx && linelen + n > MAX_KS_GET_LINELEN) -+ break; /* Declare end of this chunk. */ -+ linelen += n; -+ - pattern[npat] = strconcat ("=", desc[idx].u.name, NULL); - if (!pattern[npat]) - err = gpg_error_from_syserror (); -@@ -1669,6 +1703,9 @@ keyserver_get (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc, - } - } - -+ /* Remember now many of search items were considered. Note that -+ this is different from NPAT. */ -+ *r_ndesc_used = idx; - - err = gpg_dirmngr_ks_get (ctrl, pattern, &datastream, &source); - for (idx=0; idx < npat; idx++) -@@ -1679,11 +1716,8 @@ keyserver_get (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc, - - if (!err) - { -- void *stats_handle; - struct ks_retrieval_screener_arg_s screenerarg; - -- stats_handle = import_new_stats_handle(); -- - /* FIXME: Check whether this comment should be moved to dirmngr. - - Slurp up all the key data. In the future, it might be nice -@@ -1697,15 +1731,12 @@ keyserver_get (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc, - keyservers. */ - - screenerarg.desc = desc; -- screenerarg.ndesc = ndesc; -+ screenerarg.ndesc = *r_ndesc_used; - import_keys_es_stream (ctrl, datastream, stats_handle, - r_fpr, r_fprlen, - (opt.keyserver_options.import_options - | IMPORT_NO_SECKEY), - keyserver_retrieval_screener, &screenerarg); -- -- import_print_stats (stats_handle); -- import_release_stats_handle (stats_handle); - } - es_fclose (datastream); - xfree (source); -@@ -1714,6 +1745,44 @@ keyserver_get (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc, - } - - -+/* Retrieve a key from a keyserver. The search pattern are in -+ (DESC,NDESC). Allowed search modes are keyid, fingerprint, and -+ exact searches. KEYSERVER gives an optional override keyserver. If -+ (R_FPR,R_FPRLEN) are not NULL, they may return the fingerprint of a -+ single imported key. */ -+static gpg_error_t -+keyserver_get (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc, -+ struct keyserver_spec *keyserver, -+ unsigned char **r_fpr, size_t *r_fprlen) -+{ -+ gpg_error_t err; -+ void *stats_handle; -+ int ndesc_used; -+ int any_good = 0; -+ -+ stats_handle = import_new_stats_handle(); -+ -+ for (;;) -+ { -+ err = keyserver_get_chunk (ctrl, desc, ndesc, &ndesc_used, stats_handle, -+ keyserver, r_fpr, r_fprlen); -+ if (!err) -+ any_good = 1; -+ if (err || ndesc_used >= ndesc) -+ break; /* Error or all processed. */ -+ /* Prepare for the next chunk. */ -+ desc += ndesc_used; -+ ndesc -= ndesc_used; -+ } -+ -+ if (any_good) -+ import_print_stats (stats_handle); -+ -+ import_release_stats_handle (stats_handle); -+ return err; -+} -+ -+ - /* Send all keys specified by KEYSPECS to the KEYSERVERS. */ - static gpg_error_t - keyserver_put (ctrl_t ctrl, strlist_t keyspecs, --- -1.7.10.4 - Deleted: subpacket-off.patch =================================================================== --- subpacket-off.patch 2014-12-16 17:00:13 UTC (rev 227657) +++ subpacket-off.patch 2014-12-16 19:46:15 UTC (rev 227658) @@ -1,38 +0,0 @@ -From: Werner Koch <w...@gnupg.org> -Date: Mon, 24 Nov 2014 16:28:25 +0000 (+0100) -Subject: gpg: Fix off-by-one read in the attribute subpacket parser. -X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=0988764397f99db4efef1eabcdb8072d6159af76;hp=b716e6a69919b89c7887d6c7c9b97e58d18fdf95 - -gpg: Fix off-by-one read in the attribute subpacket parser. - -* g10/parse-packet.c (parse_attribute_subpkts): Check that the -attribute packet is large enough for the subpacket type. --- - -Reported-by: Hanno Böck -Signed-off-by: Werner Koch <w...@gnupg.org> ---- - -diff --git a/g10/parse-packet.c b/g10/parse-packet.c -index e0370aa..f75e21c 100644 ---- a/g10/parse-packet.c -+++ b/g10/parse-packet.c -@@ -2359,8 +2359,16 @@ parse_attribute_subpkts (PKT_user_id * uid) - if (buflen < n) - goto too_short; - -- attribs = -- xrealloc (attribs, (count + 1) * sizeof (struct user_attribute)); -+ if (!n) -+ { -+ /* Too short to encode the subpacket type. */ -+ if (opt.verbose) -+ log_info ("attribute subpacket too short\n"); -+ break; -+ } -+ -+ attribs = xrealloc (attribs, -+ (count + 1) * sizeof (struct user_attribute)); - memset (&attribs[count], 0, sizeof (struct user_attribute)); - - type = *buffer;