[git] GnuPG - branch, master, updated. gnupg-2.1.2-49-gbebab54
by Werner Koch
cvs at cvs.gnupg.org
Fri Mar 20 15:48:01 CET 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via bebab54027d8c63574a2680c60481cfe9b88c240 (commit)
via a0eb2e4e8cef9ca6a5dfbae6440fa6cd583d0805 (commit)
via 783a4a98378fa1aa222d5cb7427dd37151feb08b (commit)
from 5136e39c6466de90697153ea253c4b540c1f7d1a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit bebab54027d8c63574a2680c60481cfe9b88c240
Author: Werner Koch <wk at gnupg.org>
Date: Fri Mar 20 15:43:32 2015 +0100
gpg: Consider a mailbox only userid in mail search mode.
* kbx/keybox-search.c: Include mbox-util.h.
(blob_cmp_mail): Improve OpenPGP uid parsing.
--
GnuPG-bug-id: 1927
diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c
index b03874d..1433591 100644
--- a/kbx/keybox-search.c
+++ b/kbx/keybox-search.c
@@ -30,6 +30,7 @@
#include "keybox-defs.h"
#include <gcrypt.h>
#include "host2net.h"
+#include "mbox-util.h"
#define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \
*(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10))
@@ -435,6 +436,7 @@ blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr,
for (idx=!!x509 ;idx < nuids; idx++)
{
size_t mypos = pos;
+ size_t mylen;
mypos += idx*uidinfolen;
off = get32 (buffer+mypos);
@@ -454,20 +456,32 @@ blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr,
else /* OpenPGP. */
{
/* We need to forward to the mailbox part. */
+ mypos = off;
+ mylen = len;
for ( ; len && buffer[off] != '<'; len--, off++)
;
if (len < 2 || buffer[off] != '<')
- continue; /* empty name or trailing 0 not stored */
-
- off++; /* Point to first char of the mail address. */
- len--;
+ {
+ /* Mailbox not explicitly given or too short. Restore
+ OFF and LEN and check whether the entire string
+ resembles a mailbox without the angle brackets. */
+ off = mypos;
+ len = mylen;
+ if (!is_valid_mailbox_mem (buffer+off, len))
+ continue; /* Not a mail address. */
+ }
+ else /* Seems to be standard user id with mail address. */
+ {
+ off++; /* Point to first char of the mail address. */
+ len--;
+ /* Search closing '>'. */
+ for (mypos=off; len && buffer[mypos] != '>'; len--, mypos++)
+ ;
+ if (!len || buffer[mypos] != '>' || off == mypos)
+ continue; /* Not a proper mail address. */
+ len = mypos - off;
+ }
- /* Search closing '>'. */
- for (mypos=off; len && buffer[mypos] != '>'; len--, mypos++)
- ;
- if (!len || buffer[mypos] != '>' || off == mypos)
- continue; /* Not a proper mail address. */
- len = mypos - off;
}
if (substr)
commit a0eb2e4e8cef9ca6a5dfbae6440fa6cd583d0805
Author: Werner Koch <wk at gnupg.org>
Date: Fri Mar 20 15:39:49 2015 +0100
common: Add function is_valid_mailbox_mem.
* common/mbox-util.c (mem_count_chr): New.
(my_memstr): New.
(has_invalid_email_chars): Change args to work on a buffer.
(is_valid_mailbox_mem): New.
(is_valid_mailbox): Rewrite to use is_valid_mailbox_mem.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/common/mbox-util.c b/common/mbox-util.c
index 0885f0e..2029324 100644
--- a/common/mbox-util.c
+++ b/common/mbox-util.c
@@ -50,6 +50,47 @@ string_count_chr (const char *string, int c)
return count;
}
+static int
+mem_count_chr (const void *buffer, int c, size_t length)
+{
+ const char *s = buffer;
+ int count;
+
+ for (count=0; length; length--, s++)
+ if (*s == c)
+ count++;
+ return count;
+}
+
+
+/* This is a case-sensitive version of our memistr. I wonder why no
+ standard function memstr exists but I better do not use the name
+ memstr to avoid future conflicts. */
+static const char *
+my_memstr (const void *buffer, size_t buflen, const char *sub)
+{
+ const unsigned char *buf = buffer;
+ const unsigned char *t = (const unsigned char *)buf;
+ const unsigned char *s = (const unsigned char *)sub;
+ size_t n = buflen;
+
+ for ( ; n ; t++, n-- )
+ {
+ if (*t == *s)
+ {
+ for (buf = t++, buflen = n--, s++; n && *t ==*s; t++, s++, n--)
+ ;
+ if (!*s)
+ return (const char*)buf;
+ t = (const unsigned char *)buf;
+ s = (const unsigned char *)sub ;
+ n = buflen;
+ }
+ }
+ return NULL;
+}
+
+
static int
string_has_ctrl_or_space (const char *string)
@@ -74,52 +115,66 @@ has_dotdot_after_at (const char *string)
}
-/* Check whether the string has characters not valid in an RFC-822
- address. To cope with OpenPGP we ignore non-ascii characters
- so that for example umlauts are legal in an email address. An
- OpenPGP user ID must be utf-8 encoded but there is no strict
- requirement for RFC-822. Thus to avoid IDNA encoding we put the
- address verbatim as utf-8 into the user ID under the assumption
- that mail programs handle IDNA at a lower level and take OpenPGP
- user IDs as utf-8. Note that we can't do an utf-8 encoding
- checking here because in keygen.c this function is called with the
- native encoding and native to utf-8 encoding is only done later. */
+/* Check whether BUFFER has characters not valid in an RFC-822
+ address. LENGTH gives the length of BUFFER.
+
+ To cope with OpenPGP we ignore non-ascii characters so that for
+ example umlauts are legal in an email address. An OpenPGP user ID
+ must be utf-8 encoded but there is no strict requirement for
+ RFC-822. Thus to avoid IDNA encoding we put the address verbatim
+ as utf-8 into the user ID under the assumption that mail programs
+ handle IDNA at a lower level and take OpenPGP user IDs as utf-8.
+ Note that we can't do an utf-8 encoding checking here because in
+ keygen.c this function is called with the native encoding and
+ native to utf-8 encoding is only done later. */
int
-has_invalid_email_chars (const char *s)
+has_invalid_email_chars (const void *buffer, size_t length)
{
+ const unsigned char *s = buffer;
int at_seen=0;
const char *valid_chars=
"01234567890_-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
- for ( ; *s; s++ )
+ for ( ; length && *s; length--, s++ )
{
- if ( (*s & 0x80) )
+ if ((*s & 0x80))
continue; /* We only care about ASCII. */
- if ( *s == '@' )
+ if (*s == '@')
at_seen=1;
- else if ( !at_seen && !(strchr (valid_chars, *s)
- || strchr ("!#$%&'*+/=?^`{|}~", *s)))
+ else if (!at_seen && !(strchr (valid_chars, *s)
+ || strchr ("!#$%&'*+/=?^`{|}~", *s)))
return 1;
- else if ( at_seen && !strchr( valid_chars, *s ) )
+ else if (at_seen && !strchr (valid_chars, *s))
return 1;
}
return 0;
}
+/* Same as is_valid_mailbox (see below) but operates on non-nul
+ terminated buffer. */
+int
+is_valid_mailbox_mem (const void *name_arg, size_t namelen)
+{
+ const char *name = name_arg;
+
+ return !( !name
+ || !namelen
+ || has_invalid_email_chars (name, namelen)
+ || mem_count_chr (name, '@', namelen) != 1
+ || *name == '@'
+ || name[namelen-1] == '@'
+ || name[namelen-1] == '.'
+ || my_memstr (name, namelen, ".."));
+}
+
+
/* Check whether NAME represents a valid mailbox according to
RFC822. Returns true if so. */
int
is_valid_mailbox (const char *name)
{
- return !( !name
- || !*name
- || has_invalid_email_chars (name)
- || string_count_chr (name,'@') != 1
- || *name == '@'
- || name[strlen(name)-1] == '@'
- || name[strlen(name)-1] == '.'
- || strstr (name, "..") );
+ return name? is_valid_mailbox_mem (name, strlen (name)) : 0;
}
diff --git a/common/mbox-util.h b/common/mbox-util.h
index b9a3bda..4dd48ec 100644
--- a/common/mbox-util.h
+++ b/common/mbox-util.h
@@ -29,8 +29,9 @@
#ifndef GNUPG_COMMON_MBOX_UTIL_H
#define GNUPG_COMMON_MBOX_UTIL_H
-int has_invalid_email_chars (const char *s);
+int has_invalid_email_chars (const void *buffer, size_t length);
int is_valid_mailbox (const char *name);
+int is_valid_mailbox_mem (const void *buffer, size_t length);
char *mailbox_from_userid (const char *userid);
int is_valid_user_id (const char *uid);
commit 783a4a98378fa1aa222d5cb7427dd37151feb08b
Author: Werner Koch <wk at gnupg.org>
Date: Fri Mar 20 13:29:20 2015 +0100
gpg: Find keys using mail addresses with garbage after the '>'
* kbx/keybox-search.c (blob_cmp_mail): Stop comparing at the '>'.
--
This change allows to find mail addresses like
Joe Doe <joe at example.org> bar
Joe Doe <joe at example.org> (comment)
using the command
gpg -k '<joe at example.org'
or (with syntactic sugar)
gpg -k '<joe at example.org>'
These UIDs are ill-formed according to gpg checks but nevertheless are
seen in the wild.
Note, that it does only work with the new keybox format.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c
index d22ef19..b03874d 100644
--- a/kbx/keybox-search.c
+++ b/kbx/keybox-search.c
@@ -385,8 +385,8 @@ blob_cmp_name (KEYBOXBLOB blob, int idx,
/* Compare all email addresses of the subject. With SUBSTR given as
- True a substring search is done in the mail address. If X509
- states whether thr search is done on an X.509 blob. */
+ True a substring search is done in the mail address. The X509 flag
+ indicated whether the search is done on an X.509 blob. */
static int
blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr,
int x509)
@@ -440,27 +440,44 @@ blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr,
off = get32 (buffer+mypos);
len = get32 (buffer+mypos+4);
if (off+len > length)
- return 0; /* error: better stop here out of bounds */
- if (!x509)
+ return 0; /* error: better stop here - out of bounds */
+ if (x509)
{
- /* For OpenPGP we need to forward to the mailbox part. */
- for ( ;len && buffer[off] != '<'; len--, off++)
+ if (len < 2 || buffer[off] != '<')
+ continue; /* empty name or trailing 0 not stored */
+ len--; /* one back */
+ if ( len < 3 || buffer[off+len] != '>')
+ continue; /* not a proper email address */
+ off++;
+ len--;
+ }
+ else /* OpenPGP. */
+ {
+ /* We need to forward to the mailbox part. */
+ for ( ; len && buffer[off] != '<'; len--, off++)
;
+ if (len < 2 || buffer[off] != '<')
+ continue; /* empty name or trailing 0 not stored */
+
+ off++; /* Point to first char of the mail address. */
+ len--;
+
+ /* Search closing '>'. */
+ for (mypos=off; len && buffer[mypos] != '>'; len--, mypos++)
+ ;
+ if (!len || buffer[mypos] != '>' || off == mypos)
+ continue; /* Not a proper mail address. */
+ len = mypos - off;
}
- if (len < 2 || buffer[off] != '<')
- continue; /* empty name or trailing 0 not stored */
- len--; /* one back */
- if ( len < 3 || buffer[off+len] != '>')
- continue; /* not a proper email address */
- len--;
+
if (substr)
{
- if (ascii_memcasemem (buffer+off+1, len, name, namelen))
+ if (ascii_memcasemem (buffer+off, len, name, namelen))
return idx+1; /* found */
}
else
{
- if (len == namelen && !ascii_memcasecmp (buffer+off+1, name, len))
+ if (len == namelen && !ascii_memcasecmp (buffer+off, name, len))
return idx+1; /* found */
}
}
-----------------------------------------------------------------------
Summary of changes:
common/mbox-util.c | 105 +++++++++++++++++++++++++++++++++++++++-------------
common/mbox-util.h | 3 +-
kbx/keybox-search.c | 59 ++++++++++++++++++++++-------
3 files changed, 127 insertions(+), 40 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list