NetBSD Problem Report #43248

From www@NetBSD.org  Tue May  4 11:35:04 2010
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
	by www.NetBSD.org (Postfix) with ESMTP id 11CC363BA59
	for <gnats-bugs@gnats.NetBSD.org>; Tue,  4 May 2010 11:35:04 +0000 (UTC)
Message-Id: <20100504113503.A349563B8FE@www.NetBSD.org>
Date: Tue,  4 May 2010 11:35:03 +0000 (UTC)
From: xtraeme@gmail.com
Reply-To: xtraeme@gmail.com
To: gnats-bugs@NetBSD.org
Subject: security/netpgp doesn't support signing files armored and detached at a time
X-Send-Pr-Version: www-1.0

>Number:         43248
>Category:       pkg
>Synopsis:       security/netpgp doesn't support signing files armored and detached at a time
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    agc
>State:          closed
>Class:          support
>Submitter-Id:   net
>Arrival-Date:   Tue May 04 11:40:00 +0000 2010
>Closed-Date:    Sat May 08 16:06:19 +0000 2010
>Last-Modified:  Sat May 08 16:06:19 +0000 2010
>Originator:     Juan RP
>Release:        NULL
>Organization:
>Environment:
>Description:
As the one line summary mentions libnetpgp doesn't support signing
files when you need them to be armored and detached.

The following code from src/lib/netpgp.c::netpgp_sign_file() obviously
demonstrates this:

        if (detached) {
                ret = __ops_sign_detached(io, f, out, seckey, hashalg,
                                get_birthtime(netpgp_getvar(netpgp, "birthtime")),
                                get_duration(netpgp_getvar(netpgp, "duration")));
        } else {
                ret = __ops_sign_file(io, f, out, seckey, hashalg,
                                get_birthtime(netpgp_getvar(netpgp, "birthtime")),
                                get_duration(netpgp_getvar(netpgp, "duration")),
                                (unsigned)armored, (unsigned)cleartext,
                                overwrite);
        }

The "armored" value is only used in the !detached case.
>How-To-Repeat:
$ netpgp --sign --armor --detach --userid=XXXX <myfile>

That will result in a SIGSEGV and the signature file will be always created "detached" but not "armored".

If you don't mix --armour and --detach all will be ok.

>Fix:

>Release-Note:

>Audit-Trail:

Responsible-Changed-From-To: pkg-manager->agc
Responsible-Changed-By: wiz@NetBSD.org
Responsible-Changed-When: Tue, 04 May 2010 22:20:24 +0000
Responsible-Changed-Why:
Over to author.


From: "Alistair G. Crooks" <agc@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/43248 CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Date: Sat, 8 May 2010 00:31:07 +0000

 Module Name:	src
 Committed By:	agc
 Date:		Sat May  8 00:31:07 UTC 2010

 Modified Files:
 	src/crypto/external/bsd/netpgp/dist/src/lib: netpgp.c signature.c
 	    signature.h

 Log Message:
 use hexdump() function where appropriate.

 change the way that we generate a detached signature file, so that ascii
 armour is used if --armor is specified. addresses PR 43248 from Juan RP.


 To generate a diff of this commit:
 cvs rdiff -u -r1.46 -r1.47 \
     src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
 cvs rdiff -u -r1.26 -r1.27 \
     src/crypto/external/bsd/netpgp/dist/src/lib/signature.c
 cvs rdiff -u -r1.17 -r1.18 \
     src/crypto/external/bsd/netpgp/dist/src/lib/signature.h

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->feedback
State-Changed-By: agc@NetBSD.org
State-Changed-When: Sat, 08 May 2010 07:45:40 +0000
State-Changed-Why:
I think this has been fixed - can you check and get back to me please?

Thanks,
Al


From: Juan Romero Pardines <xtraeme@gmail.com>
To: gnats-bugs@netbsd.org
Cc: 
Subject: Re: pkg/43248 (security/netpgp doesn't support signing files armored 
	and detached at a time)
Date: Sat, 8 May 2010 17:55:45 +0200

 2010/5/8  <agc@netbsd.org>:
 > Synopsis: security/netpgp doesn't support signing files armored and detached at a time
 >
 > State-Changed-From-To: open->feedback
 > State-Changed-By: agc@NetBSD.org
 > State-Changed-When: Sat, 08 May 2010 07:45:40 +0000
 > State-Changed-Why:
 > I think this has been fixed - can you check and get back to me please?

 I just checked it and works fine, thank you.

State-Changed-From-To: feedback->closed
State-Changed-By: agc@NetBSD.org
State-Changed-When: Sat, 08 May 2010 16:06:19 +0000
State-Changed-Why:
problem confirmed fixed - closing now.

Thanks for the bug report.


>Unformatted:

Home	PR Database Search