NetBSD Problem Report #44075
From www@NetBSD.org Tue Nov 9 19:09:34 2010
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
by www.NetBSD.org (Postfix) with ESMTP id 84FE563BAC2
for <gnats-bugs@gnats.NetBSD.org>; Tue, 9 Nov 2010 19:09:34 +0000 (UTC)
Message-Id: <20101109190934.5E2E363BA62@www.NetBSD.org>
Date: Tue, 9 Nov 2010 19:09:34 +0000 (UTC)
From: roam@ringlet.net
Reply-To: roam@ringlet.net
To: gnats-bugs@NetBSD.org
Subject: libnetpgp: limit the number of passphrase prompts
X-Send-Pr-Version: www-1.0
>Number: 44075
>Category: lib
>Synopsis: libnetpgp: limit the number of passphrase prompts
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: agc
>State: closed
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Tue Nov 09 19:10:00 +0000 2010
>Closed-Date: Mon Nov 29 04:22:23 +0000 2010
>Last-Modified: Mon Feb 17 06:50:00 +0000 2014
>Originator: Peter Pentchev
>Release:
>Organization:
>Environment:
>Description:
There ought to be a cap on the number of times the user may enter
an invalid passphrase :) Add to this the fact that netpgp cannot
be aborted with ^C or ^Z...
>How-To-Repeat:
Try to decrypt something, decide you don't want to do this just now, feel the need to switch to another terminal to 'killall netpgp' :)
>Fix:
Apply the patch at:
http://devel.ringlet.net/security/netpgp/patches/12-limit-passphrase.patch
(and yes, I'm aware that with this patch, netpgp --decrypt foo.txt.gpg with three wrong passphrase tries will generate an empty foo.txt; still trying to track this down)
>Release-Note:
>Audit-Trail:
From: Alistair Crooks <agc@pkgsrc.org>
To: gnats-bugs@NetBSD.org
Cc: lib-bug-people@NetBSD.org, gnats-admin@NetBSD.org, netbsd-bugs@NetBSD.org
Subject: Re: lib/44075: libnetpgp: limit the number of passphrase prompts
Date: Wed, 10 Nov 2010 07:22:24 +0100
On Tue, Nov 09, 2010 at 07:10:01PM +0000, roam@ringlet.net wrote:
> >Description:
> There ought to be a cap on the number of times the user may enter
> an invalid passphrase :) Add to this the fact that netpgp cannot
> be aborted with ^C or ^Z...
Well, that's dependent on the platform - e.g.:
% netpgp -d c.gpg
netpgp: default key set to "C0596823"
signature 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
uid Alistair Crooks <alistair@hockley-crooks.com>
uid Alistair Crooks <agc@pkgsrc.org>
uid Alistair Crooks <agc@netbsd.org>
uid Alistair Crooks <agc@alistaircrooks.com>
uid Alistair Crooks (Yahoo!) <agcrooks@yahoo-inc.com>
encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12
netpgp passphrase:
% uname -a
NetBSD osx-vm1.crowthorne.alistaircrooks.co.uk 5.99.26 NetBSD 5.99.26 (GENERIC) #0: Mon Apr 5 15:32:36 PDT 2010 agc@osx-vm1.crowthorne.alistaircrooks.co.uk:/usr/obj/i386/usr/src/sys/arch/i386/compile/GENERIC i386
%
I hit ^C at the passphrase prompt above. This does not happen on
Linux (I tried RHEL, but sounds like other variants behave the same
way).
> >How-To-Repeat:
> Try to decrypt something, decide you don't want to do this just now,
> feel the need to switch to another terminal to 'killall netpgp' :)
I can understand this, but I don't like limiting it.
> >Fix:
> Apply the patch at:
> http://devel.ringlet.net/security/netpgp/patches/12-limit-passphrase.patch
>
> (and yes, I'm aware that with this patch, netpgp --decrypt
> foo.txt.gpg with three wrong passphrase tries will generate an empty
> foo.txt; still trying to track this down)
Yeah, and to add to that I'm aware that gnupg limits the number of
attempts to enter the passphrase, as does ssh, and I really don't like
that.
Regards,
Alistair
Responsible-Changed-From-To: lib-bug-people->agc
Responsible-Changed-By: agc@NetBSD.org
Responsible-Changed-When: Mon, 29 Nov 2010 04:22:23 +0000
Responsible-Changed-Why:
I'm responsible for netpgp
State-Changed-From-To: open->closed
State-Changed-By: agc@NetBSD.org
State-Changed-When: Mon, 29 Nov 2010 04:22:23 +0000
State-Changed-Why:
I fixed the problem, albeit in a different way, by adding an option
to the calling program (netpgp(1)) to set the maximum number of
attempts to get the correct passphrase.
Thanks for the PR!
From: "Alistair G. Crooks" <agc@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/44075 CVS commit: src/crypto/external/bsd/netpgp/dist/src
Date: Mon, 29 Nov 2010 04:20:13 +0000
Module Name: src
Committed By: agc
Date: Mon Nov 29 04:20:13 UTC 2010
Modified Files:
src/crypto/external/bsd/netpgp/dist/src/lib: crypto.c crypto.h netpgp.c
reader.c
src/crypto/external/bsd/netpgp/dist/src/netpgp: netpgp.1 netpgp.c
Log Message:
Fix PR 44075 from Peter Pentchev, but do this by adding a
--numtries=<attempts> option to netpgp(1) to provide the maximum
number of attempts to retrieve the correct passphrase when signing or
decrypting, and use it in libnetpgp(3). The default number of
attempts is 3, and a value of "unlimited" will loop until the correct
passphrase has been entered.
To generate a diff of this commit:
cvs rdiff -u -r1.33 -r1.34 \
src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c
cvs rdiff -u -r1.29 -r1.30 \
src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h
cvs rdiff -u -r1.84 -r1.85 \
src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
cvs rdiff -u -r1.46 -r1.47 \
src/crypto/external/bsd/netpgp/dist/src/lib/reader.c
cvs rdiff -u -r1.16 -r1.17 \
src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1 \
src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Alistair G. Crooks" <agc@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/44075 CVS commit: pkgsrc/security/netpgp
Date: Mon, 17 Feb 2014 06:45:42 +0000
Module Name: pkgsrc
Committed By: agc
Date: Mon Feb 17 06:45:42 UTC 2014
Modified Files:
pkgsrc/security/netpgp: Makefile PLIST distinfo
Log Message:
Update netpgp package from 20101107 to 20140210
Main change is that the netpgpverify binary is no longer part of this
package - instead, pkgsrc/security/netpgpverify and
pkgsrc/security/libnetpgpverify should be used.
Other changes since previous version include:
> ----------------------------
> revision 1.96
> date: 2012-02-21 22:58:54 -0800; author: agc; state: Exp; lines: +5 -15;
> Add the --trusted-keys argument to netpgpkeys(1) to print out PGP ids in a
> machine-readable manner.
> ----------------------------
> revision 1.95
> date: 2012-02-21 22:29:40 -0800; author: agc; state: Exp; lines: +1 -3;
> re-order the fields that we print out in the pgp_sprint_pubkey() function
> to be more usual.
>
> print out the name from within pgp_sprint_pubkey() rather than tagging it
> onto the end of the output from the function.
> ----------------------------
> revision 1.94
> date: 2011-08-02 00:16:56 -0700; author: agc; state: Exp; lines: +19 -8;
> branches: 1.94.2;
> plug some memory leaks in error paths
> ----------------------------
> revision 1.93
> date: 2011-08-01 22:36:45 -0700; author: agc; state: Exp; lines: +19 -13;
> when matching pubkeys, also return the first (pgp) uid for the key in the
> resultant key listing
>
> when using json to format keys returned from libnetpgp, also prepare for
> machine-readable format ("mr") as well as human ("human"), even though
> it's not yet used.
> ----------------------------
> revision 1.92
> date: 2011-06-27 20:35:28 -0700; author: agc; state: Exp; lines: +45 -24;
> get some things off the TODO list
>
> when initialising, recognise keys in a different order.
>
> 1. read the public keyring
>
> 2. if a userid has been specified, use it
>
> 3. if not, check the configuration file (~/.gnupg/gpg.conf) for a
> default user id
>
> 4, only read the secret keyring if we need to (decrypting or signing)
>
> 5. if signing, and we still don't have a userid, use the first key in
> the secret keyring
>
> 6. if encrypting, and we still have no userid, use the first in the
> public keyring
>
> ssh keys remain the same as previously.
> ----------------------------
> revision 1.91
> date: 2011-06-27 00:05:31 -0700; author: agc; state: Exp; lines: +7 -5;
> only attempt to load the secret key if we need to (for signing or for
> decrypting).
> ----------------------------
> revision 1.90
> date: 2011-06-24 17:37:44 -0700; author: agc; state: Exp; lines: +11 -7;
> change mj library to take an additional argument for a string type,
> denoting its length. this allows binary strings to be encoded using
> libmj.
>
> escape magic characters in json strings in a more efficient manner.
> the previous method was not scalable.
>
> update callers to suit
>
> bump libmj major version number
>
> add examples to the libmj(3) man page
> ----------------------------
> revision 1.89
> date: 2011-01-02 21:34:53 -0800; author: agc; state: Exp; lines: +2 -2;
> avoid a double free - from Anthony Bentley.
> ----------------------------
> revision 1.88
> date: 2011-01-01 15:00:24 -0800; author: agc; state: Exp; lines: +17 -15;
> clean up lint (on amd64)
> ----------------------------
> revision 1.87
> date: 2010-12-01 14:14:52 -0800; author: agc; state: Exp; lines: +5 -2;
> avoid nameclash - call the generated user id variable "generated userid"
> avoid nameclash - call the generated user id variable "generated userid"
>
> also keep the time of structure initialisation as an internal variable.
> ----------------------------
> revision 1.86
> date: 2010-12-01 14:01:41 -0800; author: agc; state: Exp; lines: +4 -2;
> When generating a key, set the new key's userid (last 16 bytes of
> fingerprint) as an internal netpgp variable.
>
> This can then be queried using netpgp_getvar(netpgp, "userid") to find the
> new key's id.
> ----------------------------
> revision 1.85
> date: 2010-11-28 20:20:12 -0800; author: agc; state: Exp; lines: +73 -18;
> Fix PR 44075 from Peter Pentchev, but do this by adding a
> --numtries=<attempts> option to netpgp(1) to provide the maximum
> number of attempts to retrieve the correct passphrase when signing or
> decrypting, and use it in libnetpgp(3). The default number of
> attempts is 3, and a value of "unlimited" will loop until the correct
> passphrase has been entered.
> ----------------------------
> revision 1.84
> date: 2010-11-15 00:27:40 -0800; author: agc; state: Exp; lines: +13 -4;
> Use a regular expression to match the various ASCII-armoured headers we
> may encounter - fixes PR 44074 from Peter Pentchev in a different way.
> ----------------------------
> revision 1.83
> date: 2010-11-15 00:03:39 -0800; author: agc; state: Exp; lines: +48 -3;
> Changes to help with netpgp key generation and interoperability:
>
> + use plain SHA1 for session key s2k negotiation
> + don't warn on some conditions when inflating (reading a compressed file)
> since the conditions don't hold for partial block lengths
> + prompt for a passphrase when generating a new key - used in the upcoming
> secret-sharing functionality for netpgp
> ----------------------------
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 pkgsrc/security/netpgp/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/security/netpgp/PLIST
cvs rdiff -u -r1.13 -r1.14 pkgsrc/security/netpgp/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home