[pkgsrc/trunk]: pkgsrc/security/netpgp Do not truncate pass-phrases without a...

[khorben <khorben%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/66942fdce46b
branches:  trunk
changeset: 377379:66942fdce46b
user:      khorben <khorben%pkgsrc.org@localhost>
date:      Thu Mar 15 19:51:08 2018 +0000

description:
Do not truncate pass-phrases without a newline character

This also fixes a crash when the pass-phrase entered is empty.

Originally submitted on tech-pkg@ as:
[PATCH 02/11] Do not truncate pass-phrases without a newline character

Only modified for consistency with the coding style; as also applied in
NetBSD's src repository.

Tested on NetBSD/amd64.

diffstat:

 security/netpgp/Makefile                       |   4 ++--
 security/netpgp/distinfo                       |   3 ++-
 security/netpgp/patches/patch-src_lib_reader.c |  26 ++++++++++++++++++++++++++
 3 files changed, 30 insertions(+), 3 deletions(-)

diffs (56 lines):

diff -r 05909d3fe67d -r 66942fdce46b security/netpgp/Makefile
--- a/security/netpgp/Makefile  Thu Mar 15 19:37:30 2018 +0000
+++ b/security/netpgp/Makefile  Thu Mar 15 19:51:08 2018 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.25 2018/03/15 19:37:30 khorben Exp $
+# $NetBSD: Makefile,v 1.26 2018/03/15 19:51:08 khorben Exp $
 
 DISTNAME=              netpgp-20140220
-PKGREVISION=           3
+PKGREVISION=           4
 CATEGORIES=            security
 MASTER_SITES=          ${MASTER_SITE_LOCAL}
 
diff -r 05909d3fe67d -r 66942fdce46b security/netpgp/distinfo
--- a/security/netpgp/distinfo  Thu Mar 15 19:37:30 2018 +0000
+++ b/security/netpgp/distinfo  Thu Mar 15 19:51:08 2018 +0000
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.19 2018/03/15 19:37:30 khorben Exp $
+$NetBSD: distinfo,v 1.20 2018/03/15 19:51:08 khorben Exp $
 
 SHA1 (netpgp-20140220.tar.gz) = 815418cbae5d02a1385cd7947618303e5aa06d5c
 RMD160 (netpgp-20140220.tar.gz) = 970f55292852d5dbfde3eb17a5fefd6a7c820c4e
 SHA512 (netpgp-20140220.tar.gz) = ec6cfa0131cd50aee273b81cd64f448258121d7e9c8d4914be39ba59b5c28149bced3866c57f521167480da04b60d9d9bd2b228319dc8baa31328fb7c37e6b96
 Size (netpgp-20140220.tar.gz) = 1521820 bytes
 SHA1 (patch-src_lib_keyring.c) = 937af3b82b07c2817b3b20e6d76043950c7afd29
+SHA1 (patch-src_lib_reader.c) = 2ebaddebbc2f6f42f7391933ebfef39e3a73a367
diff -r 05909d3fe67d -r 66942fdce46b security/netpgp/patches/patch-src_lib_reader.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/netpgp/patches/patch-src_lib_reader.c    Thu Mar 15 19:51:08 2018 +0000
@@ -0,0 +1,26 @@
+$NetBSD: patch-src_lib_reader.c,v 1.1 2018/03/15 19:51:08 khorben Exp $
+
+Do not truncate pass-phrases without a newline character.
+
+--- src/lib/reader.c.orig      2012-03-05 02:20:18.000000000 +0000
++++ src/lib/reader.c
+@@ -160,6 +160,7 @@ int
+ pgp_getpassphrase(void *in, char *phrase, size_t size)
+ {
+       char    *p;
++      size_t   len;
+ 
+       if (in == NULL) {
+               while ((p = getpass("netpgp passphrase: ")) == NULL) {
+@@ -169,7 +170,10 @@ pgp_getpassphrase(void *in, char *phrase
+               if (fgets(phrase, (int)size, in) == NULL) {
+                       return 0;
+               }
+-              phrase[strlen(phrase) - 1] = 0x0;
++              len = strlen(phrase);
++              if (len >= 1 && phrase[len - 1] == '\n') {
++                      phrase[len - 1] = '\0';
++              }
+       }
+       return 1;
+ }