pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/netpgp Do not ask for a passphrase when empty



details:   https://anonhg.NetBSD.org/pkgsrc/rev/05909d3fe67d
branches:  trunk
changeset: 377378:05909d3fe67d
user:      khorben <khorben%pkgsrc.org@localhost>
date:      Thu Mar 15 19:37:30 2018 +0000

description:
Do not ask for a passphrase when empty

Originally submitted on tech-pkg@ as:
[PATCH 06/11] Do not ask for a passphrase when empty

Only modified for consistency with the coding style; as also applied in
NetBSD's src repository.

Tested on NetBSD/amd64.

diffstat:

 security/netpgp/Makefile                        |   4 +-
 security/netpgp/distinfo                        |   4 +-
 security/netpgp/patches/patch-src_lib_keyring.c |  65 +++++++++++++++++++-----
 3 files changed, 54 insertions(+), 19 deletions(-)

diffs (101 lines):

diff -r c9381f189dd4 -r 05909d3fe67d security/netpgp/Makefile
--- a/security/netpgp/Makefile  Thu Mar 15 18:37:29 2018 +0000
+++ b/security/netpgp/Makefile  Thu Mar 15 19:37:30 2018 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.24 2017/02/20 01:09:11 khorben Exp $
+# $NetBSD: Makefile,v 1.25 2018/03/15 19:37:30 khorben Exp $
 
 DISTNAME=              netpgp-20140220
-PKGREVISION=           2
+PKGREVISION=           3
 CATEGORIES=            security
 MASTER_SITES=          ${MASTER_SITE_LOCAL}
 
diff -r c9381f189dd4 -r 05909d3fe67d security/netpgp/distinfo
--- a/security/netpgp/distinfo  Thu Mar 15 18:37:29 2018 +0000
+++ b/security/netpgp/distinfo  Thu Mar 15 19:37:30 2018 +0000
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.18 2017/02/20 01:09:11 khorben Exp $
+$NetBSD: distinfo,v 1.19 2018/03/15 19:37:30 khorben Exp $
 
 SHA1 (netpgp-20140220.tar.gz) = 815418cbae5d02a1385cd7947618303e5aa06d5c
 RMD160 (netpgp-20140220.tar.gz) = 970f55292852d5dbfde3eb17a5fefd6a7c820c4e
 SHA512 (netpgp-20140220.tar.gz) = ec6cfa0131cd50aee273b81cd64f448258121d7e9c8d4914be39ba59b5c28149bced3866c57f521167480da04b60d9d9bd2b228319dc8baa31328fb7c37e6b96
 Size (netpgp-20140220.tar.gz) = 1521820 bytes
-SHA1 (patch-src_lib_keyring.c) = f683cafb0f9adac354d3eb90b47f5236db6b8656
+SHA1 (patch-src_lib_keyring.c) = 937af3b82b07c2817b3b20e6d76043950c7afd29
diff -r c9381f189dd4 -r 05909d3fe67d security/netpgp/patches/patch-src_lib_keyring.c
--- a/security/netpgp/patches/patch-src_lib_keyring.c   Thu Mar 15 18:37:29 2018 +0000
+++ b/security/netpgp/patches/patch-src_lib_keyring.c   Thu Mar 15 19:37:30 2018 +0000
@@ -1,21 +1,56 @@
-$NetBSD: patch-src_lib_keyring.c,v 1.1 2017/02/20 01:09:11 khorben Exp $
+$NetBSD: patch-src_lib_keyring.c,v 1.2 2018/03/15 19:37:30 khorben Exp $
 
-Do not crash when listing keys without a keyring
+Do not crash when listing keys without a keyring.
+Do not ask for a passphrase when empty.
 
---- src/lib/keyring.c.orig     2017-02-20 01:03:25.000000000 +0000
+--- src/lib/keyring.c.orig     2018-03-15 19:31:30.000000000 +0000
 +++ src/lib/keyring.c
-@@ -993,9 +993,12 @@ pgp_keyring_list(pgp_io_t *io, const pgp
+@@ -226,7 +226,7 @@ typedef struct {
+       pgp_seckey_t            *seckey;
+ } decrypt_t;
+ 
+-static pgp_cb_ret_t 
++static pgp_cb_ret_t
+ decrypt_cb(const pgp_packet_t *pkt, pgp_cbdata_t *cbinfo)
  {
-       pgp_key_t               *key;
-       unsigned                 n;
-+      unsigned                 keyc = (keyring != NULL) ? keyring->keyc : 0;
+       const pgp_contents_t    *content = &pkt->u;
+@@ -292,6 +292,20 @@ decrypt_cb(const pgp_packet_t *pkt, pgp_
+       return PGP_RELEASE_MEMORY;
+ }
  
--      (void) fprintf(io->res, "%u key%s\n", keyring->keyc,
--              (keyring->keyc == 1) ? "" : "s");
-+      (void) fprintf(io->res, "%u key%s\n", keyc, (keyc == 1) ? "" : "s");
-+      if (keyring == NULL) {
-+              return 1;
++static pgp_cb_ret_t
++decrypt_cb_empty(const pgp_packet_t *pkt, pgp_cbdata_t *cbinfo)
++{
++      const pgp_contents_t    *content = &pkt->u;
++
++      switch (pkt->tag) {
++      case PGP_GET_PASSPHRASE:
++              *content->skey_passphrase.passphrase = netpgp_strdup("");
++              return PGP_KEEP_MEMORY;
++      default:
++              return decrypt_cb(pkt, cbinfo);
 +      }
-       for (n = 0, key = keyring->keys; n < keyring->keyc; ++n, ++key) {
-               if (pgp_is_key_secret(key)) {
-                       pgp_print_keydata(io, keyring, key, "sec",
++}
++
+ /**
+ \ingroup Core_Keys
+ \brief Decrypts secret key from given keydata with given passphrase
+@@ -306,8 +320,18 @@ pgp_decrypt_seckey(const pgp_key_t *key,
+       const int        printerrors = 1;
+       decrypt_t        decrypt;
+ 
++      /* first try with an empty passphrase */
+       (void) memset(&decrypt, 0x0, sizeof(decrypt));
+       decrypt.key = key;
++      stream = pgp_new(sizeof(*stream));
++      pgp_keydata_reader_set(stream, key);
++      pgp_set_callback(stream, decrypt_cb_empty, &decrypt);
++      stream->readinfo.accumulate = 1;
++      pgp_parse(stream, !printerrors);
++      if (decrypt.seckey != NULL) {
++              return decrypt.seckey;
++      }
++      /* ask for a passphrase */
+       decrypt.passfp = passfp;
+       stream = pgp_new(sizeof(*stream));
+       pgp_keydata_reader_set(stream, key);



Home | Main Index | Thread Index | Old Index