ports/150457: [patch] mail/mutt-devel does not recognize PGP markers with CRLF
Peter.Jeremy at alcatel-lucent.com
Peter.Jeremy at alcatel-lucent.com
Fri Sep 10 00:00:23 UTC 2010
>Number: 150457
>Category: ports
>Synopsis: [patch] mail/mutt-devel does not recognize PGP markers with CRLF
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Sep 10 00:00:17 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Peter Jeremy
>Release: FreeBSD 8.1-PRERELEASE amd64
>Organization:
Alcatel-Lucent Australia
>Environment:
System: FreeBSD pjdesk.au.alcatel-lucent.com 8.1-PRERELEASE FreeBSD 8.1-PRERELEASE #19: Wed Jul 14 07:24:18 EST 2010 root at pjdesk.au.alcatel-lucent.com:/var/obj/usr/src/sys/pjdesk amd64
mutt-devel-1.5.20_5
>Description:
A recent BUGTRAQ posting (archived at eg
http://www.mail-archive.com/bugtraq@securityfocus.com/msg34961.html )
contained CRLF terminated lines in the body. Attempting to open
this message resulted in the cryptic message "Could not copy message"
in the bottom (status) line and no other indication of the problem.
ktracing mutt revealed an additional error message:
"-- Error: could not find beginning of PGP message! --"
but this was not visible.
After patching mutt (as below), the message was decoded correctly
and reported a correct signature.
>How-To-Repeat:
Create a PGP signed message with CRLF terminators on the PGP
boundary markers and try to view it with mutt. The failing
BUGTRAQ mail is available on request but I'm not sure how to
attach it without it being "mangled".
>Fix:
I'm not sure if the crypt-gpgme.c is required as crypt-gpgme.c
is not compiled in my copy of mutt but the code matches that
in pgp.c
--- crypt-gpgme.c~ 2010-09-10 07:41:33.584316201 +1000
+++ crypt-gpgme.c 2010-09-10 08:22:32.948976728 +1000
@@ -2003,12 +2003,14 @@
{
if (!mutt_strncmp ("-----BEGIN PGP ", buf, 15))
{
- if (!mutt_strcmp ("MESSAGE-----\n", buf + 15))
+ if (!mutt_strcmp ("MESSAGE-----\n", buf + 15) ||
+ !mutt_strcmp ("MESSAGE-----\r\n", buf + 15))
{
enc = 1;
break;
}
- else if (!mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15))
+ else if (!mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) ||
+ !mutt_strcmp ("SIGNED MESSAGE-----\r\n", buf + 15))
{
sgn = 1;
break;
@@ -2128,7 +2130,8 @@
continue;
}
- if (!mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\n"))
+ if (!mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\n") ||
+ !mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\r\n"))
break;
if (armor_header)
@@ -2196,14 +2199,17 @@
clearsign = 0;
start_pos = last_pos;
- if (!mutt_strcmp ("MESSAGE-----\n", buf + 15))
+ if (!mutt_strcmp ("MESSAGE-----\n", buf + 15) ||
+ !mutt_strcmp ("MESSAGE-----\r\n", buf + 15))
needpass = 1;
- else if (!mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15))
+ else if (!mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) ||
+ !mutt_strcmp ("SIGNED MESSAGE-----\r\n", buf + 15))
{
clearsign = 1;
needpass = 0;
}
- else if (!mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15))
+ else if (!mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15) ||
+ !mutt_strcmp ("PUBLIC KEY BLOCK-----\r\n", buf + 15))
{
needpass = 0;
pgp_keyblock = 1;
--- pgp.c~ 2009-05-31 03:20:08.000000000 +1000
+++ pgp.c 2010-09-10 08:27:40.317064142 +1000
@@ -219,7 +219,8 @@
continue;
}
- if (mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\n") == 0)
+ if (mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\n") == 0 ||
+ mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\r\n") == 0)
break;
if (armor_header)
@@ -287,14 +288,17 @@
clearsign = 0;
start_pos = last_pos;
- if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0)
+ if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0 ||
+ mutt_strcmp ("MESSAGE-----\r\n", buf + 15) == 0)
needpass = 1;
- else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0)
+ else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0 ||
+ mutt_strcmp ("SIGNED MESSAGE-----\r\n", buf + 15) == 0)
{
clearsign = 1;
needpass = 0;
}
- else if (!mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15))
+ else if (!mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15) ||
+ !mutt_strcmp ("PUBLIC KEY BLOCK-----\r\n", buf + 15))
{
needpass = 0;
pgp_keyblock = 1;
@@ -327,10 +331,14 @@
fputs (buf, tmpfp);
- if ((needpass && mutt_strcmp ("-----END PGP MESSAGE-----\n", buf) == 0) ||
- (!needpass
- && (mutt_strcmp ("-----END PGP SIGNATURE-----\n", buf) == 0
- || mutt_strcmp ("-----END PGP PUBLIC KEY BLOCK-----\n",buf) == 0)))
+ if ((needpass &&
+ (mutt_strcmp ("-----END PGP MESSAGE-----\n", buf) == 0 ||
+ mutt_strcmp ("-----END PGP MESSAGE-----\r\n", buf) == 0)) ||
+ (!needpass &&
+ (mutt_strcmp ("-----END PGP SIGNATURE-----\n", buf) == 0 ||
+ mutt_strcmp ("-----END PGP SIGNATURE-----\r\n", buf) == 0 ||
+ mutt_strcmp ("-----END PGP PUBLIC KEY BLOCK-----\n",buf) == 0 ||
+ mutt_strcmp ("-----END PGP PUBLIC KEY BLOCK-----\r\n",buf) == 0)))
break;
/* remember optional Charset: armor header as defined by RfC4880 */
if (mutt_strncmp ("Charset: ", buf, 9) == 0)
@@ -554,11 +562,14 @@
{
if (mutt_strncmp ("-----BEGIN PGP ", buf, 15) == 0)
{
- if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0)
+ if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0 ||
+ mutt_strcmp ("MESSAGE-----\r\n", buf + 15) == 0)
enc = 1;
- else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0)
+ else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0 ||
+ mutt_strcmp ("SIGNED MESSAGE-----\r\n", buf + 15) == 0)
sgn = 1;
- else if (mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15) == 0)
+ else if (mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15) == 0 ||
+ mutt_strcmp ("PUBLIC KEY BLOCK-----\r\n", buf + 15) == 0)
key = 1;
}
}
@@ -1067,9 +1078,11 @@
*/
while (fgets (buffer, sizeof (buffer) - 1, pgpout) != NULL)
{
- if (mutt_strcmp ("-----BEGIN PGP MESSAGE-----\n", buffer) == 0)
+ if (mutt_strcmp ("-----BEGIN PGP MESSAGE-----\n", buffer) == 0 ||
+ mutt_strcmp ("-----BEGIN PGP MESSAGE-----\r\n", buffer) == 0)
fputs ("-----BEGIN PGP SIGNATURE-----\n", fp);
- else if (mutt_strcmp("-----END PGP MESSAGE-----\n", buffer) == 0)
+ else if (mutt_strcmp("-----END PGP MESSAGE-----\n", buffer) == 0 ||
+ mutt_strcmp("-----END PGP MESSAGE-----\r\n", buffer) == 0)
fputs ("-----END PGP SIGNATURE-----\n", fp);
else
fputs (buffer, fp);
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list