Date: Fri, 10 Sep 2010 09:37:56 +1000 (EST) From: Peter.Jeremy@alcatel-lucent.com To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/150457: [patch] mail/mutt-devel does not recognize PGP markers with CRLF Message-ID: <201009092337.o89Nbuts033590@pjdesk.au.alcatel-lucent.com> Resent-Message-ID: <201009100000.o8A00Hws007773@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 150457 >Category: ports >Synopsis: [patch] mail/mutt-devel does not recognize PGP markers with CRLF >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Sep 10 00:00:17 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Peter Jeremy >Release: FreeBSD 8.1-PRERELEASE amd64 >Organization: Alcatel-Lucent Australia >Environment: System: FreeBSD pjdesk.au.alcatel-lucent.com 8.1-PRERELEASE FreeBSD 8.1-PRERELEASE #19: Wed Jul 14 07:24:18 EST 2010 root@pjdesk.au.alcatel-lucent.com:/var/obj/usr/src/sys/pjdesk amd64 mutt-devel-1.5.20_5 >Description: A recent BUGTRAQ posting (archived at eg http://www.mail-archive.com/bugtraq@securityfocus.com/msg34961.html ) contained CRLF terminated lines in the body. Attempting to open this message resulted in the cryptic message "Could not copy message" in the bottom (status) line and no other indication of the problem. ktracing mutt revealed an additional error message: "-- Error: could not find beginning of PGP message! --" but this was not visible. After patching mutt (as below), the message was decoded correctly and reported a correct signature. >How-To-Repeat: Create a PGP signed message with CRLF terminators on the PGP boundary markers and try to view it with mutt. The failing BUGTRAQ mail is available on request but I'm not sure how to attach it without it being "mangled". >Fix: I'm not sure if the crypt-gpgme.c is required as crypt-gpgme.c is not compiled in my copy of mutt but the code matches that in pgp.c --- crypt-gpgme.c~ 2010-09-10 07:41:33.584316201 +1000 +++ crypt-gpgme.c 2010-09-10 08:22:32.948976728 +1000 @@ -2003,12 +2003,14 @@ { if (!mutt_strncmp ("-----BEGIN PGP ", buf, 15)) { - if (!mutt_strcmp ("MESSAGE-----\n", buf + 15)) + if (!mutt_strcmp ("MESSAGE-----\n", buf + 15) || + !mutt_strcmp ("MESSAGE-----\r\n", buf + 15)) { enc = 1; break; } - else if (!mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15)) + else if (!mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) || + !mutt_strcmp ("SIGNED MESSAGE-----\r\n", buf + 15)) { sgn = 1; break; @@ -2128,7 +2130,8 @@ continue; } - if (!mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\n")) + if (!mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\n") || + !mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\r\n")) break; if (armor_header) @@ -2196,14 +2199,17 @@ clearsign = 0; start_pos = last_pos; - if (!mutt_strcmp ("MESSAGE-----\n", buf + 15)) + if (!mutt_strcmp ("MESSAGE-----\n", buf + 15) || + !mutt_strcmp ("MESSAGE-----\r\n", buf + 15)) needpass = 1; - else if (!mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15)) + else if (!mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) || + !mutt_strcmp ("SIGNED MESSAGE-----\r\n", buf + 15)) { clearsign = 1; needpass = 0; } - else if (!mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15)) + else if (!mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15) || + !mutt_strcmp ("PUBLIC KEY BLOCK-----\r\n", buf + 15)) { needpass = 0; pgp_keyblock = 1; --- pgp.c~ 2009-05-31 03:20:08.000000000 +1000 +++ pgp.c 2010-09-10 08:27:40.317064142 +1000 @@ -219,7 +219,8 @@ continue; } - if (mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\n") == 0) + if (mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\n") == 0 || + mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\r\n") == 0) break; if (armor_header) @@ -287,14 +288,17 @@ clearsign = 0; start_pos = last_pos; - if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0) + if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0 || + mutt_strcmp ("MESSAGE-----\r\n", buf + 15) == 0) needpass = 1; - else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0) + else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0 || + mutt_strcmp ("SIGNED MESSAGE-----\r\n", buf + 15) == 0) { clearsign = 1; needpass = 0; } - else if (!mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15)) + else if (!mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15) || + !mutt_strcmp ("PUBLIC KEY BLOCK-----\r\n", buf + 15)) { needpass = 0; pgp_keyblock = 1; @@ -327,10 +331,14 @@ fputs (buf, tmpfp); - if ((needpass && mutt_strcmp ("-----END PGP MESSAGE-----\n", buf) == 0) || - (!needpass - && (mutt_strcmp ("-----END PGP SIGNATURE-----\n", buf) == 0 - || mutt_strcmp ("-----END PGP PUBLIC KEY BLOCK-----\n",buf) == 0))) + if ((needpass && + (mutt_strcmp ("-----END PGP MESSAGE-----\n", buf) == 0 || + mutt_strcmp ("-----END PGP MESSAGE-----\r\n", buf) == 0)) || + (!needpass && + (mutt_strcmp ("-----END PGP SIGNATURE-----\n", buf) == 0 || + mutt_strcmp ("-----END PGP SIGNATURE-----\r\n", buf) == 0 || + mutt_strcmp ("-----END PGP PUBLIC KEY BLOCK-----\n",buf) == 0 || + mutt_strcmp ("-----END PGP PUBLIC KEY BLOCK-----\r\n",buf) == 0))) break; /* remember optional Charset: armor header as defined by RfC4880 */ if (mutt_strncmp ("Charset: ", buf, 9) == 0) @@ -554,11 +562,14 @@ { if (mutt_strncmp ("-----BEGIN PGP ", buf, 15) == 0) { - if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0) + if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0 || + mutt_strcmp ("MESSAGE-----\r\n", buf + 15) == 0) enc = 1; - else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0) + else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0 || + mutt_strcmp ("SIGNED MESSAGE-----\r\n", buf + 15) == 0) sgn = 1; - else if (mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15) == 0) + else if (mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15) == 0 || + mutt_strcmp ("PUBLIC KEY BLOCK-----\r\n", buf + 15) == 0) key = 1; } } @@ -1067,9 +1078,11 @@ */ while (fgets (buffer, sizeof (buffer) - 1, pgpout) != NULL) { - if (mutt_strcmp ("-----BEGIN PGP MESSAGE-----\n", buffer) == 0) + if (mutt_strcmp ("-----BEGIN PGP MESSAGE-----\n", buffer) == 0 || + mutt_strcmp ("-----BEGIN PGP MESSAGE-----\r\n", buffer) == 0) fputs ("-----BEGIN PGP SIGNATURE-----\n", fp); - else if (mutt_strcmp("-----END PGP MESSAGE-----\n", buffer) == 0) + else if (mutt_strcmp("-----END PGP MESSAGE-----\n", buffer) == 0 || + mutt_strcmp("-----END PGP MESSAGE-----\r\n", buffer) == 0) fputs ("-----END PGP SIGNATURE-----\n", fp); else fputs (buffer, fp); >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201009092337.o89Nbuts033590>