Changeset 347
- Timestamp:
- Jun 7, 2011, 9:41:30 PM (13 years ago)
- Location:
- trunk
- Files:
-
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/configure.ac
r346 r347 788 788 ], 789 789 [AC_DEFINE(SH_WITH_MAIL)] 790 ) 791 792 AC_ARG_ENABLE(shellexpand, 793 [ --disable-shellexpand disable shell expansion in config file], 794 [ 795 if test "x${enable_shellexpand}" = xno; then 796 : 797 else 798 AC_DEFINE(SH_EVAL_SHELL, [1], [Define if you want shell expansion in configuration file]) 799 fi 800 ], 801 [AC_DEFINE(SH_EVAL_SHELL, [1], [Define if you want shell expansion in configuration file])] 790 802 ) 791 803 -
trunk/docs/Changelog
r342 r347 1 2.8.5: 2 * Better protection against the 'intruder on server' scenario 3 pointed out by xrx. Add option to disable shell expansion in 4 configuration files, and check gpg signature earlier. 5 * Support /opt/local/bin in the Unix entropy gatherer (suggestion 6 by Sean Chittenden) 7 * Cache timeserver response for one second (suggestion by 8 Sean Chittenden) 9 1 10 2.8.4a: 2 11 * Fix for compile error with --with-prelude -
trunk/include/sh_gpg.h
r170 r347 22 22 #ifndef SH_GPG_H 23 23 #define SH_GPG_H 24 25 /* Top level function to verify file. 26 */ 27 SL_TICKET sh_gpg_extract_signed(SL_TICKET fd); 28 24 29 /* this function exits if configuration file 25 30 * and/or database cannot be verified; otherwise returns 0 -
trunk/src/sh_getopt.c
r295 r347 439 439 printf (_(" -- Key fingerprint: %s"), SH_GPG_FP); ++num; 440 440 #endif 441 #endif 442 443 #if defined(SH_SHELL_EVAL) 444 if (num > 0) fputc ('\n', stdout); 445 fputs (_(" shell expansion in configuration file supported"), stdout); ++num; 441 446 #endif 442 447 -
trunk/src/sh_gpg.c
r252 r347 1202 1202 } 1203 1203 1204 #define FGETS_BUF 16384 1205 1206 SL_TICKET sh_gpg_extract_signed(SL_TICKET fd) 1207 { 1208 FILE * fin_cp = NULL; 1209 char * buf = NULL; 1210 int bufc; 1211 int flag_pgp = S_FALSE; 1212 int flag_nohead = S_FALSE; 1213 SL_TICKET fdTmp = (-1); 1214 SL_TICKET open_tmp (void); 1215 1216 /* extract the data and copy to temporary file 1217 */ 1218 fdTmp = open_tmp(); 1219 1220 fin_cp = fdopen(dup(get_the_fd(fd)), "rb"); 1221 buf = SH_ALLOC(FGETS_BUF); 1222 1223 while (NULL != fgets(buf, FGETS_BUF, fin_cp)) 1224 { 1225 bufc = 0; 1226 while (bufc < FGETS_BUF) { 1227 if (buf[bufc] == '\n') { ++bufc; break; } 1228 ++bufc; 1229 } 1230 1231 if (flag_pgp == S_FALSE && 1232 (0 == sl_strcmp(buf, _("-----BEGIN PGP SIGNED MESSAGE-----\n"))|| 1233 0 == sl_strcmp(buf, _("-----BEGIN PGP MESSAGE-----\n"))) 1234 ) 1235 { 1236 flag_pgp = S_TRUE; 1237 sl_write(fdTmp, buf, bufc); 1238 continue; 1239 } 1240 1241 if (flag_pgp == S_TRUE && flag_nohead == S_FALSE) 1242 { 1243 if (buf[0] == '\n') 1244 { 1245 flag_nohead = S_TRUE; 1246 sl_write(fdTmp, buf, 1); 1247 continue; 1248 } 1249 else if (0 == sl_strncmp(buf, _("Hash:"), 5) || 1250 0 == sl_strncmp(buf, _("NotDashEscaped:"), 15)) 1251 { 1252 sl_write(fdTmp, buf, bufc); 1253 continue; 1254 } 1255 else 1256 continue; 1257 } 1258 1259 if (flag_pgp == S_TRUE && buf[0] == '\n') 1260 { 1261 sl_write(fdTmp, buf, 1); 1262 } 1263 else if (flag_pgp == S_TRUE) 1264 { 1265 /* sl_write_line(fdTmp, buf, bufc); */ 1266 sl_write(fdTmp, buf, bufc); 1267 } 1268 1269 if (flag_pgp == S_TRUE && 1270 0 == sl_strcmp(buf, _("-----END PGP SIGNATURE-----\n"))) 1271 break; 1272 } 1273 SH_FREE(buf); 1274 sl_fclose(FIL__, __LINE__, fin_cp); /* fin_cp = fdopen(dup(), "rb"); */ 1275 sl_rewind (fdTmp); 1276 1277 return fdTmp; 1278 } 1279 1204 1280 /* #ifdef WITH_GPG */ 1205 1281 #endif -
trunk/src/sh_hash.c
r320 r347 1295 1295 #if defined(WITH_GPG) || defined(WITH_PGP) 1296 1296 extern int get_the_fd (SL_TICKET ticket); 1297 FILE * fin_cp = NULL; 1298 1299 char * buf = NULL; 1300 int bufc; 1297 1301 1298 int flag_pgp; 1302 1299 int flag_nohead; 1303 1300 SL_TICKET fdTmp = (-1); 1304 SL_TICKET open_tmp (void);1305 1301 #endif 1306 1302 char hashbuf[KEYBUF_SIZE]; … … 1405 1401 1406 1402 #if defined(WITH_GPG) || defined(WITH_PGP) 1407 /* new 1.4.8: also checked for server data */1408 1403 1409 1404 /* extract the data and copy to temporary file 1410 1405 */ 1411 fdTmp = open_tmp(); 1412 1413 fin_cp = fdopen(dup(get_the_fd(fd)), "rb"); 1414 buf = SH_ALLOC(FGETS_BUF); 1415 1416 while (NULL != fgets(buf, FGETS_BUF, fin_cp)) 1417 { 1418 bufc = 0; 1419 while (bufc < FGETS_BUF) { 1420 if (buf[bufc] == '\n') { ++bufc; break; } 1421 ++bufc; 1422 } 1423 1424 if (sig_termfast == 1) /* SIGTERM */ 1425 { 1426 TPT((0, FIL__, __LINE__, _("msg=<Terminate.>\n"))); 1427 --sig_raised; --sig_urgent; 1428 retval = 1; exitval = EXIT_SUCCESS; 1429 goto unlock_and_return; 1430 } 1431 1432 if (flag_pgp == S_FALSE && 1433 (0 == sl_strcmp(buf, _("-----BEGIN PGP SIGNED MESSAGE-----\n"))|| 1434 0 == sl_strcmp(buf, _("-----BEGIN PGP MESSAGE-----\n"))) 1435 ) 1436 { 1437 flag_pgp = S_TRUE; 1438 sl_write(fdTmp, buf, bufc); 1439 continue; 1440 } 1441 1442 if (flag_pgp == S_TRUE && flag_nohead == S_FALSE) 1443 { 1444 if (buf[0] == '\n') 1445 { 1446 flag_nohead = S_TRUE; 1447 sl_write(fdTmp, buf, 1); 1448 continue; 1449 } 1450 else if (0 == sl_strncmp(buf, _("Hash:"), 5) || 1451 0 == sl_strncmp(buf, _("NotDashEscaped:"), 15)) 1452 { 1453 sl_write(fdTmp, buf, bufc); 1454 continue; 1455 } 1456 else 1457 continue; 1458 } 1459 1460 if (flag_pgp == S_TRUE && buf[0] == '\n') 1461 { 1462 sl_write(fdTmp, buf, 1); 1463 } 1464 else if (flag_pgp == S_TRUE) 1465 { 1466 /* sl_write_line(fdTmp, buf, bufc); */ 1467 sl_write(fdTmp, buf, bufc); 1468 } 1469 1470 if (flag_pgp == S_TRUE && 1471 0 == sl_strcmp(buf, _("-----END PGP SIGNATURE-----\n"))) 1472 break; 1473 } 1474 SH_FREE(buf); 1406 fdTmp = sh_gpg_extract_signed(fd); 1407 1408 if (sig_termfast == 1) /* SIGTERM */ 1409 { 1410 TPT((0, FIL__, __LINE__, _("msg=<Terminate.>\n"))); 1411 --sig_raised; --sig_urgent; 1412 retval = 1; exitval = EXIT_SUCCESS; 1413 goto unlock_and_return; 1414 } 1415 1475 1416 sl_close(fd); 1476 sl_fclose(FIL__, __LINE__, fin_cp); /* fin_cp = fdopen(dup(), "rb"); */1477 1478 1417 fd = fdTmp; 1479 sl_rewind (fd);1480 1418 1481 1419 /* Validate signature of open file. … … 1488 1426 sl_rewind (fd); 1489 1427 #endif 1490 /* } new 1.4.8 check sig also for files downloaded from server */1491 1428 1492 1429 line = SH_ALLOC(MAX_PATH_STORE+2); -
trunk/src/sh_readconf.c
r315 r347 136 136 static char * sh_readconf_expand_value (const char * str) 137 137 { 138 #ifdef SH_EVAL_SHELL 138 139 char * tmp = (char*)str; 139 140 char * out; … … 152 153 } 153 154 } 155 #endif 154 156 return sh_util_strdup(str); 155 157 } … … 161 163 SH_RC_FILE = 3, 162 164 SH_RC_IFACE = 4, 165 #ifdef SH_EVAL_SHELL 163 166 SH_RC_CMD = 5 167 #endif 164 168 }; 165 169 … … 218 222 p += 15; cond_type = SH_RC_SYSTEM; 219 223 } 224 #ifdef SH_EVAL_SHELL 220 225 else if (0 == strncasecmp(p, _("command_succeeds "), 17)) 221 226 { 222 227 p += 17; cond_type = SH_RC_CMD; 223 228 } 229 #endif 224 230 else 225 231 { … … 271 277 match = negate; 272 278 break; 279 #ifdef SH_EVAL_SHELL 273 280 case SH_RC_CMD: 274 281 if (0 == sh_unix_run_command(p)) 275 282 match = negate; 276 283 break; 284 #endif 277 285 default: 278 286 match = 0; … … 337 345 #if defined(SH_STEALTH) && !defined(SH_STEALTH_MICRO) 338 346 SL_TICKET fdTmp = -1; 339 SL_TICKET open_tmp (void); 347 #endif 348 #if defined(WITH_GPG) || defined(WITH_PGP) 349 SL_TICKET fdGpg = -1; 340 350 #endif 341 351 char * tmp; … … 464 474 sl_close(fd); 465 475 fd = fdTmp; 476 sl_rewind (fd); 477 #endif 478 479 #if defined(WITH_GPG) || defined(WITH_PGP) 480 481 /* extract the data and copy to temporary file 482 */ 483 fdGpg = sh_gpg_extract_signed(fd); 484 485 sl_close(fd); 486 fd = fdGpg; 487 488 /* Validate signature of open file. 489 */ 490 if (0 != sh_gpg_check_sign (fd, 0, 1)) 491 { 492 SH_FREE(line_in); 493 aud_exit (FIL__, __LINE__, EXIT_FAILURE); 494 } 466 495 sl_rewind (fd); 467 496 #endif … … 664 693 (long) conf_line); 665 694 666 #if defined(WITH_GPG) || defined(WITH_PGP)667 /* Validate signature of open file.668 */669 sl_rewind (fd);670 if (0 != sh_gpg_check_sign (fd, 0, 1))671 {672 SH_FREE(line_in);673 aud_exit (FIL__, __LINE__, EXIT_FAILURE);674 }675 #endif676 677 695 sl_close (fd); 678 696 … … 1358 1376 1359 1377 /* Expand shell expressions. This return allocated memory which we must free. 1378 * If !defined(SH_EVAL_SHELL), this will reduce to a strdup. 1360 1379 */ 1361 1380 value = sh_readconf_expand_value(value);
Note:
See TracChangeset
for help on using the changeset viewer.