Menu
▾
▴
pidgin-commits
|
From: <the...@us...> - 2006-04-19 02:12:50
|
Revision: 16061 Author: thekingant Date: 2006-04-18 19:12:45 -0700 (Tue, 18 Apr 2006) ViewCVS: http://svn.sourceforge.net/gaim/?rev=16061&view=rev Log Message: ----------- silcgaim_check_silc_dir() checks to make sure the user's private key has permission 0600. If it doesn't, it chmod's the file. Nathanael Hoyle pointed out the totally absurd scenario where, if Gaim is suid root, someone could replace the private key with something else between the fstat and the chmod so that the file permissions are changed on a file that the user wouldn't otherwise have access to. He also suggested a fix along the lines of this one. Ethan said this still isn't totally safe, but it should be a little better, and I don't really care anyway because you'd have to be a moron to run Gaim with the suid bit set in the first place. Modified Paths: -------------- trunk/src/protocols/silc/util.c Modified: trunk/src/protocols/silc/util.c =================================================================== --- trunk/src/protocols/silc/util.c 2006-04-18 21:16:45 UTC (rev 16060) +++ trunk/src/protocols/silc/util.c 2006-04-19 02:12:45 UTC (rev 16061) @@ -75,6 +75,7 @@ char pkd[256], prd[256]; struct stat st; struct passwd *pw; + int fd; pw = getpwuid(getuid()); if (!pw) { @@ -225,6 +226,7 @@ } #endif + fd = open(file_private_key, O_RDONLY); if ((g_stat(file_private_key, &st)) == -1) { /* If file doesn't exist */ if (errno == ENOENT) { @@ -234,10 +236,15 @@ file_public_key, file_private_key, NULL, (gc->password == NULL) ? "" : gc->password, NULL, NULL, NULL, FALSE); + if (fd != -1) + close(fd); + fd = open(file_private_key, O_RDONLY); g_stat(file_private_key, &st); } else { gaim_debug_error("silc", "Couldn't stat '%s' private key, error: %s\n", file_private_key, strerror(errno)); + if (fd != -1) + close(fd); return FALSE; } } @@ -246,23 +253,30 @@ /* Check the owner of the private key */ if (st.st_uid != 0 && st.st_uid != pw->pw_uid) { gaim_debug_error("silc", "You don't seem to own your private key!?\n"); + if (fd != -1) + close(fd); return FALSE; } /* Check the permissions for the private key */ if ((st.st_mode & 0777) != 0600) { gaim_debug_warning("silc", "Wrong permissions in your private key file `%s'!\n" - "Trying to change them ... ", file_private_key); - if ((chmod(file_private_key, 0600)) == -1) { + "Trying to change them ...\n", file_private_key); + if ((fd != -1) && (fchmod(fd, S_IRUSR | S_IWUSR)) == -1) { gaim_debug_error("silc", "Failed to change permissions for private key file!\n" "Permissions for your private key file must be 0600.\n"); + if (fd != -1) + close(fd); return FALSE; } gaim_debug_warning("silc", "Done.\n\n"); } #endif + if (fd != -1) + close(fd); + return TRUE; } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
|
From: <dat...@us...> - 2006-08-11 19:02:52
|
Revision: 16709 Author: datallah Date: 2006-08-11 12:02:47 -0700 (Fri, 11 Aug 2006) ViewCVS: http://svn.sourceforge.net/gaim/?rev=16709&view=rev Log Message: ----------- Deal with inability to create key pair. (CID 139) Modified Paths: -------------- trunk/src/protocols/silc/util.c Modified: trunk/src/protocols/silc/util.c =================================================================== --- trunk/src/protocols/silc/util.c 2006-08-11 18:35:26 UTC (rev 16708) +++ trunk/src/protocols/silc/util.c 2006-08-11 19:02:47 UTC (rev 16709) @@ -205,12 +205,20 @@ /* If file doesn't exist */ if (errno == ENOENT) { gaim_connection_update_progress(gc, _("Creating SILC key pair..."), 1, 5); - silc_create_key_pair(SILCGAIM_DEF_PKCS, + if (!silc_create_key_pair(SILCGAIM_DEF_PKCS, SILCGAIM_DEF_PKCS_LEN, file_public_key, file_private_key, NULL, (gc->password == NULL) ? "" : gc->password, - NULL, NULL, NULL, FALSE); - g_stat(file_public_key, &st); + NULL, NULL, NULL, FALSE)) { + gaim_debug_error("silc", "Couldn't create key pair\n"); + return FALSE; + } + + if ((g_stat(file_public_key, &st)) == -1) { + gaim_debug_error("silc", "Couldn't stat '%s' public key, error: %s\n", + file_public_key, strerror(errno)); + return FALSE; + } } else { gaim_debug_error("silc", "Couldn't stat '%s' public key, error: %s\n", file_public_key, strerror(errno)); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
|
From: <dat...@us...> - 2006-08-17 01:06:31
|
Revision: 16801 Author: datallah Date: 2006-08-16 18:06:27 -0700 (Wed, 16 Aug 2006) ViewCVS: http://svn.sourceforge.net/gaim/?rev=16801&view=rev Log Message: ----------- Make the silc key permission checks safer and cover more cases (e.g. private key exists, but is not readable by you). Modified Paths: -------------- trunk/src/protocols/silc/util.c Modified: trunk/src/protocols/silc/util.c =================================================================== --- trunk/src/protocols/silc/util.c 2006-08-16 20:50:16 UTC (rev 16800) +++ trunk/src/protocols/silc/util.c 2006-08-17 01:06:27 UTC (rev 16801) @@ -234,25 +234,44 @@ } #endif - fd = open(file_private_key, O_RDONLY); - if ((g_stat(file_private_key, &st)) == -1) { + if ((fd = g_open(file_private_key, O_RDONLY)) != -1) { + if ((fstat(fd, &st)) == -1) { + gaim_debug_error("silc", "Couldn't stat '%s' private key, error: %s\n", + file_private_key, strerror(errno)); + close(fd); + return FALSE; + } + } else if ((g_stat(file_private_key, &st)) == -1) { /* If file doesn't exist */ if (errno == ENOENT) { gaim_connection_update_progress(gc, _("Creating SILC key pair..."), 1, 5); - silc_create_key_pair(SILCGAIM_DEF_PKCS, + if (!silc_create_key_pair(SILCGAIM_DEF_PKCS, SILCGAIM_DEF_PKCS_LEN, file_public_key, file_private_key, NULL, (gc->password == NULL) ? "" : gc->password, - NULL, NULL, NULL, FALSE); - if (fd != -1) - close(fd); - fd = open(file_private_key, O_RDONLY); - g_stat(file_private_key, &st); + NULL, NULL, NULL, FALSE)) { + gaim_debug_error("silc", "Couldn't create key pair\n"); + return FALSE; + } + + if ((fd = g_open(file_private_key, O_RDONLY)) != -1) { + if ((fstat(fd, &st)) == -1) { + gaim_debug_error("silc", "Couldn't stat '%s' private key, error: %s\n", + file_private_key, strerror(errno)); + close(fd); + return FALSE; + } + } + /* This shouldn't really happen because silc_create_key_pair() + * will set the permissions */ + else if ((g_stat(file_private_key, &st)) == -1) { + gaim_debug_error("silc", "Couldn't stat '%s' private key, error: %s\n", + file_private_key, strerror(errno)); + return FALSE; + } } else { gaim_debug_error("silc", "Couldn't stat '%s' private key, error: %s\n", file_private_key, strerror(errno)); - if (fd != -1) - close(fd); return FALSE; } } @@ -270,7 +289,7 @@ if ((st.st_mode & 0777) != 0600) { gaim_debug_warning("silc", "Wrong permissions in your private key file `%s'!\n" "Trying to change them ...\n", file_private_key); - if ((fd != -1) && (fchmod(fd, S_IRUSR | S_IWUSR)) == -1) { + if ((fd == -1) || (fchmod(fd, S_IRUSR | S_IWUSR)) == -1) { gaim_debug_error("silc", "Failed to change permissions for private key file!\n" "Permissions for your private key file must be 0600.\n"); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
|
From: <dat...@us...> - 2006-08-17 14:07:26
|
Revision: 16815 Author: datallah Date: 2006-08-17 07:07:20 -0700 (Thu, 17 Aug 2006) ViewCVS: http://svn.sourceforge.net/gaim/?rev=16815&view=rev Log Message: ----------- If g_open isn't a macro, we need to specify the mode variable Modified Paths: -------------- trunk/src/protocols/silc/util.c Modified: trunk/src/protocols/silc/util.c =================================================================== --- trunk/src/protocols/silc/util.c 2006-08-17 10:04:21 UTC (rev 16814) +++ trunk/src/protocols/silc/util.c 2006-08-17 14:07:20 UTC (rev 16815) @@ -234,7 +234,7 @@ } #endif - if ((fd = g_open(file_private_key, O_RDONLY)) != -1) { + if ((fd = g_open(file_private_key, O_RDONLY, 0)) != -1) { if ((fstat(fd, &st)) == -1) { gaim_debug_error("silc", "Couldn't stat '%s' private key, error: %s\n", file_private_key, strerror(errno)); @@ -254,7 +254,7 @@ return FALSE; } - if ((fd = g_open(file_private_key, O_RDONLY)) != -1) { + if ((fd = g_open(file_private_key, O_RDONLY, 0)) != -1) { if ((fstat(fd, &st)) == -1) { gaim_debug_error("silc", "Couldn't stat '%s' private key, error: %s\n", file_private_key, strerror(errno)); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X