[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
patch for encrypted file copy bugs
From: |
Hakan Isaksson |
Subject: |
patch for encrypted file copy bugs |
Date: |
Mon, 30 Jun 2003 11:20:07 +0200 (CEST) |
Here is a patch against cfengine-2.0.7p3 that resolves both
the "encrypted file copy fails for particular filesize", and
the "Cannot encrypt files smaller than 17 bytes" problems.
The patch for client.c removes the check if size < 17 and
two checks in function CopyRegNet that would cause the read-loop
to break too early in some cases (for example if filsize was 0 bytes or 10
bytes).
The patch for cfserv.c removes the check if size < 17 and
adds a check if cipherlen > 0 before transmitting data,
because SendTransaction will think the out buffer is null-terminated
if cipherlen > 0 and resend a random mount of data.
--- cfengine-2.0.7p3/src/client.c.org 2003-06-30 10:33:13.000000000 +0200
+++ cfengine-2.0.7p3/src/client.c 2003-06-30 10:33:55.000000000 +0200
@@ -544,12 +544,6 @@
if (ip->encrypt == 'y')
{
- if (size < 17)
- {
- snprintf(OUTPUT,bufsize,"Cannot encrypt files smaller than 17 bytes with
OpenSSL/Blowfish (%s)",source);
- CfLog(cferror,OUTPUT,"");
- return false;
- }
snprintf(in,bufsize-CF_PROTO_OFFSET,"GET dummykey %s",source);
cipherlen = EncryptString(in,out,CONN->session_key,strlen(in)+1);
@@ -666,6 +660,8 @@
n_read = towrite = plainlen;
}
+ if (ip->encrypt != 'y')
+ {
if (n_read == 0)
{
break;
@@ -682,6 +678,7 @@
return false;
}
}
+ }
/* if (n_read < toget)
{
--- cfengine-2.0.7p3/src/cfservd.c.org 2003-06-26 10:19:42.000000000 +0200
+++ cfengine-2.0.7p3/src/cfservd.c 2003-06-27 01:33:53.000000000 +0200
@@ -2508,12 +2508,6 @@
EVP_CIPHER_CTX_init(&ctx);
EVP_EncryptInit(&ctx,EVP_bf_cbc(),key,iv);
- if (statbuf.st_size < 17)
- {
- snprintf(OUTPUT,bufsize,"Cannot encrypt files smaller than 17 bytes with
OpenSSL/Blowfish (%s)",filename);
- CfLog(cferror,OUTPUT,"");
- return;
- }
}
if ((fd = SafeOpen(filename)) == -1)
@@ -2582,13 +2576,15 @@
close(fd);
return;
}
-
- if (SendTransaction(sd,out,cipherlen,CF_MORE) == -1)
+ if (cipherlen)
{
- CfLog(cfverbose,"Send failed in GetFile","send");
- break;
- }
- }
+ if (SendTransaction(sd,out,cipherlen,CF_MORE) == -1)
+ {
+ CfLog(cfverbose,"Send failed in GetFile","send");
+ break;
+ }
+ }
+ }
else
{
if (SendSocketStream(sd,sendbuffer,sendlen,0) == -1)
-------------------------------------
HÃ¥kan Isaksson
address@hidden
+46 073 67 109 76
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- patch for encrypted file copy bugs,
Hakan Isaksson <=