patch for encrypted file copy bugs

bug-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

patch for encrypted file copy bugs

From:	Hakan Isaksson
Subject:	patch for encrypted file copy bugs
Date:	Mon, 30 Jun 2003 11:20:07 +0200 (CEST)

Here is a patch against cfengine-2.0.7p3 that resolves both
the "encrypted file copy fails for particular filesize", and
the "Cannot encrypt files smaller than 17 bytes" problems.

The patch for client.c removes the check if size < 17 and
two checks in function CopyRegNet that would cause the read-loop
to break too early in some cases (for example if filsize was 0 bytes or 10
bytes).

The patch for cfserv.c removes the check if size < 17 and
adds a check if cipherlen > 0 before transmitting data,
because SendTransaction will think the out buffer is null-terminated
if cipherlen > 0 and resend a random mount of data.


--- cfengine-2.0.7p3/src/client.c.org   2003-06-30 10:33:13.000000000 +0200
+++ cfengine-2.0.7p3/src/client.c       2003-06-30 10:33:55.000000000 +0200
@@ -544,12 +544,6 @@

 if (ip->encrypt == 'y')
    {
-   if (size < 17)
-      {
-      snprintf(OUTPUT,bufsize,"Cannot encrypt files smaller than 17 bytes with 
OpenSSL/Blowfish (%s)",source);
-      CfLog(cferror,OUTPUT,"");
-      return false;
-      }

    snprintf(in,bufsize-CF_PROTO_OFFSET,"GET dummykey %s",source);
    cipherlen = EncryptString(in,out,CONN->session_key,strlen(in)+1);
@@ -666,6 +660,8 @@
       n_read = towrite = plainlen;
       }

+   if (ip->encrypt != 'y')
+   {
    if (n_read == 0)
       {
       break;
@@ -682,6 +678,7 @@
         return false;
         }
       }
+   }

 /*   if (n_read < toget)
       {
--- cfengine-2.0.7p3/src/cfservd.c.org  2003-06-26 10:19:42.000000000 +0200
+++ cfengine-2.0.7p3/src/cfservd.c      2003-06-27 01:33:53.000000000 +0200
@@ -2508,12 +2508,6 @@
    EVP_CIPHER_CTX_init(&ctx);
    EVP_EncryptInit(&ctx,EVP_bf_cbc(),key,iv);

-   if (statbuf.st_size < 17)
-      {
-      snprintf(OUTPUT,bufsize,"Cannot encrypt files smaller than 17 bytes with 
OpenSSL/Blowfish (%s)",filename);
-      CfLog(cferror,OUTPUT,"");
-      return;
-      }
    }

 if ((fd = SafeOpen(filename)) == -1)
@@ -2582,13 +2576,15 @@
            close(fd);
            return;
            }
-
-        if (SendTransaction(sd,out,cipherlen,CF_MORE) == -1)
+        if (cipherlen)
             {
-            CfLog(cfverbose,"Send failed in GetFile","send");
-            break;
-            }
-        }
+           if (SendTransaction(sd,out,cipherlen,CF_MORE) == -1)
+               {
+               CfLog(cfverbose,"Send failed in GetFile","send");
+               break;
+               }
+           }
+         }
       else
         {
         if (SendSocketStream(sd,sendbuffer,sendlen,0) == -1)
-------------------------------------
Håkan Isaksson
address@hidden
+46 073 67 109 76

[Prev in Thread]

Current Thread

[Next in Thread]

patch for encrypted file copy bugs, Hakan Isaksson <=

Prev by Date: Documentation bug
Previous by thread: Documentation bug
Index(es):
- Date
- Thread