[gnome-keyring] gpg-agent: Encode passwords when --data was requested
- From: Stefan Walter <stefw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-keyring] gpg-agent: Encode passwords when --data was requested
- Date: Thu, 28 Jun 2012 13:52:48 +0000 (UTC)
commit d31a26df7ce8d9c084b9c66fe00458683dde9864
Author: Stef Walter <stefw gnome org>
Date: Thu Jun 28 15:51:54 2012 +0200
gpg-agent: Encode passwords when --data was requested
* Use URI encoding to return passwords when gnupg calls us with
a --data argument.
https://bugzilla.gnome.org/show_bug.cgi?id=678771
daemon/gpg-agent/gkd-gpg-agent-ops.c | 41 ++++++++++++++++++++++++++++++---
1 files changed, 37 insertions(+), 4 deletions(-)
---
diff --git a/daemon/gpg-agent/gkd-gpg-agent-ops.c b/daemon/gpg-agent/gkd-gpg-agent-ops.c
index be6c4d3..a1a21ff 100644
--- a/daemon/gpg-agent/gkd-gpg-agent-ops.c
+++ b/daemon/gpg-agent/gkd-gpg-agent-ops.c
@@ -632,11 +632,12 @@ command_has_option (gchar *command, gchar *option)
return has_option;
}
+static const char HEXC[] = "0123456789abcdef";
+
/* Encode a password in hex */
static gchar*
-encode_password (const gchar *pass)
+hex_encode_password (const gchar *pass)
{
- static const char HEXC[] = "0123456789abcdef";
int j, c;
gchar *enc, *k;
@@ -656,6 +657,36 @@ encode_password (const gchar *pass)
return enc;
}
+static gchar*
+uri_encode_password (const gchar *value)
+{
+ gchar *p;
+ gchar *result;
+
+ /* Just allocate for worst case */
+ result = egg_secure_alloc ((strlen (value) * 3) + 1);
+
+ /* Now loop through looking for escapes */
+ p = result;
+ while (*value) {
+
+ /* These characters we let through verbatim */
+ if (*value && (g_ascii_isalnum (*value) || strchr ("_-.", *value) != NULL)) {
+ *(p++) = *(value++);
+
+ /* All others get encoded */
+ } else {
+ *(p++) = '%';
+ *(p++) = HEXC[((unsigned char)*value) >> 4];
+ *(p++) = HEXC[((unsigned char)*value) & 0x0F];
+ ++value;
+ }
+ }
+
+ *p = 0;
+ return result;
+}
+
/* ----------------------------------------------------------------------------------
* OPERATIONS
*/
@@ -737,10 +768,12 @@ gkd_gpg_agent_ops_getpass (GkdGpgAgentCall *call, gchar *args)
if (password == NULL) {
gkd_gpg_agent_send_reply (call, FALSE, "111 cancelled");
} else if (flags & GKD_GPG_AGENT_PASS_AS_DATA) {
- gkd_gpg_agent_send_data (call, password);
+ encoded = uri_encode_password (password);
+ gkd_gpg_agent_send_data (call, encoded);
gkd_gpg_agent_send_reply (call, TRUE, NULL);
+ egg_secure_strfree (encoded);
} else {
- encoded = encode_password (password);
+ encoded = hex_encode_password (password);
gkd_gpg_agent_send_reply (call, TRUE, encoded);
egg_secure_strfree (encoded);
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]