aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--camel/ChangeLog26
-rw-r--r--camel/camel-cipher-context.c21
-rw-r--r--camel/camel-gpg-context.c1
-rw-r--r--camel/camel-smime-context.c1
-rw-r--r--camel/camel-stream-mem.c52
-rw-r--r--camel/camel-stream-mem.h6
6 files changed, 95 insertions, 12 deletions
diff --git a/camel/ChangeLog b/camel/ChangeLog
index 2021be3237..b31447caea 100644
--- a/camel/ChangeLog
+++ b/camel/ChangeLog
@@ -1,3 +1,29 @@
+2004-07-09 Not Zed <NotZed@Ximian.com>
+
+ ** This is no guarantee of security, but its just a helper to
+ prevent old memory accidentally being included/used elsewhere.
+
+ * camel-smime-context.c (sm_decrypt): mark the output stream
+ 'secure'.
+
+ * camel-gpg-context.c (gpg_decrypt): set the output stream to
+ secured, so we automagically blank it out on finalise.
+
+ * camel-stream-mem.c (camel_stream_mem_set_secure): set the
+ memory-stream 'secured', all we do at the moment is blank out the
+ buffer on finalise.
+ (camel_stream_mem_set_byte_array, camel_stream_mem_finalize):
+ clear memory if owner and secured. kill dead comment.
+ (clear_mem): utilitiy to set memory to 0xABADF00D
+
+2004-07-08 Not Zed <NotZed@Ximian.com>
+
+ ** See bug #61186.
+
+ * camel-cipher-context.c (camel_cipher_sign):
+ (camel_cipher_verify, camel_cipher_encrypt, camel_cipher_decrypt):
+ Add preliminary progress reporting.
+
2004-07-07 Chris Toshok <toshok@ximian.com>
* providers/groupwise/Makefile.am (INCLUDES): use
diff --git a/camel/camel-cipher-context.c b/camel/camel-cipher-context.c
index 5725470855..f2c017e9c3 100644
--- a/camel/camel-cipher-context.c
+++ b/camel/camel-cipher-context.c
@@ -31,6 +31,7 @@
#include "camel-cipher-context.h"
#include "camel-stream.h"
+#include "camel-operation.h"
#include "camel-mime-utils.h"
#include "camel-medium.h"
@@ -123,13 +124,17 @@ camel_cipher_sign (CamelCipherContext *context, const char *userid, CamelCipherH
int retval;
g_return_val_if_fail (CAMEL_IS_CIPHER_CONTEXT (context), -1);
-
+
+ camel_operation_start(NULL, _("Signing message"));
+
CIPHER_LOCK(context);
retval = CCC_CLASS (context)->sign (context, userid, hash, ipart, opart, ex);
CIPHER_UNLOCK(context);
-
+
+ camel_operation_end(NULL);
+
return retval;
}
@@ -163,11 +168,15 @@ camel_cipher_verify (CamelCipherContext *context, struct _CamelMimePart *ipart,
g_return_val_if_fail (CAMEL_IS_CIPHER_CONTEXT (context), NULL);
+ camel_operation_start(NULL, _("Verifying message"));
+
CIPHER_LOCK(context);
valid = CCC_CLASS (context)->verify (context, ipart, ex);
CIPHER_UNLOCK(context);
+
+ camel_operation_end(NULL);
return valid;
}
@@ -202,12 +211,16 @@ camel_cipher_encrypt (CamelCipherContext *context, const char *userid, GPtrArray
int retval;
g_return_val_if_fail (CAMEL_IS_CIPHER_CONTEXT (context), -1);
+
+ camel_operation_start(NULL, _("Encrypting message"));
CIPHER_LOCK(context);
retval = CCC_CLASS (context)->encrypt (context, userid, recipients, ipart, opart, ex);
CIPHER_UNLOCK(context);
+
+ camel_operation_end(NULL);
return retval;
}
@@ -237,12 +250,16 @@ camel_cipher_decrypt(CamelCipherContext *context, struct _CamelMimePart *ipart,
CamelCipherValidity *valid;
g_return_val_if_fail (CAMEL_IS_CIPHER_CONTEXT (context), NULL);
+
+ camel_operation_start(NULL, _("Decrypting message"));
CIPHER_LOCK(context);
valid = CCC_CLASS (context)->decrypt (context, ipart, opart, ex);
CIPHER_UNLOCK(context);
+
+ camel_operation_end(NULL);
return valid;
}
diff --git a/camel/camel-gpg-context.c b/camel/camel-gpg-context.c
index 7f7a493bce..fabf3495da 100644
--- a/camel/camel-gpg-context.c
+++ b/camel/camel-gpg-context.c
@@ -1621,6 +1621,7 @@ gpg_decrypt(CamelCipherContext *context, CamelMimePart *ipart, CamelMimePart *op
camel_stream_filter_add (CAMEL_STREAM_FILTER (filtered_stream), crlf_filter);
camel_object_unref (crlf_filter);*/
ostream = camel_stream_mem_new();
+ camel_stream_mem_set_secure((CamelStreamMem *)ostream);
gpg = gpg_ctx_new (context->session);
gpg_ctx_set_mode (gpg, GPG_CTX_MODE_DECRYPT);
diff --git a/camel/camel-smime-context.c b/camel/camel-smime-context.c
index 94ad6de69c..019d16d1d9 100644
--- a/camel/camel-smime-context.c
+++ b/camel/camel-smime-context.c
@@ -953,6 +953,7 @@ sm_decrypt(CamelCipherContext *context, CamelMimePart *ipart, CamelMimePart *opa
this api to do this ... */
ostream = camel_stream_mem_new();
+ camel_stream_mem_set_secure((CamelStreamMem *)ostream);
/* FIXME: stream this to the decoder incrementally */
istream = (CamelStreamMem *)camel_stream_mem_new();
diff --git a/camel/camel-stream-mem.c b/camel/camel-stream-mem.c
index 7b93b7864b..5577a4b40a 100644
--- a/camel/camel-stream-mem.c
+++ b/camel/camel-stream-mem.c
@@ -74,6 +74,23 @@ camel_stream_mem_init (CamelObject *object)
stream_mem->buffer = 0;
}
+/* could probably be a util method */
+static void clear_mem(void *p, size_t len)
+{
+ char *s = p;
+
+ /* This also helps debug bad access memory errors */
+ while (len > 4) {
+ *s++ = 0xAB;
+ *s++ = 0xAD;
+ *s++ = 0xF0;
+ *s++ = 0x0D;
+ len -= 4;
+ }
+
+ memset(s, 0xbf, len);
+}
+
CamelType
camel_stream_mem_get_type (void)
{
@@ -122,11 +139,28 @@ camel_stream_mem_new_with_byte_array (GByteArray *byte_array)
return CAMEL_STREAM (stream_mem);
}
+/**
+ * camel_stream_mem_set_secure:
+ * @s:
+ *
+ * Mark the memory stream as secure. At the very least this means the
+ * data in the buffer will be cleared when the buffer is finalised.
+ * This only applies to buffers owned by the stream.
+ **/
+void camel_stream_mem_set_secure(CamelStreamMem *s)
+{
+ s->secure = 1;
+ /* setup a mem-locked buffer etc? blah blah, well not yet anyway */
+}
+
/* note: with these functions the caller is the 'owner' of the buffer */
void camel_stream_mem_set_byte_array (CamelStreamMem *s, GByteArray *buffer)
{
- if (s->buffer && s->owner)
+ if (s->buffer && s->owner) {
+ if (s->secure && s->buffer->len)
+ clear_mem(s->buffer->data, s->buffer->len);
g_byte_array_free(s->buffer, TRUE);
+ }
s->owner = FALSE;
s->buffer = buffer;
}
@@ -144,15 +178,15 @@ void camel_stream_mem_set_buffer (CamelStreamMem *s, const char *buffer, size_t
static void
camel_stream_mem_finalize (CamelObject *object)
{
- CamelStreamMem *stream_mem = CAMEL_STREAM_MEM (object);
+ CamelStreamMem *s = CAMEL_STREAM_MEM (object);
- if (stream_mem->buffer && stream_mem->owner)
- g_byte_array_free (stream_mem->buffer, TRUE);
-
- /* Will be called automagically in the Camel Type System!
- * Wheeee!
- * G_TK_OBJECT_CLASS (parent_class)->finalize (object);
- */
+ if (s->buffer && s->owner) {
+ /* TODO: we need our own bytearray type since we don't know
+ the real size of the underlying buffer :-/ */
+ if (s->secure && s->buffer->len)
+ clear_mem(s->buffer->data, s->buffer->len);
+ g_byte_array_free(s->buffer, TRUE);
+ }
}
static ssize_t
diff --git a/camel/camel-stream-mem.h b/camel/camel-stream-mem.h
index af51c36ff7..ba01e950ad 100644
--- a/camel/camel-stream-mem.h
+++ b/camel/camel-stream-mem.h
@@ -45,7 +45,8 @@ typedef struct _CamelStreamMemClass CamelStreamMemClass;
struct _CamelStreamMem {
CamelSeekableStream parent_object;
- gboolean owner; /* do we own the buffer? */
+ unsigned int owner:1; /* do we own the buffer? */
+ unsigned int secure:1; /* do we clear the buffer on finalise (if we own it) */
GByteArray *buffer;
};
@@ -63,6 +64,9 @@ CamelStream *camel_stream_mem_new(void);
CamelStream *camel_stream_mem_new_with_byte_array(GByteArray *buffer);
CamelStream *camel_stream_mem_new_with_buffer(const char *buffer, size_t len);
+/* 'secure' data, currently just clears memory on finalise */
+void camel_stream_mem_set_secure(CamelStreamMem *);
+
/* these are really only here for implementing classes */
void camel_stream_mem_set_byte_array(CamelStreamMem *, GByteArray *buffer);
void camel_stream_mem_set_buffer(CamelStreamMem *, const char *buffer, size_t len);