diff -u ecryptfs-utils-53/debian/changelog ecryptfs-utils-53/debian/changelog --- ecryptfs-utils-53/debian/changelog +++ ecryptfs-utils-53/debian/changelog @@ -1,3 +1,15 @@ +ecryptfs-utils (53-1ubuntu11) intrepid; urgency=low + + * debian/patches/55_check_password_and_remove_from_proc.dpatch: + Validate login password in ecryptfs-setup-private. + Fix ecryptfs-add-passphrase and ecryptfs-wrap-passphrase to take + passphrases on standard, to protect from disclosure on the process + table; fix callers in ecryptfs-setup-private (LP: #287908). + Validate that the user password is correct with unix_chkpwd (LP: #287906). + * debian/patches/00list: updated accordingly + + -- Dustin Kirkland Wed, 22 Oct 2008 22:32:59 -0500 + ecryptfs-utils (53-1ubuntu10) intrepid; urgency=low [Dustin Kirkland] diff -u ecryptfs-utils-53/debian/patches/00list ecryptfs-utils-53/debian/patches/00list --- ecryptfs-utils-53/debian/patches/00list +++ ecryptfs-utils-53/debian/patches/00list @@ -9,0 +10 @@ +55_check_password_and_remove_from_proc.dpatch only in patch2: unchanged: --- ecryptfs-utils-53.orig/debian/patches/55_check_password_and_remove_from_proc.dpatch +++ ecryptfs-utils-53/debian/patches/55_check_password_and_remove_from_proc.dpatch @@ -0,0 +1,131 @@ +#!/bin/sh /usr/share/dpatch/dpatch-run +# 55_check_password_and_remove_from_proc.dpatch +# Dustin Kirkland +# +# Validate login password in ecryptfs-setup-private +# Fix ecryptfs-add-passphrase and ecryptfs-wrap-passphrase to take +# passphrases on standard, to protect from disclosure on the process +# table; fix callers in ecryptfs-setup-private + +@DPATCH@ +diff -upr 1/ecryptfs-utils-53/src/utils/ecryptfs_add_passphrase.c 2/ecryptfs-utils-53/src/utils/ecryptfs_add_passphrase.c +--- ecryptfs-utils-53/src/utils/ecryptfs_add_passphrase.c 2008-01-18 22:58:42.000000000 -0600 ++++ ecryptfs-utils-53/src/utils/ecryptfs_add_passphrase.c 2008-10-22 18:55:21.503540303 -0500 +@@ -38,13 +38,23 @@ int main(int argc, char *argv[]) + char salt[ECRYPTFS_SALT_SIZE]; + char salt_hex[ECRYPTFS_SALT_SIZE_HEX]; + int rc = 0; ++ char *p; + + if (argc != 2) { + usage(); + goto out; + } +- memcpy(passphrase, argv[1], ECRYPTFS_MAX_PASSWORD_LENGTH); +- passphrase[ECRYPTFS_MAX_PASSWORD_LENGTH] = '\0'; ++ if (strlen(argv[1]) == 1 && strncmp(argv[1], "-", 1) == 0) { ++ if (fgets(passphrase, ECRYPTFS_MAX_PASSWORD_LENGTH, stdin) == NULL) { ++ usage(); ++ goto out; ++ } ++ p = strrchr(passphrase, '\n'); ++ if (p) *p = '\0'; ++ } else { ++ memcpy(passphrase, argv[1], ECRYPTFS_MAX_PASSWORD_LENGTH); ++ passphrase[ECRYPTFS_MAX_PASSWORD_LENGTH] = '\0'; ++ } + rc = ecryptfs_read_salt_hex_from_rc(salt_hex); + if (rc) { + printf("Unable to read salt value from user's " +diff -upr 1/ecryptfs-utils-53/src/utils/ecryptfs-setup-private 2/ecryptfs-utils-53/src/utils/ecryptfs-setup-private +--- ecryptfs-utils-53/src/utils/ecryptfs-setup-private 2008-10-22 15:59:19.895533209 -0500 ++++ ecryptfs-utils-53/src/utils/ecryptfs-setup-private 2008-10-22 19:36:52.179587956 -0500 +@@ -144,16 +144,12 @@ if [ -z "$LOGINPASS" ]; then + if [ -z "$LOGINPASS" ]; then + echo "ERROR: You must provide a login passphrase" + continue +- else +- stty -echo +- read -p "Enter your login passphrase (again): " -r LOGINPASS2 +- stty $stty_orig +- echo +- if [ "$LOGINPASS" != "$LOGINPASS2" ]; then +- echo "ERROR: Login passphrases do not match" +- continue +- else ++ else ++ if echo -e "$LOGINPASS\0" | /sbin/unix_chkpwd "$USER" nullok; then + break ++ else ++ echo "ERROR: Your login passphrase is incorrect" ++ continue + fi + fi + done +@@ -233,12 +229,12 @@ done + # Setup wrapped-passphrase file + u=`umask` + umask 377 +-ecryptfs-wrap-passphrase "$HOME/.ecryptfs/wrapped-passphrase" "$MOUNTPASS" "$LOGINPASS" || error "Could not wrap passphrase" ++echo -e "$MOUNTPASS\n$LOGINPASS" | ecryptfs-wrap-passphrase "$HOME/.ecryptfs/wrapped-passphrase" - || error "Could not wrap passphrase" + umask $u + + # Add the passphrase to current keyring + # On subsequent logins, this should be handled by "pam_ecryptfs.so unwrap" +-response=`ecryptfs-add-passphrase "$MOUNTPASS"` ++response=`echo -e "$MOUNTPASS" | ecryptfs-add-passphrase -` + if [ $? -ne 0 ]; then + error "Could not add passphrase to the current keyring" + fi +diff -upr 1/ecryptfs-utils-53/src/utils/ecryptfs_wrap_passphrase.c 2/ecryptfs-utils-53/src/utils/ecryptfs_wrap_passphrase.c +--- ecryptfs-utils-53/src/utils/ecryptfs_wrap_passphrase.c 2008-01-18 22:58:42.000000000 -0600 ++++ ecryptfs-utils-53/src/utils/ecryptfs_wrap_passphrase.c 2008-10-23 09:50:57.487641005 -0500 +@@ -20,6 +20,7 @@ + + #include + #include ++#include + #include "config.h" + + void usage(void) +@@ -39,14 +40,37 @@ int main(int argc, char *argv[]) + char salt[ECRYPTFS_SALT_SIZE]; + char salt_hex[ECRYPTFS_SALT_SIZE_HEX]; + int rc = 0; ++ char *p; + +- if (argc != 4) { ++ if (argc == 3 && strlen(argv[2]) == 1 && strncmp(argv[2], "-", 1) == 0) { ++ if ((passphrase = (char *)malloc(ECRYPTFS_MAX_PASSWORD_LENGTH+1)) == NULL) { ++ perror("malloc"); ++ goto out; ++ } ++ if ((wrapping_passphrase = (char *)malloc(ECRYPTFS_MAX_PASSWORD_LENGTH+1)) == NULL) { ++ perror("malloc"); ++ goto out; ++ } ++ if (fgets(passphrase, ECRYPTFS_MAX_PASSWORD_LENGTH, stdin) == NULL) { ++ usage(); ++ goto out; ++ } ++ p = strrchr(passphrase, '\n'); ++ if (p) *p = '\0'; ++ if (fgets(wrapping_passphrase, ECRYPTFS_MAX_PASSWORD_LENGTH, stdin) == NULL) { ++ usage(); ++ goto out; ++ } ++ p = strrchr(wrapping_passphrase, '\n'); ++ if (p) *p = '\0'; ++ } else if (argc == 4) { ++ passphrase = argv[2]; ++ wrapping_passphrase = argv[3]; ++ } else { + usage(); + goto out; + } + file = argv[1]; +- passphrase = argv[2]; +- wrapping_passphrase = argv[3]; + rc = ecryptfs_read_salt_hex_from_rc(salt_hex); + if (rc) { + printf("Unable to read salt value from user's "