View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000778 | Main CAcert Website | public | 2009-09-13 12:22 | 2013-01-15 14:17 | |
| Reporter | streng | Assigned To | Sourcerer | ||
| Priority | high | Severity | major | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Fixed in Version | 2010 Q1 | ||||
| Summary | 0000778: GPG/PGP-Key upload not possible | ||||
| Description | There is no menu item in GPG/PGP Keys for "Delete one of your keys". Its only possible to "View" or to add a key with "New". If i try the option "New" from GPG/PGP Keys menu a new page comes up where i can paste my key data generated with gpg --armor --export --export-options export-clean aae6022e > aae6022e.asc After pressing "Submit" i get an error:ing UIDs were found in your key: # Name Email Result 1 The format of the UID was not recognized. Please use 'Name (comment) <email@domain>' No valid UIDs found on your key | ||||
| Tags | No tags attached. | ||||
| Attached Files | cleangpg.patch (1,051 bytes)
diff --git a/includes/general.php b/includes/general.php
index 80b16a0..938df4e 100644
--- a/includes/general.php
+++ b/includes/general.php
@@ -826,6 +826,10 @@
$newcsr = str_replace("\n\n","\n",$newcsr);
return(preg_replace("/[^A-Za-z0-9\n\r\-\:\=\+\/ ]/","",$newcsr));
}
+ function clean_gpgcsr($CSR)
+ {
+ return(preg_replace("/[^A-Za-z0-9\n\r\-\:\=\+\/ ]/","",trim($CSR)));
+ }
function sanitizeFilename($text)
{
diff --git a/www/gpg.php b/www/gpg.php
index 38e5426..f97966f 100644
--- a/www/gpg.php
+++ b/www/gpg.php
@@ -82,7 +82,7 @@ function verifyEmail($email)
$state=0;
if($oldid == "0" && $CSR != "")
{
- $debugkey = $gpgkey = clean_csr($CSR);
+ $debugkey = $gpgkey = clean_gpgcsr($CSR);
$debugpg = $gpg = trim(`echo "$gpgkey"|gpg --with-colons --homedir /tmp 2>&1`);
$lines = "";
$gpgarr = explode("\n", $gpg);
@@ -268,7 +268,7 @@ function verifyEmail($email)
mkdir($cwd,0755);
$fp = fopen("$cwd/gpg.csr", "w");
- fputs($fp, clean_csr($CSR));
+ fputs($fp, clean_gpgcsr($CSR));
fclose($fp);
writefile.patch (874 bytes)
diff --git a/www/gpg.php b/www/gpg.php
index 894f298..3fd0cc9 100644
--- a/www/gpg.php
+++ b/www/gpg.php
@@ -83,7 +83,15 @@ function verifyEmail($email)
if($oldid == "0" && $CSR != "")
{
$debugkey = $gpgkey = clean_gpgcsr($CSR);
- $debugpg = $gpg = trim(`echo "$gpgkey"|gpg --with-colons --homedir /tmp 2>&1`);
+ #$debugpg = $gpg = trim(`echo "$gpgkey"|gpg --with-colons --homedir /tmp 2>&1`);
+
+ $tnam = tempnam('/tmp/', '__gpg');
+ $fp = fopen($tnam, 'w');
+ fwrite($fp, $gpgkey);
+ fclose($fp);
+ $debugpg = $gpg = trim(`gpg --with-colons --homedir /tmp 2>&1 < $tnam`);
+ unlink($tnam);
+
$lines = "";
$gpgarr = explode("\n", $gpg);
foreach($gpgarr as $line) | ||||
| Reviewed by | |||||
| Test Instructions | |||||
|
|
I think that the problem is the cleaning, which cleans the necessary empty line after the header. The attached patch should solve the problem. |
|
|
Exported to cacert1.it-sls.de and tested. Looks ok (except that there is no signing server, thus all signing requestst are queued). |
|
|
Additional note: does not work with the attached key of Karheinz Geyer... Looking into the issue now. |
|
|
Seems the armor block is too big or something. Write block to file and pipe into gpg works, while the echo $key | gpg seems not to work properly. Maybe issue of the test system. Parsing of smaller public keys works well, so there seems to be a relation to the size of that key block. See patch. |
|
|
On test2, which is already running Apache2, I discovered that we need the following Suhosin configuration to support such large key uploads: [suhosin] suhosin.post.max_value_length=2m suhosin.request.max_value_length=2m suhosin.cookie.max_value_length=2m (And I discovered that kate gives a timeout when copy-pasting to Firefox) |
|
|
Both patches have been applied. |
|
|
More than 3 month fixed and no complaints |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2009-09-13 12:22 | streng | New Issue | |
| 2009-09-13 12:22 | streng | File Added: aae6022e.asc | |
| 2010-03-28 21:51 | Sourcerer | File Added: cleangpg.patch | |
| 2010-03-28 21:52 | Sourcerer | Note Added: 0001567 | |
| 2010-03-28 22:05 | Sourcerer | Status | new => confirmed |
| 2010-03-29 09:36 | edgarwahn | Note Added: 0001568 | |
| 2010-03-29 10:24 | edgarwahn | Note Added: 0001570 | |
| 2010-03-29 10:42 | edgarwahn | Note Added: 0001571 | |
| 2010-03-29 10:43 | edgarwahn | File Added: writefile.patch | |
| 2010-03-29 10:44 | edgarwahn | Note Edited: 0001571 | |
| 2010-03-29 19:19 | Sourcerer | Note Added: 0001573 | |
| 2010-03-29 19:41 | Sourcerer | Note Added: 0001574 | |
| 2010-03-29 19:41 | Sourcerer | Status | confirmed => solved? |
| 2010-03-29 19:41 | Sourcerer | Resolution | open => fixed |
| 2010-03-29 19:41 | Sourcerer | Assigned To | => Sourcerer |
| 2010-05-28 10:52 | Sourcerer | View Status | private => public |
| 2011-06-21 23:57 | edgarwahn | Source_changeset_attached | => cacert-devel release eab6644f |
| 2011-06-22 00:09 | edgarwahn | Source_changeset_attached | => cacert-devel release eab6644f |
| 2012-01-25 17:17 | NEOatNHNG | Project | bugs.cacert.org => Main CAcert Website |
| 2012-12-20 07:52 | Werner Dworak | Relationship added | related to 0000089 |
| 2012-12-20 08:34 | Werner Dworak | Relationship added | related to 0001079 |
| 2012-12-21 04:51 | Werner Dworak | Note Added: 0003500 | |
| 2012-12-21 04:51 | Werner Dworak | Status | solved? => closed |
| 2013-01-15 14:17 | Werner Dworak | Fixed in Version | => 2010 Q1 |
