View Issue Details

IDProjectCategoryView StatusLast Update
0000778Main CAcert Websitepublic2013-01-15 14:17
Reporterstreng Assigned ToSourcerer  
PriorityhighSeveritymajorReproducibilityalways
Status closedResolutionfixed 
Fixed in Version2010 Q1 
Summary0000778: GPG/PGP-Key upload not possible
DescriptionThere is no menu item in GPG/PGP Keys for "Delete one of your keys".
Its only possible to "View" or to add a key with "New".

If i try the option "New" from GPG/PGP Keys menu a new page comes
up where i can paste my key data generated with
gpg --armor --export --export-options export-clean aae6022e >
aae6022e.asc

After pressing "Submit" i get an error:ing UIDs were found in your key:
# Name Email Result
1 The format of the UID was not recognized. Please use 'Name (comment) <email@domain>'
No valid UIDs found on your key

TagsNo tags attached.
Attached Files
aae6022e.asc (356,175 bytes)
cleangpg.patch (1,051 bytes)   
diff --git a/includes/general.php b/includes/general.php
index 80b16a0..938df4e 100644
--- a/includes/general.php
+++ b/includes/general.php
@@ -826,6 +826,10 @@
 		$newcsr = str_replace("\n\n","\n",$newcsr);
 		return(preg_replace("/[^A-Za-z0-9\n\r\-\:\=\+\/ ]/","",$newcsr));
 	}
+	function clean_gpgcsr($CSR)
+	{
+		return(preg_replace("/[^A-Za-z0-9\n\r\-\:\=\+\/ ]/","",trim($CSR)));
+	}
 
 	function sanitizeFilename($text)
 	{
diff --git a/www/gpg.php b/www/gpg.php
index 38e5426..f97966f 100644
--- a/www/gpg.php
+++ b/www/gpg.php
@@ -82,7 +82,7 @@ function verifyEmail($email)
 	$state=0;
 	if($oldid == "0" && $CSR != "")
 	{
-		$debugkey = $gpgkey = clean_csr($CSR);
+		$debugkey = $gpgkey = clean_gpgcsr($CSR);
 		$debugpg = $gpg = trim(`echo "$gpgkey"|gpg --with-colons --homedir /tmp 2>&1`);
 		$lines = "";
 		$gpgarr = explode("\n", $gpg);
@@ -268,7 +268,7 @@ function verifyEmail($email)
 		mkdir($cwd,0755);
 
 		$fp = fopen("$cwd/gpg.csr", "w");
-		fputs($fp, clean_csr($CSR));
+		fputs($fp, clean_gpgcsr($CSR));
 		fclose($fp);
 
 
cleangpg.patch (1,051 bytes)   
writefile.patch (874 bytes)   
diff --git a/www/gpg.php b/www/gpg.php
index 894f298..3fd0cc9 100644
--- a/www/gpg.php
+++ b/www/gpg.php
@@ -83,7 +83,15 @@ function verifyEmail($email)
        if($oldid == "0" && $CSR != "")
        {
                $debugkey = $gpgkey = clean_gpgcsr($CSR);
-               $debugpg = $gpg = trim(`echo "$gpgkey"|gpg --with-colons --homedir /tmp 2>&1`);
+               #$debugpg = $gpg = trim(`echo "$gpgkey"|gpg --with-colons --homedir /tmp 2>&1`);
+
+               $tnam = tempnam('/tmp/', '__gpg');
+               $fp = fopen($tnam, 'w');
+               fwrite($fp, $gpgkey);
+               fclose($fp);
+               $debugpg = $gpg = trim(`gpg --with-colons --homedir /tmp 2>&1 < $tnam`);
+               unlink($tnam);
+
                $lines = "";
                $gpgarr = explode("\n", $gpg);
                foreach($gpgarr as $line)
writefile.patch (874 bytes)   
Reviewed by
Test Instructions

Relationships

related to 0000089 needs workSourcerer GPG Revokation Escrow Service 
related to 0001079 needs work GPG key can not be revoked 

Activities

Sourcerer

2010-03-28 21:52

administrator   ~0001567

I think that the problem is the cleaning, which cleans the necessary empty line after the header. The attached patch should solve the problem.

edgarwahn

2010-03-29 09:36

developer   ~0001568

Exported to cacert1.it-sls.de and tested. Looks ok (except that there is no signing server, thus all signing requestst are queued).

edgarwahn

2010-03-29 10:24

developer   ~0001570

Additional note: does not work with the attached key of Karheinz Geyer... Looking into the issue now.

edgarwahn

2010-03-29 10:42

developer   ~0001571

Last edited: 2010-03-29 10:44

Seems the armor block is too big or something. Write block to file and pipe into gpg works, while the echo $key | gpg seems not to work properly. Maybe issue of the test system.

Parsing of smaller public keys works well, so there seems to be a relation to the size of that key block.

See patch.

Sourcerer

2010-03-29 19:19

administrator   ~0001573

On test2, which is already running Apache2, I discovered that we need the following Suhosin configuration to support such large key uploads:

[suhosin]
suhosin.post.max_value_length=2m
suhosin.request.max_value_length=2m
suhosin.cookie.max_value_length=2m

(And I discovered that kate gives a timeout when copy-pasting to Firefox)

Sourcerer

2010-03-29 19:41

administrator   ~0001574

Both patches have been applied.

Werner Dworak

2012-12-21 04:51

updater   ~0003500

More than 3 month fixed and no complaints

Issue History

Date Modified Username Field Change
2009-09-13 12:22 streng New Issue
2009-09-13 12:22 streng File Added: aae6022e.asc
2010-03-28 21:51 Sourcerer File Added: cleangpg.patch
2010-03-28 21:52 Sourcerer Note Added: 0001567
2010-03-28 22:05 Sourcerer Status new => confirmed
2010-03-29 09:36 edgarwahn Note Added: 0001568
2010-03-29 10:24 edgarwahn Note Added: 0001570
2010-03-29 10:42 edgarwahn Note Added: 0001571
2010-03-29 10:43 edgarwahn File Added: writefile.patch
2010-03-29 10:44 edgarwahn Note Edited: 0001571
2010-03-29 19:19 Sourcerer Note Added: 0001573
2010-03-29 19:41 Sourcerer Note Added: 0001574
2010-03-29 19:41 Sourcerer Status confirmed => solved?
2010-03-29 19:41 Sourcerer Resolution open => fixed
2010-03-29 19:41 Sourcerer Assigned To => Sourcerer
2010-05-28 10:52 Sourcerer View Status private => public
2011-06-21 23:57 edgarwahn Source_changeset_attached => cacert-devel release eab6644f
2011-06-22 00:09 edgarwahn Source_changeset_attached => cacert-devel release eab6644f
2012-01-25 17:17 NEOatNHNG Project bugs.cacert.org => Main CAcert Website
2012-12-20 07:52 Werner Dworak Relationship added related to 0000089
2012-12-20 08:34 Werner Dworak Relationship added related to 0001079
2012-12-21 04:51 Werner Dworak Note Added: 0003500
2012-12-21 04:51 Werner Dworak Status solved? => closed
2013-01-15 14:17 Werner Dworak Fixed in Version => 2010 Q1