View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0001431 | Main CAcert Website | GPG/PGP | public | 2018-02-19 09:10 | 2020-05-22 11:32 |
Reporter | wytze | Assigned To | GuKKDevel | ||
Priority | urgent | Severity | crash | Reproducibility | always |
Status | needs review & testing | Resolution | open | ||
Platform | Main CAcert Website | OS | N/A | OS Version | stable |
Product Version | 2017 Q4 | ||||
Target Version | 2017 Q4 | ||||
Summary | 0001431: GPG/PGP signing request is not properly checked for images | ||||
Description | A GPG/PGP signing request submitted to CAcert should not contain an image (as stated on the submission page). However, the code which validates and massages the signing request, does not properly check for this. As a result, it is possible to (accidentally or deliberately) create a very large signing request, by including a large image. Such requests will cause the communication between the web frontend and the signer machine to fail, and *all* certificate signing is blocked from that moment on. | ||||
Steps To Reproduce | I have not attempted to reproduce the problem, but there is historic evidence present on the production servers. Look for gpg requests 23644, 23645 or 23656 (they are identical). The first one caused a blockade of all CAcert signing from Fridat 16.02.2018 23:01 until Sunday 18.02.2018 16:00, when the problem was recognised and "remedied" by moving the signing request to the side. This particular signing request contained an image of 955207 bytes. | ||||
Additional Information | Due to the nature of this problem, any CAcert user with sufficient points to submit a GPG signing request, is able to block all signing operations. Therefore this bug will be set to private until a solution can be implemented. In my view there are two problems to be solved here: 1. GPG signing requests with images should be rejected or filtered (probably not very difficult). 2. The communcation process between web frontend and signer should be resistent against huge requests: either handle them correctly, or reject them beforehand (probably difficult). If issue #1 is solved, the priority for solving issue 0000002 can be lowered. | ||||
Tags | GPG | ||||
Reviewed by | |||||
Test Instructions | |||||
Date Modified | Username | Field | Change |
---|---|---|---|
2018-02-19 09:10 | wytze | New Issue | |
2018-02-19 09:10 | wytze | Tag Attached: GPG | |
2018-02-28 09:43 | egal | Assigned To | => GuKKDevel |
2018-03-05 14:32 | GuKKDevel | Note Added: 0005577 | |
2018-03-11 11:12 | GuKKDevel | Status | new => fix available |
2018-04-05 14:03 | GuKKDevel | Status | fix available => needs review & testing |
2018-04-05 14:05 | GuKKDevel | Status | needs review & testing => fix available |
2018-04-05 14:05 | GuKKDevel | View Status | private => public |
2018-06-11 12:13 | GuKKDevel | Status | fix available => needs review & testing |