Fix endless loop in x/crypto/openpgp func ReadMessage #690
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This fixes getsops#665 See also golang/go#28786 In some strange situations it can happen, that openpgp.ReadMessage() runs into a endless loop. This seems to be triggered by a slightly inconsistency in key settings. It happened to me, but I wasn't able to reproduce it with a fresh key. A proposed solution from the x/crypto community was, to break this loop in the callback passphrasePrompt.
|
I fixed the test, so that they run locally, but this now breaks TravisCI. |
autrilla
approved these changes
Jul 8, 2020
pgp/keysource.go
Outdated
| maxCalls := 3 | ||
| return func(keys []openpgp.Key, symmetric bool) ([]byte, error) { | ||
| if callCounter >= maxCalls { | ||
| return nil, fmt.Errorf("function passphrasePrompt called more than once") |
There was a problem hiding this comment.
Suggested change
| return nil, fmt.Errorf("function passphrasePrompt called more than once") | |
| return nil, fmt.Errorf("function passphrasePrompt called too many times") |
I have no idea what the cause of the issue is, but if it's known, we could hint at the user what it is.
It is. #576 had a fix for it, but we never ended up merging it. |
This reverts commit 285f4dc.
Codecov Report
@@ Coverage Diff @@
## develop #690 +/- ##
===========================================
+ Coverage 38.23% 38.26% +0.02%
===========================================
Files 23 23
Lines 3329 3335 +6
===========================================
+ Hits 1273 1276 +3
- Misses 1927 1929 +2
- Partials 129 130 +1
Continue to review full report at Codecov.
|
|
Thanks! |
clelange
pushed a commit
to clelange/sops
that referenced
this pull request
Jul 19, 2020
* Fix tests * Fix endless loop in x/crypto/openpgp func ReadMessage This fixes getsops#665 See also golang/go#28786 In some strange situations it can happen, that openpgp.ReadMessage() runs into a endless loop. This seems to be triggered by a slightly inconsistency in key settings. It happened to me, but I wasn't able to reproduce it with a fresh key. A proposed solution from the x/crypto community was, to break this loop in the callback passphrasePrompt. * Revert "Fix tests" This reverts commit 285f4dc. * Improve error description getsops#690 (comment)
Ph0tonic
added a commit
to Ph0tonic/sops
that referenced
this pull request
Nov 14, 2023
Signed-off-by: Bastien <bastien.wermeille@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I wasn't able to write tests for it, because for this problem to occur, I had to produce a slightly inconsistent state
with private keys. I guess this only occurs if some old private key (GPG 1?) are migrated to GPG 2.
But this is only guessing.
Nevertheless I was able to test it locally with my GPG key, which produced this problem, before I fixed it.