From: Michael M Slusarz Date: Mon, 2 Mar 2009 21:46:13 +0000 (-0700) Subject: Ticket #8036: Better error handling for gnupg and openssl command line binaries X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=00a207ca72ec08e598a21d167c6e706a3b9486ee;p=horde.git Ticket #8036: Better error handling for gnupg and openssl command line binaries --- diff --git a/framework/Crypt/lib/Horde/Crypt/Pgp.php b/framework/Crypt/lib/Horde/Crypt/Pgp.php index a8b07e87e..add5b8b67 100644 --- a/framework/Crypt/lib/Horde/Crypt/Pgp.php +++ b/framework/Crypt/lib/Horde/Crypt/Pgp.php @@ -199,6 +199,7 @@ class Horde_Crypt_Pgp extends Horde_Crypt '--batch', '--armor' ); + $result = $this->_callGpg($cmdline, 'w', $input, true, true); /* Get the keys from the temp files. */ @@ -262,6 +263,8 @@ class Horde_Crypt_Pgp extends Horde_Crypt * signature that has signed that UID. Signatures not associated with a * UID (e.g. revocation signatures and sub keys) will be stored under the * special keyword '_SIGNATURE'. + * + * @throws Horde_Exception */ public function pgpPacketInformation($pgpdata) { @@ -393,6 +396,7 @@ class Horde_Crypt_Pgp extends Horde_Crypt * @param string $pgpdata The PGP data block. * * @return string Tabular information on the PGP key. + * @throws Horde_Exception */ public function pgpPrettyKey($pgpdata) { @@ -488,6 +492,7 @@ class Horde_Crypt_Pgp extends Horde_Crypt * created => Signature creation - UNIX timestamp * micalg => The hash used to create the signature * + * @throws Horde_Exception */ public function pgpPacketSignature($pgpdata, $email) { @@ -532,6 +537,7 @@ class Horde_Crypt_Pgp extends Horde_Crypt * @param string $uid_idx The UID index. * * @return array See pgpPacketSignature(). + * @throws Horde_Exception */ public function pgpPacketSignatureByUidIndex($pgpdata, $uid_idx) { @@ -599,6 +605,7 @@ class Horde_Crypt_Pgp extends Horde_Crypt * @param string $text The PGP signed text block. * * @return string The key ID of the key used to sign $text. + * @throws Horde_Exception */ public function getSignersKeyID($text) { @@ -825,7 +832,8 @@ class Horde_Crypt_Pgp extends Horde_Crypt * * @param string $pgpdata The PGP data block. * - * @return array The fingerprints in $pgpdata indexed by key id. + * @return array The fingerprints in $pgpdata indexed by key id. + * @throws Horde_Exception */ public function getFingerprintsFromKey($pgpdata) { @@ -970,6 +978,7 @@ class Horde_Crypt_Pgp extends Horde_Crypt * @param string $text The PGP encrypted text. * * @return boolean True if the text is symmetricallly encrypted. + * @throws Horde_Exception */ public function encryptedSymmetrically($text) { @@ -1015,6 +1024,7 @@ class Horde_Crypt_Pgp extends Horde_Crypt * (Default) or 'private' * * @return string Command line keystring option to use with gpg program. + * @throws Horde_Exception */ protected function _putInKeyring($keys = array(), $type = 'public') { @@ -1493,6 +1503,7 @@ class Horde_Crypt_Pgp extends Horde_Crypt * @param boolean $verbose Run GnuPG with verbose flag? * * @return stdClass Class with members output, stderr, and stdout. + * @throws Horde_Exception */ protected function _callGpg($options, $mode, $input = array(), $output = false, $stderr = false, @@ -1529,26 +1540,33 @@ class Horde_Crypt_Pgp extends Horde_Crypt $cmdline = implode(' ', array_merge($this->_gnupg, $options)); if ($mode == 'w') { - $fp = popen($cmdline, 'w'); - $win32 = !strncasecmp(PHP_OS, 'WIN', 3); + if ($fp = popen($cmdline, 'w')) {; + $win32 = !strncasecmp(PHP_OS, 'WIN', 3); - if (!is_array($input)) { - $input = array($input); - } - foreach ($input as $line) { - if ($win32 && (strpos($line, "\x0d\x0a") !== false)) { - $chunks = explode("\x0d\x0a", $line); - foreach ($chunks as $chunk) { - fputs($fp, $chunk . "\n"); + if (!is_array($input)) { + $input = array($input); + } + + foreach ($input as $line) { + if ($win32 && (strpos($line, "\x0d\x0a") !== false)) { + $chunks = explode("\x0d\x0a", $line); + foreach ($chunks as $chunk) { + fputs($fp, $chunk . "\n"); + } + } else { + fputs($fp, $line . "\n"); } - } else { - fputs($fp, $line . "\n"); } + } else { + throw new Horde_Exception(_("Error while talking to pgp binary.")); } } elseif ($mode == 'r') { - $fp = popen($cmdline, 'r'); - while (!feof($fp)) { - $data->stdout .= fgets($fp, 1024); + if ($fp = popen($cmdline, 'r')) { + while (!feof($fp)) { + $data->stdout .= fgets($fp, 1024); + } + } else { + throw new Horde_Exception(_("Error while talking to pgp binary.")); } } pclose($fp); diff --git a/framework/Crypt/lib/Horde/Crypt/Smime.php b/framework/Crypt/lib/Horde/Crypt/Smime.php index ec1cd7468..b7e1d08ad 100644 --- a/framework/Crypt/lib/Horde/Crypt/Smime.php +++ b/framework/Crypt/lib/Horde/Crypt/Smime.php @@ -1236,16 +1236,20 @@ class Horde_Crypt_Smime extends Horde_Crypt } else { $cmdline .= ' -nodes'; } - $fd = popen($cmdline, 'w'); + } else { + $cmdline .= ' -nodes'; + } + + if ($fd = popen($cmdline, 'w')) { fwrite($fd, $params['password'] . "\n"); if (!empty($params['newpassword'])) { fwrite($fd, $params['newpassword'] . "\n"); } pclose($fd); } else { - $cmdline .= ' -nodes'; - exec($cmdline); + throw new Horde_Exception(_("Error while talking to smime binary.")); } + $ob->private = trim(file_get_contents($output)); if (empty($ob->private)) { throw new Horde_Exception(_("Password incorrect"), 'horde.error'); @@ -1255,24 +1259,30 @@ class Horde_Crypt_Smime extends Horde_Crypt $cmdline = $sslpath . ' pkcs12 -in ' . $input . ' -out ' . $output . ' -nokeys -clcerts'; if (isset($params['password'])) { $cmdline .= ' -passin stdin'; - $fd = popen($cmdline, 'w'); + } + + if ($fd = popen($cmdline, 'w')) { fwrite($fd, $params['password'] . "\n"); pclose($fd); } else { - exec($cmdline); + throw new Horde_Exception(_("Error while talking to smime binary.")); } + $ob->public = trim(file_get_contents($output)); /* Extract the CA public key next. */ $cmdline = $sslpath . ' pkcs12 -in ' . $input . ' -out ' . $output . ' -nokeys -cacerts'; if (isset($params['password'])) { $cmdline .= ' -passin stdin'; - $fd = popen($cmdline, 'w'); + } + + if ($fd = popen($cmdline, 'w')) { fwrite($fd, $params['password'] . "\n"); pclose($fd); } else { - exec($cmdline); + throw new Horde_Exception(_("Error while talking to smime binary.")); } + $ob->certs = trim(file_get_contents($output)); return $ob; diff --git a/framework/Crypt/package.xml b/framework/Crypt/package.xml index b7e42bcba..709cbefb5 100644 --- a/framework/Crypt/package.xml +++ b/framework/Crypt/package.xml @@ -24,7 +24,8 @@ http://pear.php.net/dtd/package-2.0.xsd"> alpha LGPL - * Initial Horde 4 package. + * Better error handling for gnupg and openssl command line binaries. +* Initial Horde 4 package.