From 4defdec1126b55fa9a4669bdc8fe8a754d277b17 Mon Sep 17 00:00:00 2001
From: Ben Kibbey <bjk@luxsci.net>
Date: Thu, 18 Sep 2014 18:39:31 -0400
Subject: [PATCH] Disallow changing the cipher and iterations flags.

For the non-invoking client.
---
 src/commands.c | 39 +++++++++++++++++++++++++++++++++++++--
 tests/acl.test | 10 ++++++++++
 2 files changed, 47 insertions(+), 2 deletions(-)

diff --git a/src/commands.c b/src/commands.c
index 3dd9a5a3..f81fb626 100644
--- a/src/commands.c
+++ b/src/commands.c
@@ -740,12 +740,32 @@ parse_save_opt_cipher (void *data, void *value)
   struct client_s *client = data;
   int algo = cipher_string_to_gcrypt ((char *) value);
   file_header_t *hdr = &client->crypto->save.hdr;
+  gpg_error_t rc = 0;
 
   if (algo == -1)
     return GPG_ERR_INV_VALUE;
 
-  hdr->flags = set_cipher_flag (hdr->flags, algo);
-  return 0;
+  if (!(client->flags & FLAG_NEW))
+    {
+      rc = peer_is_invoker (client);
+      if (rc == GPG_ERR_EACCES)
+        {
+          uint64_t flags = 0;
+
+          flags &= ((uint16_t) ((uint32_t) (flags & 0xFFFFFFFF)));
+          if (!(client->crypto->hdr.flags & gcrypt_to_cipher (algo)))
+              return rc;
+
+          rc = 0;
+        }
+      else if (rc)
+        return rc;
+    }
+
+  if (!rc)
+    hdr->flags = set_cipher_flag (hdr->flags, algo);
+
+  return rc;
 }
 
 static gpg_error_t
@@ -854,6 +874,21 @@ parse_save_opt_iterations (void *data, void *value)
   else if (p && *p)
     return GPG_ERR_INV_VALUE;
 
+  if (!(client->flags & FLAG_NEW))
+    {
+      gpg_error_t rc = peer_is_invoker (client);
+
+      if (rc == GPG_ERR_EACCES)
+        {
+          if (client->crypto->hdr.iterations != n)
+            return rc;
+
+          rc = 0;
+        }
+      else if (rc)
+        return rc;
+    }
+
   client->crypto->save.hdr.iterations = n;
   return 0;
 }
diff --git a/tests/acl.test b/tests/acl.test
index 0dac4b09..5cbb3b4b 100755
--- a/tests/acl.test
+++ b/tests/acl.test
@@ -94,4 +94,14 @@ echo -ne 'GET acl' | pwmc $PWMC_ARGS acl > result
 cmp acl.result11 result
 rm -f result
 
+echo
+echo "Test 12. Change cipher during save (fail)."
+set +o errexit
+echo -ne 'NOP' | pwmc $PWMC_ARGS -S --cipher=serpent128 acl
+if [ ${PIPESTATUS[1]} == 0 ]; then
+    echo "The previous command should have failed. Stopping."
+    exit 1
+fi
+
+set -e
 test_success
-- 
2.11.4.GIT