Summary: mcrypt sets certain options internally by default without ~/.mcryptrc, but does not check them against other, incompatible options, resulting in silent operation contrary to user's intentions. The two invocations below should operate identically: $ mcrypt -V -z foo.txt Enter the passphrase (maximum of 512 characters) Please use a combination of upper and lower case letters and numbers. Enter passphrase: *** Enter passphrase: *** Algorithm: rijndael-128 Keysize: 32 Mode: ncfb Keyword mode: s2k-isalted-sha1 File format: openpgp Input File: foo.txt Output File: foo.txt.gz.nc File foo.txt was encrypted. $ mcrypt -V -z --openpgp foo.txt The options 'gz' are incompatible Error in the arguments. Use the --help parameter for more info. Similar bugs exist for options (-p,-z,-b,-m) when given with or without explicit --openpgp option. This appears to be a general bug in the 'gaa' option parsing lib in that options set to '1' by default the auto-generated gaaout.c (lines 1032-1040) are not compared against incompatible options after being initialized, whilst ones set by the user via commandline or file, are. Note: the above option lib by the same author as mcrypt is not a Gentoo package, but is required to build src/mcrypt.gaa GAA lib: https://sourceforge.net/projects/gaa/files/ Workaround: always set options explicitly on command-line. (eg., --openpgp or --no-openpgp) or set all options explicitly in ~/.mcryptrc Recommend converting mcrypt to use getopt(), removing auto-gen .gaa files and dependency on GAA tool
Created attachment 499848 [details, diff] Fix specific to --openpgp mode (implicit or explicit) combined with -z being allowed, and causing incorrect filenames (.gz/.bz where no gzip/bzip2 is actually applied) $ cat emerge.info Portage 2.3.8 (python 2.7.13-final-0, funtoo/1.0/linux-gnu/arch/x86-64bit, gcc-5.4.0, glibc-2.23-r4, 4.8.15-1 x86_64) ================================================================= System uname: Linux-4.8.15-1-x86_64-AMD_A8-5557M_APU_with_Radeon-tm-_HD_Graphics-with-gentoo-2.2.1 KiB Mem: 7341484 total, 4384408 free KiB Swap: 8384084 total, 7563388 free sh bash 4.4_p12-r1 ld GNU ld (Gentoo 2.28 p1.2) 2.28 app-shells/bash: 4.4_p12-r1::core-kit dev-lang/perl: 5.24.0-r2::gentoo dev-lang/python: 2.7.13::gentoo, 3.4.6::gentoo dev-util/cmake: 3.8.0::core-kit sys-apps/baselayout: 2.2.1::gentoo sys-apps/openrc: 0.23.2-r1::core-kit sys-apps/sandbox: 2.10-r4::core-kit sys-devel/autoconf: 2.13::core-kit, 2.69-r2::gentoo sys-devel/automake: 1.13.4-r1::core-kit, 1.14.1-r1::core-kit, 1.15-r2::gentoo sys-devel/binutils: 2.28-r4::core-kit sys-devel/gcc: 5.3.0-r1::gentoo, 5.4.0::core-kit sys-devel/gcc-config: 1.8-r1::gentoo sys-devel/libtool: 2.4.6-r4::core-kit sys-devel/make: 4.1-r1::gentoo sys-kernel/linux-headers: 4.9::gentoo (virtual/os-headers) sys-libs/glibc: 2.23-r4::gentoo Repositories: nokit location: /var/git/meta-repo/kits/nokit masters: core-kit priority: -500 x-portage location: /usr/local/portage masters: core-kit priority: 0 core-hw-kit location: /var/git/meta-repo/kits/core-hw-kit masters: core-kit priority: 1 core-kit location: /var/git/meta-repo/kits/core-kit masters: core-kit priority: 1 aliases: gentoo desktop-kit location: /var/git/meta-repo/kits/desktop-kit masters: core-kit priority: 1 dev-kit location: /var/git/meta-repo/kits/dev-kit masters: core-kit priority: 1 editors-kit location: /var/git/meta-repo/kits/editors-kit masters: core-kit priority: 1 games-kit location: /var/git/meta-repo/kits/games-kit masters: core-kit priority: 1 java-kit location: /var/git/meta-repo/kits/java-kit masters: core-kit priority: 1 kde-kit location: /var/git/meta-repo/kits/kde-kit masters: core-kit priority: 1 media-kit location: /var/git/meta-repo/kits/media-kit masters: core-kit priority: 1 net-kit location: /var/git/meta-repo/kits/net-kit masters: core-kit priority: 1 perl-kit location: /var/git/meta-repo/kits/perl-kit masters: core-kit priority: 1 php-kit location: /var/git/meta-repo/kits/php-kit masters: core-kit priority: 1 python-kit location: /var/git/meta-repo/kits/python-kit masters: core-kit priority: 1 security-kit location: /var/git/meta-repo/kits/security-kit masters: core-kit priority: 1 text-kit location: /var/git/meta-repo/kits/text-kit masters: core-kit priority: 1 xorg-kit location: /var/git/meta-repo/kits/xorg-kit masters: core-kit priority: 1 gnome-kit location: /var/git/meta-repo/kits/gnome-kit masters: core-kit priority: 10 russtopiaoverlay location: /var/git/overlay/russtopiaoverlay masters: core-kit priority: 10 science-kit location: /var/git/meta-repo/kits/science-kit masters: core-kit priority: 10 ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="* -@EULA Oracle-BCLA-JavaSE" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-mtune=generic -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/angband/gamedata/ /etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-mtune=generic -O2 -pipe" DISTDIR="/var/cache/portage/distfiles" FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync multilib-strict news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-mtune=generic -O2 -pipe" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="en_US.utf8" LDFLAGS="-Wl,-O1 -Wl,--sort-common -Wl,--as-needed" MAKEOPTS="-j5" PKGDIR="/var/cache/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_TMPDIR="/var/tmp" USE="X acl acpi alsa amd64 apm bash-completion berkdb bluetooth bzip2 cairo consolekit cracklib crypt cxx dbus gdbm iconv icu ipv6 mmx modules mudflap multilib ncurses nls nptl openmp openrc pam pcre policykit pulseaudio python readline resolvconf sse sse2 ssl tcpd unicode xattr xml zlib" ABI_X86="64" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias authn_core authz_core socache_shmcb unixd" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" GRUB_PLATFORMS="efi-64 pc" INPUT_DEVICES="evdev synaptics keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-6" POSTGRES_TARGETS="postgres9_5" PYTHON_SINGLE_TARGET="python3_4" PYTHON_TARGETS="python3_4 python2_7" QEMU_SOFTMMU_TARGETS="i386 x86_64" QEMU_USER_TARGETS="i386 x86_64" RUBY_TARGETS="ruby22 ruby23 ruby24" USERLAND="GNU" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS
The patch attached fixes an incorrect filename issue related to the bug, see https://forums.gentoo.org/viewtopic-t-1070876.html $ cat emerge.info Portage 2.3.8 (python 2.7.13-final-0, funtoo/1.0/linux-gnu/arch/x86-64bit, gcc-5.4.0, glibc-2.23-r4, 4.8.15-1 x86_64) ================================================================= System uname: Linux-4.8.15-1-x86_64-AMD_A8-5557M_APU_with_Radeon-tm-_HD_Graphics-with-gentoo-2.2.1 KiB Mem: 7341484 total, 4384408 free KiB Swap: 8384084 total, 7563388 free sh bash 4.4_p12-r1 ld GNU ld (Gentoo 2.28 p1.2) 2.28 app-shells/bash: 4.4_p12-r1::core-kit dev-lang/perl: 5.24.0-r2::gentoo dev-lang/python: 2.7.13::gentoo, 3.4.6::gentoo dev-util/cmake: 3.8.0::core-kit sys-apps/baselayout: 2.2.1::gentoo sys-apps/openrc: 0.23.2-r1::core-kit sys-apps/sandbox: 2.10-r4::core-kit sys-devel/autoconf: 2.13::core-kit, 2.69-r2::gentoo sys-devel/automake: 1.13.4-r1::core-kit, 1.14.1-r1::core-kit, 1.15-r2::gentoo sys-devel/binutils: 2.28-r4::core-kit sys-devel/gcc: 5.3.0-r1::gentoo, 5.4.0::core-kit sys-devel/gcc-config: 1.8-r1::gentoo sys-devel/libtool: 2.4.6-r4::core-kit sys-devel/make: 4.1-r1::gentoo sys-kernel/linux-headers: 4.9::gentoo (virtual/os-headers) sys-libs/glibc: 2.23-r4::gentoo Repositories: nokit location: /var/git/meta-repo/kits/nokit masters: core-kit priority: -500 x-portage location: /usr/local/portage masters: core-kit priority: 0 core-hw-kit location: /var/git/meta-repo/kits/core-hw-kit masters: core-kit priority: 1 core-kit location: /var/git/meta-repo/kits/core-kit masters: core-kit priority: 1 aliases: gentoo desktop-kit location: /var/git/meta-repo/kits/desktop-kit masters: core-kit priority: 1 dev-kit location: /var/git/meta-repo/kits/dev-kit masters: core-kit priority: 1 editors-kit location: /var/git/meta-repo/kits/editors-kit masters: core-kit priority: 1 games-kit location: /var/git/meta-repo/kits/games-kit masters: core-kit priority: 1 java-kit location: /var/git/meta-repo/kits/java-kit masters: core-kit priority: 1 kde-kit location: /var/git/meta-repo/kits/kde-kit masters: core-kit priority: 1 media-kit location: /var/git/meta-repo/kits/media-kit masters: core-kit priority: 1 net-kit location: /var/git/meta-repo/kits/net-kit masters: core-kit priority: 1 perl-kit location: /var/git/meta-repo/kits/perl-kit masters: core-kit priority: 1 php-kit location: /var/git/meta-repo/kits/php-kit masters: core-kit priority: 1 python-kit location: /var/git/meta-repo/kits/python-kit masters: core-kit priority: 1 security-kit location: /var/git/meta-repo/kits/security-kit masters: core-kit priority: 1 text-kit location: /var/git/meta-repo/kits/text-kit masters: core-kit priority: 1 xorg-kit location: /var/git/meta-repo/kits/xorg-kit masters: core-kit priority: 1 gnome-kit location: /var/git/meta-repo/kits/gnome-kit masters: core-kit priority: 10 russtopiaoverlay location: /var/git/overlay/russtopiaoverlay masters: core-kit priority: 10 science-kit location: /var/git/meta-repo/kits/science-kit masters: core-kit priority: 10 ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="* -@EULA Oracle-BCLA-JavaSE" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-mtune=generic -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/angband/gamedata/ /etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-mtune=generic -O2 -pipe" DISTDIR="/var/cache/portage/distfiles" FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync multilib-strict news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-mtune=generic -O2 -pipe" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="en_US.utf8" LDFLAGS="-Wl,-O1 -Wl,--sort-common -Wl,--as-needed" MAKEOPTS="-j5" PKGDIR="/var/cache/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_TMPDIR="/var/tmp" USE="X acl acpi alsa amd64 apm bash-completion berkdb bluetooth bzip2 cairo consolekit cracklib crypt cxx dbus gdbm iconv icu ipv6 mmx modules mudflap multilib ncurses nls nptl openmp openrc pam pcre policykit pulseaudio python readline resolvconf sse sse2 ssl tcpd unicode xattr xml zlib" ABI_X86="64" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias authn_core authz_core socache_shmcb unixd" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" GRUB_PLATFORMS="efi-64 pc" INPUT_DEVICES="evdev synaptics keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-6" POSTGRES_TARGETS="postgres9_5" PYTHON_SINGLE_TARGET="python3_4" PYTHON_TARGETS="python3_4 python2_7" QEMU_SOFTMMU_TARGETS="i386 x86_64" QEMU_USER_TARGETS="i386 x86_64" RUBY_TARGETS="ruby22 ruby23 ruby24" USERLAND="GNU" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS
Created attachment 499850 [details, diff] Similar bug with -m and --openpgp (-m was being ignored when -m and --openpgp are supposed to be incompatible)
Hello, This is upstream behavior, please report issue to upstream, once resolved it will reach downstream as well. Thanks,
Hi, Have you sent this to upstream? Thanks.
(In reply to Alon Bar-Lev from comment #5) > Hi, > Have you sent this to upstream? > Thanks. I attempted to do so many months ago. No response.
(In reply to Russ Magee from comment #6) > (In reply to Alon Bar-Lev from comment #5) > > Hi, > > Have you sent this to upstream? > > Thanks. > > I attempted to do so many months ago. No response. Please keep trying, if this is important to you. We will not fork the project.
Got reply from last-known upstream maintainers, quoted below. They are no longer involved. Project is also marked as having no maintainer in Debian, so I think this package will not be getting any patches upstream unless someone else takes up the task. I am open to taking over status as a maintainer but will need to get up to speed on how to submit for merge to Gentoo and Debian. ... X-Gm-Message-State: APjAAAVex3ZSE41Mzycths2DhvHAsZC3lGv1sPhVsbjbuehzi8z2Vkdd /JLcUAZ7meOdIjDsiO+ju5u/dgaQ7hKq9cbL0Zv1+G8C X-Google-Smtp-Source: APXvYqyJh6HJlfKJFvOqO8o3mr6BQu4JxBjgDNxiBgmgAKbLokGbED6wuwMwdZI3LJDUu+5Ak1xyS/ohD4VuRSzmXso= X-Received: by 2002:a1c:113:: with SMTP id 19mr12160735wmb.95.1582142868224; Wed, 19 Feb 2020 12:07:48 -0800 (PST) MIME-Version: 1.0 References: <CAN4yCu_PWk2-5S4iojcHEM0kej_vAxcOvT6yM0c2fR1Grgf_rw@mail.gmail.com> In-Reply-To: <CAN4yCu_PWk2-5S4iojcHEM0kej_vAxcOvT6yM0c2fR1Grgf_rw@mail.gmail.com> From: Nikos Mavrogiannopoulos <nmav@gnutls.org> Date: Wed, 19 Feb 2020 21:07:11 +0100 Message-ID: <CAJU7zaKXmy6n88SbMTg8QipGhJU_oqQFC9ESxfjGRyVVE6qQ1w@mail.gmail.com> Subject: Re: Bug fix for mcrypt 2.6.8? To: Russtopia <rmagee@gmail.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi, I haven't been involved in this project for more than a decade. I remember there was someone working on it on sf.net but I have no more information about it. regards, Nikos On Thu, Feb 13, 2020 at 12:37 AM Russtopia <rmagee@gmail.com> wrote: > > Hello, > > I was wondering, is mcrypt (2.6.8) still officially taking patches? I see= the sourceforge project seems rather dead, but I have a patch for mis-hand= ling of the -z option when in combination with --(no-)openpgp options and i= ncorrect filenames created when these are used together. > > If you are not the current maintainer, do you have a pointer to who is? > > Thank you, > -Russ Magee > > Patches (one for -z with -openpgp behaviour, another for preventing -m an= d -openpgp together as they conflict) attached for reference. >