Mailing List Archive: CNN

CNN

Jan 15, 1999, 1:15 AM

Post #1 of 5 (252 views)

I've just seen the article from cnn about GnuPG. A good article, indeed.

I've seen a problem in latest CVS: I've received a encrypted+signed e-mail,
I don't have the related pub key. GnuPG decrypts the message, tolds
to me that is unable to check the signature and then reports a
fatal: zlib inflate problem, rc=-2
(I'm trying to remember the exact message, I'm not on my machine at this
moment)
I'm using system zlib, all checks went fine in make check.

--
Fabio Coatti http://felix.unife.it/~cova
Ferrara Linux Users Group http://flug.unife.it
GnuPG fp:6AB9 277E 9AA7 9D20 E82C 9EE7 2D17 E351 3DCB 0CDC
Old SysOps never die... they simply forget their password.

Re: CNN [ In reply to ]

wk at isil

Jan 15, 1999, 1:40 PM

Post #2 of 5 (250 views)

Permalink

Fabio Coatti <cova@felix.unife.it> writes:

> to me that is unable to check the signature and then reports a
> fatal: zlib inflate problem, rc=-2

Hmmm, the problem with the system zlib has been reported several times
but I was not able to reproduce this bug. Anyway I recently updated
the included zlib to 1.1.3.

Can you provide me a testcase?

Re: CNN [ In reply to ]

ulf at fitug

Jan 15, 1999, 11:04 PM

Post #3 of 5 (249 views)

Permalink

>to me that is unable to check the signature and then reports a
>fatal: zlib inflate problem, rc=-2

I haven't seen the current GGP code, but my own PGP implementation got
-2 on inflate when I upgraded to the current version of zlib.

Jean-Loup Gailly pointed out what my error was (I don't know if this
applies to GPG):

/* windowBits is passed < 0 to tell that there is no zlib header.
* Note that in this case inflate *requires* an extra "dummy" byte
* after the compressed stream in order to complete decompression and
* return Z_STREAM_END.

Re: CNN [ In reply to ]

cova at felix

Jan 17, 1999, 2:53 AM

Post #4 of 5 (247 views)

Permalink

On Fri, Jan 15, 1999 at 09:40:05PM +0100, Werner Koch wrote:
> Fabio Coatti <cova@felix.unife.it> writes:
>
> > to me that is unable to check the signature and then reports a
> > fatal: zlib inflate problem, rc=-2
>
> Hmmm, the problem with the system zlib has been reported several times
> but I was not able to reproduce this bug. Anyway I recently updated
> the included zlib to 1.1.3.

I'll try to build one. Actually the one I have is a message encrypted
for me and it requires my secret key for exploiting.

I also think that there is a problem with dash-escaping (CVS 13/01/98,
not the latest): If I export an ascii-armored pub key and then I
sign the file (for example, I've exported a key, added some comments
in the same file and then signed the file), gpg can check the
signature but is unable to import the key.

--
Fabio Coatti http://felix.unife.it/~cova
Ferrara Linux Users Group http://flug.unife.it
GnuPG fp:6AB9 277E 9AA7 9D20 E82C 9EE7 2D17 E351 3DCB 0CDC
Old SysOps never die... they simply forget their password.

Re: CNN [ In reply to ]

wk at isil

Jan 18, 1999, 8:38 AM

Post #5 of 5 (248 views)

Permalink

Ulf Möller <ulf@fitug.de> writes:

> Jean-Loup Gailly pointed out what my error was (I don't know if this
> applies to GPG):
>
> /* windowBits is passed < 0 to tell that there is no zlib header.
> * Note that in this case inflate *requires* an extra "dummy" byte
> * after the compressed stream in order to complete decompression and
> * return Z_STREAM_END.

Ahh great; it's not mentioned in the changelog but anyway it is an
undocumented feature.

I'll give it a try.

Werner