1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

dirmngr: Disable the HTTP redirect rewriting.

* dirmngr/http.h (struct http_redir_info_s): Add restrict_redir.
* dirmngr/ks-engine-hkp.c (send_request): Set it depending on flags.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/t-http-basic.c (test_http_prepare_redirect): Always set it.
* dirmngr/http.c (http_prepare_redirect): Remove location rewriting
unless the flag is set.
--

GnuPG-bug-id: 6477
This commit is contained in:
Werner Koch 2023-06-15 15:06:21 +02:00
parent bf04b07327
commit 0a63afc79a
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
5 changed files with 11 additions and 6 deletions

View File

@ -3741,10 +3741,11 @@ http_prepare_redirect (http_redir_info_t *info, unsigned int status_code,
http_release_parsed_uri (locuri); http_release_parsed_uri (locuri);
return err; return err;
} }
else if (same_host_p (origuri, locuri)) else if (!info->restrict_redir || same_host_p (origuri, locuri))
{ {
/* The host is the same or on an exception list and thus we can /* Take the syntactically correct location or if restrict_redir
* take the location verbatim. */ * is set the host is the same or on an exception list and thus
* we can take the location verbatim. */
http_release_parsed_uri (origuri); http_release_parsed_uri (origuri);
http_release_parsed_uri (locuri); http_release_parsed_uri (locuri);
newurl = xtrystrdup (location); newurl = xtrystrdup (location);
@ -3754,7 +3755,7 @@ http_prepare_redirect (http_redir_info_t *info, unsigned int status_code,
return err; return err;
} }
} }
else else /* Strictly rectricted redirection which we used in the past. */
{ {
/* We take only the host and port from the URL given in the /* We take only the host and port from the URL given in the
* Location. This limits the effects of redirection attacks by * Location. This limits the effects of redirection attacks by

View File

@ -117,6 +117,7 @@ struct http_redir_info_s
unsigned int silent:1; /* No diagnostics. */ unsigned int silent:1; /* No diagnostics. */
unsigned int allow_downgrade:1;/* Allow a downgrade from https to http. */ unsigned int allow_downgrade:1;/* Allow a downgrade from https to http. */
unsigned int trust_location:1; /* Trust the received Location header. */ unsigned int trust_location:1; /* Trust the received Location header. */
unsigned int restrict_redir:1; /* Use legacy restricted redirection. */
}; };
typedef struct http_redir_info_s http_redir_info_t; typedef struct http_redir_info_s http_redir_info_t;

View File

@ -1242,8 +1242,9 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
redirinfo.orig_url = request; redirinfo.orig_url = request;
redirinfo.orig_onion = uri->onion; redirinfo.orig_onion = uri->onion;
redirinfo.allow_downgrade = 1; redirinfo.allow_downgrade = 1;
/* FIXME: I am not sure whey we allow a downgrade for hkp requests. /* FIXME: I am not sure why we allow a downgrade for hkp requests.
* Needs at least an explanation here.. */ * Needs at least an explanation here. */
redirinfo.restrict_redir = !!(opt.compat_flags & COMPAT_RESTRICT_HTTP_REDIR);
once_more: once_more:
err = http_session_new (&session, httphost, err = http_session_new (&session, httphost,

View File

@ -88,6 +88,7 @@ ks_http_fetch (ctrl_t ctrl, const char *url, unsigned int flags,
redirinfo.orig_onion = uri->onion; redirinfo.orig_onion = uri->onion;
redirinfo.orig_https = uri->use_tls; redirinfo.orig_https = uri->use_tls;
redirinfo.allow_downgrade = !!(flags & KS_HTTP_FETCH_ALLOW_DOWNGRADE); redirinfo.allow_downgrade = !!(flags & KS_HTTP_FETCH_ALLOW_DOWNGRADE);
redirinfo.restrict_redir = !!(opt.compat_flags & COMPAT_RESTRICT_HTTP_REDIR);
/* By default we only use the system provided certificates with this /* By default we only use the system provided certificates with this
* fetch command. */ * fetch command. */

View File

@ -165,6 +165,7 @@ test_http_prepare_redirect (void)
ri.silent = 1; ri.silent = 1;
ri.redirects_left = 1; ri.redirects_left = 1;
ri.orig_url = tests[tidx].url; ri.orig_url = tests[tidx].url;
ri.restrict_redir = 1; /* This is what we used to test here. */
err = http_prepare_redirect (&ri, 301, tests[tidx].location, &newurl); err = http_prepare_redirect (&ri, 301, tests[tidx].location, &newurl);
if (err && newurl) if (err && newurl)