1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-24 10:39:57 +01:00

dns-cert.c: Use constants for better readability.

This commit is contained in:
Werner Koch 2011-11-29 13:17:20 +01:00
parent 0e138c3b15
commit 2adb477c13
2 changed files with 25 additions and 8 deletions

View File

@ -1,3 +1,7 @@
2011-11-29 Werner Koch <wk@g10code.com>
* dns-cert.c: Use new CERTTYPE_ constants for better readability.
2011-11-28 Werner Koch <wk@g10code.com> 2011-11-28 Werner Koch <wk@g10code.com>
* t-dns-cert.c (main): Increase MAX_SIZE to 64k. * t-dns-cert.c (main): Increase MAX_SIZE to 64k.

View File

@ -1,4 +1,4 @@
/* dns-cert.c - DNS CERT code /* dns-cert.c - DNS CERT code (rfc-4398)
* Copyright (C) 2005, 2006, 2009 Free Software Foundation, Inc. * Copyright (C) 2005, 2006, 2009 Free Software Foundation, Inc.
* *
* This file is part of GNUPG. * This file is part of GNUPG.
@ -50,9 +50,21 @@
#define my_adns_r_cert 37 #define my_adns_r_cert 37
/* Certificate types according to RFC-4398. */
#define CERTTYPE_PKIX 1 /* X.509 as per PKIX. */
#define CERTTYPE_SPKI 2 /* SPKI certificate. */
#define CERTTYPE_PGP 3 /* OpenPGP packet. */
#define CERTTYPE_IPKIX 4 /* The URL of an X.509 data object. */
#define CERTTYPE_ISPKI 5 /* The URL of an SPKI certificate. */
#define CERTTYPE_IPGP 6 /* The fingerprint and URL of an OpenPGP packet.*/
#define CERTTYPE_ACPKIX 7 /* Attribute Certificate. */
#define CERTTYPE_IACPKIX 8 /* The URL of an Attribute Certificate. */
#define CERTTYPE_URI 253 /* URI private. */
#define CERTTYPE_OID 254 /* OID private. */
/* Returns -1 on error, 0 for no answer, 1 for PGP provided and 2 for /* Returns -1 on error, 0 for no answer, 1 for PGP provided and 2 for
IPGP provided. Note that this function retruns the first CERT IPGP provided. Note that this function returns the first CERT
found with a supported type; it is expected that only one CERT found with a supported type; it is expected that only one CERT
record is used. */ record is used. */
int int
@ -105,18 +117,18 @@ get_dns_cert (const char *name, size_t max_size, IOBUF * iobuf,
data += 5; data += 5;
datalen -= 5; datalen -= 5;
if (ctype == 3 && datalen >= 11) if (ctype == CERTTYPE_PGP && datalen >= 11)
{ {
/* CERT type is PGP. Gpg checks for a minimum length of 11, /* CERT type is PGP. Gpg checks for a minimum length of 11,
thus we do the same. */ thus we do the same. */
*iobuf = iobuf_temp_with_content ((char *)data, datalen); *iobuf = iobuf_temp_with_content ((char *)data, datalen);
rc = 1; rc = 1;
} }
else if (ctype == 6 && datalen && datalen < 1023 else if (ctype == CERTTYPE_IPGP && datalen && datalen < 1023
&& datalen >= data[0] + 1 && fpr && fpr_len && url) && datalen >= data[0] + 1 && fpr && fpr_len && url)
{ {
/* CERT type is IPGP. We made sure tha the data is /* CERT type is IPGP. We made sure that the data is
plausible and that the caller requested the plausible and that the caller requested this
information. */ information. */
*fpr_len = data[0]; *fpr_len = data[0];
if (*fpr_len) if (*fpr_len)
@ -236,14 +248,15 @@ get_dns_cert (const char *name, size_t max_size, IOBUF * iobuf,
/* 15 bytes takes us to here */ /* 15 bytes takes us to here */
if (ctype == 3 && iobuf && dlen) if (ctype == CERTTYPE_PGP && iobuf && dlen)
{ {
/* PGP type */ /* PGP type */
*iobuf = iobuf_temp_with_content ((char *) pt, dlen); *iobuf = iobuf_temp_with_content ((char *) pt, dlen);
ret = 1; ret = 1;
break; break;
} }
else if (ctype == 6 && dlen && dlen < 1023 && dlen >= pt[0] + 1 else if (ctype == CERTTYPE_IPGP
&& dlen && dlen < 1023 && dlen >= pt[0] + 1
&& fpr && fpr_len && url) && fpr && fpr_len && url)
{ {
/* IPGP type */ /* IPGP type */