mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-11 13:14:25 +01:00
dns-cert.c: Use constants for better readability.
This commit is contained in:
parent
0e138c3b15
commit
2adb477c13
@ -1,3 +1,7 @@
|
|||||||
|
2011-11-29 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* dns-cert.c: Use new CERTTYPE_ constants for better readability.
|
||||||
|
|
||||||
2011-11-28 Werner Koch <wk@g10code.com>
|
2011-11-28 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
* t-dns-cert.c (main): Increase MAX_SIZE to 64k.
|
* t-dns-cert.c (main): Increase MAX_SIZE to 64k.
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
/* dns-cert.c - DNS CERT code
|
/* dns-cert.c - DNS CERT code (rfc-4398)
|
||||||
* Copyright (C) 2005, 2006, 2009 Free Software Foundation, Inc.
|
* Copyright (C) 2005, 2006, 2009 Free Software Foundation, Inc.
|
||||||
*
|
*
|
||||||
* This file is part of GNUPG.
|
* This file is part of GNUPG.
|
||||||
@ -50,9 +50,21 @@
|
|||||||
#define my_adns_r_cert 37
|
#define my_adns_r_cert 37
|
||||||
|
|
||||||
|
|
||||||
|
/* Certificate types according to RFC-4398. */
|
||||||
|
#define CERTTYPE_PKIX 1 /* X.509 as per PKIX. */
|
||||||
|
#define CERTTYPE_SPKI 2 /* SPKI certificate. */
|
||||||
|
#define CERTTYPE_PGP 3 /* OpenPGP packet. */
|
||||||
|
#define CERTTYPE_IPKIX 4 /* The URL of an X.509 data object. */
|
||||||
|
#define CERTTYPE_ISPKI 5 /* The URL of an SPKI certificate. */
|
||||||
|
#define CERTTYPE_IPGP 6 /* The fingerprint and URL of an OpenPGP packet.*/
|
||||||
|
#define CERTTYPE_ACPKIX 7 /* Attribute Certificate. */
|
||||||
|
#define CERTTYPE_IACPKIX 8 /* The URL of an Attribute Certificate. */
|
||||||
|
#define CERTTYPE_URI 253 /* URI private. */
|
||||||
|
#define CERTTYPE_OID 254 /* OID private. */
|
||||||
|
|
||||||
|
|
||||||
/* Returns -1 on error, 0 for no answer, 1 for PGP provided and 2 for
|
/* Returns -1 on error, 0 for no answer, 1 for PGP provided and 2 for
|
||||||
IPGP provided. Note that this function retruns the first CERT
|
IPGP provided. Note that this function returns the first CERT
|
||||||
found with a supported type; it is expected that only one CERT
|
found with a supported type; it is expected that only one CERT
|
||||||
record is used. */
|
record is used. */
|
||||||
int
|
int
|
||||||
@ -105,18 +117,18 @@ get_dns_cert (const char *name, size_t max_size, IOBUF * iobuf,
|
|||||||
data += 5;
|
data += 5;
|
||||||
datalen -= 5;
|
datalen -= 5;
|
||||||
|
|
||||||
if (ctype == 3 && datalen >= 11)
|
if (ctype == CERTTYPE_PGP && datalen >= 11)
|
||||||
{
|
{
|
||||||
/* CERT type is PGP. Gpg checks for a minimum length of 11,
|
/* CERT type is PGP. Gpg checks for a minimum length of 11,
|
||||||
thus we do the same. */
|
thus we do the same. */
|
||||||
*iobuf = iobuf_temp_with_content ((char *)data, datalen);
|
*iobuf = iobuf_temp_with_content ((char *)data, datalen);
|
||||||
rc = 1;
|
rc = 1;
|
||||||
}
|
}
|
||||||
else if (ctype == 6 && datalen && datalen < 1023
|
else if (ctype == CERTTYPE_IPGP && datalen && datalen < 1023
|
||||||
&& datalen >= data[0] + 1 && fpr && fpr_len && url)
|
&& datalen >= data[0] + 1 && fpr && fpr_len && url)
|
||||||
{
|
{
|
||||||
/* CERT type is IPGP. We made sure tha the data is
|
/* CERT type is IPGP. We made sure that the data is
|
||||||
plausible and that the caller requested the
|
plausible and that the caller requested this
|
||||||
information. */
|
information. */
|
||||||
*fpr_len = data[0];
|
*fpr_len = data[0];
|
||||||
if (*fpr_len)
|
if (*fpr_len)
|
||||||
@ -236,14 +248,15 @@ get_dns_cert (const char *name, size_t max_size, IOBUF * iobuf,
|
|||||||
|
|
||||||
/* 15 bytes takes us to here */
|
/* 15 bytes takes us to here */
|
||||||
|
|
||||||
if (ctype == 3 && iobuf && dlen)
|
if (ctype == CERTTYPE_PGP && iobuf && dlen)
|
||||||
{
|
{
|
||||||
/* PGP type */
|
/* PGP type */
|
||||||
*iobuf = iobuf_temp_with_content ((char *) pt, dlen);
|
*iobuf = iobuf_temp_with_content ((char *) pt, dlen);
|
||||||
ret = 1;
|
ret = 1;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
else if (ctype == 6 && dlen && dlen < 1023 && dlen >= pt[0] + 1
|
else if (ctype == CERTTYPE_IPGP
|
||||||
|
&& dlen && dlen < 1023 && dlen >= pt[0] + 1
|
||||||
&& fpr && fpr_len && url)
|
&& fpr && fpr_len && url)
|
||||||
{
|
{
|
||||||
/* IPGP type */
|
/* IPGP type */
|
||||||
|
Loading…
x
Reference in New Issue
Block a user