1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00

dirmngr: More binary I/O on Windows for CRLs

* dirmngr/crlcache.c (lock_db_file, crl_cache_insert): Open cache
file in binary mode.

--
CRLs on Windows would have line ending entries converted. This
did not cause problems in a surprising amount of cases but
can lead to unexpected and random parse / read errors. Especially
with large CRLs like cacert.

This bug has been around since 2004.

GnuPG-Bug-Id: T3923
Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
This commit is contained in:
Andre Heinecke 2018-04-20 15:53:58 +02:00
parent a44ed3d9a1
commit 64c1fddb25
No known key found for this signature in database
GPG Key ID: 2978E9D40CBABA5C

View File

@ -125,6 +125,9 @@
idea anyway to limit the number of opened cache files. */ idea anyway to limit the number of opened cache files. */
#define MAX_OPEN_DB_FILES 5 #define MAX_OPEN_DB_FILES 5
#ifndef O_BINARY
# define O_BINARY 0
#endif
static const char oidstr_crlNumber[] = "2.5.29.20"; static const char oidstr_crlNumber[] = "2.5.29.20";
/* static const char oidstr_issuingDistributionPoint[] = "2.5.29.28"; */ /* static const char oidstr_issuingDistributionPoint[] = "2.5.29.28"; */
@ -1139,7 +1142,7 @@ lock_db_file (crl_cache_t cache, crl_cache_entry_t entry)
xfree (fname); xfree (fname);
return NULL; return NULL;
} }
fd = open (fname, O_RDONLY); fd = open (fname, O_RDONLY | O_BINARY);
if (fd == -1) if (fd == -1)
{ {
log_error (_("error opening cache file '%s': %s\n"), log_error (_("error opening cache file '%s': %s\n"),
@ -2051,7 +2054,7 @@ crl_cache_insert (ctrl_t ctrl, const char *url, ksba_reader_t reader)
} }
} }
fd_cdb = open (fname, O_WRONLY | O_CREAT | O_TRUNC, 0644); fd_cdb = open (fname, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644);
if (fd_cdb == -1) if (fd_cdb == -1)
{ {
err = gpg_error_from_errno (errno); err = gpg_error_from_errno (errno);