mirror of
git://git.gnupg.org/gnupg.git
synced 2025-03-12 23:01:14 +01:00
Catch corruption in HKP index lines (can be caused by broken or malicious
keyservers). Add KEYSERVER_NOT_SUPPORTED for unsupported actions (say, a keyserver that has no way to search, or a readonly keyserver that has no way to add). Also add a USE_EXTERNAL_HKP define to disable the internal HKP keyserver code.
This commit is contained in:
parent
3d8e692e2a
commit
8ac8b1525e
@ -1,3 +1,14 @@
|
||||
2002-02-19 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* hkp.c (parse_hkp_index): Catch corruption in HKP index lines
|
||||
(can be caused by broken or malicious keyservers).
|
||||
|
||||
* keyserver.c (keyserver_work): Add KEYSERVER_NOT_SUPPORTED for
|
||||
unsupported actions (say, a keyserver that has no way to search,
|
||||
or a readonly keyserver that has no way to add). Also add a
|
||||
USE_EXTERNAL_HKP define to disable the internal HKP keyserver
|
||||
code.
|
||||
|
||||
2002-02-14 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* g10.c: New option --no-use-agent.
|
||||
|
@ -337,6 +337,12 @@ parse_hkp_index(IOBUF buffer,char *line)
|
||||
{
|
||||
int uidindex=0;
|
||||
|
||||
if(line==NULL)
|
||||
{
|
||||
uid=m_strdup("Key index corrupted");
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* All that's left is the user name. Strip off anything
|
||||
<between brackets> and de-urlencode it. */
|
||||
|
||||
|
@ -538,6 +538,7 @@ keyserver_work(int action,STRLIST list,u32 (*kidlist)[2],int count)
|
||||
return G10ERR_BAD_URI;
|
||||
}
|
||||
|
||||
#ifndef USE_EXTERNAL_HKP
|
||||
/* Use the internal HKP code */
|
||||
if(strcasecmp(opt.keyserver_scheme,"x-hkp")==0 ||
|
||||
strcasecmp(opt.keyserver_scheme,"hkp")==0 ||
|
||||
@ -563,6 +564,7 @@ keyserver_work(int action,STRLIST list,u32 (*kidlist)[2],int count)
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* It's not the internal HKP code, so try and spawn a handler for it */
|
||||
|
||||
@ -576,6 +578,13 @@ keyserver_work(int action,STRLIST list,u32 (*kidlist)[2],int count)
|
||||
opt.keyserver_scheme);
|
||||
break;
|
||||
|
||||
case KEYSERVER_NOT_SUPPORTED:
|
||||
log_error(_("action \"%s\" not supported with keyserver "
|
||||
"scheme \"%s\"\n"),
|
||||
action==GET?"get":action==SEND?"send":
|
||||
action==SEARCH?"search":"unknown",
|
||||
opt.keyserver_scheme);
|
||||
|
||||
case KEYSERVER_INTERNAL_ERROR:
|
||||
default:
|
||||
log_error(_("keyserver internal error\n"));
|
||||
|
@ -1,3 +1,9 @@
|
||||
2002-02-19 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* keyserver.h: Add KEYSERVER_NOT_SUPPORTED for unsupported actions
|
||||
(say, a keyserver that has no way to search, or a readonly
|
||||
keyserver that has no way to add).
|
||||
|
||||
2002-01-02 Stefan Bellon <sbellon@sbellon.de>
|
||||
|
||||
* util.h [__riscos__]: Updated prototype list.
|
||||
|
@ -24,7 +24,8 @@
|
||||
/* Return codes */
|
||||
#define KEYSERVER_OK 0
|
||||
#define KEYSERVER_INTERNAL_ERROR 1
|
||||
#define KEYSERVER_VERSION_ERROR 2
|
||||
#define KEYSERVER_NOT_SUPPORTED 2
|
||||
#define KEYSERVER_VERSION_ERROR 3
|
||||
#define KEYSERVER_SCHEME_NOT_FOUND 127
|
||||
|
||||
#endif /* !_KEYSERVER_H_ */
|
||||
|
Loading…
x
Reference in New Issue
Block a user