security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-04-17 15:44:34 +02:00
Code Activity

Catch corruption in HKP index lines (can be caused by broken or malicious

Browse Source 
keyservers).

Add KEYSERVER_NOT_SUPPORTED for unsupported actions (say, a keyserver that
has no way to search, or a readonly keyserver that has no way to add).
Also add a USE_EXTERNAL_HKP define to disable the internal HKP keyserver
code.
This commit is contained in:
David Shaw 2002-02-19 23:10:32 +00:00
parent 3d8e692e2a
commit 8ac8b1525e
5 changed files with 34 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
g10/ChangeLog
View File

@ -1,3 +1,14 @@
2002-02-19 David Shaw <dshaw@jabberwocky.com>
* hkp.c (parse_hkp_index): Catch corruption in HKP index lines
(can be caused by broken or malicious keyservers).
* keyserver.c (keyserver_work): Add KEYSERVER_NOT_SUPPORTED for
unsupported actions (say, a keyserver that has no way to search,
or a readonly keyserver that has no way to add). Also add a
USE_EXTERNAL_HKP define to disable the internal HKP keyserver
code.
2002-02-14 Werner Koch <wk@gnupg.org> 2002-02-14 Werner Koch <wk@gnupg.org>
* g10.c: New option --no-use-agent. * g10.c: New option --no-use-agent.

6
g10/hkp.c
View File

@ -337,6 +337,12 @@ parse_hkp_index(IOBUF buffer,char *line)
{ {
int uidindex=0; int uidindex=0;
if(line==NULL)
{
uid=m_strdup("Key index corrupted");
return ret;
}
/* All that's left is the user name. Strip off anything /* All that's left is the user name. Strip off anything
<between brackets> and de-urlencode it. */ <between brackets> and de-urlencode it. */

9
g10/keyserver.c
View File

@ -538,6 +538,7 @@ keyserver_work(int action,STRLIST list,u32 (*kidlist)[2],int count)
return G10ERR_BAD_URI; return G10ERR_BAD_URI;
} }
#ifndef USE_EXTERNAL_HKP
/* Use the internal HKP code */ /* Use the internal HKP code */
if(strcasecmp(opt.keyserver_scheme,"x-hkp")==0 || if(strcasecmp(opt.keyserver_scheme,"x-hkp")==0 ||
strcasecmp(opt.keyserver_scheme,"hkp")==0 || strcasecmp(opt.keyserver_scheme,"hkp")==0 ||
@ -563,6 +564,7 @@ keyserver_work(int action,STRLIST list,u32 (*kidlist)[2],int count)
return 0; return 0;
} }
#endif
/* It's not the internal HKP code, so try and spawn a handler for it */ /* It's not the internal HKP code, so try and spawn a handler for it */
@ -576,6 +578,13 @@ keyserver_work(int action,STRLIST list,u32 (*kidlist)[2],int count)
opt.keyserver_scheme); opt.keyserver_scheme);
break; break;
case KEYSERVER_NOT_SUPPORTED:
log_error(_("action \"%s\" not supported with keyserver "
"scheme \"%s\"\n"),
action==GET?"get":action==SEND?"send":
action==SEARCH?"search":"unknown",
opt.keyserver_scheme);
case KEYSERVER_INTERNAL_ERROR: case KEYSERVER_INTERNAL_ERROR:
default: default:
log_error(_("keyserver internal error\n")); log_error(_("keyserver internal error\n"));

6
include/ChangeLog
View File

@ -1,3 +1,9 @@
2002-02-19 David Shaw <dshaw@jabberwocky.com>
* keyserver.h: Add KEYSERVER_NOT_SUPPORTED for unsupported actions
(say, a keyserver that has no way to search, or a readonly
keyserver that has no way to add).
2002-01-02 Stefan Bellon <sbellon@sbellon.de> 2002-01-02 Stefan Bellon <sbellon@sbellon.de>
* util.h [__riscos__]: Updated prototype list. * util.h [__riscos__]: Updated prototype list.

3
include/keyserver.h
View File

@ -24,7 +24,8 @@
/* Return codes */ /* Return codes */
#define KEYSERVER_OK 0 #define KEYSERVER_OK 0
#define KEYSERVER_INTERNAL_ERROR 1 #define KEYSERVER_INTERNAL_ERROR 1
#define KEYSERVER_VERSION_ERROR 2 #define KEYSERVER_NOT_SUPPORTED 2
#define KEYSERVER_VERSION_ERROR 3
#define KEYSERVER_SCHEME_NOT_FOUND 127 #define KEYSERVER_SCHEME_NOT_FOUND 127
#endif /* !_KEYSERVER_H_ */ #endif /* !_KEYSERVER_H_ */