1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-25 15:27:03 +01:00

* options.h, keyserver.c (parse_keyserver_uri, keyserver_spawn,

keyserver_work), hkp.c (hkp_ask_import, hkp_export, hkp_search): Use a
much more strict reading of RFC-2396 for the keyserver URIs. Specifically,
don't try and be smart about checking the value of ":port" so long as it
is all digits, and properly handle opaque data (those scheme specific
parts that do not start with "//").
This commit is contained in:
David Shaw 2002-07-09 19:40:18 +00:00
parent fd415ba29f
commit 9ffea0d67b
4 changed files with 103 additions and 53 deletions

View File

@ -1,3 +1,12 @@
2002-07-09 David Shaw <dshaw@jabberwocky.com>
* options.h, keyserver.c (parse_keyserver_uri, keyserver_spawn,
keyserver_work), hkp.c (hkp_ask_import, hkp_export, hkp_search):
Use a much more strict reading of RFC-2396 for the keyserver URIs.
Specifically, don't try and be smart about checking the value of
":port" so long as it is all digits, and properly handle opaque
data (those scheme specific parts that do not start with "//").
2002-07-04 David Shaw <dshaw@jabberwocky.com> 2002-07-04 David Shaw <dshaw@jabberwocky.com>
* photoid.c (get_default_photo_command, show_photos): Honor * photoid.c (get_default_photo_command, show_photos): Honor

View File

@ -84,8 +84,8 @@ hkp_ask_import( KEYDB_SEARCH_DESC *desc, void *stats_handle)
sprintf(request,"x-hkp://%s%s%s/pks/lookup?op=get&search=0x%08lX", sprintf(request,"x-hkp://%s%s%s/pks/lookup?op=get&search=0x%08lX",
opt.keyserver_host, opt.keyserver_host,
atoi(opt.keyserver_port)>0?":":"", opt.keyserver_port?":":"",
atoi(opt.keyserver_port)>0?opt.keyserver_port:"", opt.keyserver_port?opt.keyserver_port:"",
(ulong)key[1] ); (ulong)key[1] );
if(opt.keyserver_options.verbose>2) if(opt.keyserver_options.verbose>2)
@ -138,8 +138,8 @@ hkp_export( STRLIST users )
sprintf( request, "x-hkp://%s%s%s/pks/add", sprintf( request, "x-hkp://%s%s%s/pks/add",
opt.keyserver_host, opt.keyserver_host,
atoi(opt.keyserver_port)>0?":":"", opt.keyserver_port?":":"",
atoi(opt.keyserver_port)>0?opt.keyserver_port:""); opt.keyserver_port?opt.keyserver_port:"");
if(opt.keyserver_options.verbose>2) if(opt.keyserver_options.verbose>2)
log_info("request is \"%s\"\n",request); log_info("request is \"%s\"\n",request);
@ -532,8 +532,8 @@ int hkp_search(STRLIST tokens)
sprintf(request,"x-hkp://%s%s%s/pks/lookup?op=index&search=%s", sprintf(request,"x-hkp://%s%s%s/pks/lookup?op=index&search=%s",
opt.keyserver_host, opt.keyserver_host,
atoi(opt.keyserver_port)>0?":":"", opt.keyserver_port?":":"",
atoi(opt.keyserver_port)>0?opt.keyserver_port:"", opt.keyserver_port?opt.keyserver_port:"",
searchurl); searchurl);
if(opt.keyserver_options.verbose>2) if(opt.keyserver_options.verbose>2)

View File

@ -23,7 +23,7 @@
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>
#include <assert.h>
#include "filter.h" #include "filter.h"
#include "keydb.h" #include "keydb.h"
#include "status.h" #include "status.h"
@ -119,11 +119,21 @@ parse_keyserver_options(char *options)
int int
parse_keyserver_uri(char *uri,const char *configname,unsigned int configlineno) parse_keyserver_uri(char *uri,const char *configname,unsigned int configlineno)
{ {
int assume_hkp=0;
assert(uri!=NULL);
opt.keyserver_host=NULL;
opt.keyserver_port=NULL;
opt.keyserver_opaque=NULL;
/* Get the scheme */ /* Get the scheme */
opt.keyserver_scheme=strsep(&uri,":"); opt.keyserver_scheme=strsep(&uri,":");
if(uri==NULL) if(uri==NULL)
{ {
/* Assume HKP if there is no scheme */
assume_hkp=1;
uri=opt.keyserver_scheme; uri=opt.keyserver_scheme;
opt.keyserver_scheme="hkp"; opt.keyserver_scheme="hkp";
} }
@ -142,14 +152,21 @@ parse_keyserver_uri(char *uri,const char *configname,unsigned int configlineno)
opt.keyserver_scheme="hkp"; opt.keyserver_scheme="hkp";
} }
/* Skip the "//", if any */ if(assume_hkp || (uri[0]=='/' && uri[1]=='/'))
if(strlen(uri)>2 && uri[0]=='/' && uri[1]=='/') {
/* Two slashes means network path. */
/* Skip over the "//", if any */
if(!assume_hkp)
uri+=2; uri+=2;
/* Get the host */ /* Get the host */
opt.keyserver_host=strsep(&uri,":/"); opt.keyserver_host=strsep(&uri,":/");
if(opt.keyserver_host[0]=='\0')
return G10ERR_BAD_URI;
if(uri==NULL || uri[0]=='\0') if(uri==NULL || uri[0]=='\0')
opt.keyserver_port="0"; opt.keyserver_port=NULL;
else else
{ {
char *ch; char *ch;
@ -166,16 +183,26 @@ parse_keyserver_uri(char *uri,const char *configname,unsigned int configlineno)
ch++; ch++;
} }
if(strlen(opt.keyserver_port)==0 ||
atoi(opt.keyserver_port)<1 || atoi(opt.keyserver_port)>65535)
return G10ERR_BAD_URI;
} }
/* (any path part of the URI is discarded for now as no keyserver /* (any path part of the URI is discarded for now as no keyserver
uses it) */ uses it yet) */
}
else if(uri[0]!='/')
{
/* No slash means opaque. Just record the opaque blob and get
out. */
opt.keyserver_opaque=uri;
return 0;
}
else
{
/* One slash means absolute path. We don't need to support that
yet. */
return G10ERR_BAD_URI;
}
if(opt.keyserver_scheme[0]=='\0' || opt.keyserver_host[0]=='\0') if(opt.keyserver_scheme[0]=='\0')
return G10ERR_BAD_URI; return G10ERR_BAD_URI;
return 0; return 0;
@ -341,10 +368,17 @@ keyserver_spawn(int action,STRLIST list,
fprintf(spawn->tochild,"# This is a gpg keyserver communications file\n"); fprintf(spawn->tochild,"# This is a gpg keyserver communications file\n");
fprintf(spawn->tochild,"VERSION %d\n",KEYSERVER_PROTO_VERSION); fprintf(spawn->tochild,"VERSION %d\n",KEYSERVER_PROTO_VERSION);
fprintf(spawn->tochild,"PROGRAM %s\n",VERSION); fprintf(spawn->tochild,"PROGRAM %s\n",VERSION);
if(opt.keyserver_opaque)
fprintf(spawn->tochild,"OPAQUE %s\n",opt.keyserver_opaque);
else
{
if(opt.keyserver_host)
fprintf(spawn->tochild,"HOST %s\n",opt.keyserver_host); fprintf(spawn->tochild,"HOST %s\n",opt.keyserver_host);
if(atoi(opt.keyserver_port)>0) if(opt.keyserver_port)
fprintf(spawn->tochild,"PORT %s\n",opt.keyserver_port); fprintf(spawn->tochild,"PORT %s\n",opt.keyserver_port);
}
/* Write options */ /* Write options */
@ -604,9 +638,7 @@ keyserver_work(int action,STRLIST list,KEYDB_SEARCH_DESC *desc,int count)
{ {
int rc=0,ret=0; int rc=0,ret=0;
if(opt.keyserver_scheme==NULL || if(opt.keyserver_scheme==NULL)
opt.keyserver_host==NULL ||
opt.keyserver_port==NULL)
{ {
log_error(_("no keyserver known (use option --keyserver)\n")); log_error(_("no keyserver known (use option --keyserver)\n"));
return G10ERR_BAD_URI; return G10ERR_BAD_URI;
@ -615,6 +647,13 @@ keyserver_work(int action,STRLIST list,KEYDB_SEARCH_DESC *desc,int count)
#ifndef USE_EXTERNAL_HKP #ifndef USE_EXTERNAL_HKP
/* Use the internal HKP code */ /* Use the internal HKP code */
if(ascii_strcasecmp(opt.keyserver_scheme,"hkp")==0) if(ascii_strcasecmp(opt.keyserver_scheme,"hkp")==0)
{
if(opt.keyserver_host==NULL)
{
log_error(_("no keyserver known (use option --keyserver)\n"));
return G10ERR_BAD_URI;
}
else
{ {
void *stats_handle = import_new_stats_handle (); void *stats_handle = import_new_stats_handle ();
@ -636,6 +675,7 @@ keyserver_work(int action,STRLIST list,KEYDB_SEARCH_DESC *desc,int count)
return 0; return 0;
} }
}
#endif #endif
#ifdef DISABLE_KEYSERVER_HELPERS #ifdef DISABLE_KEYSERVER_HELPERS

View File

@ -115,6 +115,7 @@ struct {
char *keyserver_scheme; char *keyserver_scheme;
char *keyserver_host; char *keyserver_host;
char *keyserver_port; char *keyserver_port;
char *keyserver_opaque;
struct struct
{ {
int verbose; int verbose;