mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-10-01 02:35:48 -04:00
fixed potential attack by supplying non hexadecimal strings as certificate common name
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@7048 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
parent
158249d66e
commit
43a32f23e1
@ -470,6 +470,8 @@ bool AuthGPG::getGPGDetails(const std::string& id, RsPeerDetails &d)
|
|||||||
return false ;
|
return false ;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
try
|
||||||
|
{
|
||||||
const PGPCertificateInfo *pc = PGPHandler::getCertificateInfo(PGPIdType(id)) ;
|
const PGPCertificateInfo *pc = PGPHandler::getCertificateInfo(PGPIdType(id)) ;
|
||||||
|
|
||||||
if(pc == NULL)
|
if(pc == NULL)
|
||||||
@ -486,13 +488,19 @@ bool AuthGPG::getGPGDetails(const std::string& id, RsPeerDetails &d)
|
|||||||
d.validLvl = cert._trustLvl;
|
d.validLvl = cert._trustLvl;
|
||||||
d.ownsign = cert._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_OWN_SIGNATURE;
|
d.ownsign = cert._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_OWN_SIGNATURE;
|
||||||
d.gpgSigners.clear() ;
|
d.gpgSigners.clear() ;
|
||||||
|
|
||||||
for(std::set<std::string>::const_iterator it(cert.signers.begin());it!=cert.signers.end();++it)
|
for(std::set<std::string>::const_iterator it(cert.signers.begin());it!=cert.signers.end();++it)
|
||||||
d.gpgSigners.push_back( *it ) ;
|
d.gpgSigners.push_back( *it ) ;
|
||||||
|
|
||||||
d.fpr = cert._fpr.toStdString();
|
d.fpr = cert._fpr.toStdString();
|
||||||
|
|
||||||
d.accept_connection = cert._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_ACCEPT_CONNEXION;
|
d.accept_connection = cert._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_ACCEPT_CONNEXION;
|
||||||
d.hasSignedMe = cert._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_SIGNED_ME;
|
d.hasSignedMe = cert._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_SIGNED_ME;
|
||||||
|
}
|
||||||
|
catch(std::exception& e)
|
||||||
|
{
|
||||||
|
std::cerr << "(EE) exception raised while constructing a PGP certificate: " << e.what() << std::endl;
|
||||||
|
return false ;
|
||||||
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user