fixed potential attack by supplying non hexadecimal strings as certificate common name

git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@7048 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2014-01-21 18:09:05 +00:00
parent 158249d66e
commit 43a32f23e1

View File

@ -470,6 +470,8 @@ bool AuthGPG::getGPGDetails(const std::string& id, RsPeerDetails &d)
return false ; return false ;
} }
try
{
const PGPCertificateInfo *pc = PGPHandler::getCertificateInfo(PGPIdType(id)) ; const PGPCertificateInfo *pc = PGPHandler::getCertificateInfo(PGPIdType(id)) ;
if(pc == NULL) if(pc == NULL)
@ -486,13 +488,19 @@ bool AuthGPG::getGPGDetails(const std::string& id, RsPeerDetails &d)
d.validLvl = cert._trustLvl; d.validLvl = cert._trustLvl;
d.ownsign = cert._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_OWN_SIGNATURE; d.ownsign = cert._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_OWN_SIGNATURE;
d.gpgSigners.clear() ; d.gpgSigners.clear() ;
for(std::set<std::string>::const_iterator it(cert.signers.begin());it!=cert.signers.end();++it) for(std::set<std::string>::const_iterator it(cert.signers.begin());it!=cert.signers.end();++it)
d.gpgSigners.push_back( *it ) ; d.gpgSigners.push_back( *it ) ;
d.fpr = cert._fpr.toStdString(); d.fpr = cert._fpr.toStdString();
d.accept_connection = cert._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_ACCEPT_CONNEXION; d.accept_connection = cert._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_ACCEPT_CONNEXION;
d.hasSignedMe = cert._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_SIGNED_ME; d.hasSignedMe = cert._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_SIGNED_ME;
}
catch(std::exception& e)
{
std::cerr << "(EE) exception raised while constructing a PGP certificate: " << e.what() << std::endl;
return false ;
}
return true; return true;
} }