diff options
| author | Werner Koch <[email protected]> | 2015-10-06 15:34:13 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2015-10-06 15:34:13 +0000 |
| commit | 6cf80dc77ec5df3722924301ff4be2475966937b (patch) | |
| tree | 07e518ffaed22e12419e3ec38f184d1b54003fda /dirmngr/dns-cert.c | |
| parent | dirmngr: Make commands RELOADDIRMNGR and KILLDIRMNGR work properly. (diff) | |
| download | gnupg-6cf80dc77ec5df3722924301ff4be2475966937b.tar.gz gnupg-6cf80dc77ec5df3722924301ff4be2475966937b.zip | |
dirmngr: Change DNS code to make additions easier.
* dirmngr/dns-cert.c (get_dns_cert) [!USE_ADNS]: Change loop to allow
adding more resource types.
Diffstat (limited to 'dirmngr/dns-cert.c')
| -rw-r--r-- | dirmngr/dns-cert.c | 130 |
1 files changed, 66 insertions, 64 deletions
diff --git a/dirmngr/dns-cert.c b/dirmngr/dns-cert.c index de523b5f2..03c1de1e6 100644 --- a/dirmngr/dns-cert.c +++ b/dirmngr/dns-cert.c @@ -53,7 +53,7 @@ /* Not every installation has gotten around to supporting CERTs yet... */ #ifndef T_CERT -#define T_CERT 37 +# define T_CERT 37 #endif /* ADNS has no support for CERT yet. */ @@ -69,7 +69,7 @@ string and returned at R_URL. If WANT_CERTTYPE is 0 this function returns the first CERT found with a supported type; it is expected that only one CERT record is used. If WANT_CERTTYPE is one of the - supported certtypes only records wih this certtype are considered + supported certtypes only records with this certtype are considered and the first found is returned. (R_KEY,R_KEYLEN) are optional. */ gpg_error_t get_dns_cert (const char *name, int want_certtype, @@ -282,83 +282,85 @@ get_dns_cert (const char *name, int want_certtype, dlen = buf16_to_u16 (pt); pt += 2; - /* We asked for CERT and got something else - might be a - CNAME, so loop around again. */ - if (type != T_CERT) + /* Check the type and parse. */ + if (type == T_CERT) { - pt += dlen; - continue; - } - - /* The CERT type */ - ctype = buf16_to_u16 (pt); - pt += 2; + /* We got a CERT type. */ + ctype = buf16_to_u16 (pt); + pt += 2; - /* Skip the CERT key tag and algo which we don't need. */ - pt += 3; + /* Skip the CERT key tag and algo which we don't need. */ + pt += 3; - dlen -= 5; + dlen -= 5; - /* 15 bytes takes us to here */ - if (want_certtype && want_certtype != ctype) - ; /* Not of the requested certtype. */ - else if (ctype == DNS_CERTTYPE_PGP && dlen && r_key && r_keylen) - { - /* PGP type */ - *r_key = xtrymalloc (dlen); - if (!*r_key) - err = gpg_err_make (default_errsource, - gpg_err_code_from_syserror ()); - else + /* 15 bytes takes us to here */ + if (want_certtype && want_certtype != ctype) + ; /* Not of the requested certtype. */ + else if (ctype == DNS_CERTTYPE_PGP && dlen && r_key && r_keylen) { - memcpy (*r_key, pt, dlen); - *r_keylen = dlen; - err = 0; + /* PGP type */ + *r_key = xtrymalloc (dlen); + if (!*r_key) + err = gpg_err_make (default_errsource, + gpg_err_code_from_syserror ()); + else + { + memcpy (*r_key, pt, dlen); + *r_keylen = dlen; + err = 0; + } + goto leave; } - goto leave; - } - else if (ctype == DNS_CERTTYPE_IPGP - && dlen && dlen < 1023 && dlen >= pt[0] + 1) - { - /* IPGP type */ - *r_fprlen = pt[0]; - if (*r_fprlen) + else if (ctype == DNS_CERTTYPE_IPGP + && dlen && dlen < 1023 && dlen >= pt[0] + 1) { - *r_fpr = xtrymalloc (*r_fprlen); - if (!*r_fpr) + /* IPGP type */ + *r_fprlen = pt[0]; + if (*r_fprlen) { - err = gpg_err_make (default_errsource, - gpg_err_code_from_syserror ()); - goto leave; + *r_fpr = xtrymalloc (*r_fprlen); + if (!*r_fpr) + { + err = gpg_err_make (default_errsource, + gpg_err_code_from_syserror ()); + goto leave; + } + memcpy (*r_fpr, &pt[1], *r_fprlen); } - memcpy (*r_fpr, &pt[1], *r_fprlen); - } - else - *r_fpr = NULL; + else + *r_fpr = NULL; - if (dlen > *r_fprlen + 1) - { - *r_url = xtrymalloc (dlen - (*r_fprlen + 1) + 1); - if (!*r_fpr) + if (dlen > *r_fprlen + 1) { - err = gpg_err_make (default_errsource, - gpg_err_code_from_syserror ()); - xfree (*r_fpr); - *r_fpr = NULL; - goto leave; + *r_url = xtrymalloc (dlen - (*r_fprlen + 1) + 1); + if (!*r_fpr) + { + err = gpg_err_make (default_errsource, + gpg_err_code_from_syserror ()); + xfree (*r_fpr); + *r_fpr = NULL; + goto leave; + } + memcpy (*r_url, &pt[*r_fprlen + 1], + dlen - (*r_fprlen + 1)); + (*r_url)[dlen - (*r_fprlen + 1)] = '\0'; } - memcpy (*r_url, &pt[*r_fprlen + 1], dlen - (*r_fprlen + 1)); - (*r_url)[dlen - (*r_fprlen + 1)] = '\0'; + else + *r_url = NULL; + + err = 0; + goto leave; } - else - *r_url = NULL; - err = 0; - goto leave; + /* No subtype matches, so continue with the next answer. */ + pt += dlen; + } + else + { + /* Not a requested type - might be a CNAME. Try next item. */ + pt += dlen; } - - /* Neither type matches, so go around to the next answer. */ - pt += dlen; } } |