diff options
Diffstat (limited to 'g10/keyring.c')
| -rw-r--r-- | g10/keyring.c | 27 |
1 files changed, 23 insertions, 4 deletions
diff --git a/g10/keyring.c b/g10/keyring.c index 6060f0894..ee76e8a33 100644 --- a/g10/keyring.c +++ b/g10/keyring.c @@ -406,12 +406,31 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb) rc = GPG_ERR_INV_KEYRING; break; } - if (pkt->pkttype == PKT_COMPRESSED) { - log_error ("skipped compressed packet in keyring\n"); + + /* Filter allowed packets. */ + switch (pkt->pkttype) + { + case PKT_PUBLIC_KEY: + case PKT_PUBLIC_SUBKEY: + case PKT_SECRET_KEY: + case PKT_SECRET_SUBKEY: + case PKT_USER_ID: + case PKT_ATTRIBUTE: + case PKT_SIGNATURE: + break; /* Allowed per RFC. */ + case PKT_RING_TRUST: + case PKT_OLD_COMMENT: + case PKT_COMMENT: + case PKT_GPG_CONTROL: + break; /* Allowed by us. */ + + default: + log_error ("skipped packet of type %d in keyring\n", + (int)pkt->pkttype); free_packet(pkt); init_packet(pkt); continue; - } + } if (in_cert && (pkt->pkttype == PKT_PUBLIC_KEY || pkt->pkttype == PKT_SECRET_KEY)) { @@ -478,7 +497,7 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb) if (rc || !ret_kb) release_kbnode (keyblock); else { - /*(duplicated form the loop body)*/ + /*(duplicated from the loop body)*/ if ( pkt && pkt->pkttype == PKT_RING_TRUST && lastnode && lastnode->pkt->pkttype == PKT_SIGNATURE |