From d038b36c8f814e518c64b608b51a551186c5440e Mon Sep 17 00:00:00 2001
From: David Shaw <dshaw@jabberwocky.com>
Date: Tue, 21 Feb 2006 22:23:35 +0000
Subject: * getkey.c (get_pubkey_byname): Fix minor security problem with PKA
 when importing at -r time.  The URL in the PKA record may point to a key put
 in by an attacker.  Fix is to use the fingerprint from the PKA record as the
 recipient.  This ensures that the PKA record is followed.

* keyserver-internal.h, keyserver.c (keyserver_import_pka): Return the
fingerprint we requested.
---
 g10/getkey.c | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

(limited to 'g10/getkey.c')

diff --git a/g10/getkey.c b/g10/getkey.c
index d247b3bcb..8ec1e52d1 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -938,6 +938,7 @@ get_pubkey_byname (PKT_public_key *pk,
 	 && opt.allow_pka_lookup
 	 && (opt.keyserver_options.options&KEYSERVER_AUTO_PKA_RETRIEVE))
 	{
+	  unsigned char fpr[MAX_FINGERPRINT_LEN];
 	  /* If the requested name resembles a valid mailbox and
 	     automatic retrieval via PKA records has been enabled, we
 	     try to import the key via the URI and try again. */
@@ -945,13 +946,25 @@ get_pubkey_byname (PKT_public_key *pk,
 	  tried_pka=1;
 
 	  glo_ctrl.in_auto_key_retrieve++;
-	  res=keyserver_import_pka(name);
+	  res=keyserver_import_pka(name,fpr);
 	  glo_ctrl.in_auto_key_retrieve--;
 
 	  if(res==0)
 	    {
+	      int i;
+	      char fpr_string[2+(MAX_FINGERPRINT_LEN*2)+1];
+
 	      log_info(_("Automatically retrieved `%s' via %s\n"),
 		       name,"PKA");
+
+	      free_strlist(namelist);
+	      namelist=NULL;
+
+	      for(i=0;i<MAX_FINGERPRINT_LEN;i++)
+		sprintf(fpr_string+2*i,"%02X",fpr[i]);
+
+	      add_to_strlist( &namelist, fpr_string );
+
 	      goto retry;
 	    }
 	}
-- 
cgit v1.2.3