[Pkg-privacy-commits] [msva-perl] 210/356: fix context/peer string checking/untainting
Ximin Luo
infinity0 at moszumanska.debian.org
Mon Aug 24 07:41:57 UTC 2015
This is an automated email from the git hooks/post-receive script.
infinity0 pushed a commit to branch debian
in repository msva-perl.
commit 99bf570bab5baf5f8c2357c7f61703b593764799
Author: Jameson Rollins <jrollins at finestructure.net>
Date: Sat Oct 30 16:42:28 2010 -0400
fix context/peer string checking/untainting
This makes the checking/untainting of the input context and peer
strings more similar to the checking of pkc type, and generally makes
the checking more straightforward. Also fixes a bug in the failure
check (thanks intrigeri).
---
Crypt/Monkeysphere/MSVA.pm | 37 +++++++++++++++++++++----------------
1 file changed, 21 insertions(+), 16 deletions(-)
diff --git a/Crypt/Monkeysphere/MSVA.pm b/Crypt/Monkeysphere/MSVA.pm
index ce838e4..20bd6b1 100755
--- a/Crypt/Monkeysphere/MSVA.pm
+++ b/Crypt/Monkeysphere/MSVA.pm
@@ -489,17 +489,6 @@
return $key;
}
- sub getuid {
- my $data = shift;
- if ($data->{context} =~ /^(https|ssh|smtp|ike)$/) {
- $data->{context} = $1;
- if ($data->{peer} =~ /^($RE{net}{domain})$/) {
- $data->{peer} = $1;
- return $data->{context}.'://'.$data->{peer};
- }
- }
- }
-
sub get_keyserver_policy {
if (exists $ENV{MSVA_KEYSERVER_POLICY} and $ENV{MSVA_KEYSERVER_POLICY} ne '') {
if ($ENV{MSVA_KEYSERVER_POLICY} =~ /^(always|never|unlessvalid)$/) {
@@ -591,15 +580,31 @@
message => 'Unknown failure',
};
- my $uid = getuid($data);
- if ($uid eq []) {
- msvalog('error', "invalid context/peer: %s/%s\n", $data->{context}, $data->{peer});
- $ret->{message} = sprintf('invalid context/peer');
- return $status, $ret;
+ # check context string
+ if ($data->{context} =~ /^(https|ssh|smtp|ike)$/) {
+ $data->{context} = $1;
+ } else {
+ msvalog('error', "invalid context: %s\n", $data->{context});
+ $ret->{message} = sprintf("Invalid context: %s", $data->{context});
+ return $status,$ret;
}
msvalog('verbose', "context: %s\n", $data->{context});
+
+ # checkout peer string
+ if ($data->{peer} =~ /^($RE{net}{domain})$/) {
+ $data->{peer} = $1;
+ } else {
+ msvalog('error', "invalid peer string: %s\n", $data->{peer});
+ $ret->{message} = sprintf("Invalid peer string: %s", $data->{peer});
+ return $status,$ret;
+ }
msvalog('verbose', "peer: %s\n", $data->{peer});
+ # generate uid string
+ my $uid = $data->{context}.'://'.$data->{peer};
+ msvalog('verbose', "user ID: %s\n", $uid);
+
+ # check pkc type
my $key;
if (lc($data->{pkc}->{type}) eq 'x509der') {
$key = der2key(join('', map(chr, @{$data->{pkc}->{data}})));
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/msva-perl.git
More information about the Pkg-privacy-commits
mailing list