Diffusion GnuPG fa1b1eaa4241

dirmngr: Avoid possible CSRF attacks via http redirects.
fa1b1eaa4241
Actions

Tags

None

Subscribers

None

Description

dirmngr: Avoid possible CSRF attacks via http redirects.

* dirmngr/http.h (parsed_uri_s): Add fields off_host and off_path.
(http_redir_info_t): New.
* dirmngr/http.c (do_parse_uri): Set new fields.
(same_host_p): New.
(http_prepare_redirect): New.
* dirmngr/t-http-basic.c: New test.
* dirmngr/ks-engine-hkp.c (send_request): Use http_prepare_redirect
instead of the open code.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.

With this change a http query will not follow a redirect unless the
Location header gives the same host. If the host is different only
the host and port is taken from the Location header and the original
path and query parts are kept.

Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance

Authored on Nov 22 2018, 10:27 PM

Parents

rGe5c3a6999a37: doc: Clarify use of clear and nodefault in the AKL.

Branches

Unknown

Tags

Unknown

Event Timeline

• werner committed rGfa1b1eaa4241: dirmngr: Avoid possible CSRF attacks via http redirects. (authored by • werner).Nov 22 2018, 10:36 PM

• werner mentioned this in rG4a4bb874f637: dirmngr: Avoid possible CSRF attacks via http redirects..Nov 23 2018, 9:29 AM

• werner mentioned this in T4603: dirmngr WKD redirection changes paths.Jul 2 2019, 4:18 PM

• werner mentioned this in T6014: Add support for relative redirect URI-references to dirmngr.Sep 13 2022, 7:28 AM

Changes (7)

Path

Size

dirmngr/

ks-engine-hkp.c

ks-engine-http.c

rGfa1b1eaa4241

dirmngr/Makefile.am

Loading...

dirmngr/http.c

Loading...

dirmngr/http.h

Loading...

dirmngr/ks-engine-hkp.c

Loading...

dirmngr/ks-engine-http.c

Loading...

dirmngr/t-http-basic.c

Loading...

dirmngr/t-http.c

Loading...