dirmngr: Validate SRV records in WKD queries.
authorWerner Koch <wk@gnupg.org>
Fri, 27 Jul 2018 10:23:38 +0000 (12:23 +0200)
committerWerner Koch <wk@gnupg.org>
Fri, 27 Jul 2018 10:24:23 +0000 (12:24 +0200)
commitebe727ef596eefebb5eff7d03a98649ffc7ae3ee
tree6d3c7666fa084d11705a40aa872cc31bbbb9bcb6
parentddee9f9409fb5a089883eab0fadef7b9b7e61e72
dirmngr: Validate SRV records in WKD queries.

* dirmngr/server.c (proc_wkd_get): Check the returned SRV record names
to mitigate rogue DNS servers.
--

I am not sure wether this really is very useful because the security
relies on a trustworthy DNS system anyway.  However, that check is
easy enough to do.

Signed-off-by: Werner Koch <wk@gnupg.org>
dirmngr/server.c