[Pkg-gnupg-commit] [gnupg2] 103/185: dirmngr: Honor http keyserver URLs.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Aug 7 11:55:25 UTC 2017
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch experimental
in repository gnupg2.
commit b231959728a0056094134e0fca8cc916c24ef37e
Author: Justus Winter <justus at g10code.com>
Date: Tue Jul 18 12:53:55 2017 +0200
dirmngr: Honor http keyserver URLs.
* dirmngr/http.c (parse_uri): Keep an unmodified copy of the URI.
* dirmngr/http.h (struct parsed_uri_s): New field 'original'.
* dirmngr/ks-action.c (ks_action_get): Properly handle http and https
URLs.
--
If a key has a http or https URL as preferred keyserver, fetch the key
from there. Previously, dirmngr unconditionally interpreted these
URLs as hkp servers.
GnuPG-bug-id: 2924
Signed-off-by: Justus Winter <justus at g10code.com>
---
dirmngr/http.c | 4 +++-
dirmngr/http.h | 1 +
dirmngr/ks-action.c | 16 +++++++++++-----
3 files changed, 15 insertions(+), 6 deletions(-)
diff --git a/dirmngr/http.c b/dirmngr/http.c
index 7c9a682..0cb2708 100644
--- a/dirmngr/http.c
+++ b/dirmngr/http.c
@@ -1219,10 +1219,12 @@ parse_uri (parsed_uri_t *ret_uri, const char *uri,
{
gpg_err_code_t ec;
- *ret_uri = xtrycalloc (1, sizeof **ret_uri + strlen (uri));
+ *ret_uri = xtrycalloc (1, sizeof **ret_uri + 2 * strlen (uri) + 1);
if (!*ret_uri)
return gpg_err_make (default_errsource, gpg_err_code_from_syserror ());
strcpy ((*ret_uri)->buffer, uri);
+ strcpy ((*ret_uri)->buffer + strlen (uri) + 1, uri);
+ (*ret_uri)->original = (*ret_uri)->buffer + strlen (uri) + 1;
ec = do_parse_uri (*ret_uri, 0, no_scheme_check, force_tls);
if (ec)
{
diff --git a/dirmngr/http.h b/dirmngr/http.h
index 448cd04..9fa462c 100644
--- a/dirmngr/http.h
+++ b/dirmngr/http.h
@@ -47,6 +47,7 @@ typedef struct uri_tuple_s *uri_tuple_t;
struct parsed_uri_s
{
/* All these pointers point into BUFFER; most stuff is not escaped. */
+ char *original; /* Unmodified copy of the parsed URI. */
char *scheme; /* Pointer to the scheme string (always lowercase). */
unsigned int is_http:1; /* This is a HTTP style URI. */
unsigned int use_tls:1; /* Whether TLS should be used. */
diff --git a/dirmngr/ks-action.c b/dirmngr/ks-action.c
index 1087bb5..857aab1 100644
--- a/dirmngr/ks-action.c
+++ b/dirmngr/ks-action.c
@@ -232,7 +232,10 @@ ks_action_get (ctrl_t ctrl, uri_item_t keyservers,
Need to think about a better strategy. */
for (uri = keyservers; !err && uri; uri = uri->next)
{
- int is_http = uri->parsed_uri->is_http;
+ int is_hkp_s = (strcmp (uri->parsed_uri->scheme, "hkp") == 0
+ || strcmp (uri->parsed_uri->scheme, "hkps") == 0);
+ int is_http_s = (strcmp (uri->parsed_uri->scheme, "http") == 0
+ || strcmp (uri->parsed_uri->scheme, "https") == 0);
int is_ldap = 0;
#if USE_LDAP
@@ -241,7 +244,7 @@ ks_action_get (ctrl_t ctrl, uri_item_t keyservers,
|| strcmp (uri->parsed_uri->scheme, "ldapi") == 0);
#endif
- if (is_http || is_ldap)
+ if (is_hkp_s || is_http_s || is_ldap)
{
any_server = 1;
for (sl = patterns; !err && sl; sl = sl->next)
@@ -251,9 +254,12 @@ ks_action_get (ctrl_t ctrl, uri_item_t keyservers,
err = ks_ldap_get (ctrl, uri->parsed_uri, sl->d, &infp);
else
#endif
- {
- err = ks_hkp_get (ctrl, uri->parsed_uri, sl->d, &infp);
- }
+ if (is_hkp_s)
+ err = ks_hkp_get (ctrl, uri->parsed_uri, sl->d, &infp);
+ else if (is_http_s)
+ err = ks_http_fetch (ctrl, uri->parsed_uri->original, &infp);
+ else
+ BUG ();
if (err)
{
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list