[Pkg-gnupg-commit] [gnupg2] 159/185: dirmngr: Do not use a blocking connect in Tor mode.

Mon Aug 7 11:55:32 UTC 2017

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch experimental
in repository gnupg2.

commit c5e5748480952e5bcedb16f6ce6ef7e435acb3c7
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Jul 26 13:48:27 2017 +0200

    dirmngr: Do not use a blocking connect in Tor mode.
    
    * dirmngr/http.c (http_raw_connect): Disable the timeout in Tor mode.
    (send_request): Ditto.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>
---
 dirmngr/http.c   |  8 ++++++++
 dirmngr/t-http.c | 17 +++++++++++++++++
 2 files changed, 25 insertions(+)

diff --git a/dirmngr/http.c b/dirmngr/http.c
index 63ed5d3..0bedba0 100644
--- a/dirmngr/http.c
+++ b/dirmngr/http.c
@@ -955,6 +955,10 @@ http_raw_connect (http_t *r_hd, const char *server, unsigned short port,
           log_error ("Tor support is not available\n");
           return gpg_err_make (default_errsource, GPG_ERR_NOT_IMPLEMENTED);
         }
+      /* Non-blocking connects do not work with our Tor proxy because
+       * we can't continue the Socks protocol after the EINPROGRESS.
+       * Disable the timeout to use a blocking connect.  */
+      timeout = 0;
     }
 
   /* Create the handle. */
@@ -1698,6 +1702,10 @@ send_request (http_t hd, const char *httphost, const char *auth,
           log_error ("Tor support is not available\n");
           return gpg_err_make (default_errsource, GPG_ERR_NOT_IMPLEMENTED);
         }
+      /* Non-blocking connects do not work with our Tor proxy because
+       * we can't continue the Socks protocol after the EINPROGRESS.
+       * Disable the timeout to use a blocking connect.  */
+      timeout = 0;
     }
 
   server = *hd->uri->host ? hd->uri->host : "localhost";
diff --git a/dirmngr/t-http.c b/dirmngr/t-http.c
index b0f2bcf..440633d 100644
--- a/dirmngr/t-http.c
+++ b/dirmngr/t-http.c
@@ -40,6 +40,7 @@
 
 #include "../common/util.h"
 #include "../common/logging.h"
+#include "dns-stuff.h"
 #include "http.h"
 
 #include <ksba.h>
@@ -312,9 +313,25 @@ main (int argc, char **argv)
   if (!cafile)
     cafile = prepend_srcdir ("tls-ca.pem");
 
+  if (verbose)
+    my_http_flags |= HTTP_FLAG_LOG_RESP;
+
+  if (verbose || debug)
+    http_set_verbose (verbose, debug);
+
   /* http.c makes use of the assuan socket wrapper.  */
   assuan_sock_init ();
 
+  if ((my_http_flags & HTTP_FLAG_FORCE_TOR))
+    {
+      enable_dns_tormode (1);
+      if (assuan_sock_set_flag (ASSUAN_INVALID_FD, "tor-mode", 1))
+        {
+          log_error ("error enabling Tor mode: %s\n", strerror (errno));
+          log_info ("(is your Libassuan recent enough?)\n");
+        }
+    }
+
 #if HTTP_USE_NTBTLS
   log_info ("new session.\n");
   err = http_session_new (&session, NULL,

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

