[Pkg-gnupg-commit] [gnupg2] 50/116: dirmngr: Use "pgpkey-hkps" and "pgpkey-hkp" for SRV record lookups.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Jan 24 04:40:53 UTC 2017
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit 0cc975d8a1cd54115938202432e43263b8893ea4
Author: Werner Koch <wk at gnupg.org>
Date: Mon Jan 9 10:42:30 2017 +0100
dirmngr: Use "pgpkey-hkps" and "pgpkey-hkp" for SRV record lookups.
* dirmngr/ks-engine-hkp.c (map_host): Chnage arg NO_SRV to SRVTAG.
(make_host_part): Rewrite.
--
This fixes a regression from 2.0 and 1.4 where these tags have been in
used since 2009. For whatever reason this was not ported to 2.1 and
"hkp" was always used.
GnuPG-bug-id: 2451
Signed-off-by: Werner Koch <wk at gnupg.org>
---
dirmngr/ks-engine-hkp.c | 63 ++++++++++++++++++++++++++-----------------------
1 file changed, 34 insertions(+), 29 deletions(-)
diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
index 9b757a3..5f6e5f4 100644
--- a/dirmngr/ks-engine-hkp.c
+++ b/dirmngr/ks-engine-hkp.c
@@ -378,16 +378,17 @@ add_host (const char *name, int is_pool,
* to choose one of the hosts. For example we skip those hosts which
* failed for some time and we stick to one host for a time
* independent of DNS retry times. If FORCE_RESELECT is true a new
- * host is always selected. If NO_SRV is set no service record lookup
- * will be done. The selected host is stored as a malloced string at
- * R_HOST; on error NULL is stored. If we know the port used by the
- * selected host from a service record, a string representation is
- * written to R_PORTSTR, otherwise it is left untouched. If
- * R_HTTPFLAGS is not NULL it will receive flags which are to be
- * passed to http_open. If R_POOLNAME is not NULL a malloced name of
- * the pool is stored or NULL if it is not a pool. */
+ * host is always selected. If SRVTAG is NULL no service record
+ * lookup will be done, if it is set that service name is used. The
+ * selected host is stored as a malloced string at R_HOST; on error
+ * NULL is stored. If we know the port used by the selected host from
+ * a service record, a string representation is written to R_PORTSTR,
+ * otherwise it is left untouched. If R_HTTPFLAGS is not NULL it will
+ * receive flags which are to be passed to http_open. If R_POOLNAME
+ * is not NULL a malloced name of the pool is stored or NULL if it is
+ * not a pool. */
static gpg_error_t
-map_host (ctrl_t ctrl, const char *name, int force_reselect, int no_srv,
+map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect,
char **r_host, char *r_portstr,
unsigned int *r_httpflags, char **r_poolname)
{
@@ -445,10 +446,10 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, int no_srv,
}
hi = hosttable[idx];
- if (!no_srv && !is_ip_address (name))
+ if (srvtag && !is_ip_address (name))
{
/* Check for SRV records. */
- err = get_dns_srv (name, "hkp", NULL, &srvs, &srvscount);
+ err = get_dns_srv (name, srvtag, NULL, &srvs, &srvscount);
if (err)
{
xfree (reftbl);
@@ -859,38 +860,42 @@ make_host_part (ctrl_t ctrl,
char **r_hostport, unsigned int *r_httpflags, char **r_poolname)
{
gpg_error_t err;
+ const char *srvtag;
char portstr[10];
char *hostname;
*r_hostport = NULL;
- portstr[0] = 0;
- err = map_host (ctrl, host, force_reselect, no_srv,
- &hostname, portstr, r_httpflags, r_poolname);
- if (err)
- return err;
-
- /* If map_host did not return a port (from a SRV record) but a port
- * has been specified (implicitly or explicitly) then use that port.
- * Only in the case that a port was not specified (which might be a
- * bug in https.c) we will later make sure that it has been set. */
- if (!*portstr && port)
- snprintf (portstr, sizeof portstr, "%hu", port);
-
- /* Map scheme and port. */
if (!strcmp (scheme, "hkps") || !strcmp (scheme,"https"))
{
scheme = "https";
- if (! *portstr)
- strcpy (portstr, "443");
+ srvtag = no_srv? NULL : "pgpkey-https";
}
else /* HKP or HTTP. */
{
scheme = "http";
- if (! *portstr)
- strcpy (portstr, "11371");
+ srvtag = no_srv? NULL : "pgpkey-http";
}
+ portstr[0] = 0;
+ err = map_host (ctrl, host, srvtag, force_reselect,
+ &hostname, portstr, r_httpflags, r_poolname);
+ if (err)
+ return err;
+
+ /* If map_host did not return a port (from a SRV record) but a port
+ * has been specified (implicitly or explicitly) then use that port.
+ * In the case that a port was not specified (which is probably a
+ * bug in https.c) we will set up defaults. */
+ if (*portstr)
+ ;
+ else if (!*portstr && port)
+ snprintf (portstr, sizeof portstr, "%hu", port);
+ else if (!strcmp (scheme,"https"))
+ strcpy (portstr, "443");
+ else
+ strcpy (portstr, "11371");
+
*r_hostport = strconcat (scheme, "://", hostname, ":", portstr, NULL);
xfree (hostname);
if (!*r_hostport)
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list