dirmngr: Support pseudo URI scheme "opaque".

* dirmngr/http.h (HTTP_PARSE_NO_SCHEME_CHECK): New. * dirmngr/http.c (http_parse_uri): Use this flag. Change all callers to use the new macro for better readability. (do_parse_uri): Add pseudo scheme "opaque". (uri_query_value): New. -- This scheme can be used to convey arbitrary strings in a parsed_uri_t object. Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit 72124fadaf)
1 year ago · 1c96f4d663
7 changed files with 36 additions and 18 deletions
--- a/dirmngr/http.c
+++ b/dirmngr/http.c
@ -1,8 +1,8 @@
 /* http.c  -  HTTP protocol handler
- * Copyright (C) 1999, 2001, 2002, 2003, 2004, 2006, 2009, 2010,
+ * Copyright (C) 1999, 2001-2004, 2006, 2009, 2010,
 *               2011 Free Software Foundation, Inc.
- * Copyright (C) 2014 Werner Koch
- * Copyright (C) 2015-2019 g10 Code GmbH
+ * Copyright (C) 1999, 2001-2004, 2006, 2009, 2010, 2011, 2014 Werner Koch
+ * Copyright (C) 2015-2017, 2021 g10 Code GmbH
 *
 * This file is part of GnuPG.
 *
@ -1293,15 +1293,14 @@ parse_uri (parsed_uri_t *ret_uri, const char *uri,
 /*
 * Parse an URI and put the result into the newly allocated RET_URI.
 * On success the caller must use http_release_parsed_uri() to
- * releases the resources.  If NO_SCHEME_CHECK is set, the function
- * tries to parse the URL in the same way it would do for an HTTP
- * style URI; this can for example be used for hkps or ldap schemes.
- */
+ * releases the resources.  If the HTTP_PARSE_NO_SCHEME_CHECK flag is
+ * set, the function tries to parse the URL in the same way it would
+ * do for an HTTP style URI.   */
 gpg_error_t
 http_parse_uri (parsed_uri_t *ret_uri, const char *uri,
-                int no_scheme_check)
+                unsigned int flags)
 {
-  return parse_uri (ret_uri, uri, no_scheme_check, 0);
+  return parse_uri (ret_uri, uri, !!(flags & HTTP_PARSE_NO_SCHEME_CHECK), 0);
 }


@ -1352,8 +1351,9 @@ do_parse_uri (parsed_uri_t uri, int only_local_part,
  uri->off_host = 0;
  uri->off_path = 0;

-  /* A quick validity check. */
-  if (strspn (p, VALID_URI_CHARS) != n)
+  /* A quick validity check unless we have the opaque scheme. */
+  if (strspn (p, VALID_URI_CHARS) != n
+      && strncmp (p, "opaque:", 7))
    return GPG_ERR_BAD_URI;	/* Invalid characters found. */

  if (!only_local_part)
@ -1383,6 +1383,12 @@ do_parse_uri (parsed_uri_t uri, int only_local_part,
          uri->is_http = 1;
          uri->use_tls = 1;
        }
+      else if (!strcmp (uri->scheme, "opaque"))
+        {
+          uri->opaque = 1;
+          uri->path = p2;
+          return 0;
+        }
      else if (!no_scheme_check)
 	return GPG_ERR_INV_URI; /* Not an http style scheme.  */
      else if (!strcmp (uri->scheme, "ldap") && !force_tls)
@ -3545,6 +3551,15 @@ uri_query_lookup (parsed_uri_t uri, const char *key)
  return NULL;
 }

+const char *
+uri_query_value (parsed_uri_t url, const char *key)
+{
+  struct uri_tuple_s *t;
+  t = uri_query_lookup (url, key);
+  return t? t->value : NULL;
+}
+
+

 /* Return true if both URI point to the same host for the purpose of
 * redirection check.  A is the original host and B the host given in
--- a/dirmngr/http.h
+++ b/dirmngr/http.h
@ -71,6 +71,7 @@ struct parsed_uri_s
 typedef struct parsed_uri_s *parsed_uri_t;

 struct uri_tuple_s *uri_query_lookup (parsed_uri_t uri, const char *key);
+const char *uri_query_value (parsed_uri_t url, const char *key);

 typedef enum
  {
@ -151,8 +152,9 @@ void http_session_set_log_cb (http_session_t sess,
 void http_session_set_timeout (http_session_t sess, unsigned int timeout);


+#define HTTP_PARSE_NO_SCHEME_CHECK 1
 gpg_error_t http_parse_uri (parsed_uri_t *ret_uri, const char *uri,
-                            int no_scheme_check);
+                            unsigned int flags);

 void http_release_parsed_uri (parsed_uri_t uri);

--- a/dirmngr/ks-action.c
+++ b/dirmngr/ks-action.c
@ -81,7 +81,7 @@ ks_action_help (ctrl_t ctrl, const char *url)
      else
 #endif
 	{
-	  err = http_parse_uri (&parsed_uri, url, 1);
+	  err = http_parse_uri (&parsed_uri, url, HTTP_PARSE_NO_SCHEME_CHECK);
 	}

      if (err)
@ -313,7 +313,7 @@ ks_action_fetch (ctrl_t ctrl, const char *url, estream_t outfp)
  if (!url)
    return gpg_error (GPG_ERR_INV_URI);

-  err = http_parse_uri (&parsed_uri, url, 1);
+  err = http_parse_uri (&parsed_uri, url, HTTP_PARSE_NO_SCHEME_CHECK);
  if (err)
    return err;

--- a/dirmngr/ks-engine-hkp.c
+++ b/dirmngr/ks-engine-hkp.c
@ -733,7 +733,8 @@ mark_host_dead (const char *name)
  parsed_uri_t parsed_uri = NULL;
  int done = 0;

-  if (name && *name && !http_parse_uri (&parsed_uri, name, 1))
+  if (name && *name
+      && !http_parse_uri (&parsed_uri, name, HTTP_PARSE_NO_SCHEME_CHECK))
    {
      if (parsed_uri->v6lit)
        {
--- a/dirmngr/ks-engine-ldap.c
+++ b/dirmngr/ks-engine-ldap.c
@ -322,7 +322,7 @@ ks_ldap_help (ctrl_t ctrl, parsed_uri_t uri)
    "\n"
    "The ldaps:// and ldapi:// schemes are also supported.  If ldaps is used\n"
    "then the server's certificate will be checked.  If it is not valid, any\n"
-    "operation will be aborted.\n"
+    "operation will be aborted.  Note that ldaps means LDAP with STARTTLS\n"
    "\n"
    "Supported methods: search, get, put\n";
  gpg_error_t err;
--- a/dirmngr/server.c
+++ b/dirmngr/server.c
@ -2113,7 +2113,7 @@ make_keyserver_item (const char *uri, uri_item_t *r_item)
  else
 #endif
    {
-      err = http_parse_uri (&item->parsed_uri, uri, 1);
+      err = http_parse_uri (&item->parsed_uri, uri, HTTP_PARSE_NO_SCHEME_CHECK);
    }

  if (err)
--- a/dirmngr/t-http.c
+++ b/dirmngr/t-http.c
@ -381,7 +381,7 @@ main (int argc, char **argv)
  (void)no_crl;
 #endif /*HTTP_USE_GNUTLS*/

-  rc = http_parse_uri (&uri, *argv, 1);
+  rc = http_parse_uri (&uri, *argv, HTTP_PARSE_NO_SCHEME_CHECK);
  if (rc)
    {
      log_error ("'%s': %s\n", *argv, gpg_strerror (rc));