1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00

dirmngr: Allow redirection from https to http for CRLs

* dirmngr/ks-engine.h (KS_HTTP_FETCH_NOCACHE): New flag.
(KS_HTTP_FETCH_TRUST_CFG): Ditto.
(KS_HTTP_FETCH_NO_CRL): Ditto.
(KS_HTTP_FETCH_ALLOW_DOWNGRADE): Ditto.
* dirmngr/ks-engine-http.c (ks_http_fetch): Replace args send_no_cache
and extra_http_trust_flags by a new flags arg.  Allow redirectiong
from https to http it KS_HTTP_FETCH_ALLOW_DOWNGRADE is set.
* dirmngr/loadswdb.c (fetch_file): Call with KS_HTTP_FETCH_NOCACHE.
* dirmngr/ks-action.c (ks_action_get): Ditto.
(ks_action_fetch): Ditto.
* dirmngr/crlfetch.c (crl_fetch): Call with the appropriate flags.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2018-04-25 12:37:34 +02:00
parent 705d8e9cf0
commit 1de4462974
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
5 changed files with 40 additions and 21 deletions

View file

@ -41,9 +41,15 @@ gpg_error_t ks_hkp_put (ctrl_t ctrl, parsed_uri_t uri,
const void *data, size_t datalen);
/*-- ks-engine-http.c --*/
/* Flags for the ks_http_fetch. */
#define KS_HTTP_FETCH_NOCACHE 1 /* Request no caching. */
#define KS_HTTP_FETCH_TRUST_CFG 2 /* Requests HTTP_FLAG_TRUST_CFG. */
#define KS_HTTP_FETCH_NO_CRL 4 /* Requests HTTP_FLAG_NO_CRL. */
#define KS_HTTP_FETCH_ALLOW_DOWNGRADE 8 /* Allow redirect https -> http. */
gpg_error_t ks_http_help (ctrl_t ctrl, parsed_uri_t uri);
gpg_error_t ks_http_fetch (ctrl_t ctrl, const char *url, int send_no_cache,
unsigned int extra_http_trust_flags,
gpg_error_t ks_http_fetch (ctrl_t ctrl, const char *url, unsigned int flags,
estream_t *r_fp);