security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

* gpgkeys_hkp.c (main, srv_replace): Minor tweaks to use the DNS-SD 

names ("pgpkey-http" and "pgpkey-https") in SRV lookups instead of
"hkp" and "hkps".
This commit is contained in:
David Shaw 2009-07-08 04:01:13 +00:00
parent 2193992559
commit 2e835fd6ab
2 changed files with 23 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
keyserver/ChangeLog
View File

@ -1,3 +1,9 @@
2009-07-06 David Shaw <dshaw@jabberwocky.com>
* gpgkeys_hkp.c (main, srv_replace): Minor tweaks to use the
DNS-SD names ("pgpkey-http" and "pgpkey-https") in SRV lookups
instead of "hkp" and "hkps".
2009-06-24 Werner Koch <wk@g10code.com> 2009-06-24 Werner Koch <wk@g10code.com>
* gpgkeys_ldap.c (send_key): Do not deep free a NULL modlist. * gpgkeys_ldap.c (send_key): Do not deep free a NULL modlist.

22
keyserver/gpgkeys_hkp.c
View File

@ -489,18 +489,21 @@ fail_all(struct keylist *keylist,int err)
/* If there is a SRV record, take the highest ranked possibility. /* If there is a SRV record, take the highest ranked possibility.
This is a hack, as we don't proceed downwards. */ This is a hack, as we don't proceed downwards. */
static void static void
srv_replace(void) srv_replace(const char *srvtag)
{ {
#ifdef USE_DNS_SRV #ifdef USE_DNS_SRV
struct srventry *srvlist=NULL; struct srventry *srvlist=NULL;
int srvcount; int srvcount;
if(1+strlen(opt->scheme)+6+strlen(opt->host)+1<=MAXDNAME) if(!srvtag)
return;
if(1+strlen(srvtag)+6+strlen(opt->host)+1<=MAXDNAME)
{ {
char srvname[MAXDNAME]; char srvname[MAXDNAME];
strcpy(srvname,"_"); strcpy(srvname,"_");
strcat(srvname,opt->scheme); strcat(srvname,srvtag);
strcat(srvname,"._tcp."); strcat(srvname,"._tcp.");
strcat(srvname,opt->host); strcat(srvname,opt->host);
srvcount=getsrv(srvname,&srvlist); srvcount=getsrv(srvname,&srvlist);
@ -714,17 +717,26 @@ main(int argc,char *argv[])
port=opt->port; port=opt->port;
else if(try_srv) else if(try_srv)
{ {
char *srvtag;
if(ks_strcasecmp(opt->scheme,"hkp")==0)
srvtag="pgpkey-http";
else if(ks_strcasecmp(opt->scheme,"hkps")==0)
srvtag="pgpkey-https";
else
srvtag=NULL;
#ifdef HAVE_LIBCURL #ifdef HAVE_LIBCURL
/* We're using libcurl, so fake SRV support via our wrapper. /* We're using libcurl, so fake SRV support via our wrapper.
This isn't as good as true SRV support, as we do not try all This isn't as good as true SRV support, as we do not try all
possible targets at one particular level and work our way possible targets at one particular level and work our way
down the list, but it's better than nothing. */ down the list, but it's better than nothing. */
srv_replace(); srv_replace(srvtag);
#else #else
/* We're using our internal curl shim, so we can use its (true) /* We're using our internal curl shim, so we can use its (true)
SRV support. Obviously, CURLOPT_SRVTAG_GPG_HACK isn't a real SRV support. Obviously, CURLOPT_SRVTAG_GPG_HACK isn't a real
libcurl option. It's specific to our shim. */ libcurl option. It's specific to our shim. */
curl_easy_setopt(curl,CURLOPT_SRVTAG_GPG_HACK,opt->scheme); curl_easy_setopt(curl,CURLOPT_SRVTAG_GPG_HACK,srvtag);
#endif #endif
} }