security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

Merge branch 'STABLE-BRANCH-2-4'

Browse source 
* common/b64dec.c (b64decode): Move to ...
* common/miscellaneous.c: here.

* common/t-b64.c: Re-inroduce and keep only the b64decode test code.
This commit is contained in:
Werner Koch 2023-11-07 20:07:45 +01:00
commit 387ee7dcbd
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
67 changed files with 3281 additions and 2337 deletions
Download patch file Download diff file Expand all files Collapse all files

1
dirmngr/Makefile.am
View file

@ -68,6 +68,7 @@ AM_CFLAGS = $(USE_C99_CFLAGS) \
if HAVE_W32_SYSTEM
ldap_url = ldap-url.h ldap-url.c
NETLIBS += -lwinhttp -lsecurity
else
ldap_url =
endif

1
dirmngr/dirmngr.c
View file

@ -2046,6 +2046,7 @@ dirmngr_sighup_action (void)
crl_cache_deinit ();
cert_cache_init (hkp_cacert_filenames);
crl_cache_init ();
http_reinitialize ();
reload_dns_stuff (0);
ks_hkp_reload ();
}

2
dirmngr/http-common.h
View file

@ -22,4 +22,6 @@
const char *get_default_keyserver (int name_only);
void http_reinitialize (void);
#endif /* HTTP_COMMON_H */

1690
dirmngr/http.c
View file

File diff suppressed because it is too large Load diff

4
dirmngr/http.h
View file

@ -132,9 +132,11 @@ typedef gpg_error_t (*http_verify_cb_t) (void *opaque,
void http_set_verbose (int verbose, int debug);
/* The next three functions are only used with GNUTLS. */
void http_register_tls_callback (gpg_error_t (*cb)(http_t,http_session_t,int));
void http_register_tls_ca (const char *fname);
void http_register_cfg_ca (const char *fname);
void http_register_netactivity_cb (void (*cb)(void));
@ -193,7 +195,7 @@ estream_t http_get_read_ptr (http_t hd);
estream_t http_get_write_ptr (http_t hd);
unsigned int http_get_status_code (http_t hd);
const char *http_get_tls_info (http_t hd, const char *what);
const char *http_get_header (http_t hd, const char *name);
const char *http_get_header (http_t hd, const char *name, unsigned int skip);
const char **http_get_header_names (http_t hd);
gpg_error_t http_verify_server_credentials (http_session_t sess);

19
dirmngr/ks-engine-hkp.c
View file

@ -1327,7 +1327,7 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
{
xfree (request_buffer);
err = http_prepare_redirect (&redirinfo, http_get_status_code (http),
http_get_header (http, "Location"),
http_get_header (http, "Location", 0),
&request_buffer);
if (err)
goto leave;
@ -1340,18 +1340,17 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
}
goto once_more;
case 501:
err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
goto leave;
case 413: /* Payload too large */
err = gpg_error (GPG_ERR_TOO_LARGE);
goto leave;
default:
log_error (_("error accessing '%s': http status %u\n"),
request, http_get_status_code (http));
err = gpg_error (GPG_ERR_NO_DATA);
switch (http_get_status_code (http))
{
case 401: err = gpg_error (GPG_ERR_NO_AUTH); break;
case 407: err = gpg_error (GPG_ERR_BAD_AUTH); break;
case 413: err = gpg_error (GPG_ERR_TOO_LARGE); break;
case 501: err = gpg_error (GPG_ERR_NOT_IMPLEMENTED); break;
default: err = gpg_error (GPG_ERR_NO_DATA); break;
}
goto leave;
}

14
dirmngr/ks-engine-http.c
View file

@ -180,7 +180,7 @@ ks_http_fetch (ctrl_t ctrl, const char *url, unsigned int flags,
{
xfree (request_buffer);
err = http_prepare_redirect (&redirinfo, http_get_status_code (http),
http_get_header (http, "Location"),
http_get_header (http, "Location", 0),
&request_buffer);
if (err)
goto leave;
@ -193,14 +193,16 @@ ks_http_fetch (ctrl_t ctrl, const char *url, unsigned int flags,
}
goto once_more;
case 413: /* Payload too large */
err = gpg_error (GPG_ERR_TOO_LARGE);
goto leave;
default:
log_error (_("error accessing '%s': http status %u\n"),
url, http_get_status_code (http));
err = gpg_error (GPG_ERR_NO_DATA);
switch (http_get_status_code (http))
{
case 401: err = gpg_error (GPG_ERR_NO_AUTH); break;
case 407: err = gpg_error (GPG_ERR_BAD_AUTH); break;
case 413: err = gpg_error (GPG_ERR_TOO_LARGE); break;
default: err = gpg_error (GPG_ERR_NO_DATA); break;
}
goto leave;
}

3
dirmngr/ldap-misc.c
View file

@ -380,13 +380,14 @@ rfc4517toisotime (gnupg_isotime_t timebuf, const char *string)
int year, month, day, hour, minu, sec;
const char *s;
/* Sample value: "20230823141623Z"; */
for (i=0, s=string; i < 10; i++, s++) /* Need yyyymmddhh */
if (!digitp (s))
return gpg_error (GPG_ERR_INV_TIME);
year = atoi_4 (string);
month = atoi_2 (string + 4);
day = atoi_2 (string + 6);
hour = atoi_2 (string + 9);
hour = atoi_2 (string + 8);
minu = 0;
sec = 0;
if (digitp (s) && digitp (s+1))

2
dirmngr/ocsp.c
View file

@ -227,7 +227,7 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp,
case 301:
case 302:
{
const char *s = http_get_header (http, "Location");
const char *s = http_get_header (http, "Location", 0);
log_info (_("URL '%s' redirected to '%s' (%u)\n"),
url, s?s:"[none]", http_get_status_code (http));

27
dirmngr/server.c
View file

@ -2202,6 +2202,7 @@ ensure_keyserver (ctrl_t ctrl)
uri_item_t plain_items = NULL;
uri_item_t ui;
strlist_t sl;
int none_seen = 1;
if (ctrl->server_local->keyservers)
return 0; /* Already set for this session. */
@ -2214,6 +2215,15 @@ ensure_keyserver (ctrl_t ctrl)
for (sl = opt.keyserver; sl; sl = sl->next)
{
/* Frontends like Kleopatra may prefix option values without a
* scheme with "hkps://". Thus we need to check that too.
* Nobody will be mad enough to call a machine "none". */
if (!strcmp (sl->d, "none") || !strcmp (sl->d, "hkp://none")
|| !strcmp (sl->d, "hkps://none"))
{
none_seen = 1;
continue;
}
err = make_keyserver_item (sl->d, &item);
if (err)
goto leave;
@ -2229,6 +2239,12 @@ ensure_keyserver (ctrl_t ctrl)
}
}
if (none_seen && !plain_items && !onion_items)
{
err = gpg_error (GPG_ERR_NO_KEYSERVER);
goto leave;
}
/* Decide which to use. Note that the session has no keyservers
yet set. */
if (onion_items && !onion_items->next && plain_items && !plain_items->next)
@ -2299,8 +2315,7 @@ cmd_keyserver (assuan_context_t ctx, char *line)
gpg_error_t err = 0;
int clear_flag, add_flag, help_flag, host_flag, resolve_flag;
int dead_flag, alive_flag;
uri_item_t item = NULL; /* gcc 4.4.5 is not able to detect that it
is always initialized. */
uri_item_t item = NULL;
clear_flag = has_option (line, "--clear");
help_flag = has_option (line, "--help");
@ -2366,13 +2381,17 @@ cmd_keyserver (assuan_context_t ctx, char *line)
if (add_flag)
{
err = make_keyserver_item (line, &item);
if (!strcmp (line, "none") || !strcmp (line, "hkp://none")
|| !strcmp (line, "hkps://none"))
err = 0;
else
err = make_keyserver_item (line, &item);
if (err)
goto leave;
}
if (clear_flag)
release_ctrl_keyservers (ctrl);
if (add_flag)
if (add_flag && item)
{
item->next = ctrl->server_local->keyservers;
ctrl->server_local->keyservers = item;

9
dirmngr/t-http.c
View file

@ -288,6 +288,11 @@ main (int argc, char **argv)
my_http_flags |= HTTP_FLAG_FORCE_TOR;
argc--; argv++;
}
else if (!strcmp (*argv, "--try-proxy"))
{
my_http_flags |= HTTP_FLAG_TRY_PROXY;
argc--; argv++;
}
else if (!strcmp (*argv, "--no-out"))
{
no_out = 1;
@ -458,7 +463,7 @@ main (int argc, char **argv)
log_fatal ("http_get_header_names failed: %s\n",
gpg_strerror (gpg_error_from_syserror ()));
for (i = 0; names[i]; i++)
printf ("HDR: %s: %s\n", names[i], http_get_header (hd, names[i]));
printf ("HDR: %s: %s\n", names[i], http_get_header (hd, names[i], 0));
xfree (names);
}
fflush (stdout);
@ -484,7 +489,7 @@ main (int argc, char **argv)
case 301:
case 302:
case 307:
log_info ("Redirected to: %s\n", http_get_header (hd, "Location"));
log_info ("Redirected to: %s\n", http_get_header (hd, "Location", 0));
break;
}
http_close (hd, 0);