mirror of
git://git.gnupg.org/gnupg.git
synced 2024-06-07 23:27:48 +02:00
* keyserver.c (keyserver_import_cert): Handle the IPGP CERT type for
both the fingerprint alone, and fingerprint+URL cases. * getkey.c (get_pubkey_byname): Minor cleanup.
This commit is contained in:
David Shaw
parent
e0ad2bda52
commit
3cfc77097d
|
|
@ -1,3 +1,10 @@
|
|||
2006-03-16 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* keyserver.c (keyserver_import_cert): Handle the IPGP CERT type
|
||||
for both the fingerprint alone, and fingerprint+URL cases.
|
||||
|
||||
* getkey.c (get_pubkey_byname): Minor cleanup.
|
||||
|
||||
2006-03-13 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* keyserver-internal.h, keyserver.c (keyserver_import_pka): Use
|
||||
|
|
|
|||
23
g10/getkey.c
23
g10/getkey.c
|
|
@ -917,7 +917,6 @@ get_pubkey_byname (PKT_public_key *pk,
|
|||
|
||||
if (rc == G10ERR_NO_PUBKEY && is_valid_mailbox(name))
|
||||
{
|
||||
int res;
|
||||
struct akl *akl;
|
||||
|
||||
for(akl=opt.auto_key_locate;akl;akl=akl->next)
|
||||
|
|
@ -929,29 +928,29 @@ get_pubkey_byname (PKT_public_key *pk,
|
|||
{
|
||||
case AKL_CERT:
|
||||
glo_ctrl.in_auto_key_retrieve++;
|
||||
res=keyserver_import_cert(name,&fpr,&fpr_len);
|
||||
rc=keyserver_import_cert(name,&fpr,&fpr_len);
|
||||
glo_ctrl.in_auto_key_retrieve--;
|
||||
|
||||
if(res==0)
|
||||
if(rc==0)
|
||||
log_info(_("Automatically retrieved `%s' via %s\n"),
|
||||
name,"DNS CERT");
|
||||
break;
|
||||
|
||||
case AKL_PKA:
|
||||
glo_ctrl.in_auto_key_retrieve++;
|
||||
res=keyserver_import_pka(name,&fpr,&fpr_len);
|
||||
rc=keyserver_import_pka(name,&fpr,&fpr_len);
|
||||
|
||||
if(res==0)
|
||||
if(rc==0)
|
||||
log_info(_("Automatically retrieved `%s' via %s\n"),
|
||||
name,"PKA");
|
||||
break;
|
||||
|
||||
case AKL_LDAP:
|
||||
glo_ctrl.in_auto_key_retrieve++;
|
||||
res=keyserver_import_ldap(name,&fpr,&fpr_len);
|
||||
rc=keyserver_import_ldap(name,&fpr,&fpr_len);
|
||||
glo_ctrl.in_auto_key_retrieve--;
|
||||
|
||||
if(res==0)
|
||||
if(rc==0)
|
||||
log_info(_("Automatically retrieved `%s' via %s\n"),
|
||||
name,"LDAP");
|
||||
break;
|
||||
|
|
@ -964,10 +963,10 @@ get_pubkey_byname (PKT_public_key *pk,
|
|||
if(opt.keyserver)
|
||||
{
|
||||
glo_ctrl.in_auto_key_retrieve++;
|
||||
res=keyserver_import_name(name,&fpr,&fpr_len,opt.keyserver);
|
||||
rc=keyserver_import_name(name,&fpr,&fpr_len,opt.keyserver);
|
||||
glo_ctrl.in_auto_key_retrieve--;
|
||||
|
||||
if(res==0)
|
||||
if(rc==0)
|
||||
log_info(_("Automatically retrieved `%s' via %s\n"),
|
||||
name,opt.keyserver->uri);
|
||||
}
|
||||
|
|
@ -979,10 +978,10 @@ get_pubkey_byname (PKT_public_key *pk,
|
|||
|
||||
keyserver=keyserver_match(akl->spec);
|
||||
glo_ctrl.in_auto_key_retrieve++;
|
||||
res=keyserver_import_name(name,&fpr,&fpr_len,keyserver);
|
||||
rc=keyserver_import_name(name,&fpr,&fpr_len,keyserver);
|
||||
glo_ctrl.in_auto_key_retrieve--;
|
||||
|
||||
if(res==0)
|
||||
if(rc==0)
|
||||
log_info(_("Automatically retrieved `%s' via %s\n"),
|
||||
name,akl->spec->uri);
|
||||
}
|
||||
|
|
@ -996,7 +995,7 @@ get_pubkey_byname (PKT_public_key *pk,
|
|||
requirement as the URL might point to a key put in by an
|
||||
attacker. By forcing the use of the fingerprint, we
|
||||
won't use the attacker's key here. */
|
||||
if(res==0 && fpr)
|
||||
if(rc==0 && fpr)
|
||||
{
|
||||
int i;
|
||||
char fpr_string[MAX_FINGERPRINT_LEN*2+1];
|
||||
|
|
|
|||
|
|
@ -1985,7 +1985,7 @@ keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len)
|
|||
{
|
||||
char *domain,*look,*url;
|
||||
IOBUF key;
|
||||
int type,rc=-1;
|
||||
int type,rc=G10ERR_GENERAL;
|
||||
|
||||
look=xstrdup(name);
|
||||
|
||||
|
|
@ -1993,7 +1993,7 @@ keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len)
|
|||
if(domain)
|
||||
*domain='.';
|
||||
|
||||
type=get_cert(look,max_cert_size,&key,NULL,NULL,&url);
|
||||
type=get_cert(look,max_cert_size,&key,fpr,fpr_len,&url);
|
||||
if(type==1)
|
||||
{
|
||||
int armor_status=opt.no_armor;
|
||||
|
|
@ -2008,21 +2008,34 @@ keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len)
|
|||
|
||||
iobuf_close(key);
|
||||
}
|
||||
else if(type==2)
|
||||
else if(type==2 && *fpr)
|
||||
{
|
||||
struct keyserver_spec *spec;
|
||||
|
||||
spec=parse_keyserver_uri(url,1,NULL,0);
|
||||
if(spec)
|
||||
/* We only consider the IPGP type if a fingerprint was provided.
|
||||
This lets us select the right key regardless of what a URL
|
||||
points to, or get the key from a keyserver. */
|
||||
if(url)
|
||||
{
|
||||
STRLIST list=NULL;
|
||||
struct keyserver_spec *spec;
|
||||
|
||||
add_to_strlist(&list,url);
|
||||
spec=parse_keyserver_uri(url,1,NULL,0);
|
||||
if(spec)
|
||||
{
|
||||
STRLIST list=NULL;
|
||||
|
||||
rc=keyserver_fetch(list);
|
||||
add_to_strlist(&list,url);
|
||||
|
||||
free_strlist(list);
|
||||
free_keyserver_spec(spec);
|
||||
rc=keyserver_fetch(list);
|
||||
|
||||
free_strlist(list);
|
||||
free_keyserver_spec(spec);
|
||||
}
|
||||
}
|
||||
else if(opt.keyserver)
|
||||
{
|
||||
/* If only a fingerprint is provided, try and fetch it from
|
||||
our --keyserver */
|
||||
|
||||
rc=keyserver_import_fprint(*fpr,*fpr_len,opt.keyserver);
|
||||
}
|
||||
|
||||
xfree(url);
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user