security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-02-01 16:33:02 +01:00
Code Activity

* keyserver.c (keyserver_import_cert): Handle the IPGP CERT type for

Browse Source 
both the fingerprint alone, and fingerprint+URL cases.

* getkey.c (get_pubkey_byname): Minor cleanup.
This commit is contained in:
David Shaw 2006-03-17 05:20:13 +00:00
parent e0ad2bda52
commit 3cfc77097d
3 changed files with 43 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
g10/ChangeLog
View File

@ -1,3 +1,10 @@
2006-03-16 David Shaw <dshaw@jabberwocky.com>
* keyserver.c (keyserver_import_cert): Handle the IPGP CERT type
for both the fingerprint alone, and fingerprint+URL cases.
* getkey.c (get_pubkey_byname): Minor cleanup.
2006-03-13 David Shaw <dshaw@jabberwocky.com> 2006-03-13 David Shaw <dshaw@jabberwocky.com>
* keyserver-internal.h, keyserver.c (keyserver_import_pka): Use * keyserver-internal.h, keyserver.c (keyserver_import_pka): Use

23
g10/getkey.c
View File

@ -917,7 +917,6 @@ get_pubkey_byname (PKT_public_key *pk,
if (rc == G10ERR_NO_PUBKEY && is_valid_mailbox(name)) if (rc == G10ERR_NO_PUBKEY && is_valid_mailbox(name))
{ {
int res;
struct akl *akl; struct akl *akl;
for(akl=opt.auto_key_locate;akl;akl=akl->next) for(akl=opt.auto_key_locate;akl;akl=akl->next)
@ -929,29 +928,29 @@ get_pubkey_byname (PKT_public_key *pk,
{ {
case AKL_CERT: case AKL_CERT:
glo_ctrl.in_auto_key_retrieve++; glo_ctrl.in_auto_key_retrieve++;
res=keyserver_import_cert(name,&fpr,&fpr_len); rc=keyserver_import_cert(name,&fpr,&fpr_len);
glo_ctrl.in_auto_key_retrieve--; glo_ctrl.in_auto_key_retrieve--;
if(res==0) if(rc==0)
log_info(_("Automatically retrieved `%s' via %s\n"), log_info(_("Automatically retrieved `%s' via %s\n"),
name,"DNS CERT"); name,"DNS CERT");
break; break;
case AKL_PKA: case AKL_PKA:
glo_ctrl.in_auto_key_retrieve++; glo_ctrl.in_auto_key_retrieve++;
res=keyserver_import_pka(name,&fpr,&fpr_len); rc=keyserver_import_pka(name,&fpr,&fpr_len);
if(res==0) if(rc==0)
log_info(_("Automatically retrieved `%s' via %s\n"), log_info(_("Automatically retrieved `%s' via %s\n"),
name,"PKA"); name,"PKA");
break; break;
case AKL_LDAP: case AKL_LDAP:
glo_ctrl.in_auto_key_retrieve++; glo_ctrl.in_auto_key_retrieve++;
res=keyserver_import_ldap(name,&fpr,&fpr_len); rc=keyserver_import_ldap(name,&fpr,&fpr_len);
glo_ctrl.in_auto_key_retrieve--; glo_ctrl.in_auto_key_retrieve--;
if(res==0) if(rc==0)
log_info(_("Automatically retrieved `%s' via %s\n"), log_info(_("Automatically retrieved `%s' via %s\n"),
name,"LDAP"); name,"LDAP");
break; break;
@ -964,10 +963,10 @@ get_pubkey_byname (PKT_public_key *pk,
if(opt.keyserver) if(opt.keyserver)
{ {
glo_ctrl.in_auto_key_retrieve++; glo_ctrl.in_auto_key_retrieve++;
res=keyserver_import_name(name,&fpr,&fpr_len,opt.keyserver); rc=keyserver_import_name(name,&fpr,&fpr_len,opt.keyserver);
glo_ctrl.in_auto_key_retrieve--; glo_ctrl.in_auto_key_retrieve--;
if(res==0) if(rc==0)
log_info(_("Automatically retrieved `%s' via %s\n"), log_info(_("Automatically retrieved `%s' via %s\n"),
name,opt.keyserver->uri); name,opt.keyserver->uri);
} }
@ -979,10 +978,10 @@ get_pubkey_byname (PKT_public_key *pk,
keyserver=keyserver_match(akl->spec); keyserver=keyserver_match(akl->spec);
glo_ctrl.in_auto_key_retrieve++; glo_ctrl.in_auto_key_retrieve++;
res=keyserver_import_name(name,&fpr,&fpr_len,keyserver); rc=keyserver_import_name(name,&fpr,&fpr_len,keyserver);
glo_ctrl.in_auto_key_retrieve--; glo_ctrl.in_auto_key_retrieve--;
if(res==0) if(rc==0)
log_info(_("Automatically retrieved `%s' via %s\n"), log_info(_("Automatically retrieved `%s' via %s\n"),
name,akl->spec->uri); name,akl->spec->uri);
} }
@ -996,7 +995,7 @@ get_pubkey_byname (PKT_public_key *pk,
requirement as the URL might point to a key put in by an requirement as the URL might point to a key put in by an
attacker. By forcing the use of the fingerprint, we attacker. By forcing the use of the fingerprint, we
won't use the attacker's key here. */ won't use the attacker's key here. */
if(res==0 && fpr) if(rc==0 && fpr)
{ {
int i; int i;
char fpr_string[MAX_FINGERPRINT_LEN*2+1]; char fpr_string[MAX_FINGERPRINT_LEN*2+1];

19
g10/keyserver.c
View File

@ -1985,7 +1985,7 @@ keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len)
{ {
char *domain,*look,*url; char *domain,*look,*url;
IOBUF key; IOBUF key;
int type,rc=-1; int type,rc=G10ERR_GENERAL;
look=xstrdup(name); look=xstrdup(name);
@ -1993,7 +1993,7 @@ keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len)
if(domain) if(domain)
*domain='.'; *domain='.';
type=get_cert(look,max_cert_size,&key,NULL,NULL,&url); type=get_cert(look,max_cert_size,&key,fpr,fpr_len,&url);
if(type==1) if(type==1)
{ {
int armor_status=opt.no_armor; int armor_status=opt.no_armor;
@ -2008,7 +2008,12 @@ keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len)
iobuf_close(key); iobuf_close(key);
} }
else if(type==2) else if(type==2 && *fpr)
{
/* We only consider the IPGP type if a fingerprint was provided.
This lets us select the right key regardless of what a URL
points to, or get the key from a keyserver. */
if(url)
{ {
struct keyserver_spec *spec; struct keyserver_spec *spec;
@ -2024,6 +2029,14 @@ keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len)
free_strlist(list); free_strlist(list);
free_keyserver_spec(spec); free_keyserver_spec(spec);
} }
}
else if(opt.keyserver)
{
/* If only a fingerprint is provided, try and fetch it from
our --keyserver */
rc=keyserver_import_fprint(*fpr,*fpr_len,opt.keyserver);
}
xfree(url); xfree(url);
} }