mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-08 12:44:23 +01:00
dirmngr: Stricter handling of http error codes.
* dirmngr/ks-action.c (ks_action_search): Only retry if the keyserver responded with a '404 Not Found'. * dirmngr/ks-engine-hkp.c (send_request): Return http status code. (ks_hkp_search): Likewise. (ks_hkp_{get,put}): Adapt call to 'send_request'. * dirmngr/ks-engine.h (ks_hkp_search): Update prototype. Signed-off-by: Justus Winter <justus@g10code.com>
This commit is contained in:
parent
6ac57a482f
commit
6d64ef869d
@ -156,13 +156,13 @@ ks_action_search (ctrl_t ctrl, uri_item_t keyservers,
|
|||||||
parallel and merge them. We also need to decide what to do with
|
parallel and merge them. We also need to decide what to do with
|
||||||
errors - it might not be the best idea to ignore an error from
|
errors - it might not be the best idea to ignore an error from
|
||||||
one server and silently continue with another server. For now we
|
one server and silently continue with another server. For now we
|
||||||
stop at the first error, unless it is GPG_ERR_NO_DATA, in which
|
stop at the first error, unless the server responds with '404 Not
|
||||||
case we try the next server. Unfortunately, 'send_requests'
|
Found', in which case we try the next server. */
|
||||||
broadly maps all kinds of http errors to GPG_ERR_NO_DATA. */
|
|
||||||
for (uri = keyservers; !err && uri; uri = uri->next)
|
for (uri = keyservers; !err && uri; uri = uri->next)
|
||||||
{
|
{
|
||||||
int is_http = uri->parsed_uri->is_http;
|
int is_http = uri->parsed_uri->is_http;
|
||||||
int is_ldap = 0;
|
int is_ldap = 0;
|
||||||
|
unsigned int http_status;
|
||||||
#if USE_LDAP
|
#if USE_LDAP
|
||||||
is_ldap = (strcmp (uri->parsed_uri->scheme, "ldap") == 0
|
is_ldap = (strcmp (uri->parsed_uri->scheme, "ldap") == 0
|
||||||
|| strcmp (uri->parsed_uri->scheme, "ldaps") == 0
|
|| strcmp (uri->parsed_uri->scheme, "ldaps") == 0
|
||||||
@ -177,10 +177,12 @@ ks_action_search (ctrl_t ctrl, uri_item_t keyservers,
|
|||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
err = ks_hkp_search (ctrl, uri->parsed_uri, patterns->d, &infp);
|
err = ks_hkp_search (ctrl, uri->parsed_uri, patterns->d,
|
||||||
|
&infp, &http_status);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (err == gpg_error (GPG_ERR_NO_DATA))
|
if (err == gpg_error (GPG_ERR_NO_DATA)
|
||||||
|
&& http_status == 404 /* not found */)
|
||||||
{
|
{
|
||||||
/* No record found. Clear error and try next server. */
|
/* No record found. Clear error and try next server. */
|
||||||
err = 0;
|
err = 0;
|
||||||
|
@ -974,12 +974,13 @@ ks_hkp_housekeeping (time_t curtime)
|
|||||||
R_FP. HOSTPORTSTR is only used for diagnostics. If HTTPHOST is
|
R_FP. HOSTPORTSTR is only used for diagnostics. If HTTPHOST is
|
||||||
not NULL it will be used as HTTP "Host" header. If POST_CB is not
|
not NULL it will be used as HTTP "Host" header. If POST_CB is not
|
||||||
NULL a post request is used and that callback is called to allow
|
NULL a post request is used and that callback is called to allow
|
||||||
writing the post data. */
|
writing the post data. If R_HTTP_STATUS is not NULL, the http
|
||||||
|
status code will be stored there. */
|
||||||
static gpg_error_t
|
static gpg_error_t
|
||||||
send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
|
send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
|
||||||
const char *httphost, unsigned int httpflags,
|
const char *httphost, unsigned int httpflags,
|
||||||
gpg_error_t (*post_cb)(void *, http_t), void *post_cb_value,
|
gpg_error_t (*post_cb)(void *, http_t), void *post_cb_value,
|
||||||
estream_t *r_fp)
|
estream_t *r_fp, unsigned int *r_http_status)
|
||||||
{
|
{
|
||||||
gpg_error_t err;
|
gpg_error_t err;
|
||||||
http_session_t session = NULL;
|
http_session_t session = NULL;
|
||||||
@ -1050,6 +1051,9 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
|
|||||||
httpflags |= HTTP_FLAG_FORCE_TLS;
|
httpflags |= HTTP_FLAG_FORCE_TLS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (r_http_status)
|
||||||
|
*r_http_status = http_get_status_code (http);
|
||||||
|
|
||||||
switch (http_get_status_code (http))
|
switch (http_get_status_code (http))
|
||||||
{
|
{
|
||||||
case 200:
|
case 200:
|
||||||
@ -1158,10 +1162,12 @@ handle_send_request_error (gpg_error_t err, const char *request,
|
|||||||
|
|
||||||
|
|
||||||
/* Search the keyserver identified by URI for keys matching PATTERN.
|
/* Search the keyserver identified by URI for keys matching PATTERN.
|
||||||
On success R_FP has an open stream to read the data. */
|
On success R_FP has an open stream to read the data. If
|
||||||
|
R_HTTP_STATUS is not NULL, the http status code will be stored
|
||||||
|
there. */
|
||||||
gpg_error_t
|
gpg_error_t
|
||||||
ks_hkp_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
|
ks_hkp_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
|
||||||
estream_t *r_fp)
|
estream_t *r_fp, unsigned int *r_http_status)
|
||||||
{
|
{
|
||||||
gpg_error_t err;
|
gpg_error_t err;
|
||||||
KEYDB_SEARCH_DESC desc;
|
KEYDB_SEARCH_DESC desc;
|
||||||
@ -1248,7 +1254,7 @@ ks_hkp_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
|
|||||||
|
|
||||||
/* Send the request. */
|
/* Send the request. */
|
||||||
err = send_request (ctrl, request, hostport, httphost, httpflags,
|
err = send_request (ctrl, request, hostport, httphost, httpflags,
|
||||||
NULL, NULL, &fp);
|
NULL, NULL, &fp, r_http_status);
|
||||||
if (handle_send_request_error (err, request, &tries))
|
if (handle_send_request_error (err, request, &tries))
|
||||||
{
|
{
|
||||||
reselect = 1;
|
reselect = 1;
|
||||||
@ -1381,7 +1387,7 @@ ks_hkp_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec, estream_t *r_fp)
|
|||||||
|
|
||||||
/* Send the request. */
|
/* Send the request. */
|
||||||
err = send_request (ctrl, request, hostport, httphost, httpflags,
|
err = send_request (ctrl, request, hostport, httphost, httpflags,
|
||||||
NULL, NULL, &fp);
|
NULL, NULL, &fp, NULL);
|
||||||
if (handle_send_request_error (err, request, &tries))
|
if (handle_send_request_error (err, request, &tries))
|
||||||
{
|
{
|
||||||
reselect = 1;
|
reselect = 1;
|
||||||
@ -1489,7 +1495,7 @@ ks_hkp_put (ctrl_t ctrl, parsed_uri_t uri, const void *data, size_t datalen)
|
|||||||
|
|
||||||
/* Send the request. */
|
/* Send the request. */
|
||||||
err = send_request (ctrl, request, hostport, httphost, 0,
|
err = send_request (ctrl, request, hostport, httphost, 0,
|
||||||
put_post_cb, &parm, &fp);
|
put_post_cb, &parm, &fp, NULL);
|
||||||
if (handle_send_request_error (err, request, &tries))
|
if (handle_send_request_error (err, request, &tries))
|
||||||
{
|
{
|
||||||
reselect = 1;
|
reselect = 1;
|
||||||
|
@ -34,7 +34,7 @@ gpg_error_t ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive);
|
|||||||
gpg_error_t ks_hkp_print_hosttable (ctrl_t ctrl);
|
gpg_error_t ks_hkp_print_hosttable (ctrl_t ctrl);
|
||||||
gpg_error_t ks_hkp_help (ctrl_t ctrl, parsed_uri_t uri);
|
gpg_error_t ks_hkp_help (ctrl_t ctrl, parsed_uri_t uri);
|
||||||
gpg_error_t ks_hkp_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
|
gpg_error_t ks_hkp_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
|
||||||
estream_t *r_fp);
|
estream_t *r_fp, unsigned int *r_http_status);
|
||||||
gpg_error_t ks_hkp_get (ctrl_t ctrl, parsed_uri_t uri,
|
gpg_error_t ks_hkp_get (ctrl_t ctrl, parsed_uri_t uri,
|
||||||
const char *keyspec, estream_t *r_fp);
|
const char *keyspec, estream_t *r_fp);
|
||||||
gpg_error_t ks_hkp_put (ctrl_t ctrl, parsed_uri_t uri,
|
gpg_error_t ks_hkp_put (ctrl_t ctrl, parsed_uri_t uri,
|
||||||
|
Loading…
x
Reference in New Issue
Block a user