From 72124fadafde153f8ac89a70202006d831829d06 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 25 May 2021 16:08:56 +0200 Subject: [PATCH] dirmngr: Support pseudo URI scheme "opaque". * dirmngr/http.h (HTTP_PARSE_NO_SCHEME_CHECK): New. * dirmngr/http.c (http_parse_uri): Use this flag. Change all callers to use the new macro for better readability. (do_parse_uri): Add pseudo scheme "opaque". (uri_query_value): New. -- This scheme can be used to convey arbitrary strings in a parsed_uri_t object. Signed-off-by: Werner Koch --- dirmngr/http.c | 37 ++++++++++++++++++++++++++----------- dirmngr/http.h | 4 +++- dirmngr/ks-action.c | 4 ++-- dirmngr/ks-engine-hkp.c | 3 ++- dirmngr/ks-engine-ldap.c | 2 +- dirmngr/server.c | 2 +- dirmngr/t-http.c | 2 +- 7 files changed, 36 insertions(+), 18 deletions(-) diff --git a/dirmngr/http.c b/dirmngr/http.c index 5e3f17c0b..f3f820f7c 100644 --- a/dirmngr/http.c +++ b/dirmngr/http.c @@ -1,8 +1,8 @@ /* http.c - HTTP protocol handler - * Copyright (C) 1999, 2001, 2002, 2003, 2004, 2006, 2009, 2010, + * Copyright (C) 1999, 2001-2004, 2006, 2009, 2010, * 2011 Free Software Foundation, Inc. - * Copyright (C) 2014 Werner Koch - * Copyright (C) 2015-2017 g10 Code GmbH + * Copyright (C) 1999, 2001-2004, 2006, 2009, 2010, 2011, 2014 Werner Koch + * Copyright (C) 2015-2017, 2021 g10 Code GmbH * * This file is part of GnuPG. * @@ -1298,15 +1298,14 @@ parse_uri (parsed_uri_t *ret_uri, const char *uri, /* * Parse an URI and put the result into the newly allocated RET_URI. * On success the caller must use http_release_parsed_uri() to - * releases the resources. If NO_SCHEME_CHECK is set, the function - * tries to parse the URL in the same way it would do for an HTTP - * style URI. - */ + * releases the resources. If the HTTP_PARSE_NO_SCHEME_CHECK flag is + * set, the function tries to parse the URL in the same way it would + * do for an HTTP style URI. */ gpg_error_t http_parse_uri (parsed_uri_t *ret_uri, const char *uri, - int no_scheme_check) + unsigned int flags) { - return parse_uri (ret_uri, uri, no_scheme_check, 0); + return parse_uri (ret_uri, uri, !!(flags & HTTP_PARSE_NO_SCHEME_CHECK), 0); } @@ -1356,8 +1355,9 @@ do_parse_uri (parsed_uri_t uri, int only_local_part, uri->off_host = 0; uri->off_path = 0; - /* A quick validity check. */ - if (strspn (p, VALID_URI_CHARS) != n) + /* A quick validity check unless we have the opaque scheme. */ + if (strspn (p, VALID_URI_CHARS) != n + && strncmp (p, "opaque:", 7)) return GPG_ERR_BAD_URI; /* Invalid characters found. */ if (!only_local_part) @@ -1389,6 +1389,12 @@ do_parse_uri (parsed_uri_t uri, int only_local_part, uri->use_tls = 1; } #endif /*USE_TLS*/ + else if (!strcmp (uri->scheme, "opaque")) + { + uri->opaque = 1; + uri->path = p2; + return 0; + } else if (!no_scheme_check) return GPG_ERR_INV_URI; /* Unsupported scheme */ @@ -3540,6 +3546,15 @@ uri_query_lookup (parsed_uri_t uri, const char *key) return NULL; } +const char * +uri_query_value (parsed_uri_t url, const char *key) +{ + struct uri_tuple_s *t; + t = uri_query_lookup (url, key); + return t? t->value : NULL; +} + + /* Return true if both URI point to the same host for the purpose of * redirection check. A is the original host and B the host given in diff --git a/dirmngr/http.h b/dirmngr/http.h index 8b9c5b5eb..2b11c583c 100644 --- a/dirmngr/http.h +++ b/dirmngr/http.h @@ -70,6 +70,7 @@ struct parsed_uri_s typedef struct parsed_uri_s *parsed_uri_t; struct uri_tuple_s *uri_query_lookup (parsed_uri_t uri, const char *key); +const char *uri_query_value (parsed_uri_t url, const char *key); typedef enum { @@ -150,8 +151,9 @@ void http_session_set_log_cb (http_session_t sess, void http_session_set_timeout (http_session_t sess, unsigned int timeout); +#define HTTP_PARSE_NO_SCHEME_CHECK 1 gpg_error_t http_parse_uri (parsed_uri_t *ret_uri, const char *uri, - int no_scheme_check); + unsigned int flags); void http_release_parsed_uri (parsed_uri_t uri); diff --git a/dirmngr/ks-action.c b/dirmngr/ks-action.c index f90b36cfe..f6673ec58 100644 --- a/dirmngr/ks-action.c +++ b/dirmngr/ks-action.c @@ -81,7 +81,7 @@ ks_action_help (ctrl_t ctrl, const char *url) else #endif { - err = http_parse_uri (&parsed_uri, url, 1); + err = http_parse_uri (&parsed_uri, url, HTTP_PARSE_NO_SCHEME_CHECK); } if (err) @@ -313,7 +313,7 @@ ks_action_fetch (ctrl_t ctrl, const char *url, estream_t outfp) if (!url) return gpg_error (GPG_ERR_INV_URI); - err = http_parse_uri (&parsed_uri, url, 1); + err = http_parse_uri (&parsed_uri, url, HTTP_PARSE_NO_SCHEME_CHECK); if (err) return err; diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c index 14859c7e7..3e64c939a 100644 --- a/dirmngr/ks-engine-hkp.c +++ b/dirmngr/ks-engine-hkp.c @@ -726,7 +726,8 @@ mark_host_dead (const char *name) parsed_uri_t parsed_uri = NULL; int done = 0; - if (name && *name && !http_parse_uri (&parsed_uri, name, 1)) + if (name && *name + && !http_parse_uri (&parsed_uri, name, HTTP_PARSE_NO_SCHEME_CHECK)) { if (parsed_uri->v6lit) { diff --git a/dirmngr/ks-engine-ldap.c b/dirmngr/ks-engine-ldap.c index 70cfd288d..5751f6aed 100644 --- a/dirmngr/ks-engine-ldap.c +++ b/dirmngr/ks-engine-ldap.c @@ -322,7 +322,7 @@ ks_ldap_help (ctrl_t ctrl, parsed_uri_t uri) "\n" "The ldaps:// and ldapi:// schemes are also supported. If ldaps is used\n" "then the server's certificate will be checked. If it is not valid, any\n" - "operation will be aborted.\n" + "operation will be aborted. Note that ldaps means LDAP with STARTTLS\n" "\n" "Supported methods: search, get, put\n"; gpg_error_t err; diff --git a/dirmngr/server.c b/dirmngr/server.c index 9778500ff..84d32384e 100644 --- a/dirmngr/server.c +++ b/dirmngr/server.c @@ -2113,7 +2113,7 @@ make_keyserver_item (const char *uri, uri_item_t *r_item) else #endif { - err = http_parse_uri (&item->parsed_uri, uri, 1); + err = http_parse_uri (&item->parsed_uri, uri, HTTP_PARSE_NO_SCHEME_CHECK); } if (err) diff --git a/dirmngr/t-http.c b/dirmngr/t-http.c index 3cf08ada2..75874df37 100644 --- a/dirmngr/t-http.c +++ b/dirmngr/t-http.c @@ -381,7 +381,7 @@ main (int argc, char **argv) (void)no_crl; #endif /*HTTP_USE_GNUTLS*/ - rc = http_parse_uri (&uri, *argv, 1); + rc = http_parse_uri (&uri, *argv, HTTP_PARSE_NO_SCHEME_CHECK); if (rc) { log_error ("'%s': %s\n", *argv, gpg_strerror (rc));