mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-23 15:07:03 +01:00
dirmngr: Honor http keyserver URLs.
* dirmngr/http.c (parse_uri): Keep an unmodified copy of the URI. * dirmngr/http.h (struct parsed_uri_s): New field 'original'. * dirmngr/ks-action.c (ks_action_get): Properly handle http and https URLs. -- If a key has a http or https URL as preferred keyserver, fetch the key from there. Previously, dirmngr unconditionally interpreted these URLs as hkp servers. GnuPG-bug-id: 2924 Signed-off-by: Justus Winter <justus@g10code.com>
This commit is contained in:
parent
ebb35ed711
commit
b231959728
@ -1219,10 +1219,12 @@ parse_uri (parsed_uri_t *ret_uri, const char *uri,
|
|||||||
{
|
{
|
||||||
gpg_err_code_t ec;
|
gpg_err_code_t ec;
|
||||||
|
|
||||||
*ret_uri = xtrycalloc (1, sizeof **ret_uri + strlen (uri));
|
*ret_uri = xtrycalloc (1, sizeof **ret_uri + 2 * strlen (uri) + 1);
|
||||||
if (!*ret_uri)
|
if (!*ret_uri)
|
||||||
return gpg_err_make (default_errsource, gpg_err_code_from_syserror ());
|
return gpg_err_make (default_errsource, gpg_err_code_from_syserror ());
|
||||||
strcpy ((*ret_uri)->buffer, uri);
|
strcpy ((*ret_uri)->buffer, uri);
|
||||||
|
strcpy ((*ret_uri)->buffer + strlen (uri) + 1, uri);
|
||||||
|
(*ret_uri)->original = (*ret_uri)->buffer + strlen (uri) + 1;
|
||||||
ec = do_parse_uri (*ret_uri, 0, no_scheme_check, force_tls);
|
ec = do_parse_uri (*ret_uri, 0, no_scheme_check, force_tls);
|
||||||
if (ec)
|
if (ec)
|
||||||
{
|
{
|
||||||
|
@ -47,6 +47,7 @@ typedef struct uri_tuple_s *uri_tuple_t;
|
|||||||
struct parsed_uri_s
|
struct parsed_uri_s
|
||||||
{
|
{
|
||||||
/* All these pointers point into BUFFER; most stuff is not escaped. */
|
/* All these pointers point into BUFFER; most stuff is not escaped. */
|
||||||
|
char *original; /* Unmodified copy of the parsed URI. */
|
||||||
char *scheme; /* Pointer to the scheme string (always lowercase). */
|
char *scheme; /* Pointer to the scheme string (always lowercase). */
|
||||||
unsigned int is_http:1; /* This is a HTTP style URI. */
|
unsigned int is_http:1; /* This is a HTTP style URI. */
|
||||||
unsigned int use_tls:1; /* Whether TLS should be used. */
|
unsigned int use_tls:1; /* Whether TLS should be used. */
|
||||||
|
@ -232,7 +232,10 @@ ks_action_get (ctrl_t ctrl, uri_item_t keyservers,
|
|||||||
Need to think about a better strategy. */
|
Need to think about a better strategy. */
|
||||||
for (uri = keyservers; !err && uri; uri = uri->next)
|
for (uri = keyservers; !err && uri; uri = uri->next)
|
||||||
{
|
{
|
||||||
int is_http = uri->parsed_uri->is_http;
|
int is_hkp_s = (strcmp (uri->parsed_uri->scheme, "hkp") == 0
|
||||||
|
|| strcmp (uri->parsed_uri->scheme, "hkps") == 0);
|
||||||
|
int is_http_s = (strcmp (uri->parsed_uri->scheme, "http") == 0
|
||||||
|
|| strcmp (uri->parsed_uri->scheme, "https") == 0);
|
||||||
int is_ldap = 0;
|
int is_ldap = 0;
|
||||||
|
|
||||||
#if USE_LDAP
|
#if USE_LDAP
|
||||||
@ -241,7 +244,7 @@ ks_action_get (ctrl_t ctrl, uri_item_t keyservers,
|
|||||||
|| strcmp (uri->parsed_uri->scheme, "ldapi") == 0);
|
|| strcmp (uri->parsed_uri->scheme, "ldapi") == 0);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (is_http || is_ldap)
|
if (is_hkp_s || is_http_s || is_ldap)
|
||||||
{
|
{
|
||||||
any_server = 1;
|
any_server = 1;
|
||||||
for (sl = patterns; !err && sl; sl = sl->next)
|
for (sl = patterns; !err && sl; sl = sl->next)
|
||||||
@ -251,9 +254,12 @@ ks_action_get (ctrl_t ctrl, uri_item_t keyservers,
|
|||||||
err = ks_ldap_get (ctrl, uri->parsed_uri, sl->d, &infp);
|
err = ks_ldap_get (ctrl, uri->parsed_uri, sl->d, &infp);
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
{
|
if (is_hkp_s)
|
||||||
err = ks_hkp_get (ctrl, uri->parsed_uri, sl->d, &infp);
|
err = ks_hkp_get (ctrl, uri->parsed_uri, sl->d, &infp);
|
||||||
}
|
else if (is_http_s)
|
||||||
|
err = ks_http_fetch (ctrl, uri->parsed_uri->original, &infp);
|
||||||
|
else
|
||||||
|
BUG ();
|
||||||
|
|
||||||
if (err)
|
if (err)
|
||||||
{
|
{
|
||||||
|
Loading…
x
Reference in New Issue
Block a user