diff --git a/common/ChangeLog b/common/ChangeLog index a03105a15..2f5a65a03 100644 --- a/common/ChangeLog +++ b/common/ChangeLog @@ -1,3 +1,10 @@ +2009-05-28 David Shaw + + From 1.4: + + * http.h, http.c (send_request) Pass in a STRLIST for additional + headers. Change all callers. + 2009-05-27 David Shaw From 1.4: diff --git a/common/http.c b/common/http.c index 4999ce7d1..c12bd2b3e 100644 --- a/common/http.c +++ b/common/http.c @@ -128,8 +128,8 @@ static int remove_escapes (char *string); static int insert_escapes (char *buffer, const char *string, const char *special); static uri_tuple_t parse_tuple (char *string); -static gpg_error_t send_request (http_t hd, const char *auth, - const char *proxy, const char *srvtag); +static gpg_error_t send_request (http_t hd, const char *auth,const char *proxy, + const char *srvtag,strlist_t headers); static char *build_rel_path (parsed_uri_t uri); static gpg_error_t parse_response (http_t hd); @@ -317,7 +317,7 @@ http_register_tls_callback ( gpg_error_t (*cb) (http_t, void *, int) ) gpg_error_t http_open (http_t *r_hd, http_req_t reqtype, const char *url, const char *auth, unsigned int flags, const char *proxy, - void *tls_context, const char *srvtag) + void *tls_context, const char *srvtag,strlist_t headers) { gpg_error_t err; http_t hd; @@ -338,7 +338,7 @@ http_open (http_t *r_hd, http_req_t reqtype, const char *url, err = http_parse_uri (&hd->uri, url); if (!err) - err = send_request (hd, auth, proxy, srvtag); + err = send_request (hd, auth, proxy, srvtag, headers); if (err) { @@ -457,12 +457,12 @@ http_wait_response (http_t hd) gpg_error_t http_open_document (http_t *r_hd, const char *document, const char *auth, unsigned int flags, const char *proxy, - void *tls_context, const char *srvtag) + void *tls_context, const char *srvtag,strlist_t headers) { gpg_error_t err; err = http_open (r_hd, HTTP_REQ_GET, document, auth, flags, - proxy, tls_context, srvtag); + proxy, tls_context, srvtag, headers); if (err) return err; @@ -835,7 +835,8 @@ parse_tuple (char *string) * Returns 0 if the request was successful */ static gpg_error_t -send_request (http_t hd, const char *auth, const char *proxy,const char *srvtag) +send_request (http_t hd, const char *auth, + const char *proxy,const char *srvtag,strlist_t headers) { gnutls_session_t tls_session; gpg_error_t err; @@ -1051,6 +1052,17 @@ send_request (http_t hd, const char *auth, const char *proxy,const char *srvtag) err = gpg_error_from_syserror (); else err = 0; + + if(err==0) + for(;headers;headers=headers->next) + { + if ((es_fputs (headers->d, hd->fp_write) || es_fflush (hd->fp_write)) + || (es_fputs("\r\n",hd->fp_write) || es_fflush(hd->fp_write))) + { + err = gpg_error_from_syserror (); + break; + } + } } leave: @@ -1060,12 +1072,25 @@ send_request (http_t hd, const char *auth, const char *proxy,const char *srvtag) function and only then assign a stdio stream. This allows for better error reporting that through standard stdio means. */ err = write_server (hd->sock, request, strlen (request)); + + if(err==0) + for(;headers;headers=headers->next) + { + err = write_server( hd->sock, headers->d, strlen(headers->d) ); + if(err) + break; + err = write_server( hd->sock, "\r\n", 2 ); + if(err) + break; + } + if (!err) { hd->fp_write = fdopen (hd->sock, "w"); if (!hd->fp_write) err = gpg_error_from_syserror (); } + #endif /*!HTTP_USE_ESTREAM*/ xfree (request); diff --git a/common/http.h b/common/http.h index 3b049a7f2..28a5304eb 100644 --- a/common/http.h +++ b/common/http.h @@ -82,7 +82,8 @@ gpg_error_t http_open (http_t *r_hd, http_req_t reqtype, unsigned int flags, const char *proxy, void *tls_context, - const char *srvtag); + const char *srvtag, + strlist_t headers); void http_start_data (http_t hd); @@ -96,7 +97,8 @@ gpg_error_t http_open_document (http_t *r_hd, unsigned int flags, const char *proxy, void *tls_context, - const char *srvtag); + const char *srvtag, + strlist_t headers); #ifdef HTTP_USE_ESTREAM estream_t http_get_read_ptr (http_t hd); diff --git a/keyserver/ChangeLog b/keyserver/ChangeLog index 26abf0fba..2b69ccd56 100644 --- a/keyserver/ChangeLog +++ b/keyserver/ChangeLog @@ -1,3 +1,15 @@ +2009-05-28 David Shaw + + From 1.4: + + * curl-shim.c (curl_slist_append, curl_slist_free_all): New. + Simple wrappers around strlist_t to emulate the curl way of doing + string lists. + (curl_easy_setopt): Handle the curl HTTPHEADER option. + + * gpgkeys_curl.c, gpgkeys_hkp.c (main): Avoid caches to get the + most recent copy of the key. This is bug #1061. + 2009-05-27 David Shaw From 1.4: diff --git a/keyserver/curl-shim.c b/keyserver/curl-shim.c index 98b5b24c7..500d9f562 100644 --- a/keyserver/curl-shim.c +++ b/keyserver/curl-shim.c @@ -1,7 +1,7 @@ /* curl-shim.c - Implement a small subset of the curl API in terms of * the iobuf HTTP API * - * Copyright (C) 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + * Copyright (C) 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -26,8 +26,8 @@ #include #include -#include "http.h" #include "util.h" +#include "http.h" #include "ksutil.h" #include "curl-shim.h" @@ -156,6 +156,9 @@ curl_easy_setopt(CURL *curl,CURLoption option,...) case CURLOPT_STDERR: curl->errors=va_arg(ap,FILE *); break; + case CURLOPT_HTTPHEADER: + curl->headers=va_arg(ap,struct curl_slist *); + break; default: /* We ignore the huge majority of curl options */ break; @@ -196,7 +199,8 @@ curl_easy_perform(CURL *curl) if(curl->flags.post) { rc = http_open (&curl->hd, HTTP_REQ_POST, curl->url, curl->auth, - 0, proxy, NULL, curl->srvtag); + 0, proxy, NULL, curl->srvtag, + curl->headers?curl->headers->list:NULL); if (!rc) { unsigned int post_len = strlen(curl->postfields); @@ -219,7 +223,8 @@ curl_easy_perform(CURL *curl) else { rc = http_open (&curl->hd, HTTP_REQ_GET, curl->url, curl->auth, - 0, proxy, NULL, curl->srvtag); + 0, proxy, NULL, curl->srvtag, + curl->headers?curl->headers->list:NULL); if (!rc) { rc = http_wait_response (curl->hd); @@ -350,3 +355,28 @@ curl_version_info(int type) return &data; } + +struct curl_slist * +curl_slist_append(struct curl_slist *list,const char *string) +{ + if(!list) + { + list=calloc(1,sizeof(*list)); + if(!list) + return NULL; + } + + add_to_strlist(&list->list,string); + + return list; +} + +void +curl_slist_free_all(struct curl_slist *list) +{ + if(list) + { + free_strlist(list->list); + free(list); + } +} diff --git a/keyserver/curl-shim.h b/keyserver/curl-shim.h index 793d484b9..e37d81675 100644 --- a/keyserver/curl-shim.h +++ b/keyserver/curl-shim.h @@ -1,5 +1,5 @@ /* curl-shim.h - * Copyright (C) 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + * Copyright (C) 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc. * * This file is part of GNUPG. * @@ -20,6 +20,7 @@ #ifndef _CURL_SHIM_H_ #define _CURL_SHIM_H_ +#include "util.h" #include "http.h" typedef enum @@ -49,6 +50,7 @@ typedef enum CURLOPT_POST, CURLOPT_POSTFIELDS, CURLOPT_FAILONERROR, + CURLOPT_HTTPHEADER, CURLOPT_SRVTAG_GPG_HACK } CURLoption; @@ -67,6 +69,7 @@ typedef struct char *srvtag; unsigned int status; FILE *errors; + struct curl_slist *headers; struct { unsigned int post:1; @@ -96,4 +99,13 @@ char *curl_escape(char *str,int len); #define curl_version() "GnuPG curl-shim" curl_version_info_data *curl_version_info(int type); +struct curl_slist +{ + strlist_t list; +}; + +struct curl_slist *curl_slist_append(struct curl_slist *list, + const char *string); +void curl_slist_free_all(struct curl_slist *list); + #endif /* !_CURL_SHIM_H_ */ diff --git a/keyserver/gpgkeys_curl.c b/keyserver/gpgkeys_curl.c index 6183556e7..28ec69822 100644 --- a/keyserver/gpgkeys_curl.c +++ b/keyserver/gpgkeys_curl.c @@ -117,6 +117,7 @@ main(int argc,char *argv[]) long follow_redirects=5; char *proxy=NULL; curl_version_info_data *curldata; + struct curl_slist *headers=NULL; console=stderr; @@ -305,6 +306,26 @@ main(int argc,char *argv[]) curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(long)opt->flags.check_cert); curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file); + /* Avoid caches to get the most recent copy of the key. This is bug + #1061. In pre-curl versions of the code, we didn't do it. Then + we did do it (as a curl default) until curl changed the default. + Now we're doing it again, but in such a way that changing + defaults in the future won't impact us. We set both the Pragma + and Cache-Control versions of the header, so we're good with both + HTTP 1.0 and 1.1. */ + headers=curl_slist_append(headers,"Pragma: no-cache"); + if(headers) + headers=curl_slist_append(headers,"Cache-Control: no-cache"); + + if(!headers) + { + fprintf(console,"gpgkeys: out of memory when building HTTP headers\n"); + ret=KEYSERVER_NO_MEMORY; + goto fail; + } + + curl_easy_setopt(curl,CURLOPT_HTTPHEADER,headers); + if(proxy) curl_easy_setopt(curl,CURLOPT_PROXY,proxy); @@ -385,6 +406,8 @@ main(int argc,char *argv[]) free_ks_options(opt); + curl_slist_free_all(headers); + if(curl) curl_easy_cleanup(curl); diff --git a/keyserver/gpgkeys_hkp.c b/keyserver/gpgkeys_hkp.c index 0764fe2ac..2e7f8078a 100644 --- a/keyserver/gpgkeys_hkp.c +++ b/keyserver/gpgkeys_hkp.c @@ -547,6 +547,7 @@ main(int argc,char *argv[]) int failed=0; struct keylist *keylist=NULL,*keyptr=NULL; char *proxy=NULL; + struct curl_slist *headers=NULL; console=stderr; @@ -742,6 +743,26 @@ main(int argc,char *argv[]) curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(long)opt->flags.check_cert); curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file); + /* Avoid caches to get the most recent copy of the key. This is bug + #1061. In pre-curl versions of the code, we didn't do it. Then + we did do it (as a curl default) until curl changed the default. + Now we're doing it again, but in such a way that changing + defaults in the future won't impact us. We set both the Pragma + and Cache-Control versions of the header, so we're good with both + HTTP 1.0 and 1.1. */ + headers=curl_slist_append(headers,"Pragma: no-cache"); + if(headers) + headers=curl_slist_append(headers,"Cache-Control: no-cache"); + + if(!headers) + { + fprintf(console,"gpgkeys: out of memory when building HTTP headers\n"); + ret=KEYSERVER_NO_MEMORY; + goto fail; + } + + curl_easy_setopt(curl,CURLOPT_HTTPHEADER,headers); + if(proxy) curl_easy_setopt(curl,CURLOPT_PROXY,proxy); @@ -919,6 +940,8 @@ main(int argc,char *argv[]) free_ks_options(opt); + curl_slist_free_all(headers); + if(curl) curl_easy_cleanup(curl);