1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

Avoid caches to get the most recent copy of the key. This is bug

#1061
This commit is contained in:
David Shaw 2009-05-26 14:15:56 +00:00
parent 0bbe6eda34
commit e8436d575e
9 changed files with 131 additions and 11 deletions

View File

@ -1,3 +1,8 @@
2009-05-26 David Shaw <dshaw@jabberwocky.com>
* http.h: Pass in a STRLIST for additional headers on http_open
and http_open_document.
2009-04-05 David Shaw <dshaw@jabberwocky.com> 2009-04-05 David Shaw <dshaw@jabberwocky.com>
* srv.h: Move from util/srv.h. * srv.h: Move from util/srv.h.

View File

@ -75,12 +75,12 @@ typedef struct http_context *HTTP_HD;
int http_open( HTTP_HD hd, HTTP_REQ_TYPE reqtype, const char *url, int http_open( HTTP_HD hd, HTTP_REQ_TYPE reqtype, const char *url,
char *auth, unsigned int flags, const char *proxy, char *auth, unsigned int flags, const char *proxy,
const char *srvtag ); const char *srvtag, STRLIST headers );
void http_start_data( HTTP_HD hd ); void http_start_data( HTTP_HD hd );
int http_wait_response( HTTP_HD hd, unsigned int *ret_status ); int http_wait_response( HTTP_HD hd, unsigned int *ret_status );
void http_close( HTTP_HD hd ); void http_close( HTTP_HD hd );
int http_open_document( HTTP_HD hd, const char *document, char *auth, int http_open_document( HTTP_HD hd, const char *document, char *auth,
unsigned int flags, const char *proxy, unsigned int flags, const char *proxy,
const char *srvtag ); const char *srvtag, STRLIST headers );
#endif /*G10_HTTP_H*/ #endif /*G10_HTTP_H*/

View File

@ -1,3 +1,13 @@
2009-05-26 David Shaw <dshaw@jabberwocky.com>
* curl-shim.c (curl_slist_append, curl_slist_free_all): New.
Simple wrappers around STRLIST to emulate the curl way of doing
string lists.
(curl_easy_setopt): Handle the curl HTTPHEADER option.
* gpgkeys_curl.c, gpgkeys_hkp.c (main): Avoid caches to get the
most recent copy of the key. This is bug #1061.
2009-05-03 David Shaw <dshaw@jabberwocky.com> 2009-05-03 David Shaw <dshaw@jabberwocky.com>
* gpgkeys_mailto.in: Set 'mail-from' as a keyserver-option, rather * gpgkeys_mailto.in: Set 'mail-from' as a keyserver-option, rather

View File

@ -146,6 +146,9 @@ curl_easy_setopt(CURL *curl,CURLoption option,...)
case CURLOPT_STDERR: case CURLOPT_STDERR:
curl->errors=va_arg(ap,FILE *); curl->errors=va_arg(ap,FILE *);
break; break;
case CURLOPT_HTTPHEADER:
curl->headers=va_arg(ap,struct curl_slist *);
break;
default: default:
/* We ignore the huge majority of curl options */ /* We ignore the huge majority of curl options */
break; break;
@ -186,7 +189,7 @@ curl_easy_perform(CURL *curl)
if(curl->flags.post) if(curl->flags.post)
{ {
rc=http_open(&curl->hd,HTTP_REQ_POST,curl->url,curl->auth,0,proxy, rc=http_open(&curl->hd,HTTP_REQ_POST,curl->url,curl->auth,0,proxy,
curl->srvtag); curl->srvtag,curl->headers?curl->headers->list:NULL);
if(rc==0) if(rc==0)
{ {
char content_len[50]; char content_len[50];
@ -208,7 +211,7 @@ curl_easy_perform(CURL *curl)
else else
{ {
rc=http_open(&curl->hd,HTTP_REQ_GET,curl->url,curl->auth,0,proxy, rc=http_open(&curl->hd,HTTP_REQ_GET,curl->url,curl->auth,0,proxy,
curl->srvtag); curl->srvtag,curl->headers?curl->headers->list:NULL);
if(rc==0) if(rc==0)
{ {
rc=http_wait_response(&curl->hd,&curl->status); rc=http_wait_response(&curl->hd,&curl->status);
@ -335,3 +338,28 @@ curl_version_info(int type)
return &data; return &data;
} }
struct curl_slist *
curl_slist_append(struct curl_slist *list,const char *string)
{
if(!list)
{
list=calloc(1,sizeof(*list));
if(!list)
return NULL;
}
add_to_strlist(&list->list,string);
return list;
}
void
curl_slist_free_all(struct curl_slist *list)
{
if(list)
{
free_strlist(list->list);
free(list);
}
}

View File

@ -49,6 +49,7 @@ typedef enum
CURLOPT_POST, CURLOPT_POST,
CURLOPT_POSTFIELDS, CURLOPT_POSTFIELDS,
CURLOPT_FAILONERROR, CURLOPT_FAILONERROR,
CURLOPT_HTTPHEADER,
CURLOPT_SRVTAG_GPG_HACK CURLOPT_SRVTAG_GPG_HACK
} CURLoption; } CURLoption;
@ -67,6 +68,7 @@ typedef struct
char *srvtag; char *srvtag;
unsigned int status; unsigned int status;
FILE *errors; FILE *errors;
struct curl_slist *headers;
struct struct
{ {
unsigned int post:1; unsigned int post:1;
@ -96,4 +98,13 @@ char *curl_easy_escape(CURL *curl,char *str,int len);
#define curl_version() "GnuPG curl-shim" #define curl_version() "GnuPG curl-shim"
curl_version_info_data *curl_version_info(int type); curl_version_info_data *curl_version_info(int type);
struct curl_slist
{
STRLIST list;
};
struct curl_slist *curl_slist_append(struct curl_slist *list,
const char *string);
void curl_slist_free_all(struct curl_slist *list);
#endif /* !_CURL_SHIM_H_ */ #endif /* !_CURL_SHIM_H_ */

View File

@ -118,6 +118,7 @@ main(int argc,char *argv[])
long follow_redirects=5; long follow_redirects=5;
char *proxy=NULL; char *proxy=NULL;
curl_version_info_data *curldata; curl_version_info_data *curldata;
struct curl_slist *headers=NULL;
console=stderr; console=stderr;
@ -306,6 +307,26 @@ main(int argc,char *argv[])
curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(long)opt->flags.check_cert); curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(long)opt->flags.check_cert);
curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file); curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file);
/* Avoid caches to get the most recent copy of the key. This is bug
#1061. In pre-curl versions of the code, we didn't do it. Then
we did do it (as a curl default) until curl changed the default.
Now we're doing it again, but in such a way that changing
defaults in the future won't impact us. We set both the Pragma
and Cache-Control versions of the header, so we're good with both
HTTP 1.0 and 1.1. */
headers=curl_slist_append(headers,"Pragma: no-cache");
if(headers)
headers=curl_slist_append(headers,"Cache-Control: no-cache");
if(!headers)
{
fprintf(console,"gpgkeys: out of memory when building HTTP headers\n");
ret=KEYSERVER_NO_MEMORY;
goto fail;
}
curl_easy_setopt(curl,CURLOPT_HTTPHEADER,headers);
if(proxy) if(proxy)
curl_easy_setopt(curl,CURLOPT_PROXY,proxy); curl_easy_setopt(curl,CURLOPT_PROXY,proxy);
@ -386,6 +407,8 @@ main(int argc,char *argv[])
free_ks_options(opt); free_ks_options(opt);
curl_slist_free_all(headers);
if(curl) if(curl)
curl_easy_cleanup(curl); curl_easy_cleanup(curl);

View File

@ -550,6 +550,7 @@ main(int argc,char *argv[])
int failed=0; int failed=0;
struct keylist *keylist=NULL,*keyptr=NULL; struct keylist *keylist=NULL,*keyptr=NULL;
char *proxy=NULL; char *proxy=NULL;
struct curl_slist *headers=NULL;
console=stderr; console=stderr;
@ -746,6 +747,26 @@ main(int argc,char *argv[])
curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(long)opt->flags.check_cert); curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(long)opt->flags.check_cert);
curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file); curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file);
/* Avoid caches to get the most recent copy of the key. This is bug
#1061. In pre-curl versions of the code, we didn't do it. Then
we did do it (as a curl default) until curl changed the default.
Now we're doing it again, but in such a way that changing
defaults in the future won't impact us. We set both the Pragma
and Cache-Control versions of the header, so we're good with both
HTTP 1.0 and 1.1. */
headers=curl_slist_append(headers,"Pragma: no-cache");
if(headers)
headers=curl_slist_append(headers,"Cache-Control: no-cache");
if(!headers)
{
fprintf(console,"gpgkeys: out of memory when building HTTP headers\n");
ret=KEYSERVER_NO_MEMORY;
goto fail;
}
curl_easy_setopt(curl,CURLOPT_HTTPHEADER,headers);
if(proxy) if(proxy)
curl_easy_setopt(curl,CURLOPT_PROXY,proxy); curl_easy_setopt(curl,CURLOPT_PROXY,proxy);
@ -923,6 +944,8 @@ main(int argc,char *argv[])
free_ks_options(opt); free_ks_options(opt);
curl_slist_free_all(headers);
if(curl) if(curl)
curl_easy_cleanup(curl); curl_easy_cleanup(curl);

View File

@ -1,3 +1,8 @@
2009-05-26 David Shaw <dshaw@jabberwocky.com>
* http.c (send_request): Pass in a STRLIST for additional headers.
Change all callers.
2009-05-22 Werner Koch <wk@g10code.com> 2009-05-22 Werner Koch <wk@g10code.com>
* ttyio.c (tty_cleanup_after_signal): New. * ttyio.c (tty_cleanup_after_signal): New.

View File

@ -69,7 +69,7 @@ static int insert_escapes( byte *buffer, const byte *string,
const byte *special ); const byte *special );
static URI_TUPLE parse_tuple( byte *string ); static URI_TUPLE parse_tuple( byte *string );
static int send_request( HTTP_HD hd, const char *auth, const char *proxy, static int send_request( HTTP_HD hd, const char *auth, const char *proxy,
const char *srvtag); const char *srvtag, STRLIST headers);
static byte *build_rel_path( PARSED_URI uri ); static byte *build_rel_path( PARSED_URI uri );
static int parse_response( HTTP_HD hd ); static int parse_response( HTTP_HD hd );
@ -150,7 +150,7 @@ make_radix64_string( const byte *data, size_t len )
int int
http_open( HTTP_HD hd, HTTP_REQ_TYPE reqtype, const char *url, http_open( HTTP_HD hd, HTTP_REQ_TYPE reqtype, const char *url,
char *auth, unsigned int flags, const char *proxy, char *auth, unsigned int flags, const char *proxy,
const char *srvtag ) const char *srvtag, STRLIST headers )
{ {
int rc; int rc;
@ -166,7 +166,7 @@ http_open( HTTP_HD hd, HTTP_REQ_TYPE reqtype, const char *url,
rc = parse_uri( &hd->uri, url ); rc = parse_uri( &hd->uri, url );
if( !rc ) { if( !rc ) {
rc = send_request( hd, auth, proxy, srvtag ); rc = send_request( hd, auth, proxy, srvtag, headers );
if( !rc ) { if( !rc ) {
hd->fp_write = iobuf_sockopen( hd->sock , "w" ); hd->fp_write = iobuf_sockopen( hd->sock , "w" );
if( hd->fp_write ) if( hd->fp_write )
@ -234,11 +234,13 @@ http_wait_response( HTTP_HD hd, unsigned int *ret_status )
int int
http_open_document( HTTP_HD hd, const char *document, char *auth, http_open_document( HTTP_HD hd, const char *document, char *auth,
unsigned int flags, const char *proxy, const char *srvtag ) unsigned int flags, const char *proxy, const char *srvtag,
STRLIST headers )
{ {
int rc; int rc;
rc = http_open(hd, HTTP_REQ_GET, document, auth, flags, proxy, srvtag ); rc = http_open(hd, HTTP_REQ_GET, document, auth, flags, proxy, srvtag,
headers );
if( rc ) if( rc )
return rc; return rc;
@ -521,7 +523,7 @@ parse_tuple( byte *string )
*/ */
static int static int
send_request( HTTP_HD hd, const char *auth, const char *proxy, send_request( HTTP_HD hd, const char *auth, const char *proxy,
const char *srvtag ) const char *srvtag, STRLIST headers )
{ {
const byte *server; const byte *server;
byte *request, *p; byte *request, *p;
@ -613,6 +615,19 @@ send_request( HTTP_HD hd, const char *auth, const char *proxy,
xfree(p); xfree(p);
rc = write_server( hd->sock, request, strlen(request) ); rc = write_server( hd->sock, request, strlen(request) );
if(rc==0)
for(;headers;headers=headers->next)
{
rc = write_server( hd->sock, headers->d, strlen(headers->d) );
if(rc)
break;
rc = write_server( hd->sock, "\r\n", 2 );
if(rc)
break;
}
xfree( request ); xfree( request );
xfree(proxy_authstr); xfree(proxy_authstr);
xfree(authstr); xfree(authstr);
@ -1078,7 +1093,7 @@ main(int argc, char **argv)
} }
release_parsed_uri( uri ); uri = NULL; release_parsed_uri( uri ); uri = NULL;
rc = http_open_document( &hd, *argv, NULL, 0, NULL ); rc = http_open_document( &hd, *argv, NULL, 0, NULL, NULL, NULL );
if( rc ) { if( rc ) {
log_error("can't get `%s': %s\n", *argv, g10_errstr(rc)); log_error("can't get `%s': %s\n", *argv, g10_errstr(rc));
return 1; return 1;