1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-05 20:48:52 +01:00
Commit Graph

88 Commits

Author SHA1 Message Date
Werner Koch
e957b9b3f4 keyserver: Allow use of cURL's default CA store.
* keyserver/gpgkeys_curl.c (main): Set CURLOPT_CAINFO only if a file
has been given.
* keyserver/gpgkeys_hkp.c (main): Ditto.
--

GnuPG-bug-id: 1542
Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-04 08:28:12 +02:00
David Shaw
6d0e41815a Differentiate between success (full or partial), not-found, and failure.
* keyserver/gpgkeys_hkp.c (get_key): Use curl_easy_setinfo to get the
  HTTP status code so we can tell the difference between a successful
  retrieval, a partial retrieval, a not-found, or a server failed.
2013-03-02 20:57:29 -05:00
David Shaw
8c32d4de57 Make sure srvcount is initialized.
* keyserver/gpgkeys_hkp.c (srv_replace): Initialize srvcount.
2012-12-20 18:12:29 -05:00
Werner Koch
20c95ef258 Fixed indentation and indented cpp directives
--
2012-12-19 15:30:17 +01:00
David Shaw
732f3d1d47 No point in defaulting try-dns-srv to on if we don't have SRV support.
* keyserver/gpgkeys_hkp.c (main): Only default try-dns-srv to on if we
  have SRV support in the first place.
2012-12-18 00:08:51 -05:00
David Shaw
6b1f71055e Issue 1447: Pass proper Host header and SNI when SRV is used with curl.
* configure.ac: Check for inet_ntop.

* m4/libcurl.m4: Provide a #define for the version of the curl
  library.

* keyserver/gpgkeys_hkp.c (main, srv_replace): Call getaddrinfo() on
  each target.  Once we find one that resolves to an address (whether
  IPv4 or IPv6), pass it into libcurl via CURLOPT_RESOLVE using the
  SRV name as the "host".  Force the HTTP Host header to be the same.
2012-12-17 23:52:15 -05:00
David Shaw
ba9e974f1f Fix issue 1446: honor ports given in SRV responses.
* common/http.c (send_request, connect_server, http_open): Use a
  struct srv instead of a single srvtag so we can pass the chosen host
  and port back to the caller.
  (connect_server): Use the proper port in the HAVE_GETADDRINFO case.

* keyserver/curl-shim.c (curl_easy_perform): Use struct srv and log
  chosen host and port.

* keyserver/gpgkeys_hkp.c (main): Properly take the port given by SRV.
2012-12-15 10:11:11 -05:00
David Shaw
3005b0a6f4 Use the longest key ID available when talking to a HKP server.
This is issue 1340.  Now that PKSD is dead, and SKS supports long key
IDs, this is safe to do.  Patch from Daniel Kahn Gillmor
<dkg@fifthhorseman.net>.
2011-12-28 16:46:28 -05:00
Werner Koch
490f747182 Make use of strconcat to make the code more robust against future changes. 2009-08-26 10:58:13 +00:00
David Shaw
2e835fd6ab * gpgkeys_hkp.c (main, srv_replace): Minor tweaks to use the DNS-SD
names ("pgpkey-http" and "pgpkey-https") in SRV lookups instead of
"hkp" and "hkps".
2009-07-08 04:01:13 +00:00
David Shaw
bcf540f2d0 Avoid caches to get the most recent copy of the key. This is bug #1061 2009-05-28 16:20:49 +00:00
David Shaw
a7205a080c * http.h, http.c (send_request): Pass in srvtag and make its presence
sufficient to turn the feature on.  (http_open): From here.
(http_document): And here.

* gpgkeys_hkp.c (srv_replace): New function to transform a SRV
hostname to a real hostname.  (main): Call it from here for the
HAVE_LIBCURL case (without libcurl is handled via the curl-shim).

* curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform): Add
a CURLOPT_SRVTAG_GPG_HACK (passed through the the http engine).
2009-05-28 04:25:25 +00:00
David Shaw
a0627f5a22 * gpgkeys_hkp.c (send_key, get_key, get_name, search_key, main): Add
support for SSLized HKP.
2009-05-11 03:52:34 +00:00
David Shaw
07390d3f80 From 1.4:
* curl-shim.h (curl_version): No need to provide a version for
curl-shim as it always matches the GnuPG version.

* gpgkeys_curl.c, gpgkeys_hkp.c (main): Show which version of curl
we're using as part of --version.

* gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_ldap.c
(show_help): Document --version.
2009-05-11 03:21:41 +00:00
David Shaw
c15eb48603 * gpgkeys_curl.c (main), gpgkeys_hkp.c (main): Make sure all libcurl
number options are passed as long.

* curl-shim.c (curl_easy_setopt): Minor tweak to match the real curl
better - libcurl uses 'long', not 'unsigned int'.
2008-04-14 19:41:40 +00:00
Werner Koch
93d3811abc Changed to GPLv3.
Removed intl/.
2007-07-04 19:49:40 +00:00
Werner Koch
0cfbfd6186 A whole bunch of changes to allow building for Windows.
See the ChangeLogs for details.
2007-06-14 17:05:07 +00:00
David Shaw
b111b0ed69 * gpgkeys_hkp.c (search_key): HKP keyservers like the 0x to be present
when searching by keyID.
2006-12-03 06:04:58 +00:00
David Shaw
8add46fcee * gpgkeys_hkp.c (curl_mrindex_writer): Revert previous change.
Key-not-found still has a HTML response.
2006-11-06 04:03:44 +00:00
David Shaw
11935a4c18 * gpgkeys_hkp.c (curl_mrindex_writer): Print a warning if we see HTML
coming back from a MR hkp query.
2006-10-20 04:00:19 +00:00
Werner Koch
b0a06d18a4 Clarified cURL and OpenLDAP license issues.
Made readline support work.
2006-09-22 11:39:45 +00:00
David Shaw
b8b482b596 * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key,
send_key_keyserver): Improved version of previous fix.  Force match on
spaces in string.
2006-07-17 04:11:30 +00:00
David Shaw
2dc880aa9e * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key, send_key_keyserver):
Fix string matching problem when the ascii armored form of the key happens
to match "KEY" at the beginning of the line.
2006-07-14 16:07:01 +00:00
David Shaw
e87d36ccf6 * Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any longer as
this is done via curl or fake-curl.

* ksutil.h, ksutil.c, gpgkeys_hkp.c, gpgkeys_curl.c: Minor #include tweaks
as FAKE_CURL is no longer meaningful.
2006-04-26 21:48:29 +00:00
David Shaw
482a3a0101 * gpgkeys_hkp.c (get_name): A GETNAME query turns exact=on to cut down on
odd matches.
2006-02-22 23:19:36 +00:00
David Shaw
2c4b5d5de9 * gpgkeys_hkp.c (send_key): Do not escape the '=' in the HTTP POST when
uploading a key.
2006-01-16 17:59:46 +00:00
David Shaw
da9a10d2b0 * ksutil.h, ksutil.c (parse_ks_options): New keyserver command "getname".
* gpgkeys_hkp.c (main, get_name), gpgkeys_ldap.c (main, get_name): Use it
here to do direct name (rather than key ID) fetches.
2005-12-23 20:51:48 +00:00
David Shaw
5432755319 * ksutil.h, ksutil.c (curl_armor_writer, curl_writer,
curl_writer_finalize): New functionality to handle binary format keys by
armoring them for input to GPG.

* gpgkeys_curl.c (get_key), gpgkeys_hkp.c (get_key): Call it here.
2005-12-19 19:39:32 +00:00
David Shaw
2a662f7870 Fix various build warnings reported by Joe Vender on MinGW. 2005-11-03 04:46:20 +00:00
David Shaw
aec65a94d8 * ksutil.h, ksutil.c (parse_ks_options): Remove exact-name and
exact-email.  (classify_ks_search): Mimic the gpg search modes instead
with *, =, <, and @.

* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Call them
here.  Suggested by Jason Harris.
2005-08-26 04:24:46 +00:00
David Shaw
70bf6d9204 * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option exact-name.
The last of exact-name and exact-email overrides the earlier.

* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it here to
do a name-only search.
2005-08-18 21:14:16 +00:00
David Shaw
e9b444a9d0 * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option
exact-email.

* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it here
to do an email-only search.
2005-08-18 04:17:20 +00:00
David Shaw
1990aacce0 * gpgkeys_hkp.c (main), gpgkeys_curl.c (main), curl-shim.h: Show
version of curl (or curl-shim) when debug is set.
2005-08-04 03:59:16 +00:00
David Shaw
ccab129be5 * gpgkeys_mailto.in, gpgkeys_test.in: Use @VERSION@ so version string
stays up to date.

* gpgkeys_http.c: Don't need to define HTTP_PROXY_ENV here since it's
in ksutil.h.

* gpgkeys_curl.c (get_key, main), gpgkeys_hkp.c (main): Pass AUTH
values to curl or curl-shim.

* curl-shim.c (curl_easy_perform), gpgkeys_curl.c (main),
gpgkeys_hkp.c (main): Use curl-style proxy semantics.
2005-06-23 23:42:35 +00:00
David Shaw
4e9797031f * gpgkeys_hkp.c (append_path, send_key, get_key, search_key, main),
gpgkeys_oldhkp.c (main): Properly handle double slashes in paths.
2005-06-21 04:24:10 +00:00
David Shaw
c347404bfd * gpgkeys_hkp.c, gpgkeys_oldhkp.c: Add support for HKP servers that
aren't at the root path.  Suggested by Jack Bates.
2005-06-04 23:09:27 +00:00
Werner Koch
7d4043ca57 Updated FSF street address and preparations for a release candidate. 2005-05-31 08:39:18 +00:00
David Shaw
5e6d360596 * gpgkeys_hkp.c, gpgkeys_oldhkp.c, ksutil.h: Some minor cleanup and
comments as to the size of MAX_LINE and MAX_URL.
2005-05-02 00:46:39 +00:00
David Shaw
0884653a13 * gpgkeys_hkp.c: New hkp handler that uses curl or curl-shim.
* Makefile.am: Build new gpgkeys_hkp.

* curl-shim.c (curl_easy_perform): Cleanup.
2005-04-17 02:18:32 +00:00
David Shaw
1517f0e945 * gpgkeys_ldap.c, ksutil.h, ksutil.c (print_nocr): Moved from
gpgkeys_ldap.c.  Print a string, but strip out any CRs.

* gpgkeys_finger.c (get_key), gpgkeys_hkp.c (get_key), gpgkeys_http.c
(get_key): Use it here when outputting key material to canonicalize
line endings.
2005-03-22 23:41:08 +00:00
David Shaw
203e4835f6 * gpgkeys_finger.c (main), gpgkeys_hkp.c (main): Fix --version output.
* gpgkeys_curl.c (main): Make sure the curl handle is cleaned up on
failure.
2005-02-05 15:04:59 +00:00
David Shaw
b663f3f8d3 * gpgkeys_hkp.c (get_key), gpgkeys_http.c (get_key): Fix missing
http_close() calls.  Noted by Phil Pennock.
2005-02-01 20:57:08 +00:00
David Shaw
996c82ffd6 * ksutil.h, gpgkeys_curl.c, gpgkeys_hkp.c, gpgkeys_ldap.c,
gpgkeys_finger.c, gpgkeys_http.c: Part 2 of the cleanup.  Move all the
various defines to ksutil.h.
2005-01-13 23:37:26 +00:00
David Shaw
0a42f97e43 * gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: Part 1
of a minor cleanup to use #defines instead of hard-coded sizes.
2005-01-13 23:22:10 +00:00
David Shaw
97b8f41b08 * gpgkeys_curl.c (main): New "follow-redirects" option. Takes an optional
numeric value for the maximum number of redirects to allow.  Defaults to
5.

* gpgkeys_curl.c (main), gpgkeys_finger.c (main), gpgkeys_hkp.c (main),
gpgkeys_http.c (main), gpgkeys_ldap.c (main): Make sure that a "timeout"
option passed with no arguments is properly handled.
2004-12-22 19:19:10 +00:00
David Shaw
7e9a93d017 * gpgkeys_hkp.c (send_key, get_key, search_key): Use "hkp" instead of
"x-hkp" so it can be used as a SRV tag.
2004-10-18 15:53:28 +00:00
Werner Koch
e170c54cf8 * gpgkeys_ldap.c (main, show_help): Kludge to implement standard
GNU options. Factored help printing out.
* gpgkeys_finger.c (main, show_help): Ditto.
* gpgkeys_hkp.c (main, show_help): Ditto.
* gpgkeys_http.c (main, show_help): Ditto.
* gpgkeys_test.in, gpgkeys_mailto.in: Implement --version and --help.
2004-10-15 12:19:06 +00:00
David Shaw
d603b7c3a1 * gpgkeys_ldap.c (main), gpgkeys_hkp.c (main), gpgkeys_http.c (main),
gpgkeys_finger.c (main): Call timeout functions before performing an
action that could block for a long time.

* ksutil.h, ksutil.c: New.  Right now just contains timeout functions.
2004-10-13 18:30:29 +00:00
David Shaw
e3fd0f0c60 * gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: Fix a
few occurances of "filename" to `filename'.
2004-10-11 20:33:22 +00:00
Stefan Bellon
159352d8b7 change back skey to unsigned and cast instead 2004-08-27 21:16:16 +00:00