1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-09 12:54:23 +01:00

94 Commits

Author SHA1 Message Date
Werner Koch
69088ac76f keyserver: Allow use of cURL's default CA store.
* keyserver/gpgkeys_curl.c (main): Set CURLOPT_CAINFO only if a file
has been given.
* keyserver/gpgkeys_hkp.c (main): Ditto.
--

GnuPG-bug-id: 1542
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit e957b9b3f408491f36660499b215aebcf2633a95)
2013-10-04 20:47:48 +02:00
David Shaw
6f0ec6ab48 Differentiate between success (full or partial), not-found, and failure.
* keyserver/gpgkeys_hkp.c (get_key): Use curl_easy_setinfo to get the
  HTTP status code so we can tell the difference between a successful
  retrieval, a partial retrieval, a not-found, or a server failed.
2013-03-02 20:39:48 -05:00
Werner Koch
2812ab7d6a Last fix for the SRV record patches.
* keyserver/gpgkeys_hkp.c (srv_replace): Make sure SRVCOUNT is
always initialized.
--

See commit 5c557a51.
2012-12-20 20:29:53 +01:00
David Shaw
5c557a51cd Issue 1447: Pass proper Host header and SNI when SRV is used with curl.
* configure.ac: Check for inet_ntop.

* m4/libcurl.m4: Provide a #define for the version of the curl
  library.

* keyserver/gpgkeys_hkp.c (main, srv_replace): Call getaddrinfo() on
  each target.  Once we find one that resolves to an address (whether
  IPv4 or IPv6), pass it into libcurl via CURLOPT_RESOLVE using the
  SRV name as the "host".  Force the HTTP Host header to be the same.

Backported from 6b1f71055ebab36989e2089cfde319d2ba40ada7

* keyserver/gpgkeys_hkp.c (main): Only default try-dns-srv to on if we
  have SRV support in the first place.

Backported from 732f3d1d4786239db5f31f82cc04ec79326cc13c
2012-12-19 13:54:27 -05:00
David Shaw
f2f12f41ef Fix issue 1446: honor ports given in SRV responses.
* common/http.c (send_request, connect_server, http_open): Use a
  struct srv instead of a single srvtag so we can pass the chosen host
  and port back to the caller.
  (connect_server): Use the proper port in the HAVE_GETADDRINFO case.

* keyserver/curl-shim.c (curl_easy_perform): Use struct srv and log
  chosen host and port.

* keyserver/gpgkeys_hkp.c (main): Properly take the port given by SRV.

Backported from ba9e974f1fd85b3dbbfb5e26d7a14f71d07c7cf2
2012-12-18 21:58:53 -05:00
David Shaw
6fe25e5602 Use the longest key ID available when talking to a HKP server.
This is issue 1340.  Now that PKSD is dead, and SKS supports long key
IDs, this is safe to do.  Patch from Daniel Kahn Gillmor
<dkg@fifthhorseman.net>.
2011-12-28 16:41:31 -05:00
Werner Koch
a95143e225 Removed some set but unused vars. 2011-08-09 10:54:22 +02:00
Werner Koch
20fe42d10b Restructured the compat functions and changed its license.
New fucntion xstrconcat for future use.
2009-08-25 20:00:24 +00:00
David Shaw
4401184ea7 * gpgkeys_hkp.c (main, srv_replace): Minor tweaks to use the DNS-SD
names ("pgpkey-http" and "pgpkey-https") in SRV lookups instead of
"hkp" and "hkps".
2009-07-08 03:50:26 +00:00
David Shaw
0f993bbd65 * gpgkeys_hkp.c (srv_replace): Fix build warning. 2009-05-28 04:33:10 +00:00
David Shaw
e8436d575e Avoid caches to get the most recent copy of the key. This is bug
#1061
2009-05-26 14:15:56 +00:00
David Shaw
ee9edfe19f * gpgkeys_hkp.c (srv_replace): New function to transform a SRV
hostname to a real hostname.  (main): Call it from here for the
HAVE_LIBCURL case (without libcurl is handled via the curl-shim).
2009-04-21 03:04:08 +00:00
David Shaw
c641585a42 * gpgkeys_hkp.c (main): Switch default port for SSLized HKP to 443
(i.e. the regular https port).
2009-04-02 03:50:50 +00:00
David Shaw
fe57cdc2fb * gpgkeys_hkp.c (send_key, get_key, get_name, search_key, main): Add
support for SSLized HKP.
2009-02-03 19:40:28 +00:00
David Shaw
b3ac8341d9 * curl-shim.h, gpgkeys_curl.c, gpgkeys_hkp.c (main): Always show curl
version (even for curl-shim).
2008-11-18 18:43:13 +00:00
Werner Koch
5452f53c5c Make --version close to GNU standards. 2008-11-18 18:17:10 +00:00
David Shaw
9e0919fad1 * curl-shim.h (curl_version): No need to provide a version for
curl-shim as it always matches the GnuPG version.

* gpgkeys_curl.c, gpgkeys_hkp.c (main): Show which version of curl
we're using as part of --version.

* gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_ldap.c
(show_help): Document --version.
2008-11-18 17:09:07 +00:00
David Shaw
06278768b4 * gpgkeys_curl.c (main), gpgkeys_hkp.c (main): Make sure all libcurl
number options are passed as long.
2008-04-14 17:41:47 +00:00
Werner Koch
9a2a818887 Switched to GPLv3.
Updated gettext.
2007-10-23 10:48:09 +00:00
David Shaw
1fc3e4a299 * gpgkeys_hkp.c (main): Show curl or fake-curl version string.
* Makefile.am: Link with libcompat.a for ascii_str(n)casecmp.
2007-04-16 22:47:20 +00:00
David Shaw
e7c72ccc2f * gpgkeys_curl.c, gpgkeys_ldap.c, gpgkeys_hkp.c, ksutil.c: Rename all
str(n)casecmp to ascii_str(n)casecmp.  We want the locale-independent
ones here.
2007-04-16 22:43:29 +00:00
David Shaw
b8bd7b6186 * curl-shim.h, curl-shim.c, gpgkeys_hkp.c: Rename curl_escape() to
curl_easy_escape() to match cURL.
2007-01-16 18:12:43 +00:00
David Shaw
a15b16a356 * gpgkeys_hkp.c (send_key): Allow GPG to send any armored key line
length without problems.  Reported by Felix von Leitner.
2007-01-16 04:31:49 +00:00
David Shaw
928db7d34b * gpgkeys_hkp.c (search_key): HKP keyservers like the 0x to be present
when searching by keyID.
2006-12-03 05:57:57 +00:00
David Shaw
1b41117e2a * gpgkeys_hkp.c (curl_mrindex_writer): Revert previous change.
Key-not-found still has a HTML response.
2006-11-06 03:37:08 +00:00
David Shaw
9e9214b944 * gpgkeys_hkp.c (curl_mrindex_writer): Print a warning if we see HTML
coming back from a MR hkp query.
2006-10-20 03:56:17 +00:00
Werner Koch
29f68725d0 Allow to build w/o curl. 2006-09-26 14:15:17 +00:00
David Shaw
b8b482b596 * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key,
send_key_keyserver): Improved version of previous fix.  Force match on
spaces in string.
2006-07-17 04:11:30 +00:00
David Shaw
2dc880aa9e * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key, send_key_keyserver):
Fix string matching problem when the ascii armored form of the key happens
to match "KEY" at the beginning of the line.
2006-07-14 16:07:01 +00:00
David Shaw
e87d36ccf6 * Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any longer as
this is done via curl or fake-curl.

* ksutil.h, ksutil.c, gpgkeys_hkp.c, gpgkeys_curl.c: Minor #include tweaks
as FAKE_CURL is no longer meaningful.
2006-04-26 21:48:29 +00:00
David Shaw
482a3a0101 * gpgkeys_hkp.c (get_name): A GETNAME query turns exact=on to cut down on
odd matches.
2006-02-22 23:19:36 +00:00
David Shaw
2c4b5d5de9 * gpgkeys_hkp.c (send_key): Do not escape the '=' in the HTTP POST when
uploading a key.
2006-01-16 17:59:46 +00:00
David Shaw
da9a10d2b0 * ksutil.h, ksutil.c (parse_ks_options): New keyserver command "getname".
* gpgkeys_hkp.c (main, get_name), gpgkeys_ldap.c (main, get_name): Use it
here to do direct name (rather than key ID) fetches.
2005-12-23 20:51:48 +00:00
David Shaw
5432755319 * ksutil.h, ksutil.c (curl_armor_writer, curl_writer,
curl_writer_finalize): New functionality to handle binary format keys by
armoring them for input to GPG.

* gpgkeys_curl.c (get_key), gpgkeys_hkp.c (get_key): Call it here.
2005-12-19 19:39:32 +00:00
David Shaw
2a662f7870 Fix various build warnings reported by Joe Vender on MinGW. 2005-11-03 04:46:20 +00:00
David Shaw
aec65a94d8 * ksutil.h, ksutil.c (parse_ks_options): Remove exact-name and
exact-email.  (classify_ks_search): Mimic the gpg search modes instead
with *, =, <, and @.

* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Call them
here.  Suggested by Jason Harris.
2005-08-26 04:24:46 +00:00
David Shaw
70bf6d9204 * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option exact-name.
The last of exact-name and exact-email overrides the earlier.

* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it here to
do a name-only search.
2005-08-18 21:14:16 +00:00
David Shaw
e9b444a9d0 * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option
exact-email.

* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it here
to do an email-only search.
2005-08-18 04:17:20 +00:00
David Shaw
1990aacce0 * gpgkeys_hkp.c (main), gpgkeys_curl.c (main), curl-shim.h: Show
version of curl (or curl-shim) when debug is set.
2005-08-04 03:59:16 +00:00
David Shaw
ccab129be5 * gpgkeys_mailto.in, gpgkeys_test.in: Use @VERSION@ so version string
stays up to date.

* gpgkeys_http.c: Don't need to define HTTP_PROXY_ENV here since it's
in ksutil.h.

* gpgkeys_curl.c (get_key, main), gpgkeys_hkp.c (main): Pass AUTH
values to curl or curl-shim.

* curl-shim.c (curl_easy_perform), gpgkeys_curl.c (main),
gpgkeys_hkp.c (main): Use curl-style proxy semantics.
2005-06-23 23:42:35 +00:00
David Shaw
4e9797031f * gpgkeys_hkp.c (append_path, send_key, get_key, search_key, main),
gpgkeys_oldhkp.c (main): Properly handle double slashes in paths.
2005-06-21 04:24:10 +00:00
David Shaw
c347404bfd * gpgkeys_hkp.c, gpgkeys_oldhkp.c: Add support for HKP servers that
aren't at the root path.  Suggested by Jack Bates.
2005-06-04 23:09:27 +00:00
Werner Koch
7d4043ca57 Updated FSF street address and preparations for a release candidate. 2005-05-31 08:39:18 +00:00
David Shaw
5e6d360596 * gpgkeys_hkp.c, gpgkeys_oldhkp.c, ksutil.h: Some minor cleanup and
comments as to the size of MAX_LINE and MAX_URL.
2005-05-02 00:46:39 +00:00
David Shaw
0884653a13 * gpgkeys_hkp.c: New hkp handler that uses curl or curl-shim.
* Makefile.am: Build new gpgkeys_hkp.

* curl-shim.c (curl_easy_perform): Cleanup.
2005-04-17 02:18:32 +00:00
David Shaw
1517f0e945 * gpgkeys_ldap.c, ksutil.h, ksutil.c (print_nocr): Moved from
gpgkeys_ldap.c.  Print a string, but strip out any CRs.

* gpgkeys_finger.c (get_key), gpgkeys_hkp.c (get_key), gpgkeys_http.c
(get_key): Use it here when outputting key material to canonicalize
line endings.
2005-03-22 23:41:08 +00:00
David Shaw
203e4835f6 * gpgkeys_finger.c (main), gpgkeys_hkp.c (main): Fix --version output.
* gpgkeys_curl.c (main): Make sure the curl handle is cleaned up on
failure.
2005-02-05 15:04:59 +00:00
David Shaw
b663f3f8d3 * gpgkeys_hkp.c (get_key), gpgkeys_http.c (get_key): Fix missing
http_close() calls.  Noted by Phil Pennock.
2005-02-01 20:57:08 +00:00
David Shaw
996c82ffd6 * ksutil.h, gpgkeys_curl.c, gpgkeys_hkp.c, gpgkeys_ldap.c,
gpgkeys_finger.c, gpgkeys_http.c: Part 2 of the cleanup.  Move all the
various defines to ksutil.h.
2005-01-13 23:37:26 +00:00
David Shaw
0a42f97e43 * gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: Part 1
of a minor cleanup to use #defines instead of hard-coded sizes.
2005-01-13 23:22:10 +00:00