* keyserver/gpgkeys_curl.c (main): Set CURLOPT_CAINFO only if a file
has been given.
* keyserver/gpgkeys_hkp.c (main): Ditto.
--
GnuPG-bug-id: 1542
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit e957b9b3f408491f36660499b215aebcf2633a95)
* keyserver/gpgkeys_hkp.c (get_key): Use curl_easy_setinfo to get the
HTTP status code so we can tell the difference between a successful
retrieval, a partial retrieval, a not-found, or a server failed.
* configure.ac: Check for inet_ntop.
* m4/libcurl.m4: Provide a #define for the version of the curl
library.
* keyserver/gpgkeys_hkp.c (main, srv_replace): Call getaddrinfo() on
each target. Once we find one that resolves to an address (whether
IPv4 or IPv6), pass it into libcurl via CURLOPT_RESOLVE using the
SRV name as the "host". Force the HTTP Host header to be the same.
Backported from 6b1f71055ebab36989e2089cfde319d2ba40ada7
* keyserver/gpgkeys_hkp.c (main): Only default try-dns-srv to on if we
have SRV support in the first place.
Backported from 732f3d1d4786239db5f31f82cc04ec79326cc13c
* common/http.c (send_request, connect_server, http_open): Use a
struct srv instead of a single srvtag so we can pass the chosen host
and port back to the caller.
(connect_server): Use the proper port in the HAVE_GETADDRINFO case.
* keyserver/curl-shim.c (curl_easy_perform): Use struct srv and log
chosen host and port.
* keyserver/gpgkeys_hkp.c (main): Properly take the port given by SRV.
Backported from ba9e974f1fd85b3dbbfb5e26d7a14f71d07c7cf2
* scripts/autogen.sh <--build-w32>: Support i686-w64-mingw32 and use
it by default if installed.
* keyserver/gpgkeys_ldap.c (my_ldap_start_tls_s): Define macro
depending on compiler version.
(main): Use new macro.
* util/miscutil.c [!HAVE_TIMEGM]: Add prototype for the timegm
autoconf replacement function.
--
It seems that the LDAP keyserver helper build with the old mingw32
toolchain never worked correctly for LDAPS. The prototype there for
ldap_start_tls_s is plainly wrong for Windows. Anyway I included
special support so not to break building with the old compiler.
a CURLOPT_SRVTAG_GPG_HACK (passed through the the http engine).
* http.h: Allow passing srvtag to http_open and http_open_document.
* http.c (http_open, http_open_document): Allow passing srvtag to
http_open and http_open_document.
curl-shim as it always matches the GnuPG version.
* gpgkeys_curl.c, gpgkeys_hkp.c (main): Show which version of curl
we're using as part of --version.
* gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_ldap.c
(show_help): Document --version.
protocol we're about to use is actually available.
* curl-shim.h, curl-shim.c (curl_free): Make into a macro.
(curl_version_info): New. Only advertises "http" for our shim, of
course.
without the 0x prefix. This isn't exact (it's possible that a user ID
string happens to be 8 or 16 digits of hex), but it's extremely
unlikely. Plus GPG itself makes the same assumption.
can contain replacement files that can be linked to keyserver helpers
without bringing in the whole libutil.a. libutil.a contains a complete
copy of libcompat.a so we only need to link to one of them.