[svn] GnuPG - r4068 - trunk/g10

[svn author dshaw]

Author: dshaw
Date: 2006-03-17 06:20:13 +0100 (Fri, 17 Mar 2006)
New Revision: 4068

Modified:
   trunk/g10/ChangeLog
   trunk/g10/getkey.c
   trunk/g10/keyserver.c
Log:
* keyserver.c (keyserver_import_cert): Handle the IPGP CERT type for
both the fingerprint alone, and fingerprint+URL cases.

* getkey.c (get_pubkey_byname): Minor cleanup.


Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog	2006-03-16 22:40:04 UTC (rev 4067)
+++ trunk/g10/ChangeLog	2006-03-17 05:20:13 UTC (rev 4068)
@@ -1,3 +1,10 @@
+2006-03-16  David Shaw  <dshaw at jabberwocky.com>
+
+	* keyserver.c (keyserver_import_cert): Handle the IPGP CERT type
+	for both the fingerprint alone, and fingerprint+URL cases.
+
+	* getkey.c (get_pubkey_byname): Minor cleanup.
+
 2006-03-13  David Shaw  <dshaw at jabberwocky.com>
 
 	* keyserver-internal.h, keyserver.c (keyserver_import_pka): Use

Modified: trunk/g10/getkey.c
===================================================================
--- trunk/g10/getkey.c	2006-03-16 22:40:04 UTC (rev 4067)
+++ trunk/g10/getkey.c	2006-03-17 05:20:13 UTC (rev 4068)
@@ -917,7 +917,6 @@
 
   if (rc == G10ERR_NO_PUBKEY && is_valid_mailbox(name))
     {
-      int res;
       struct akl *akl;
 
       for(akl=opt.auto_key_locate;akl;akl=akl->next)
@@ -929,29 +928,29 @@
 	    {
 	    case AKL_CERT:
 	      glo_ctrl.in_auto_key_retrieve++;
-	      res=keyserver_import_cert(name,&fpr,&fpr_len);
+	      rc=keyserver_import_cert(name,&fpr,&fpr_len);
 	      glo_ctrl.in_auto_key_retrieve--;
 
-	      if(res==0)
+	      if(rc==0)
 		log_info(_("Automatically retrieved `%s' via %s\n"),
 			 name,"DNS CERT");
 	      break;
 
 	    case AKL_PKA:
 	      glo_ctrl.in_auto_key_retrieve++;
-	      res=keyserver_import_pka(name,&fpr,&fpr_len);
+	      rc=keyserver_import_pka(name,&fpr,&fpr_len);
 
-	      if(res==0)
+	      if(rc==0)
 		log_info(_("Automatically retrieved `%s' via %s\n"),
 			 name,"PKA");
 	      break;
 
 	    case AKL_LDAP:
 	      glo_ctrl.in_auto_key_retrieve++;
-	      res=keyserver_import_ldap(name,&fpr,&fpr_len);
+	      rc=keyserver_import_ldap(name,&fpr,&fpr_len);
 	      glo_ctrl.in_auto_key_retrieve--;
 
-	      if(res==0)
+	      if(rc==0)
 		log_info(_("Automatically retrieved `%s' via %s\n"),
 			 name,"LDAP");
 	      break;
@@ -964,10 +963,10 @@
 	      if(opt.keyserver)
 		{
 		  glo_ctrl.in_auto_key_retrieve++;
-		  res=keyserver_import_name(name,&fpr,&fpr_len,opt.keyserver);
+		  rc=keyserver_import_name(name,&fpr,&fpr_len,opt.keyserver);
 		  glo_ctrl.in_auto_key_retrieve--;
 
-		  if(res==0)
+		  if(rc==0)
 		    log_info(_("Automatically retrieved `%s' via %s\n"),
 			     name,opt.keyserver->uri);
 		}
@@ -979,10 +978,10 @@
 
 		keyserver=keyserver_match(akl->spec);
 		glo_ctrl.in_auto_key_retrieve++;
-		res=keyserver_import_name(name,&fpr,&fpr_len,keyserver);
+		rc=keyserver_import_name(name,&fpr,&fpr_len,keyserver);
 		glo_ctrl.in_auto_key_retrieve--;
 
-		if(res==0)
+		if(rc==0)
 		  log_info(_("Automatically retrieved `%s' via %s\n"),
 			   name,akl->spec->uri);
 	      }
@@ -996,7 +995,7 @@
 	     requirement as the URL might point to a key put in by an
 	     attacker.  By forcing the use of the fingerprint, we
 	     won't use the attacker's key here. */
-	  if(res==0 && fpr)
+	  if(rc==0 && fpr)
 	    {
 	      int i;
 	      char fpr_string[MAX_FINGERPRINT_LEN*2+1];

Modified: trunk/g10/keyserver.c
===================================================================
--- trunk/g10/keyserver.c	2006-03-16 22:40:04 UTC (rev 4067)
+++ trunk/g10/keyserver.c	2006-03-17 05:20:13 UTC (rev 4068)
@@ -1985,7 +1985,7 @@
 {
   char *domain,*look,*url;
   IOBUF key;
-  int type,rc=-1;
+  int type,rc=G10ERR_GENERAL;
 
   look=xstrdup(name);
 
@@ -1993,7 +1993,7 @@
   if(domain)
     *domain='.';
 
-  type=get_cert(look,max_cert_size,&key,NULL,NULL,&url);
+  type=get_cert(look,max_cert_size,&key,fpr,fpr_len,&url);
   if(type==1)
     {
       int armor_status=opt.no_armor;
@@ -2008,23 +2008,36 @@
 
       iobuf_close(key);
     }
-  else if(type==2)
+  else if(type==2 && *fpr)
     {
-      struct keyserver_spec *spec;
-
-      spec=parse_keyserver_uri(url,1,NULL,0);
-      if(spec)
+      /* We only consider the IPGP type if a fingerprint was provided.
+	 This lets us select the right key regardless of what a URL
+	 points to, or get the key from a keyserver. */
+      if(url)
 	{
-	  STRLIST list=NULL;
+	  struct keyserver_spec *spec;
 
-	  add_to_strlist(&list,url);
+	  spec=parse_keyserver_uri(url,1,NULL,0);
+	  if(spec)
+	    {
+	      STRLIST list=NULL;
 
-	  rc=keyserver_fetch(list);
+	      add_to_strlist(&list,url);
 
-	  free_strlist(list);
-	  free_keyserver_spec(spec);
+	      rc=keyserver_fetch(list);
+
+	      free_strlist(list);
+	      free_keyserver_spec(spec);
+	    }
 	}
+      else if(opt.keyserver)
+	{
+	  /* If only a fingerprint is provided, try and fetch it from
+	     our --keyserver */
 
+	  rc=keyserver_import_fprint(*fpr,*fpr_len,opt.keyserver);
+	}
+
       xfree(url);
     }