[svn] GnuPG - r4987 - branches/STABLE-BRANCH-1-4/keyserver

svn author dshaw cvs at cvs.gnupg.org
Tue Apr 21 05:04:08 CEST 2009 

Author: dshaw
Date: 2009-04-21 05:04:08 +0200 (Tue, 21 Apr 2009)
New Revision: 4987

Modified:
   branches/STABLE-BRANCH-1-4/keyserver/ChangeLog
   branches/STABLE-BRANCH-1-4/keyserver/gpgkeys_hkp.c
Log:
* gpgkeys_hkp.c (srv_replace): New function to transform a SRV
hostname to a real hostname.  (main): Call it from here for the
HAVE_LIBCURL case (without libcurl is handled via the curl-shim).


Modified: branches/STABLE-BRANCH-1-4/keyserver/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/keyserver/ChangeLog	2009-04-19 16:34:21 UTC (rev 4986)
+++ branches/STABLE-BRANCH-1-4/keyserver/ChangeLog	2009-04-21 03:04:08 UTC (rev 4987)
@@ -1,3 +1,10 @@
+2009-04-20  David Shaw  <dshaw at jabberwocky.com>
+
+	* gpgkeys_hkp.c (srv_replace): New function to transform a SRV
+	hostname to a real hostname.
+	(main): Call it from here for the HAVE_LIBCURL case (without
+	libcurl is handled via the curl-shim).
+	
 2009-04-02  David Shaw  <dshaw at jabberwocky.com>
 
 	* curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform):

Modified: branches/STABLE-BRANCH-1-4/keyserver/gpgkeys_hkp.c
===================================================================
--- branches/STABLE-BRANCH-1-4/keyserver/gpgkeys_hkp.c	2009-04-19 16:34:21 UTC (rev 4986)
+++ branches/STABLE-BRANCH-1-4/keyserver/gpgkeys_hkp.c	2009-04-21 03:04:08 UTC (rev 4987)
@@ -43,6 +43,9 @@
 #else
 #include "curl-shim.h"
 #endif
+#ifdef USE_DNS_SRV
+#include "srv.h"
+#endif
 #include "compat.h"
 #include "keyserver.h"
 #include "ksutil.h"
@@ -188,6 +191,7 @@
   strcat(key,encoded_key);
 
   strcpy(request,proto);
+  strcat(request,"://");
   strcat(request,opt->host);
   strcat(request,":");
   strcat(request,port);
@@ -252,6 +256,7 @@
     }
 
   strcpy(request,proto);
+  strcat(request,"://");
   strcat(request,opt->host);
   strcat(request,":");
   strcat(request,port);
@@ -330,6 +335,7 @@
   fprintf(output,"NAME %s BEGIN\n",getkey);
 
   strcpy(request,proto);
+  strcat(request,"://");
   strcat(request,opt->host);
   strcat(request,":");
   strcat(request,port);
@@ -413,6 +419,7 @@
   fprintf(output,"SEARCH %s BEGIN\n",searchkey);
 
   strcpy(request,proto);
+  strcat(request,"://");
   strcat(request,opt->host);
   strcat(request,":");
   strcat(request,port);
@@ -483,6 +490,49 @@
       }
 }
 
+/* If there is a SRV record, take the highest ranked possibility.
+   This is a hack, as we don't proceed downwards. */
+static void
+srv_replace(void)
+{
+#ifdef USE_DNS_SRV
+  struct srventry *srvlist=NULL;
+  int srvcount;
+
+  if(1+strlen(opt->scheme)+6+strlen(opt->host)+1<=MAXDNAME)
+    {
+      char srvname[MAXDNAME];
+
+      strcpy(srvname,"_");
+      strcat(srvname,opt->scheme);
+      strcat(srvname,"._tcp.");
+      strcat(srvname,opt->host);
+      srvcount=getsrv(srvname,&srvlist);
+    }
+
+  if(srvlist)
+    {
+      char *newname,*newport;
+
+      newname=strdup(srvlist->target);
+      newport=malloc(MAX_PORT);
+      if(newname && newport)
+	{
+	  free(opt->host);
+	  free(opt->port);
+	  opt->host=newname;
+	  snprintf(newport,MAX_PORT,"%u",srvlist->port);
+	  opt->port=newport;
+	}
+      else
+	{
+	  free(newname);
+	  free(newport);
+	}
+    }
+#endif
+}
+
 static void 
 show_help (FILE *fp)
 {
@@ -495,7 +545,7 @@
 int
 main(int argc,char *argv[])
 {
-  int arg,ret=KEYSERVER_INTERNAL_ERROR;
+  int arg,ret=KEYSERVER_INTERNAL_ERROR,try_srv=1;
   char line[MAX_LINE];
   int failed=0;
   struct keylist *keylist=NULL,*keyptr=NULL;
@@ -609,15 +659,14 @@
 		    }
 		}
 	    }
-#if 0
 	  else if(ascii_strcasecmp(start,"try-dns-srv")==0)
 	    {
 	      if(no)
-		http_flags&=~HTTP_FLAG_TRY_SRV;
+		try_srv=0;
 	      else
-		http_flags|=HTTP_FLAG_TRY_SRV;
+		try_srv=1;
 	    }
-#endif
+
 	  continue;
 	}
     }
@@ -632,18 +681,15 @@
 
   if(ascii_strcasecmp(opt->scheme,"hkps")==0)
     {
-      proto="https://";
+      proto="https";
       port="443";
     }
   else
     {
-      proto="http://";
+      proto="http";
       port="11371";
     }
 
-  if(opt->port)
-    port=opt->port;
-
   if(!opt->host)
     {
       fprintf(console,"gpgkeys: no keyserver host provided\n");
@@ -665,6 +711,26 @@
       goto fail;
     }
 
+  /* If the user gives a :port, then disable SRV.  The semantics of a
+     specified port and SRV do not play well together. */
+  if(opt->port)
+    port=opt->port;
+  else if(try_srv)
+    {
+#ifdef HAVE_LIBCURL
+      /* We're using libcurl, so fake SRV support via our wrapper.
+	 This isn't as good as true SRV support, as we do not try all
+	 possible targets at one particular level and work our way
+	 down the list, but it's better than nothing. */
+      srv_replace();
+#else
+      /* We're using our internal curl shim, so we can use its (true)
+	 SRV support.  Obviously, CURLOPT_SRVTAG_GPG_HACK isn't a real
+	 libcurl option.  It's specific to our shim. */
+      curl_easy_setopt(curl,CURLOPT_SRVTAG_GPG_HACK,opt->scheme);
+#endif
+    }
+
   curl_easy_setopt(curl,CURLOPT_ERRORBUFFER,errorbuffer);
 
   if(opt->auth)
@@ -683,13 +749,6 @@
   if(proxy)
     curl_easy_setopt(curl,CURLOPT_PROXY,proxy);
 
-#if 0
-  /* By suggested convention, if the user gives a :port, then disable
-     SRV. */
-  if(opt->port)
-    http_flags&=~HTTP_FLAG_TRY_SRV;
-#endif
-
   /* If it's a GET or a SEARCH, the next thing to come in is the
      keyids.  If it's a SEND, then there are no keyids. */

More information about the Gnupg-commits mailing list