[svn] GnuPG - r5026 - in trunk: common keyserver
svn author dshaw
cvs at cvs.gnupg.org
Thu May 28 06:25:26 CEST 2009
Author: dshaw
Date: 2009-05-28 06:25:25 +0200 (Thu, 28 May 2009)
New Revision: 5026
Modified:
trunk/common/ChangeLog
trunk/common/http.c
trunk/common/http.h
trunk/keyserver/ChangeLog
trunk/keyserver/curl-shim.c
trunk/keyserver/curl-shim.h
trunk/keyserver/gpgkeys_hkp.c
Log:
* http.h, http.c (send_request): Pass in srvtag and make its presence
sufficient to turn the feature on. (http_open): From here.
(http_document): And here.
* gpgkeys_hkp.c (srv_replace): New function to transform a SRV
hostname to a real hostname. (main): Call it from here for the
HAVE_LIBCURL case (without libcurl is handled via the curl-shim).
* curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform): Add
a CURLOPT_SRVTAG_GPG_HACK (passed through the the http engine).
Modified: trunk/common/ChangeLog
===================================================================
--- trunk/common/ChangeLog 2009-05-28 03:24:54 UTC (rev 5025)
+++ trunk/common/ChangeLog 2009-05-28 04:25:25 UTC (rev 5026)
@@ -1,5 +1,12 @@
2009-05-27 David Shaw <dshaw at jabberwocky.com>
+ From 1.4:
+
+ * http.h, http.c (send_request): Pass in srvtag and make its
+ presence sufficient to turn the feature on.
+ (http_open): From here.
+ (http_document): And here.
+
* srv.c (getsrv): Raise maximum packet size to 2048, as PACKETSZ
is too small these days.
Modified: trunk/keyserver/ChangeLog
===================================================================
--- trunk/keyserver/ChangeLog 2009-05-28 03:24:54 UTC (rev 5025)
+++ trunk/keyserver/ChangeLog 2009-05-28 04:25:25 UTC (rev 5026)
@@ -1,3 +1,16 @@
+2009-05-27 David Shaw <dshaw at jabberwocky.com>
+
+ From 1.4:
+
+ * gpgkeys_hkp.c (srv_replace): New function to transform a SRV
+ hostname to a real hostname.
+ (main): Call it from here for the HAVE_LIBCURL case (without
+ libcurl is handled via the curl-shim).
+
+ * curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform):
+ Add a CURLOPT_SRVTAG_GPG_HACK (passed through the the http
+ engine).
+
2009-05-10 David Shaw <dshaw at jabberwocky.com>
From 1.4:
Modified: trunk/common/http.c
===================================================================
--- trunk/common/http.c 2009-05-28 03:24:54 UTC (rev 5025)
+++ trunk/common/http.c 2009-05-28 04:25:25 UTC (rev 5026)
@@ -128,8 +128,8 @@
static int insert_escapes (char *buffer, const char *string,
const char *special);
static uri_tuple_t parse_tuple (char *string);
-static gpg_error_t send_request (http_t hd,
- const char *auth, const char *proxy);
+static gpg_error_t send_request (http_t hd, const char *auth,
+ const char *proxy, const char *srvtag);
static char *build_rel_path (parsed_uri_t uri);
static gpg_error_t parse_response (http_t hd);
@@ -317,7 +317,7 @@
gpg_error_t
http_open (http_t *r_hd, http_req_t reqtype, const char *url,
const char *auth, unsigned int flags, const char *proxy,
- void *tls_context)
+ void *tls_context, const char *srvtag)
{
gpg_error_t err;
http_t hd;
@@ -338,7 +338,7 @@
err = http_parse_uri (&hd->uri, url);
if (!err)
- err = send_request (hd, auth, proxy);
+ err = send_request (hd, auth, proxy, srvtag);
if (err)
{
@@ -457,12 +457,12 @@
gpg_error_t
http_open_document (http_t *r_hd, const char *document,
const char *auth, unsigned int flags, const char *proxy,
- void *tls_context)
+ void *tls_context, const char *srvtag)
{
gpg_error_t err;
err = http_open (r_hd, HTTP_REQ_GET, document, auth, flags,
- proxy, tls_context);
+ proxy, tls_context, srvtag);
if (err)
return err;
@@ -835,7 +835,7 @@
* Returns 0 if the request was successful
*/
static gpg_error_t
-send_request (http_t hd, const char *auth, const char *proxy)
+send_request (http_t hd, const char *auth, const char *proxy,const char *srvtag)
{
gnutls_session_t tls_session;
gpg_error_t err;
@@ -893,13 +893,13 @@
hd->sock = connect_server (*uri->host ? uri->host : "localhost",
uri->port ? uri->port : 80,
- hd->flags, hd->uri->scheme);
+ hd->flags, srvtag);
save_errno = errno;
http_release_parsed_uri (uri);
}
else
{
- hd->sock = connect_server (server, port, hd->flags, hd->uri->scheme);
+ hd->sock = connect_server (server, port, hd->flags, srvtag);
save_errno = errno;
}
@@ -1524,6 +1524,9 @@
int last_errno = 0;
struct srventry *serverlist = NULL;
+ /* Not currently using the flags */
+ (void)flags;
+
#ifdef HAVE_W32_SYSTEM
unsigned long inaddr;
@@ -1559,7 +1562,7 @@
#ifdef USE_DNS_SRV
/* Do the SRV thing */
- if ((flags & HTTP_FLAG_TRY_SRV) && srvtag)
+ if (srvtag)
{
/* We're using SRV, so append the tags. */
if (1+strlen (srvtag) + 6 + strlen (server) + 1 <= MAXDNAME)
Modified: trunk/common/http.h
===================================================================
--- trunk/common/http.h 2009-05-28 03:24:54 UTC (rev 5025)
+++ trunk/common/http.h 2009-05-28 04:25:25 UTC (rev 5026)
@@ -63,9 +63,8 @@
{
HTTP_FLAG_TRY_PROXY = 1,
HTTP_FLAG_NO_SHUTDOWN = 2,
- HTTP_FLAG_TRY_SRV = 4,
- HTTP_FLAG_LOG_RESP = 8,
- HTTP_FLAG_NEED_HEADER = 16
+ HTTP_FLAG_LOG_RESP = 4,
+ HTTP_FLAG_NEED_HEADER = 8
};
struct http_context_s;
@@ -82,7 +81,8 @@
const char *auth,
unsigned int flags,
const char *proxy,
- void *tls_context);
+ void *tls_context,
+ const char *srvtag);
void http_start_data (http_t hd);
@@ -95,7 +95,8 @@
const char *auth,
unsigned int flags,
const char *proxy,
- void *tls_context);
+ void *tls_context,
+ const char *srvtag);
#ifdef HTTP_USE_ESTREAM
estream_t http_get_read_ptr (http_t hd);
Modified: trunk/keyserver/curl-shim.c
===================================================================
--- trunk/keyserver/curl-shim.c 2009-05-28 03:24:54 UTC (rev 5025)
+++ trunk/keyserver/curl-shim.c 2009-05-28 04:25:25 UTC (rev 5026)
@@ -144,6 +144,9 @@
case CURLOPT_POSTFIELDS:
curl->postfields=va_arg(ap,char *);
break;
+ case CURLOPT_SRVTAG_GPG_HACK:
+ curl->srvtag=va_arg(ap,char *);
+ break;
case CURLOPT_FAILONERROR:
curl->flags.failonerror=va_arg(ap,long)?1:0;
break;
@@ -193,7 +196,7 @@
if(curl->flags.post)
{
rc = http_open (&curl->hd, HTTP_REQ_POST, curl->url, curl->auth,
- 0, proxy, NULL);
+ 0, proxy, NULL, curl->srvtag);
if (!rc)
{
unsigned int post_len = strlen(curl->postfields);
@@ -216,7 +219,7 @@
else
{
rc = http_open (&curl->hd, HTTP_REQ_GET, curl->url, curl->auth,
- 0, proxy, NULL);
+ 0, proxy, NULL, curl->srvtag);
if (!rc)
{
rc = http_wait_response (curl->hd);
Modified: trunk/keyserver/curl-shim.h
===================================================================
--- trunk/keyserver/curl-shim.h 2009-05-28 03:24:54 UTC (rev 5025)
+++ trunk/keyserver/curl-shim.h 2009-05-28 04:25:25 UTC (rev 5026)
@@ -48,7 +48,8 @@
CURLOPT_CAINFO,
CURLOPT_POST,
CURLOPT_POSTFIELDS,
- CURLOPT_FAILONERROR
+ CURLOPT_FAILONERROR,
+ CURLOPT_SRVTAG_GPG_HACK
} CURLoption;
typedef size_t (*write_func)(char *buffer,size_t size,
@@ -63,6 +64,7 @@
write_func writer;
void *file;
char *postfields;
+ char *srvtag;
unsigned int status;
FILE *errors;
struct
Modified: trunk/keyserver/gpgkeys_hkp.c
===================================================================
--- trunk/keyserver/gpgkeys_hkp.c 2009-05-28 03:24:54 UTC (rev 5025)
+++ trunk/keyserver/gpgkeys_hkp.c 2009-05-28 04:25:25 UTC (rev 5026)
@@ -43,6 +43,9 @@
#else
#include "curl-shim.h"
#endif
+#ifdef USE_DNS_SRV
+#include "srv.h"
+#endif
#include "keyserver.h"
#include "ksutil.h"
@@ -183,6 +186,7 @@
strcat(key,encoded_key);
strcpy(request,proto);
+ strcat(request,"://");
strcat(request,opt->host);
strcat(request,":");
strcat(request,port);
@@ -247,6 +251,7 @@
}
strcpy(request,proto);
+ strcat(request,"://");
strcat(request,opt->host);
strcat(request,":");
strcat(request,port);
@@ -325,6 +330,7 @@
fprintf(output,"NAME %s BEGIN\n",getkey);
strcpy(request,proto);
+ strcat(request,"://");
strcat(request,opt->host);
strcat(request,":");
strcat(request,port);
@@ -408,6 +414,7 @@
fprintf(output,"SEARCH %s BEGIN\n",searchkey);
strcpy(request,proto);
+ strcat(request,"://");
strcat(request,opt->host);
strcat(request,":");
strcat(request,port);
@@ -478,6 +485,51 @@
}
}
+#ifdef HAVE_LIBCURL
+/* If there is a SRV record, take the highest ranked possibility.
+ This is a hack, as we don't proceed downwards. */
+static void
+srv_replace(void)
+{
+#ifdef USE_DNS_SRV
+ struct srventry *srvlist=NULL;
+ int srvcount;
+
+ if(1+strlen(opt->scheme)+6+strlen(opt->host)+1<=MAXDNAME)
+ {
+ char srvname[MAXDNAME];
+
+ strcpy(srvname,"_");
+ strcat(srvname,opt->scheme);
+ strcat(srvname,"._tcp.");
+ strcat(srvname,opt->host);
+ srvcount=getsrv(srvname,&srvlist);
+ }
+
+ if(srvlist)
+ {
+ char *newname,*newport;
+
+ newname=strdup(srvlist->target);
+ newport=malloc(MAX_PORT);
+ if(newname && newport)
+ {
+ free(opt->host);
+ free(opt->port);
+ opt->host=newname;
+ snprintf(newport,MAX_PORT,"%u",srvlist->port);
+ opt->port=newport;
+ }
+ else
+ {
+ free(newname);
+ free(newport);
+ }
+ }
+#endif
+}
+#endif
+
static void
show_help (FILE *fp)
{
@@ -490,7 +542,7 @@
int
main(int argc,char *argv[])
{
- int arg,ret=KEYSERVER_INTERNAL_ERROR;
+ int arg,ret=KEYSERVER_INTERNAL_ERROR,try_srv=1;
char line[MAX_LINE];
int failed=0;
struct keylist *keylist=NULL,*keyptr=NULL;
@@ -604,15 +656,14 @@
}
}
}
-#if 0
else if(strcasecmp(start,"try-dns-srv")==0)
{
if(no)
- http_flags&=~HTTP_FLAG_TRY_SRV;
+ try_srv=0;
else
- http_flags|=HTTP_FLAG_TRY_SRV;
+ try_srv=1;
}
-#endif
+
continue;
}
}
@@ -626,18 +677,15 @@
if(ks_strcasecmp(opt->scheme,"hkps")==0)
{
- proto="https://";
+ proto="https";
port="443";
}
else
{
- proto="http://";
+ proto="http";
port="11371";
}
- if(opt->port)
- port=opt->port;
-
if(!opt->host)
{
fprintf(console,"gpgkeys: no keyserver host provided\n");
@@ -659,6 +707,26 @@
goto fail;
}
+ /* If the user gives a :port, then disable SRV. The semantics of a
+ specified port and SRV do not play well together. */
+ if(opt->port)
+ port=opt->port;
+ else if(try_srv)
+ {
+#ifdef HAVE_LIBCURL
+ /* We're using libcurl, so fake SRV support via our wrapper.
+ This isn't as good as true SRV support, as we do not try all
+ possible targets at one particular level and work our way
+ down the list, but it's better than nothing. */
+ srv_replace();
+#else
+ /* We're using our internal curl shim, so we can use its (true)
+ SRV support. Obviously, CURLOPT_SRVTAG_GPG_HACK isn't a real
+ libcurl option. It's specific to our shim. */
+ curl_easy_setopt(curl,CURLOPT_SRVTAG_GPG_HACK,opt->scheme);
+#endif
+ }
+
curl_easy_setopt(curl,CURLOPT_ERRORBUFFER,errorbuffer);
if(opt->auth)
@@ -677,13 +745,6 @@
if(proxy)
curl_easy_setopt(curl,CURLOPT_PROXY,proxy);
-#if 0
- /* By suggested convention, if the user gives a :port, then disable
- SRV. */
- if(opt->port)
- http_flags&=~HTTP_FLAG_TRY_SRV;
-#endif
-
/* If it's a GET or a SEARCH, the next thing to come in is the
keyids. If it's a SEND, then there are no keyids. */
More information about the Gnupg-commits
mailing list