[git] GnuPG - branch, master, updated. gnupg-2.1.17-50-g0cc975d
by Werner Koch
cvs at cvs.gnupg.org
Mon Jan 9 10:54:46 CET 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 0cc975d8a1cd54115938202432e43263b8893ea4 (commit)
via c2cbe2f87c480c62239dc4c2cbb352acd98cd267 (commit)
from 2baba11fad6dd680a992260d161dffa1eeae0e42 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 0cc975d8a1cd54115938202432e43263b8893ea4
Author: Werner Koch <wk at gnupg.org>
Date: Mon Jan 9 10:42:30 2017 +0100
dirmngr: Use "pgpkey-hkps" and "pgpkey-hkp" for SRV record lookups.
* dirmngr/ks-engine-hkp.c (map_host): Chnage arg NO_SRV to SRVTAG.
(make_host_part): Rewrite.
--
This fixes a regression from 2.0 and 1.4 where these tags have been in
used since 2009. For whatever reason this was not ported to 2.1 and
"hkp" was always used.
GnuPG-bug-id: 2451
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
index 9b757a3..5f6e5f4 100644
--- a/dirmngr/ks-engine-hkp.c
+++ b/dirmngr/ks-engine-hkp.c
@@ -378,16 +378,17 @@ add_host (const char *name, int is_pool,
* to choose one of the hosts. For example we skip those hosts which
* failed for some time and we stick to one host for a time
* independent of DNS retry times. If FORCE_RESELECT is true a new
- * host is always selected. If NO_SRV is set no service record lookup
- * will be done. The selected host is stored as a malloced string at
- * R_HOST; on error NULL is stored. If we know the port used by the
- * selected host from a service record, a string representation is
- * written to R_PORTSTR, otherwise it is left untouched. If
- * R_HTTPFLAGS is not NULL it will receive flags which are to be
- * passed to http_open. If R_POOLNAME is not NULL a malloced name of
- * the pool is stored or NULL if it is not a pool. */
+ * host is always selected. If SRVTAG is NULL no service record
+ * lookup will be done, if it is set that service name is used. The
+ * selected host is stored as a malloced string at R_HOST; on error
+ * NULL is stored. If we know the port used by the selected host from
+ * a service record, a string representation is written to R_PORTSTR,
+ * otherwise it is left untouched. If R_HTTPFLAGS is not NULL it will
+ * receive flags which are to be passed to http_open. If R_POOLNAME
+ * is not NULL a malloced name of the pool is stored or NULL if it is
+ * not a pool. */
static gpg_error_t
-map_host (ctrl_t ctrl, const char *name, int force_reselect, int no_srv,
+map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect,
char **r_host, char *r_portstr,
unsigned int *r_httpflags, char **r_poolname)
{
@@ -445,10 +446,10 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, int no_srv,
}
hi = hosttable[idx];
- if (!no_srv && !is_ip_address (name))
+ if (srvtag && !is_ip_address (name))
{
/* Check for SRV records. */
- err = get_dns_srv (name, "hkp", NULL, &srvs, &srvscount);
+ err = get_dns_srv (name, srvtag, NULL, &srvs, &srvscount);
if (err)
{
xfree (reftbl);
@@ -859,38 +860,42 @@ make_host_part (ctrl_t ctrl,
char **r_hostport, unsigned int *r_httpflags, char **r_poolname)
{
gpg_error_t err;
+ const char *srvtag;
char portstr[10];
char *hostname;
*r_hostport = NULL;
- portstr[0] = 0;
- err = map_host (ctrl, host, force_reselect, no_srv,
- &hostname, portstr, r_httpflags, r_poolname);
- if (err)
- return err;
-
- /* If map_host did not return a port (from a SRV record) but a port
- * has been specified (implicitly or explicitly) then use that port.
- * Only in the case that a port was not specified (which might be a
- * bug in https.c) we will later make sure that it has been set. */
- if (!*portstr && port)
- snprintf (portstr, sizeof portstr, "%hu", port);
-
- /* Map scheme and port. */
if (!strcmp (scheme, "hkps") || !strcmp (scheme,"https"))
{
scheme = "https";
- if (! *portstr)
- strcpy (portstr, "443");
+ srvtag = no_srv? NULL : "pgpkey-https";
}
else /* HKP or HTTP. */
{
scheme = "http";
- if (! *portstr)
- strcpy (portstr, "11371");
+ srvtag = no_srv? NULL : "pgpkey-http";
}
+ portstr[0] = 0;
+ err = map_host (ctrl, host, srvtag, force_reselect,
+ &hostname, portstr, r_httpflags, r_poolname);
+ if (err)
+ return err;
+
+ /* If map_host did not return a port (from a SRV record) but a port
+ * has been specified (implicitly or explicitly) then use that port.
+ * In the case that a port was not specified (which is probably a
+ * bug in https.c) we will set up defaults. */
+ if (*portstr)
+ ;
+ else if (!*portstr && port)
+ snprintf (portstr, sizeof portstr, "%hu", port);
+ else if (!strcmp (scheme,"https"))
+ strcpy (portstr, "443");
+ else
+ strcpy (portstr, "11371");
+
*r_hostport = strconcat (scheme, "://", hostname, ":", portstr, NULL);
xfree (hostname);
if (!*r_hostport)
commit c2cbe2f87c480c62239dc4c2cbb352acd98cd267
Author: Werner Koch <wk at gnupg.org>
Date: Mon Jan 9 10:11:20 2017 +0100
dirmngr: Do not use a SRV record for HKP if a port was specified.
* dirmngr/http.h (parsed_uri_s): Add field EXPLICIT_PORT.
* dirmngr/http.c (do_parse_uri): That it.
* dirmngr/ks-engine-hkp.c (map_host): Add arg NO_SRV.
(make_host_part): Ditto.
(ks_hkp_resolve): Set NO_SRV from EXPLICIT_PORT.
(ks_hkp_search): Ditto.
(ks_hkp_get): Ditto.
(ks_hkp_put): Ditto.
--
This implements the behaviour of the keyserver helpers from 1.4 and
2.0.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/dirmngr/http.c b/dirmngr/http.c
index 7a02804..0a47d9f 100644
--- a/dirmngr/http.c
+++ b/dirmngr/http.c
@@ -1169,6 +1169,7 @@ do_parse_uri (parsed_uri_t uri, int only_local_part,
uri->opaque = 0;
uri->v6lit = 0;
uri->onion = 0;
+ uri->explicit_port = 0;
/* A quick validity check. */
if (strspn (p, VALID_URI_CHARS) != n)
@@ -1241,6 +1242,7 @@ do_parse_uri (parsed_uri_t uri, int only_local_part,
{
*p3++ = '\0';
uri->port = atoi (p3);
+ uri->explicit_port = 1;
}
if ((n = remove_escapes (uri->host)) < 0)
diff --git a/dirmngr/http.h b/dirmngr/http.h
index 2a36fda..32556a4 100644
--- a/dirmngr/http.h
+++ b/dirmngr/http.h
@@ -53,6 +53,7 @@ struct parsed_uri_s
unsigned int opaque:1;/* Unknown scheme; PATH has the rest. */
unsigned int v6lit:1; /* Host was given as a literal v6 address. */
unsigned int onion:1; /* .onion address given. */
+ unsigned int explicit_port :1; /* The port was explicitly specified. */
char *auth; /* username/password for basic auth. */
char *host; /* Host (converted to lowercase). */
unsigned short port; /* Port (always set if the host is set). */
diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
index 283e805..9b757a3 100644
--- a/dirmngr/ks-engine-hkp.c
+++ b/dirmngr/ks-engine-hkp.c
@@ -374,19 +374,20 @@ add_host (const char *name, int is_pool,
/* Map the host name NAME to the actual to be used host name. This
- allows us to manage round robin DNS names. We use our own strategy
- to choose one of the hosts. For example we skip those hosts which
- failed for some time and we stick to one host for a time
- independent of DNS retry times. If FORCE_RESELECT is true a new
- host is always selected. The selected host is stored as a malloced
- string at R_HOST; on error NULL is stored. If we know the port
- used by the selected host, a string representation is written to
- R_PORTSTR, otherwise it is left untouched. If R_HTTPFLAGS is not
- NULL it will receive flags which are to be passed to http_open. If
- R_POOLNAME is not NULL a malloced name of the pool is stored or
- NULL if it is not a pool. */
+ * allows us to manage round robin DNS names. We use our own strategy
+ * to choose one of the hosts. For example we skip those hosts which
+ * failed for some time and we stick to one host for a time
+ * independent of DNS retry times. If FORCE_RESELECT is true a new
+ * host is always selected. If NO_SRV is set no service record lookup
+ * will be done. The selected host is stored as a malloced string at
+ * R_HOST; on error NULL is stored. If we know the port used by the
+ * selected host from a service record, a string representation is
+ * written to R_PORTSTR, otherwise it is left untouched. If
+ * R_HTTPFLAGS is not NULL it will receive flags which are to be
+ * passed to http_open. If R_POOLNAME is not NULL a malloced name of
+ * the pool is stored or NULL if it is not a pool. */
static gpg_error_t
-map_host (ctrl_t ctrl, const char *name, int force_reselect,
+map_host (ctrl_t ctrl, const char *name, int force_reselect, int no_srv,
char **r_host, char *r_portstr,
unsigned int *r_httpflags, char **r_poolname)
{
@@ -444,7 +445,7 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect,
}
hi = hosttable[idx];
- if (!is_ip_address (name))
+ if (!no_srv && !is_ip_address (name))
{
/* Check for SRV records. */
err = get_dns_srv (name, "hkp", NULL, &srvs, &srvscount);
@@ -848,13 +849,13 @@ ks_hkp_help (ctrl_t ctrl, parsed_uri_t uri)
/* Build the remote part of the URL from SCHEME, HOST and an optional
- PORT. Returns an allocated string at R_HOSTPORT or NULL on failure
- If R_POOLNAME is not NULL it receives a malloced string with the
- poolname. */
+ * PORT. If NO_SRV is set no SRV record lookup will be done. Returns
+ * an allocated string at R_HOSTPORT or NULL on failure If R_POOLNAME
+ * is not NULL it receives a malloced string with the poolname. */
static gpg_error_t
make_host_part (ctrl_t ctrl,
const char *scheme, const char *host, unsigned short port,
- int force_reselect,
+ int force_reselect, int no_srv,
char **r_hostport, unsigned int *r_httpflags, char **r_poolname)
{
gpg_error_t err;
@@ -864,11 +865,18 @@ make_host_part (ctrl_t ctrl,
*r_hostport = NULL;
portstr[0] = 0;
- err = map_host (ctrl, host, force_reselect,
+ err = map_host (ctrl, host, force_reselect, no_srv,
&hostname, portstr, r_httpflags, r_poolname);
if (err)
return err;
+ /* If map_host did not return a port (from a SRV record) but a port
+ * has been specified (implicitly or explicitly) then use that port.
+ * Only in the case that a port was not specified (which might be a
+ * bug in https.c) we will later make sure that it has been set. */
+ if (!*portstr && port)
+ snprintf (portstr, sizeof portstr, "%hu", port);
+
/* Map scheme and port. */
if (!strcmp (scheme, "hkps") || !strcmp (scheme,"https"))
{
@@ -882,12 +890,6 @@ make_host_part (ctrl_t ctrl,
if (! *portstr)
strcpy (portstr, "11371");
}
- if (port)
- snprintf (portstr, sizeof portstr, "%hu", port);
- else
- {
- /*fixme_do_srv_lookup ()*/
- }
*r_hostport = strconcat (scheme, "://", hostname, ":", portstr, NULL);
xfree (hostname);
@@ -913,7 +915,11 @@ ks_hkp_resolve (ctrl_t ctrl, parsed_uri_t uri)
gpg_error_t err;
char *hostport = NULL;
- err = make_host_part (ctrl, uri->scheme, uri->host, uri->port, 1,
+ /* NB: With an explicitly given port we do not want to consult a
+ * service record because that might be in conflict with the port
+ * from such a service record. */
+ err = make_host_part (ctrl, uri->scheme, uri->host, uri->port,
+ 1, uri->explicit_port,
&hostport, NULL, NULL);
if (err)
{
@@ -1219,7 +1225,8 @@ ks_hkp_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
xfree (hostport); hostport = NULL;
xfree (httphost); httphost = NULL;
- err = make_host_part (ctrl, uri->scheme, uri->host, uri->port, reselect,
+ err = make_host_part (ctrl, uri->scheme, uri->host, uri->port,
+ reselect, uri->explicit_port,
&hostport, &httpflags, &httphost);
if (err)
goto leave;
@@ -1360,7 +1367,8 @@ ks_hkp_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec, estream_t *r_fp)
/* Build the request string. */
xfree (hostport); hostport = NULL;
xfree (httphost); httphost = NULL;
- err = make_host_part (ctrl, uri->scheme, uri->host, uri->port, reselect,
+ err = make_host_part (ctrl, uri->scheme, uri->host, uri->port,
+ reselect, uri->explicit_port,
&hostport, &httpflags, &httphost);
if (err)
goto leave;
@@ -1472,7 +1480,8 @@ ks_hkp_put (ctrl_t ctrl, parsed_uri_t uri, const void *data, size_t datalen)
again:
xfree (hostport); hostport = NULL;
xfree (httphost); httphost = NULL;
- err = make_host_part (ctrl, uri->scheme, uri->host, uri->port, reselect,
+ err = make_host_part (ctrl, uri->scheme, uri->host, uri->port,
+ reselect, uri->explicit_port,
&hostport, &httpflags, &httphost);
if (err)
goto leave;
-----------------------------------------------------------------------
Summary of changes:
dirmngr/http.c | 2 ++
dirmngr/http.h | 1 +
dirmngr/ks-engine-hkp.c | 88 ++++++++++++++++++++++++++++---------------------
3 files changed, 54 insertions(+), 37 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list