[git] GnuPG - branch, master, updated. gnupg-2.2.7-181-gbd4048c
by Werner Koch
cvs at cvs.gnupg.org
Wed Jul 25 14:44:40 CEST 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via bd4048c533165fd82340354d7229fcc2220db5a5 (commit)
from 9aa1b368efd4edf51b6d056339bffb726de5162b (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit bd4048c533165fd82340354d7229fcc2220db5a5
Author: Werner Koch <wk at gnupg.org>
Date: Wed Jul 25 14:35:04 2018 +0200
dirmngr: Print a WARNING status for DNS config problems.
* dirmngr/dirmngr-status.h: New.
* dirmngr/dirmngr.h: Include dirmngr-status.h and move some prototypes
to that file.
* dirmngr/t-support.c: New.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add dirmngr-status.h.
(t_common_src): Add t-support.c.
* dirmngr/server.c (dirmngr_status_printf): Bypass if CTRL is NULL.
* dirmngr/dns-stuff.c: Include dirmngr-status.h.
(libdns_init): Print WARNING status line. Change call callers to take
and pass a CTRL argument.
* g10/call-dirmngr.c (ks_status_cb): Print info for new WARNING
status.
--
To test this you can change RESOLV_CONF_NAME in dns-stuff.c and run
gpg --recv-key -v SOMETHING.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/dirmngr/Makefile.am b/dirmngr/Makefile.am
index 43f59bd..22b8c1a 100644
--- a/dirmngr/Makefile.am
+++ b/dirmngr/Makefile.am
@@ -62,7 +62,7 @@ dirmngr_SOURCES = dirmngr.c dirmngr.h server.c crlcache.c crlfetch.c \
domaininfo.c \
workqueue.c \
loadswdb.c \
- cdb.h cdblib.c misc.c dirmngr-err.h \
+ cdb.h cdblib.c misc.c dirmngr-err.h dirmngr-status.h \
ocsp.c ocsp.h validate.c validate.h \
dns-stuff.c dns-stuff.h \
http.c http.h http-common.c http-common.h http-ntbtls.c \
@@ -111,7 +111,7 @@ dirmngr_client_LDADD = $(libcommon) \
dirmngr_client_LDFLAGS = $(extra_bin_ldflags)
-t_common_src = t-support.h
+t_common_src = t-support.h t-support.c
if USE_LIBDNS
t_common_src += dns.c dns.h
endif
diff --git a/dirmngr/dirmngr-status.h b/dirmngr/dirmngr-status.h
new file mode 100644
index 0000000..2c3fd78
--- /dev/null
+++ b/dirmngr/dirmngr-status.h
@@ -0,0 +1,39 @@
+/* dirmngr-status.h - Status code helper functions for dirmnmgr.
+ * Copyright (C) 2004, 2014, 2015, 2018 g10 Code GmbH
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <https://www.gnu.org/licenses/>.
+ *
+ * SPDX-License-Identifier: GPL-3.0+
+ */
+
+/* We keep them separate so that we don't always need to include the
+ * entire dirmngr.h */
+
+#ifndef DIRMNGR_STATUS_H
+#define DIRMNGR_STATUS_H
+
+
+/*-- server.c --*/
+gpg_error_t dirmngr_status (ctrl_t ctrl, const char *keyword, ...);
+gpg_error_t dirmngr_status_help (ctrl_t ctrl, const char *text);
+gpg_error_t dirmngr_status_helpf (ctrl_t ctrl, const char *format,
+ ...) GPGRT_ATTR_PRINTF(2,3);
+gpg_error_t dirmngr_status_printf (ctrl_t ctrl, const char *keyword,
+ const char *format,
+ ...) GPGRT_ATTR_PRINTF(3,4);
+
+
+#endif /* DIRMNGR_STATUS_H */
diff --git a/dirmngr/dirmngr.h b/dirmngr/dirmngr.h
index 5189f93..edaf463 100644
--- a/dirmngr/dirmngr.h
+++ b/dirmngr/dirmngr.h
@@ -36,6 +36,7 @@
#include "../common/sysutils.h" /* (gnupg_fd_t) */
#include "../common/asshelp.h" /* (assuan_context_t) */
#include "../common/i18n.h"
+#include "dirmngr-status.h"
#include "http.h" /* (parsed_uri_t) */
/* This objects keeps information about a particular LDAP server and
@@ -229,13 +230,6 @@ gpg_error_t get_istrusted_from_client (ctrl_t ctrl, const char *hexfpr);
int dirmngr_assuan_log_monitor (assuan_context_t ctx, unsigned int cat,
const char *msg);
void start_command_handler (gnupg_fd_t fd, unsigned int session_id);
-gpg_error_t dirmngr_status (ctrl_t ctrl, const char *keyword, ...);
-gpg_error_t dirmngr_status_help (ctrl_t ctrl, const char *text);
-gpg_error_t dirmngr_status_helpf (ctrl_t ctrl, const char *format,
- ...) GPGRT_ATTR_PRINTF(2,3);
-gpg_error_t dirmngr_status_printf (ctrl_t ctrl, const char *keyword,
- const char *format,
- ...) GPGRT_ATTR_PRINTF(3,4);
gpg_error_t dirmngr_tick (ctrl_t ctrl);
/*-- http-ntbtls.c --*/
diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c
index ffac816..09b17c0 100644
--- a/dirmngr/dns-stuff.c
+++ b/dirmngr/dns-stuff.c
@@ -73,6 +73,7 @@
#include "./dirmngr-err.h"
#include "../common/util.h"
#include "../common/host2net.h"
+#include "dirmngr-status.h"
#include "dns-stuff.h"
#ifdef USE_NPTH
@@ -433,12 +434,13 @@ resolv_conf_changed_p (void)
/* Initialize libdns. Returns 0 on success; prints a diagnostic and
* returns an error code on failure. */
static gpg_error_t
-libdns_init (void)
+libdns_init (ctrl_t ctrl)
{
gpg_error_t err;
struct libdns_s ld;
int derr;
char *cfgstr = NULL;
+ const char *fname = NULL;
if (libdns.resolv_conf)
return 0; /* Already initialized. */
@@ -532,7 +534,6 @@ libdns_init (void)
xfree (ninfo);
#else /* Unix */
- const char *fname;
fname = RESOLV_CONF_NAME;
resolv_conf_changed_p (); /* Reset timestamp. */
@@ -622,6 +623,7 @@ libdns_init (void)
{
err = libdns_error_to_gpg_error (derr);
log_error ("failed to load DNS hints: %s\n", gpg_strerror (err));
+ fname = "[dns hints]";
goto leave;
}
@@ -632,6 +634,14 @@ libdns_init (void)
log_debug ("dns: libdns initialized%s\n", tor_mode?" (tor mode)":"");
leave:
+ if (!fname)
+ fname = cfgstr;
+ if (err && fname)
+ dirmngr_status_printf (ctrl, "WARNING",
+ "dns_config_problem %u"
+ " error accessing '%s': %s <%s>",
+ err, fname, gpg_strerror (err), gpg_strsource (err));
+
xfree (cfgstr);
return err;
}
@@ -686,7 +696,7 @@ reload_dns_stuff (int force)
* failure an error code is returned and NULL stored at R_RES.
*/
static gpg_error_t
-libdns_res_open (struct dns_resolver **r_res)
+libdns_res_open (ctrl_t ctrl, struct dns_resolver **r_res)
{
gpg_error_t err;
struct dns_resolver *res;
@@ -708,7 +718,7 @@ libdns_res_open (struct dns_resolver **r_res)
libdns_deinit ();
}
- err = libdns_init ();
+ err = libdns_init (ctrl);
if (err)
return err;
@@ -790,7 +800,7 @@ libdns_res_wait (struct dns_resolver *res)
#ifdef USE_LIBDNS
static gpg_error_t
-resolve_name_libdns (const char *name, unsigned short port,
+resolve_name_libdns (ctrl_t ctrl, const char *name, unsigned short port,
int want_family, int want_socktype,
dns_addrinfo_t *r_dai, char **r_canonname)
{
@@ -823,7 +833,7 @@ resolve_name_libdns (const char *name, unsigned short port,
portstr = portstr_;
}
- err = libdns_res_open (&res);
+ err = libdns_res_open (ctrl, &res);
if (err)
goto leave;
@@ -935,7 +945,7 @@ resolve_name_libdns (const char *name, unsigned short port,
/* Resolve a name using the standard system function. */
static gpg_error_t
-resolve_name_standard (const char *name, unsigned short port,
+resolve_name_standard (ctrl_t ctrl, const char *name, unsigned short port,
int want_family, int want_socktype,
dns_addrinfo_t *r_dai, char **r_canonname)
{
@@ -981,7 +991,7 @@ resolve_name_standard (const char *name, unsigned short port,
CNAME redirection again. */
char *cname;
- if (get_dns_cname (name, &cname))
+ if (get_dns_cname (ctrl, name, &cname))
goto leave; /* Still no success. */
ret = getaddrinfo (cname, *portstr? portstr : NULL, &hints, &aibuf);
@@ -1057,7 +1067,7 @@ resolve_name_standard (const char *name, unsigned short port,
is stored there as a malloced string; if that name is not available
NULL is stored. */
gpg_error_t
-resolve_dns_name (const char *name, unsigned short port,
+resolve_dns_name (ctrl_t ctrl, const char *name, unsigned short port,
int want_family, int want_socktype,
dns_addrinfo_t *r_ai, char **r_canonname)
{
@@ -1066,15 +1076,15 @@ resolve_dns_name (const char *name, unsigned short port,
#ifdef USE_LIBDNS
if (!standard_resolver)
{
- err = resolve_name_libdns (name, port, want_family, want_socktype,
+ err = resolve_name_libdns (ctrl, name, port, want_family, want_socktype,
r_ai, r_canonname);
if (err && libdns_switch_port_p (err))
- err = resolve_name_libdns (name, port, want_family, want_socktype,
+ err = resolve_name_libdns (ctrl, name, port, want_family, want_socktype,
r_ai, r_canonname);
}
else
#endif /*USE_LIBDNS*/
- err = resolve_name_standard (name, port, want_family, want_socktype,
+ err = resolve_name_standard (ctrl, name, port, want_family, want_socktype,
r_ai, r_canonname);
if (opt_debug)
log_debug ("dns: resolve_dns_name(%s): %s\n", name, gpg_strerror (err));
@@ -1085,7 +1095,8 @@ resolve_dns_name (const char *name, unsigned short port,
#ifdef USE_LIBDNS
/* Resolve an address using libdns. */
static gpg_error_t
-resolve_addr_libdns (const struct sockaddr_storage *addr, int addrlen,
+resolve_addr_libdns (ctrl_t ctrl,
+ const struct sockaddr_storage *addr, int addrlen,
unsigned int flags, char **r_name)
{
gpg_error_t err;
@@ -1117,7 +1128,7 @@ resolve_addr_libdns (const struct sockaddr_storage *addr, int addrlen,
goto leave;
- err = libdns_res_open (&res);
+ err = libdns_res_open (ctrl, &res);
if (err)
goto leave;
@@ -1281,7 +1292,8 @@ resolve_addr_standard (const struct sockaddr_storage *addr, int addrlen,
/* A wrapper around getnameinfo. */
gpg_error_t
-resolve_dns_addr (const struct sockaddr_storage *addr, int addrlen,
+resolve_dns_addr (ctrl_t ctrl,
+ const struct sockaddr_storage *addr, int addrlen,
unsigned int flags, char **r_name)
{
gpg_error_t err;
@@ -1290,9 +1302,9 @@ resolve_dns_addr (const struct sockaddr_storage *addr, int addrlen,
/* Note that we divert to the standard resolver for NUMERICHOST. */
if (!standard_resolver && !(flags & DNS_NUMERICHOST))
{
- err = resolve_addr_libdns (addr, addrlen, flags, r_name);
+ err = resolve_addr_libdns (ctrl, addr, addrlen, flags, r_name);
if (err && libdns_switch_port_p (err))
- err = resolve_addr_libdns (addr, addrlen, flags, r_name);
+ err = resolve_addr_libdns (ctrl, addr, addrlen, flags, r_name);
}
else
#endif /*USE_LIBDNS*/
@@ -1390,7 +1402,7 @@ is_onion_address (const char *name)
/* libdns version of get_dns_cert. */
#ifdef USE_LIBDNS
static gpg_error_t
-get_dns_cert_libdns (const char *name, int want_certtype,
+get_dns_cert_libdns (ctrl_t ctrl, const char *name, int want_certtype,
void **r_key, size_t *r_keylen,
unsigned char **r_fpr, size_t *r_fprlen, char **r_url)
{
@@ -1410,7 +1422,7 @@ get_dns_cert_libdns (const char *name, int want_certtype,
: (want_certtype - DNS_CERTTYPE_RRBASE));
- err = libdns_res_open (&res);
+ err = libdns_res_open (ctrl, &res);
if (err)
goto leave;
@@ -1776,7 +1788,7 @@ get_dns_cert_standard (const char *name, int want_certtype,
supported certtypes only records with this certtype are considered
and the first found is returned. (R_KEY,R_KEYLEN) are optional. */
gpg_error_t
-get_dns_cert (const char *name, int want_certtype,
+get_dns_cert (ctrl_t ctrl, const char *name, int want_certtype,
void **r_key, size_t *r_keylen,
unsigned char **r_fpr, size_t *r_fprlen, char **r_url)
{
@@ -1793,10 +1805,10 @@ get_dns_cert (const char *name, int want_certtype,
#ifdef USE_LIBDNS
if (!standard_resolver)
{
- err = get_dns_cert_libdns (name, want_certtype, r_key, r_keylen,
+ err = get_dns_cert_libdns (ctrl, name, want_certtype, r_key, r_keylen,
r_fpr, r_fprlen, r_url);
if (err && libdns_switch_port_p (err))
- err = get_dns_cert_libdns (name, want_certtype, r_key, r_keylen,
+ err = get_dns_cert_libdns (ctrl, name, want_certtype, r_key, r_keylen,
r_fpr, r_fprlen, r_url);
}
else
@@ -1828,7 +1840,8 @@ priosort(const void *a,const void *b)
* R_COUNT. */
#ifdef USE_LIBDNS
static gpg_error_t
-getsrv_libdns (const char *name, struct srventry **list, unsigned int *r_count)
+getsrv_libdns (ctrl_t ctrl,
+ const char *name, struct srventry **list, unsigned int *r_count)
{
gpg_error_t err;
struct dns_resolver *res = NULL;
@@ -1839,7 +1852,7 @@ getsrv_libdns (const char *name, struct srventry **list, unsigned int *r_count)
int derr;
unsigned int srvcount = 0;
- err = libdns_res_open (&res);
+ err = libdns_res_open (ctrl, &res);
if (err)
goto leave;
@@ -2058,7 +2071,8 @@ getsrv_standard (const char *name,
* we do not return NONAME but simply store 0 at R_COUNT. On error an
* error code is returned and 0 stored at R_COUNT. */
gpg_error_t
-get_dns_srv (const char *name, const char *service, const char *proto,
+get_dns_srv (ctrl_t ctrl,
+ const char *name, const char *service, const char *proto,
struct srventry **list, unsigned int *r_count)
{
gpg_error_t err;
@@ -2087,9 +2101,9 @@ get_dns_srv (const char *name, const char *service, const char *proto,
#ifdef USE_LIBDNS
if (!standard_resolver)
{
- err = getsrv_libdns (name, list, &srvcount);
+ err = getsrv_libdns (ctrl, name, list, &srvcount);
if (err && libdns_switch_port_p (err))
- err = getsrv_libdns (name, list, &srvcount);
+ err = getsrv_libdns (ctrl, name, list, &srvcount);
}
else
#endif /*USE_LIBDNS*/
@@ -2194,7 +2208,7 @@ get_dns_srv (const char *name, const char *service, const char *proto,
#ifdef USE_LIBDNS
/* libdns version of get_dns_cname. */
gpg_error_t
-get_dns_cname_libdns (const char *name, char **r_cname)
+get_dns_cname_libdns (ctrl_t ctrl, const char *name, char **r_cname)
{
gpg_error_t err;
struct dns_resolver *res;
@@ -2202,7 +2216,7 @@ get_dns_cname_libdns (const char *name, char **r_cname)
struct dns_cname cname;
int derr;
- err = libdns_res_open (&res);
+ err = libdns_res_open (ctrl, &res);
if (err)
goto leave;
@@ -2347,7 +2361,7 @@ get_dns_cname_standard (const char *name, char **r_cname)
gpg_error_t
-get_dns_cname (const char *name, char **r_cname)
+get_dns_cname (ctrl_t ctrl, const char *name, char **r_cname)
{
gpg_error_t err;
@@ -2356,9 +2370,9 @@ get_dns_cname (const char *name, char **r_cname)
#ifdef USE_LIBDNS
if (!standard_resolver)
{
- err = get_dns_cname_libdns (name, r_cname);
+ err = get_dns_cname_libdns (ctrl, name, r_cname);
if (err && libdns_switch_port_p (err))
- err = get_dns_cname_libdns (name, r_cname);
+ err = get_dns_cname_libdns (ctrl, name, r_cname);
return err;
}
#endif /*USE_LIBDNS*/
diff --git a/dirmngr/dns-stuff.h b/dirmngr/dns-stuff.h
index 612b2e5..06a4312 100644
--- a/dirmngr/dns-stuff.h
+++ b/dirmngr/dns-stuff.h
@@ -137,12 +137,14 @@ void reload_dns_stuff (int force);
void free_dns_addrinfo (dns_addrinfo_t ai);
/* Function similar to getaddrinfo. */
-gpg_error_t resolve_dns_name (const char *name, unsigned short port,
+gpg_error_t resolve_dns_name (ctrl_t ctrl,
+ const char *name, unsigned short port,
int want_family, int want_socktype,
dns_addrinfo_t *r_dai, char **r_canonname);
/* Function similar to getnameinfo. */
-gpg_error_t resolve_dns_addr (const struct sockaddr_storage *addr, int addrlen,
+gpg_error_t resolve_dns_addr (ctrl_t ctrl,
+ const struct sockaddr_storage *addr, int addrlen,
unsigned int flags, char **r_name);
/* Return true if NAME is a numerical IP address. */
@@ -152,16 +154,18 @@ int is_ip_address (const char *name);
int is_onion_address (const char *name);
/* Get the canonical name for NAME. */
-gpg_error_t get_dns_cname (const char *name, char **r_cname);
+gpg_error_t get_dns_cname (ctrl_t ctrl, const char *name, char **r_cname);
/* Return a CERT record or an arbitrary RR. */
-gpg_error_t get_dns_cert (const char *name, int want_certtype,
+gpg_error_t get_dns_cert (ctrl_t ctrl,
+ const char *name, int want_certtype,
void **r_key, size_t *r_keylen,
unsigned char **r_fpr, size_t *r_fprlen,
char **r_url);
/* Return an array of SRV records. */
-gpg_error_t get_dns_srv (const char *name,
+gpg_error_t get_dns_srv (ctrl_t ctrl,
+ const char *name,
const char *service, const char *proto,
struct srventry **list, unsigned int *r_count);
diff --git a/dirmngr/http.c b/dirmngr/http.c
index 049aefc..5fb7eed 100644
--- a/dirmngr/http.c
+++ b/dirmngr/http.c
@@ -2,7 +2,7 @@
* Copyright (C) 1999, 2001, 2002, 2003, 2004, 2006, 2009, 2010,
* 2011 Free Software Foundation, Inc.
* Copyright (C) 2014 Werner Koch
- * Copyright (C) 2015-2017 g10 Code GmbH
+ * Copyright (C) 2015-2018 g10 Code GmbH
*
* This file is part of GnuPG.
*
@@ -152,14 +152,15 @@ static int remove_escapes (char *string);
static int insert_escapes (char *buffer, const char *string,
const char *special);
static uri_tuple_t parse_tuple (char *string);
-static gpg_error_t send_request (http_t hd, const char *httphost,
+static gpg_error_t send_request (ctrl_t ctrl, http_t hd, const char *httphost,
const char *auth,const char *proxy,
const char *srvtag, unsigned int timeout,
strlist_t headers);
static char *build_rel_path (parsed_uri_t uri);
static gpg_error_t parse_response (http_t hd);
-static gpg_error_t connect_server (const char *server, unsigned short port,
+static gpg_error_t connect_server (ctrl_t ctrl,
+ const char *server, unsigned short port,
unsigned int flags, const char *srvtag,
unsigned int timeout, assuan_fd_t *r_sock);
static gpgrt_ssize_t read_server (assuan_fd_t sock, void *buffer, size_t size);
@@ -937,7 +938,7 @@ http_session_set_timeout (http_session_t sess, unsigned int timeout)
If HTTPHOST is not NULL it is used for the Host header instead of a
Host header derived from the URL. */
gpg_error_t
-http_open (http_t *r_hd, http_req_t reqtype, const char *url,
+http_open (ctrl_t ctrl, http_t *r_hd, http_req_t reqtype, const char *url,
const char *httphost,
const char *auth, unsigned int flags, const char *proxy,
http_session_t session, const char *srvtag, strlist_t headers)
@@ -961,7 +962,7 @@ http_open (http_t *r_hd, http_req_t reqtype, const char *url,
err = parse_uri (&hd->uri, url, 0, !!(flags & HTTP_FLAG_FORCE_TLS));
if (!err)
- err = send_request (hd, httphost, auth, proxy, srvtag,
+ err = send_request (ctrl, hd, httphost, auth, proxy, srvtag,
hd->session? hd->session->connect_timeout : 0,
headers);
@@ -985,7 +986,8 @@ http_open (http_t *r_hd, http_req_t reqtype, const char *url,
this http abstraction layer. This has the advantage of providing
service tags and an estream interface. TIMEOUT is in milliseconds. */
gpg_error_t
-http_raw_connect (http_t *r_hd, const char *server, unsigned short port,
+http_raw_connect (ctrl_t ctrl, http_t *r_hd,
+ const char *server, unsigned short port,
unsigned int flags, const char *srvtag, unsigned int timeout)
{
gpg_error_t err = 0;
@@ -1021,7 +1023,8 @@ http_raw_connect (http_t *r_hd, const char *server, unsigned short port,
{
assuan_fd_t sock;
- err = connect_server (server, port, hd->flags, srvtag, timeout, &sock);
+ err = connect_server (ctrl, server, port,
+ hd->flags, srvtag, timeout, &sock);
if (err)
{
xfree (hd);
@@ -1174,14 +1177,14 @@ http_wait_response (http_t hd)
be used as an HTTP proxy and any enabled $http_proxy gets
ignored. */
gpg_error_t
-http_open_document (http_t *r_hd, const char *document,
+http_open_document (ctrl_t ctrl, http_t *r_hd, const char *document,
const char *auth, unsigned int flags, const char *proxy,
http_session_t session,
const char *srvtag, strlist_t headers)
{
gpg_error_t err;
- err = http_open (r_hd, HTTP_REQ_GET, document, NULL, auth, flags,
+ err = http_open (ctrl, r_hd, HTTP_REQ_GET, document, NULL, auth, flags,
proxy, session, srvtag, headers);
if (err)
return err;
@@ -1712,7 +1715,7 @@ is_hostname_port (const char *string)
* Returns 0 if the request was successful
*/
static gpg_error_t
-send_request (http_t hd, const char *httphost, const char *auth,
+send_request (ctrl_t ctrl, http_t hd, const char *httphost, const char *auth,
const char *proxy, const char *srvtag, unsigned int timeout,
strlist_t headers)
{
@@ -1859,14 +1862,16 @@ send_request (http_t hd, const char *httphost, const char *auth,
}
}
- err = connect_server (*uri->host ? uri->host : "localhost",
+ err = connect_server (ctrl,
+ *uri->host ? uri->host : "localhost",
uri->port ? uri->port : 80,
hd->flags, NULL, timeout, &sock);
http_release_parsed_uri (uri);
}
else
{
- err = connect_server (server, port, hd->flags, srvtag, timeout, &sock);
+ err = connect_server (ctrl,
+ server, port, hd->flags, srvtag, timeout, &sock);
}
if (err)
@@ -2870,7 +2875,7 @@ connect_with_timeout (assuan_fd_t sock,
* function tries to connect to all known addresses and the timeout is
* for each one. */
static gpg_error_t
-connect_server (const char *server, unsigned short port,
+connect_server (ctrl_t ctrl, const char *server, unsigned short port,
unsigned int flags, const char *srvtag, unsigned int timeout,
assuan_fd_t *r_sock)
{
@@ -2923,7 +2928,7 @@ connect_server (const char *server, unsigned short port,
/* Do the SRV thing */
if (srvtag)
{
- err = get_dns_srv (server, srvtag, NULL, &serverlist, &srvcount);
+ err = get_dns_srv (ctrl, server, srvtag, NULL, &serverlist, &srvcount);
if (err)
log_info ("getting '%s' SRV for '%s' failed: %s\n",
srvtag, server, gpg_strerror (err));
@@ -2953,7 +2958,8 @@ connect_server (const char *server, unsigned short port,
if (opt_debug)
log_debug ("http.c:connect_server: trying name='%s' port=%hu\n",
serverlist[srv].target, port);
- err = resolve_dns_name (serverlist[srv].target, port, 0, SOCK_STREAM,
+ err = resolve_dns_name (ctrl,
+ serverlist[srv].target, port, 0, SOCK_STREAM,
&aibuf, NULL);
if (err)
{
diff --git a/dirmngr/http.h b/dirmngr/http.h
index 4cfb4c8..a86abbe 100644
--- a/dirmngr/http.h
+++ b/dirmngr/http.h
@@ -135,12 +135,12 @@ gpg_error_t http_parse_uri (parsed_uri_t *ret_uri, const char *uri,
void http_release_parsed_uri (parsed_uri_t uri);
-gpg_error_t http_raw_connect (http_t *r_hd,
+gpg_error_t http_raw_connect (ctrl_t ctrl, http_t *r_hd,
const char *server, unsigned short port,
unsigned int flags, const char *srvtag,
unsigned int timeout);
-gpg_error_t http_open (http_t *r_hd, http_req_t reqtype,
+gpg_error_t http_open (ctrl_t ctrl, http_t *r_hd, http_req_t reqtype,
const char *url,
const char *httphost,
const char *auth,
@@ -156,7 +156,7 @@ gpg_error_t http_wait_response (http_t hd);
void http_close (http_t hd, int keep_read_stream);
-gpg_error_t http_open_document (http_t *r_hd,
+gpg_error_t http_open_document (ctrl_t ctrl, http_t *r_hd,
const char *document,
const char *auth,
unsigned int flags,
diff --git a/dirmngr/ks-engine-finger.c b/dirmngr/ks-engine-finger.c
index e53a0ee..30ede15 100644
--- a/dirmngr/ks-engine-finger.c
+++ b/dirmngr/ks-engine-finger.c
@@ -82,7 +82,7 @@ ks_finger_fetch (ctrl_t ctrl, parsed_uri_t uri, estream_t *r_fp)
}
*server++ = 0;
- err = http_raw_connect (&http, server, 79,
+ err = http_raw_connect (ctrl, &http, server, 79,
((dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR : 0)
| (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)
| (opt.disable_ipv6? HTTP_FLAG_IGNORE_IPv6 : 0)),
diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
index 32840e6..6303099 100644
--- a/dirmngr/ks-engine-hkp.c
+++ b/dirmngr/ks-engine-hkp.c
@@ -304,7 +304,7 @@ tor_not_running_p (ctrl_t ctrl)
PROTOCOL. If NAME specifies a pool (as indicated by IS_POOL),
update the given reference table accordingly. */
static void
-add_host (const char *name, int is_pool,
+add_host (ctrl_t ctrl, const char *name, int is_pool,
const dns_addrinfo_t ai,
enum ks_protocol protocol, unsigned short port)
{
@@ -320,7 +320,7 @@ add_host (const char *name, int is_pool,
if (is_pool)
{
/* For a pool immediately convert the address to a string. */
- tmperr = resolve_dns_addr (ai->addr, ai->addrlen,
+ tmperr = resolve_dns_addr (ctrl, ai->addr, ai->addrlen,
(DNS_NUMERICHOST | DNS_WITHBRACKET), &tmphost);
}
else if (!is_ip_address (name))
@@ -337,7 +337,7 @@ add_host (const char *name, int is_pool,
{
/* Do a PTR lookup on AI. If a name was not found the function
* returns the numeric address (with brackets). */
- tmperr = resolve_dns_addr (ai->addr, ai->addrlen,
+ tmperr = resolve_dns_addr (ctrl, ai->addr, ai->addrlen,
DNS_WITHBRACKET, &tmphost);
}
@@ -498,7 +498,7 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect,
unsigned int srvscount;
/* Check for SRV records. */
- err = get_dns_srv (name, srvtag, NULL, &srvs, &srvscount);
+ err = get_dns_srv (ctrl, name, srvtag, NULL, &srvs, &srvscount);
if (err)
{
if (gpg_err_code (err) == GPG_ERR_ECONNREFUSED)
@@ -514,13 +514,13 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect,
for (i = 0; i < srvscount; i++)
{
- err = resolve_dns_name (srvs[i].target, 0,
+ err = resolve_dns_name (ctrl, srvs[i].target, 0,
AF_UNSPEC, SOCK_STREAM,
&ai, &cname);
if (err)
continue;
dirmngr_tick (ctrl);
- add_host (name, is_pool, ai, protocol, srvs[i].port);
+ add_host (ctrl, name, is_pool, ai, protocol, srvs[i].port);
new_hosts = 1;
}
@@ -535,7 +535,7 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect,
{
/* Find all A records for this entry and put them into the pool
list - if any. */
- err = resolve_dns_name (name, 0, 0, SOCK_STREAM, &aibuf, &cname);
+ err = resolve_dns_name (ctrl, name, 0, 0, SOCK_STREAM, &aibuf, &cname);
if (err)
{
log_error ("resolving '%s' failed: %s\n", name, gpg_strerror (err));
@@ -566,7 +566,7 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect,
continue;
dirmngr_tick (ctrl);
- add_host (name, is_pool, ai, 0, 0);
+ add_host (ctrl, name, is_pool, ai, 0, 0);
new_hosts = 1;
}
@@ -624,7 +624,7 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect,
* hosttable. */
char *host;
- err = resolve_dns_name (hi->name, 0, 0, SOCK_STREAM, &aibuf, NULL);
+ err = resolve_dns_name (ctrl, hi->name, 0, 0, SOCK_STREAM, &aibuf, NULL);
if (!err)
{
for (ai = aibuf; ai; ai = ai->next)
@@ -632,7 +632,8 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect,
if ((!opt.disable_ipv6 && ai->family == AF_INET6)
|| (!opt.disable_ipv4 && ai->family == AF_INET))
{
- err = resolve_dns_addr (ai->addr, ai->addrlen, 0, &host);
+ err = resolve_dns_addr (ctrl,
+ ai->addr, ai->addrlen, 0, &host);
if (!err)
{
/* Okay, we return the first found name. */
@@ -865,7 +866,7 @@ ks_hkp_print_hosttable (ctrl_t ctrl)
/* Turn the numerical IP address string into an AI and
* then do a DNS PTR lookup. */
- if (!resolve_dns_name (hi->name, 0, 0,
+ if (!resolve_dns_name (ctrl, hi->name, 0, 0,
SOCK_STREAM,
&aibuf, &canon))
{
@@ -876,7 +877,7 @@ ks_hkp_print_hosttable (ctrl_t ctrl)
}
for (ai = aibuf; !canon && ai; ai = ai->next)
{
- resolve_dns_addr (ai->addr, ai->addrlen,
+ resolve_dns_addr (ctrl, ai->addr, ai->addrlen,
DNS_WITHBRACKET, &canon);
if (canon && is_ip_address (canon))
{
@@ -896,14 +897,14 @@ ks_hkp_print_hosttable (ctrl_t ctrl)
/* Get the IP address as a string from a name. Note
* that resolve_dns_addr allocates CANON on success
* and thus terminates the loop. */
- if (!resolve_dns_name (hi->name, 0,
+ if (!resolve_dns_name (ctrl, hi->name, 0,
hi->v6? AF_INET6 : AF_INET,
SOCK_STREAM,
&aibuf, NULL))
{
for (ai = aibuf; !canon && ai; ai = ai->next)
{
- resolve_dns_addr (ai->addr, ai->addrlen,
+ resolve_dns_addr (ctrl, ai->addr, ai->addrlen,
DNS_NUMERICHOST|DNS_WITHBRACKET,
&canon);
}
@@ -1182,7 +1183,7 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
http_session_set_timeout (session, ctrl->timeout);
once_more:
- err = http_open (&http,
+ err = http_open (ctrl, &http,
post_cb? HTTP_REQ_POST : HTTP_REQ_GET,
request,
httphost,
diff --git a/dirmngr/ks-engine-http.c b/dirmngr/ks-engine-http.c
index 946c927..9e6b9e1 100644
--- a/dirmngr/ks-engine-http.c
+++ b/dirmngr/ks-engine-http.c
@@ -103,7 +103,7 @@ ks_http_fetch (ctrl_t ctrl, const char *url, unsigned int flags,
http_session_set_timeout (session, ctrl->timeout);
*r_fp = NULL;
- err = http_open (&http,
+ err = http_open (ctrl, &http,
HTTP_REQ_GET,
url,
/* httphost */ NULL,
diff --git a/dirmngr/ocsp.c b/dirmngr/ocsp.c
index 22391c3..ca28960 100644
--- a/dirmngr/ocsp.c
+++ b/dirmngr/ocsp.c
@@ -172,7 +172,7 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md,
}
once_more:
- err = http_open (&http, HTTP_REQ_POST, url, NULL, NULL,
+ err = http_open (ctrl, &http, HTTP_REQ_POST, url, NULL, NULL,
((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0)
| (dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR:0)
| (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)
diff --git a/dirmngr/server.c b/dirmngr/server.c
index b7cdb24..33ce4cf 100644
--- a/dirmngr/server.c
+++ b/dirmngr/server.c
@@ -666,7 +666,7 @@ static const char hlp_dns_cert[] =
static gpg_error_t
cmd_dns_cert (assuan_context_t ctx, char *line)
{
- /* ctrl_t ctrl = assuan_get_pointer (ctx); */
+ ctrl_t ctrl = assuan_get_pointer (ctx);
gpg_error_t err = 0;
int pka_mode, dane_mode;
char *mbox = NULL;
@@ -782,7 +782,7 @@ cmd_dns_cert (assuan_context_t ctx, char *line)
else
name = line;
- err = get_dns_cert (name, certtype, &key, &keylen, &fpr, &fprlen, &url);
+ err = get_dns_cert (ctrl, name, certtype, &key, &keylen, &fpr, &fprlen, &url);
if (err)
goto leave;
@@ -883,7 +883,7 @@ proc_wkd_get (ctrl_t ctrl, assuan_context_t ctx, char *line)
size_t domainlen, targetlen;
int i;
- err = get_dns_srv (domain, "openpgpkey", NULL, &srvs, &srvscount);
+ err = get_dns_srv (ctrl, domain, "openpgpkey", NULL, &srvs, &srvscount);
if (err)
goto leave;
@@ -2977,7 +2977,7 @@ dirmngr_status_printf (ctrl_t ctrl, const char *keyword,
va_list arg_ptr;
assuan_context_t ctx;
- if (!ctrl->server_local || !(ctx = ctrl->server_local->assuan_ctx))
+ if (!ctrl || !ctrl->server_local || !(ctx = ctrl->server_local->assuan_ctx))
return 0;
va_start (arg_ptr, format);
diff --git a/dirmngr/t-dns-stuff.c b/dirmngr/t-dns-stuff.c
index 5a3ede1..6d52160 100644
--- a/dirmngr/t-dns-stuff.c
+++ b/dirmngr/t-dns-stuff.c
@@ -178,7 +178,7 @@ main (int argc, char **argv)
if (verbose || any_options)
printf ("CERT lookup on '%s'\n", name);
- err = get_dns_cert (name, DNS_CERTTYPE_ANY, &key, &keylen,
+ err = get_dns_cert (NULL, name, DNS_CERTTYPE_ANY, &key, &keylen,
&fpr, &fpr_len, &url);
if (err)
printf ("get_dns_cert failed: %s <%s>\n",
@@ -218,7 +218,7 @@ main (int argc, char **argv)
char *cname;
printf ("CNAME lookup on '%s'\n", name);
- err = get_dns_cname (name, &cname);
+ err = get_dns_cname (NULL, name, &cname);
if (err)
printf ("get_dns_cname failed: %s <%s>\n",
gpg_strerror (err), gpg_strsource (err));
@@ -234,7 +234,7 @@ main (int argc, char **argv)
unsigned int count;
int i;
- err = get_dns_srv (name? name : "_hkp._tcp.wwwkeys.pgp.net",
+ err = get_dns_srv (NULL, name? name : "_hkp._tcp.wwwkeys.pgp.net",
NULL, NULL, &srv, &count);
if (err)
printf ("get_dns_srv failed: %s <%s>\n",
@@ -261,7 +261,7 @@ main (int argc, char **argv)
printf ("Lookup on '%s'\n", name);
- err = resolve_dns_name (name, 0, 0, SOCK_STREAM, &aibuf, &cname);
+ err = resolve_dns_name (NULL, name, 0, 0, SOCK_STREAM, &aibuf, &cname);
if (err)
{
fprintf (stderr, PGM": resolving '%s' failed: %s\n",
@@ -278,7 +278,7 @@ main (int argc, char **argv)
ai->family == AF_INET? "inet4" : "? ",
ai->socktype, ai->protocol);
- err = resolve_dns_addr (ai->addr, ai->addrlen,
+ err = resolve_dns_addr (NULL, ai->addr, ai->addrlen,
(DNS_NUMERICHOST
| (opt_bracket? DNS_WITHBRACKET:0)),
&host);
@@ -290,7 +290,7 @@ main (int argc, char **argv)
xfree (host);
}
- err = resolve_dns_addr (ai->addr, ai->addrlen,
+ err = resolve_dns_addr (NULL, ai->addr, ai->addrlen,
(opt_bracket? DNS_WITHBRACKET:0),
&host);
if (err)
diff --git a/dirmngr/t-http.c b/dirmngr/t-http.c
index 440633d..2fc0a46 100644
--- a/dirmngr/t-http.c
+++ b/dirmngr/t-http.c
@@ -438,7 +438,7 @@ main (int argc, char **argv)
if (session)
http_session_set_timeout (session, timeout);
- rc = http_open_document (&hd, *argv, NULL, my_http_flags,
+ rc = http_open_document (NULL, &hd, *argv, NULL, my_http_flags,
NULL, session, NULL, NULL);
if (rc)
{
diff --git a/dirmngr/t-support.c b/dirmngr/t-support.c
new file mode 100644
index 0000000..fc9546a
--- /dev/null
+++ b/dirmngr/t-support.c
@@ -0,0 +1,43 @@
+/* t-support.c - Module test support (stubs etc).
+ * Copyright (C) 2018 g10 Code GmbH
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <https://www.gnu.org/licenses/>.
+ * SPDX-License-Identifier: GPL-3.0+
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <assert.h>
+
+
+#include "../common/util.h"
+#include "dirmngr-status.h"
+#include "t-support.h"
+
+
+
+/* Stub for testing. See server.c for the real implementation. */
+gpg_error_t
+dirmngr_status_printf (ctrl_t ctrl, const char *keyword,
+ const char *format, ...)
+{
+ (void)ctrl;
+ (void)keyword;
+ (void)format;
+
+ return 0;
+}
diff --git a/g10/call-dirmngr.c b/g10/call-dirmngr.c
index 9bc90fb..d77b90d 100644
--- a/g10/call-dirmngr.c
+++ b/g10/call-dirmngr.c
@@ -406,6 +406,8 @@ ks_status_cb (void *opaque, const char *line)
warn = _("Tor is not running");
else if ((s2 = has_leading_keyword (s, "tor_config_problem")))
warn = _("Tor is not properly configured");
+ else if ((s2 = has_leading_keyword (s, "dns_config_problem")))
+ warn = _("DNS is not properly configured");
else
warn = NULL;
-----------------------------------------------------------------------
Summary of changes:
dirmngr/Makefile.am | 4 +-
dirmngr/dirmngr-status.h | 39 ++++++++++++++++
dirmngr/dirmngr.h | 8 +---
dirmngr/dns-stuff.c | 78 ++++++++++++++++++-------------
dirmngr/dns-stuff.h | 14 ++++--
dirmngr/http.c | 36 ++++++++------
dirmngr/http.h | 6 +--
dirmngr/ks-engine-finger.c | 2 +-
dirmngr/ks-engine-hkp.c | 31 ++++++------
dirmngr/ks-engine-http.c | 2 +-
dirmngr/ocsp.c | 2 +-
dirmngr/server.c | 8 ++--
dirmngr/t-dns-stuff.c | 12 ++---
dirmngr/t-http.c | 2 +-
g13/be-truecrypt.c => dirmngr/t-support.c | 28 ++++++-----
g10/call-dirmngr.c | 2 +
16 files changed, 170 insertions(+), 104 deletions(-)
create mode 100644 dirmngr/dirmngr-status.h
copy g13/be-truecrypt.c => dirmngr/t-support.c (62%)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list