Patch for multiple keyserver support
Steven Barker
scbarker@uiuc.edu
Sun Apr 29 03:42:02 2001
--2B/JsCI69OhZNC5r
Content-Type: multipart/mixed; boundary="AhhlLboLdkugWU4S"
Content-Disposition: inline
--AhhlLboLdkugWU4S
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hello,
Well, I finally got frustrated enought with the need to check several
different keyservers in order to find a key I wanted. So I got to hacking
and whipped out a patch to allow gnupg to parse multiple --keyserver
parameters (or config file options). Each server is requested from (or sent
to for --send-key) and returns success if the operation was successful on
any of them. This could easily be changed to quit after the first success
(or be controled by an option).
Anyway, I'd like to know what you think. For the most part I tried to leave
the existing keyserver querrying code as it was (as I have no interest in
diving into the protocols) so my iterations may be more complicated than
necessary.
--=20
Steven Barker scbarker@uiuc.edu
Ambiguity:
Telling the truth when you don't mean to.
PGP Key Fingerprint: 1A33 9F2E 368D 24B1 81D4 60BF E928 9E28 958F 2058
--AhhlLboLdkugWU4S
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="gnupg-multikeyserver.diff"
Content-Transfer-Encoding: quoted-printable
diff -ru gnupg-1.0.4/g10/g10.c gnupg.multiserver/g10/g10.c
--- gnupg-1.0.4/g10/g10.c Mon Oct 16 03:01:07 2000
+++ gnupg.multiserver/g10/g10.c Sat Apr 28 19:28:40 2001
@@ -910,7 +910,7 @@
case oLockOnce: opt.lock_once =3D 1; break;
case oLockNever: disable_dotlock(); break;
case oLockMultiple: opt.lock_once =3D 0; break;
- case oKeyServer: opt.keyserver_name =3D pargs.r.ret_str; break;
+ case oKeyServer: add_to_strlist( &opt.keyservers, pargs.r.ret_str ); br=
eak;
case oNotation: add_notation_data( pargs.r.ret_str ); break;
case oUtf8Strings: utf8_strings =3D 1; break;
case oNoUtf8Strings: utf8_strings =3D 0; break;
diff -ru gnupg-1.0.4/g10/hkp.c gnupg.multiserver/g10/hkp.c
--- gnupg-1.0.4/g10/hkp.c Mon Oct 16 10:43:41 2000
+++ gnupg.multiserver/g10/hkp.c Sat Apr 28 19:38:08 2001
@@ -66,32 +66,36 @@
char *request;
int rc;
unsigned int hflags =3D opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY : 0;
-
- if( !opt.keyserver_name )
- return -1;
- log_info(_("requesting key %08lX from %s ...\n"), (ulong)keyid[1],
- opt.keyserver_name );
- request =3D m_alloc( strlen( opt.keyserver_name ) + 100 );
- /* hkp does not accept the long keyid - we should really write a
- * nicer one :-)
- * FIXME: request binary mode - need to pass no_armor mode
- * down to the import function. Marc told that there is such a
- * binary mode ... how?
- */
- sprintf( request, "x-hkp://%s:11371/pks/lookup?op=3Dget&search=3D0x%08=
lX",
- opt.keyserver_name, (ulong)keyid[1] );
- rc =3D http_open_document( &hd, request, hflags );
- if( rc ) {
- log_info(_("can't get key from keyserver: %s\n"),
- rc =3D=3D G10ERR_NETWORK? strerror(errno)
- : g10_errstr(rc) );
- }
- else {
- rc =3D import_keys_stream( hd.fp_read , 0 );
- http_close( &hd );
+ STRLIST server =3D opt.keyservers;
+ =20
+ for( ; server; server =3D server->next) {
+ int rc_internal;
+ log_info(_("requesting key %08lX from %s ...\n"), (ulong)keyid[1],
+ server->d );
+ request =3D m_alloc( strlen( server->d ) + 100 );
+ /* hkp does not accept the long keyid - we should really write a
+ * nicer one :-)
+ * FIXME: request binary mode - need to pass no_armor mode
+ * down to the import function. Marc told that there is such a
+ * binary mode ... how?
+ */
+ sprintf( request, "x-hkp://%s:11371/pks/lookup?op=3Dget&search=3D0=
x%08lX",
+ server->d, (ulong)keyid[1] );
+ rc_internal =3D http_open_document( &hd, request, hflags );
+ if( rc_internal ) {
+ log_info(_("can't get key from keyserver: %s\n"),
+ rc_internal =3D=3D G10ERR_NETWORK? strerror(errno)
+ : g10_errstr(rc_internal) );
+ }
+ else {
+ rc_internal =3D import_keys_stream( hd.fp_read , 0 );
+ http_close( &hd );
+ }
+ =20
+ m_free( request );
+ rc &=3D rc_internal;
}
-
- m_free( request );
+ =20
return rc;
#endif
}
@@ -105,7 +109,7 @@
not_implemented();
return -1;
#else
- if( !opt.keyserver_name ) {
+ if( !opt.keyservers ) {
log_error(_("no keyserver known (use option --keyserver)\n"));
return -1;
}
@@ -143,18 +147,19 @@
char *request;
unsigned int status;
unsigned int hflags =3D opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY : 0;
-
- if( !opt.keyserver_name ) {
+ STRLIST server =3D opt.keyservers;
+ =20
+ if( !server ) {
log_error(_("no keyserver known (use option --keyserver)\n"));
return -1;
}
=20
@@ -162,56 +167,62 @@
}
=20
iobuf_flush_temp( temp );
+ =20
+ for (server =3D opt.keyservers; server; server =3D server->next) {
+ int internal_rc;
+ request =3D m_alloc( strlen( server->d ) + 100 );
+ sprintf( request, "x-hkp://%s:11371/pks/add", server->d );
+ internal_rc =3D http_open( &hd, HTTP_REQ_POST, request , hflags );
+ if( internal_rc ) {
+ log_error(_("can't connect to `%s': %s\n"),
+ server->d,
+ internal_rc =3D=3D G10ERR_NETWORK? strerror(errno)
+ : g10_errstr(internal_rc) );
+ m_free( request );
+ rc &=3D internal_rc;
+ continue;
+ }
=20
- request =3D m_alloc( strlen( opt.keyserver_name ) + 100 );
- sprintf( request, "x-hkp://%s:11371/pks/add", opt.keyserver_name );
- rc =3D http_open( &hd, HTTP_REQ_POST, request , hflags );
- if( rc ) {
- log_error(_("can't connect to `%s': %s\n"),
- opt.keyserver_name,
- rc =3D=3D G10ERR_NETWORK? strerror(errno)
- : g10_errstr(rc) );
- iobuf_close(temp);
- m_free( request );
- return rc;
- }
-
- sprintf( request, "Content-Length: %u\n",
- (unsigned)iobuf_get_temp_length(temp) + 9 );
- iobuf_writestr( hd.fp_write, request );
- m_free( request );
- http_start_data( &hd );
-
- iobuf_writestr( hd.fp_write, "keytext=3D" );
- iobuf_write( hd.fp_write, iobuf_get_temp_buffer(temp),
- iobuf_get_temp_length(temp) );
- iobuf_put( hd.fp_write, '\n' );
- iobuf_flush_temp( temp );
- iobuf_close(temp);
-
- rc =3D http_wait_response( &hd, &status );
- if( rc ) {
- log_error(_("error sending to `%s': %s\n"),
- opt.keyserver_name, g10_errstr(rc) );
- }
- else {
- #if 1
- if( opt.verbose ) {
- int c;
- while( (c=3Diobuf_get(hd.fp_read)) !=3D EOF )
- putchar( c );
- }
+ sprintf( request, "Content-Length: %u\n",
+ (unsigned)iobuf_get_temp_length(temp) + 9 );
+ iobuf_writestr( hd.fp_write, request );
+ m_free( request );
+ http_start_data( &hd );
+
+ iobuf_writestr( hd.fp_write, "keytext=3D" );
+ iobuf_write( hd.fp_write, iobuf_get_temp_buffer(temp),
+ iobuf_get_temp_length(temp) );
+ iobuf_put( hd.fp_write, '\n' );
+ iobuf_flush_temp( temp );
+ iobuf_close(temp);
+
+ internal_rc =3D http_wait_response( &hd, &status );
+ if( internal_rc ) {
+ log_error(_("error sending to `%s': %s\n"),
+ server->d, g10_errstr(internal_rc) );
+ }
+ else {
+ #if 1
+ if( opt.verbose ) {
+ int c;
+ while( (c=3Diobuf_get(hd.fp_read)) !=3D EOF )
+ putchar( c );
+ }
+ #endif
+ if( (status/100) =3D=3D 2 ) {
+ log_info(_("success sending to `%s' (status=3D%u)\n"),
+ server->d, status );
+ }
+ else
+ log_error(_("failed sending to `%s': status=3D%u\n"),
+ server->d, status );
+ }
+ rc &=3D internal_rc;
+ =20
#endif
- if( (status/100) =3D=3D 2 )
- log_info(_("success sending to `%s' (status=3D%u)\n"),
- opt.keyserver_name, status );
- else
- log_error(_("failed sending to `%s': status=3D%u\n"),
- opt.keyserver_name, status );
}
http_close( &hd );
return rc;
- #endif
}
=20
static int
diff -ru gnupg-1.0.4/g10/mainproc.c gnupg.multiserver/g10/mainproc.c
--- gnupg-1.0.4/g10/mainproc.c Mon Oct 16 12:12:30 2000
+++ gnupg.multiserver/g10/mainproc.c Sat Apr 28 01:56:21 2001
@@ -1159,7 +1159,7 @@
(int)strlen(tstr), tstr, astr? astr: "?", (ulong)sig->keyid[1] );
=20
rc =3D do_check_sig(c, node, NULL );
- if( rc =3D=3D G10ERR_NO_PUBKEY && opt.keyserver_name && opt.auto_key_r=
etrieve) {
+ if( rc =3D=3D G10ERR_NO_PUBKEY && opt.keyservers && opt.auto_key_retri=
eve) {
if( !hkp_ask_import( sig->keyid ) )
rc =3D do_check_sig(c, node, NULL );
}
diff -ru gnupg-1.0.4/g10/options.h gnupg.multiserver/g10/options.h
--- gnupg-1.0.4/g10/options.h Wed Aug 23 12:40:24 2000
+++ gnupg.multiserver/g10/options.h Sat Apr 28 19:34:08 2001
@@ -77,7 +77,7 @@
int not_dash_escaped;
int escape_from;
int lock_once;
- const char *keyserver_name;
+ STRLIST keyservers;
int no_encrypt_to;
int interactive;
STRLIST notation_data;
--AhhlLboLdkugWU4S--
--2B/JsCI69OhZNC5r
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iQEXAwUBOutxKOkoniiVjyBYFAPj8gP/bOg9AfSEQfKLK5kfTi16SX9cN6DkOabk
Xjg+A42lYl9U8uCBQ4AyjjEdN+kxB6z6exAcn1PbDTw+wLxlTvnahWESxQVOfTrO
oDT5YBkUZsdqFz5/l45mEQ14/xTVkq9ZI5U+xwdkHmAZpaqPl8nYA3WYSbwlxOyc
jU2nuQW8X7YD/0ROxCUvQin7d7WvvDURb0+pv9TiOglcJx24Gcpcws0vOS88eto8
vPAEx9S16A5pvX/yFahrjkRLVQK0IeiHd86+nVfjlkvBl/1HcjWKN84u42Gl+ZAY
IwILTMPBVLzjodRKD29MFUMqpK/NQzzgGAIKz5VyXpiXjt7hgREPdi8/
=fEG5
-----END PGP SIGNATURE-----
--2B/JsCI69OhZNC5r--