port 80 keyserver access (was Re: GPG Recipients List)

Fri Dec 5 20:16:36 CET 2003

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, Dec 05, 2003 at 04:39:24PM -0500, Todd wrote:
> David Shaw wrote:
> > Hmm.  I get the same, but I can retrieve the key by telnetting to
> > port 80.  I suspect the problem is that GnuPG's HTTP handler does
> > not provide the "Host:" header and keys.se.linux.org is a virtual
> > host.
> 
> Just for fun (and to avoid shoveling snow for a few more minutes) I
> patched gnupg and tested it, sans any proxy.  It did indeed retrieve
> Jason's key properly.
> 
> So, what else has to be done other than this to make things work?
> 
> --- gnupg-1.2.3/util/http.c~	Wed Jul 30 11:38:40 2003
> +++ gnupg-1.2.3/util/http.c	Fri Dec  5 16:25:33 2003
> @@ -506,18 +506,18 @@
>      p = build_rel_path( hd->uri );
>      request = m_alloc( strlen(server) + strlen(p) + 50 );
>      if( http_proxy ) {
> -	sprintf( request, "%s http://%s:%hu%s%s HTTP/1.0\r\n",
> +	sprintf( request, "%s http://%s:%hu%s%s HTTP/1.1\r\nHost: %s\r\n",
>  			  hd->req_type == HTTP_REQ_GET ? "GET" :
>  			  hd->req_type == HTTP_REQ_HEAD? "HEAD":
>  			  hd->req_type == HTTP_REQ_POST? "POST": "OOPS",
> -			  server, port,  *p == '/'? "":"/", p );
> +			  server, port,  *p == '/'? "":"/", p, server );
>      }
>      else {
> -	sprintf( request, "%s %s%s HTTP/1.0\r\n",
> +	sprintf( request, "%s %s%s HTTP/1.1\r\nHost: %s\r\n",
>  			  hd->req_type == HTTP_REQ_GET ? "GET" :
>  			  hd->req_type == HTTP_REQ_HEAD? "HEAD":
>  			  hd->req_type == HTTP_REQ_POST? "POST": "OOPS",
> -						  *p == '/'? "":"/", p );
> +					*p == '/'? "":"/", p, server );
>      }
>      m_free(p);

That's about it.  You don't want to change the HTTP version to 1.1
though.  This isn't true 1.1, but rather 1.0 with a Host: header.
There is no host header used to the http_proxy case since the proxy
itself gets to send the host header.  You also need to make "request"
a little bigger just in case.

Index: http.c
===================================================================
RCS file: /cvs/gnupg/gnupg/util/http.c,v
retrieving revision 1.12.2.2
retrieving revision 1.12.2.3
diff -u -r1.12.2.2 -r1.12.2.3
- --- http.c	30 Jul 2003 16:04:46 -0000	1.12.2.2
+++ http.c	6 Dec 2003 01:11:01 -0000	1.12.2.3
@@ -504,7 +504,7 @@
 	return G10ERR_NETWORK;
 
     p = build_rel_path( hd->uri );
- -    request = m_alloc( strlen(server) + strlen(p) + 50 );
+    request = m_alloc( strlen(server)*2 + strlen(p) + 50 );
     if( http_proxy ) {
 	sprintf( request, "%s http://%s:%hu%s%s HTTP/1.0\r\n",
 			  hd->req_type == HTTP_REQ_GET ? "GET" :
@@ -513,11 +513,11 @@
 			  server, port,  *p == '/'? "":"/", p );
     }
     else {
- -	sprintf( request, "%s %s%s HTTP/1.0\r\n",
+	sprintf( request, "%s %s%s HTTP/1.0\r\nHost: %s\r\n",
 			  hd->req_type == HTTP_REQ_GET ? "GET" :
 			  hd->req_type == HTTP_REQ_HEAD? "HEAD":
 			  hd->req_type == HTTP_REQ_POST? "POST": "OOPS",
- -						  *p == '/'? "":"/", p );
+						 *p == '/'? "":"/", p, server);
     }
     m_free(p);

The snow hasn't gotten up here yet.

David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4rc1 (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc

iD8DBQE/0S304mZch0nhy8kRAktgAKCK8u4ut/B/OghD2PENPnMPussDBACcCvog
QvW3edTc+ESn7HO02ShYGIw=
=aU9p
-----END PGP SIGNATURE-----

