diff options
| -rw-r--r-- | include/ChangeLog | 5 | ||||
| -rw-r--r-- | include/http.h | 4 | ||||
| -rw-r--r-- | keyserver/ChangeLog | 10 | ||||
| -rw-r--r-- | keyserver/curl-shim.c | 32 | ||||
| -rw-r--r-- | keyserver/curl-shim.h | 11 | ||||
| -rw-r--r-- | keyserver/gpgkeys_curl.c | 23 | ||||
| -rw-r--r-- | keyserver/gpgkeys_hkp.c | 23 | ||||
| -rw-r--r-- | util/ChangeLog | 5 | ||||
| -rw-r--r-- | util/http.c | 29 |
9 files changed, 131 insertions, 11 deletions
diff --git a/include/ChangeLog b/include/ChangeLog index bb16d383f..581904cc7 100644 --- a/include/ChangeLog +++ b/include/ChangeLog @@ -1,3 +1,8 @@ +2009-05-26 David Shaw <[email protected]> + + * http.h: Pass in a STRLIST for additional headers on http_open + and http_open_document. + 2009-04-05 David Shaw <[email protected]> * srv.h: Move from util/srv.h. diff --git a/include/http.h b/include/http.h index a10d31c0e..7959be837 100644 --- a/include/http.h +++ b/include/http.h @@ -75,12 +75,12 @@ typedef struct http_context *HTTP_HD; int http_open( HTTP_HD hd, HTTP_REQ_TYPE reqtype, const char *url, char *auth, unsigned int flags, const char *proxy, - const char *srvtag ); + const char *srvtag, STRLIST headers ); void http_start_data( HTTP_HD hd ); int http_wait_response( HTTP_HD hd, unsigned int *ret_status ); void http_close( HTTP_HD hd ); int http_open_document( HTTP_HD hd, const char *document, char *auth, unsigned int flags, const char *proxy, - const char *srvtag ); + const char *srvtag, STRLIST headers ); #endif /*G10_HTTP_H*/ diff --git a/keyserver/ChangeLog b/keyserver/ChangeLog index ff3bac54d..6390c1412 100644 --- a/keyserver/ChangeLog +++ b/keyserver/ChangeLog @@ -1,3 +1,13 @@ +2009-05-26 David Shaw <[email protected]> + + * curl-shim.c (curl_slist_append, curl_slist_free_all): New. + Simple wrappers around STRLIST to emulate the curl way of doing + string lists. + (curl_easy_setopt): Handle the curl HTTPHEADER option. + + * gpgkeys_curl.c, gpgkeys_hkp.c (main): Avoid caches to get the + most recent copy of the key. This is bug #1061. + 2009-05-03 David Shaw <[email protected]> * gpgkeys_mailto.in: Set 'mail-from' as a keyserver-option, rather diff --git a/keyserver/curl-shim.c b/keyserver/curl-shim.c index 9c65e8c25..0aab4ad67 100644 --- a/keyserver/curl-shim.c +++ b/keyserver/curl-shim.c @@ -146,6 +146,9 @@ curl_easy_setopt(CURL *curl,CURLoption option,...) case CURLOPT_STDERR: curl->errors=va_arg(ap,FILE *); break; + case CURLOPT_HTTPHEADER: + curl->headers=va_arg(ap,struct curl_slist *); + break; default: /* We ignore the huge majority of curl options */ break; @@ -186,7 +189,7 @@ curl_easy_perform(CURL *curl) if(curl->flags.post) { rc=http_open(&curl->hd,HTTP_REQ_POST,curl->url,curl->auth,0,proxy, - curl->srvtag); + curl->srvtag,curl->headers?curl->headers->list:NULL); if(rc==0) { char content_len[50]; @@ -208,7 +211,7 @@ curl_easy_perform(CURL *curl) else { rc=http_open(&curl->hd,HTTP_REQ_GET,curl->url,curl->auth,0,proxy, - curl->srvtag); + curl->srvtag,curl->headers?curl->headers->list:NULL); if(rc==0) { rc=http_wait_response(&curl->hd,&curl->status); @@ -335,3 +338,28 @@ curl_version_info(int type) return &data; } + +struct curl_slist * +curl_slist_append(struct curl_slist *list,const char *string) +{ + if(!list) + { + list=calloc(1,sizeof(*list)); + if(!list) + return NULL; + } + + add_to_strlist(&list->list,string); + + return list; +} + +void +curl_slist_free_all(struct curl_slist *list) +{ + if(list) + { + free_strlist(list->list); + free(list); + } +} diff --git a/keyserver/curl-shim.h b/keyserver/curl-shim.h index 81a42e540..0d378e834 100644 --- a/keyserver/curl-shim.h +++ b/keyserver/curl-shim.h @@ -49,6 +49,7 @@ typedef enum CURLOPT_POST, CURLOPT_POSTFIELDS, CURLOPT_FAILONERROR, + CURLOPT_HTTPHEADER, CURLOPT_SRVTAG_GPG_HACK } CURLoption; @@ -67,6 +68,7 @@ typedef struct char *srvtag; unsigned int status; FILE *errors; + struct curl_slist *headers; struct { unsigned int post:1; @@ -96,4 +98,13 @@ char *curl_easy_escape(CURL *curl,char *str,int len); #define curl_version() "GnuPG curl-shim" curl_version_info_data *curl_version_info(int type); +struct curl_slist +{ + STRLIST list; +}; + +struct curl_slist *curl_slist_append(struct curl_slist *list, + const char *string); +void curl_slist_free_all(struct curl_slist *list); + #endif /* !_CURL_SHIM_H_ */ diff --git a/keyserver/gpgkeys_curl.c b/keyserver/gpgkeys_curl.c index c993397b9..5853f2c6a 100644 --- a/keyserver/gpgkeys_curl.c +++ b/keyserver/gpgkeys_curl.c @@ -118,6 +118,7 @@ main(int argc,char *argv[]) long follow_redirects=5; char *proxy=NULL; curl_version_info_data *curldata; + struct curl_slist *headers=NULL; console=stderr; @@ -306,6 +307,26 @@ main(int argc,char *argv[]) curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(long)opt->flags.check_cert); curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file); + /* Avoid caches to get the most recent copy of the key. This is bug + #1061. In pre-curl versions of the code, we didn't do it. Then + we did do it (as a curl default) until curl changed the default. + Now we're doing it again, but in such a way that changing + defaults in the future won't impact us. We set both the Pragma + and Cache-Control versions of the header, so we're good with both + HTTP 1.0 and 1.1. */ + headers=curl_slist_append(headers,"Pragma: no-cache"); + if(headers) + headers=curl_slist_append(headers,"Cache-Control: no-cache"); + + if(!headers) + { + fprintf(console,"gpgkeys: out of memory when building HTTP headers\n"); + ret=KEYSERVER_NO_MEMORY; + goto fail; + } + + curl_easy_setopt(curl,CURLOPT_HTTPHEADER,headers); + if(proxy) curl_easy_setopt(curl,CURLOPT_PROXY,proxy); @@ -386,6 +407,8 @@ main(int argc,char *argv[]) free_ks_options(opt); + curl_slist_free_all(headers); + if(curl) curl_easy_cleanup(curl); diff --git a/keyserver/gpgkeys_hkp.c b/keyserver/gpgkeys_hkp.c index f8b847043..0267425bd 100644 --- a/keyserver/gpgkeys_hkp.c +++ b/keyserver/gpgkeys_hkp.c @@ -550,6 +550,7 @@ main(int argc,char *argv[]) int failed=0; struct keylist *keylist=NULL,*keyptr=NULL; char *proxy=NULL; + struct curl_slist *headers=NULL; console=stderr; @@ -746,6 +747,26 @@ main(int argc,char *argv[]) curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(long)opt->flags.check_cert); curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file); + /* Avoid caches to get the most recent copy of the key. This is bug + #1061. In pre-curl versions of the code, we didn't do it. Then + we did do it (as a curl default) until curl changed the default. + Now we're doing it again, but in such a way that changing + defaults in the future won't impact us. We set both the Pragma + and Cache-Control versions of the header, so we're good with both + HTTP 1.0 and 1.1. */ + headers=curl_slist_append(headers,"Pragma: no-cache"); + if(headers) + headers=curl_slist_append(headers,"Cache-Control: no-cache"); + + if(!headers) + { + fprintf(console,"gpgkeys: out of memory when building HTTP headers\n"); + ret=KEYSERVER_NO_MEMORY; + goto fail; + } + + curl_easy_setopt(curl,CURLOPT_HTTPHEADER,headers); + if(proxy) curl_easy_setopt(curl,CURLOPT_PROXY,proxy); @@ -923,6 +944,8 @@ main(int argc,char *argv[]) free_ks_options(opt); + curl_slist_free_all(headers); + if(curl) curl_easy_cleanup(curl); diff --git a/util/ChangeLog b/util/ChangeLog index d060fe299..4df28cc0e 100644 --- a/util/ChangeLog +++ b/util/ChangeLog @@ -1,3 +1,8 @@ +2009-05-26 David Shaw <[email protected]> + + * http.c (send_request): Pass in a STRLIST for additional headers. + Change all callers. + 2009-05-22 Werner Koch <[email protected]> * ttyio.c (tty_cleanup_after_signal): New. diff --git a/util/http.c b/util/http.c index 5e025b658..9aaa1d134 100644 --- a/util/http.c +++ b/util/http.c @@ -69,7 +69,7 @@ static int insert_escapes( byte *buffer, const byte *string, const byte *special ); static URI_TUPLE parse_tuple( byte *string ); static int send_request( HTTP_HD hd, const char *auth, const char *proxy, - const char *srvtag); + const char *srvtag, STRLIST headers); static byte *build_rel_path( PARSED_URI uri ); static int parse_response( HTTP_HD hd ); @@ -150,7 +150,7 @@ make_radix64_string( const byte *data, size_t len ) int http_open( HTTP_HD hd, HTTP_REQ_TYPE reqtype, const char *url, char *auth, unsigned int flags, const char *proxy, - const char *srvtag ) + const char *srvtag, STRLIST headers ) { int rc; @@ -166,7 +166,7 @@ http_open( HTTP_HD hd, HTTP_REQ_TYPE reqtype, const char *url, rc = parse_uri( &hd->uri, url ); if( !rc ) { - rc = send_request( hd, auth, proxy, srvtag ); + rc = send_request( hd, auth, proxy, srvtag, headers ); if( !rc ) { hd->fp_write = iobuf_sockopen( hd->sock , "w" ); if( hd->fp_write ) @@ -234,11 +234,13 @@ http_wait_response( HTTP_HD hd, unsigned int *ret_status ) int http_open_document( HTTP_HD hd, const char *document, char *auth, - unsigned int flags, const char *proxy, const char *srvtag ) + unsigned int flags, const char *proxy, const char *srvtag, + STRLIST headers ) { int rc; - rc = http_open(hd, HTTP_REQ_GET, document, auth, flags, proxy, srvtag ); + rc = http_open(hd, HTTP_REQ_GET, document, auth, flags, proxy, srvtag, + headers ); if( rc ) return rc; @@ -521,7 +523,7 @@ parse_tuple( byte *string ) */ static int send_request( HTTP_HD hd, const char *auth, const char *proxy, - const char *srvtag ) + const char *srvtag, STRLIST headers ) { const byte *server; byte *request, *p; @@ -613,6 +615,19 @@ send_request( HTTP_HD hd, const char *auth, const char *proxy, xfree(p); rc = write_server( hd->sock, request, strlen(request) ); + + if(rc==0) + for(;headers;headers=headers->next) + { + rc = write_server( hd->sock, headers->d, strlen(headers->d) ); + if(rc) + break; + + rc = write_server( hd->sock, "\r\n", 2 ); + if(rc) + break; + } + xfree( request ); xfree(proxy_authstr); xfree(authstr); @@ -1078,7 +1093,7 @@ main(int argc, char **argv) } release_parsed_uri( uri ); uri = NULL; - rc = http_open_document( &hd, *argv, NULL, 0, NULL ); + rc = http_open_document( &hd, *argv, NULL, 0, NULL, NULL, NULL ); if( rc ) { log_error("can't get `%s': %s\n", *argv, g10_errstr(rc)); return 1; |