diff options
Diffstat (limited to 'keyserver')
| -rw-r--r-- | keyserver/ChangeLog | 10 | ||||
| -rw-r--r-- | keyserver/curl-shim.c | 32 | ||||
| -rw-r--r-- | keyserver/curl-shim.h | 11 | ||||
| -rw-r--r-- | keyserver/gpgkeys_curl.c | 23 | ||||
| -rw-r--r-- | keyserver/gpgkeys_hkp.c | 23 |
5 files changed, 97 insertions, 2 deletions
diff --git a/keyserver/ChangeLog b/keyserver/ChangeLog index ff3bac54d..6390c1412 100644 --- a/keyserver/ChangeLog +++ b/keyserver/ChangeLog @@ -1,3 +1,13 @@ +2009-05-26 David Shaw <[email protected]> + + * curl-shim.c (curl_slist_append, curl_slist_free_all): New. + Simple wrappers around STRLIST to emulate the curl way of doing + string lists. + (curl_easy_setopt): Handle the curl HTTPHEADER option. + + * gpgkeys_curl.c, gpgkeys_hkp.c (main): Avoid caches to get the + most recent copy of the key. This is bug #1061. + 2009-05-03 David Shaw <[email protected]> * gpgkeys_mailto.in: Set 'mail-from' as a keyserver-option, rather diff --git a/keyserver/curl-shim.c b/keyserver/curl-shim.c index 9c65e8c25..0aab4ad67 100644 --- a/keyserver/curl-shim.c +++ b/keyserver/curl-shim.c @@ -146,6 +146,9 @@ curl_easy_setopt(CURL *curl,CURLoption option,...) case CURLOPT_STDERR: curl->errors=va_arg(ap,FILE *); break; + case CURLOPT_HTTPHEADER: + curl->headers=va_arg(ap,struct curl_slist *); + break; default: /* We ignore the huge majority of curl options */ break; @@ -186,7 +189,7 @@ curl_easy_perform(CURL *curl) if(curl->flags.post) { rc=http_open(&curl->hd,HTTP_REQ_POST,curl->url,curl->auth,0,proxy, - curl->srvtag); + curl->srvtag,curl->headers?curl->headers->list:NULL); if(rc==0) { char content_len[50]; @@ -208,7 +211,7 @@ curl_easy_perform(CURL *curl) else { rc=http_open(&curl->hd,HTTP_REQ_GET,curl->url,curl->auth,0,proxy, - curl->srvtag); + curl->srvtag,curl->headers?curl->headers->list:NULL); if(rc==0) { rc=http_wait_response(&curl->hd,&curl->status); @@ -335,3 +338,28 @@ curl_version_info(int type) return &data; } + +struct curl_slist * +curl_slist_append(struct curl_slist *list,const char *string) +{ + if(!list) + { + list=calloc(1,sizeof(*list)); + if(!list) + return NULL; + } + + add_to_strlist(&list->list,string); + + return list; +} + +void +curl_slist_free_all(struct curl_slist *list) +{ + if(list) + { + free_strlist(list->list); + free(list); + } +} diff --git a/keyserver/curl-shim.h b/keyserver/curl-shim.h index 81a42e540..0d378e834 100644 --- a/keyserver/curl-shim.h +++ b/keyserver/curl-shim.h @@ -49,6 +49,7 @@ typedef enum CURLOPT_POST, CURLOPT_POSTFIELDS, CURLOPT_FAILONERROR, + CURLOPT_HTTPHEADER, CURLOPT_SRVTAG_GPG_HACK } CURLoption; @@ -67,6 +68,7 @@ typedef struct char *srvtag; unsigned int status; FILE *errors; + struct curl_slist *headers; struct { unsigned int post:1; @@ -96,4 +98,13 @@ char *curl_easy_escape(CURL *curl,char *str,int len); #define curl_version() "GnuPG curl-shim" curl_version_info_data *curl_version_info(int type); +struct curl_slist +{ + STRLIST list; +}; + +struct curl_slist *curl_slist_append(struct curl_slist *list, + const char *string); +void curl_slist_free_all(struct curl_slist *list); + #endif /* !_CURL_SHIM_H_ */ diff --git a/keyserver/gpgkeys_curl.c b/keyserver/gpgkeys_curl.c index c993397b9..5853f2c6a 100644 --- a/keyserver/gpgkeys_curl.c +++ b/keyserver/gpgkeys_curl.c @@ -118,6 +118,7 @@ main(int argc,char *argv[]) long follow_redirects=5; char *proxy=NULL; curl_version_info_data *curldata; + struct curl_slist *headers=NULL; console=stderr; @@ -306,6 +307,26 @@ main(int argc,char *argv[]) curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(long)opt->flags.check_cert); curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file); + /* Avoid caches to get the most recent copy of the key. This is bug + #1061. In pre-curl versions of the code, we didn't do it. Then + we did do it (as a curl default) until curl changed the default. + Now we're doing it again, but in such a way that changing + defaults in the future won't impact us. We set both the Pragma + and Cache-Control versions of the header, so we're good with both + HTTP 1.0 and 1.1. */ + headers=curl_slist_append(headers,"Pragma: no-cache"); + if(headers) + headers=curl_slist_append(headers,"Cache-Control: no-cache"); + + if(!headers) + { + fprintf(console,"gpgkeys: out of memory when building HTTP headers\n"); + ret=KEYSERVER_NO_MEMORY; + goto fail; + } + + curl_easy_setopt(curl,CURLOPT_HTTPHEADER,headers); + if(proxy) curl_easy_setopt(curl,CURLOPT_PROXY,proxy); @@ -386,6 +407,8 @@ main(int argc,char *argv[]) free_ks_options(opt); + curl_slist_free_all(headers); + if(curl) curl_easy_cleanup(curl); diff --git a/keyserver/gpgkeys_hkp.c b/keyserver/gpgkeys_hkp.c index f8b847043..0267425bd 100644 --- a/keyserver/gpgkeys_hkp.c +++ b/keyserver/gpgkeys_hkp.c @@ -550,6 +550,7 @@ main(int argc,char *argv[]) int failed=0; struct keylist *keylist=NULL,*keyptr=NULL; char *proxy=NULL; + struct curl_slist *headers=NULL; console=stderr; @@ -746,6 +747,26 @@ main(int argc,char *argv[]) curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(long)opt->flags.check_cert); curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file); + /* Avoid caches to get the most recent copy of the key. This is bug + #1061. In pre-curl versions of the code, we didn't do it. Then + we did do it (as a curl default) until curl changed the default. + Now we're doing it again, but in such a way that changing + defaults in the future won't impact us. We set both the Pragma + and Cache-Control versions of the header, so we're good with both + HTTP 1.0 and 1.1. */ + headers=curl_slist_append(headers,"Pragma: no-cache"); + if(headers) + headers=curl_slist_append(headers,"Cache-Control: no-cache"); + + if(!headers) + { + fprintf(console,"gpgkeys: out of memory when building HTTP headers\n"); + ret=KEYSERVER_NO_MEMORY; + goto fail; + } + + curl_easy_setopt(curl,CURLOPT_HTTPHEADER,headers); + if(proxy) curl_easy_setopt(curl,CURLOPT_PROXY,proxy); @@ -923,6 +944,8 @@ main(int argc,char *argv[]) free_ks_options(opt); + curl_slist_free_all(headers); + if(curl) curl_easy_cleanup(curl); |