gpg: Move all DNS access to Dirmngr.

* common/dns-cert.h: Move to ../dirmngr/. * common/dns-cert.c: Move to ../dirmngr/. Change args to return the key as a buffer. * common/t-dns-cert.c: Move to ../dirmngr/. * common/pka.c, common/pka.h, common/t-pka.c: Remove. * dirmngr/server.c (data_line_cookie_write): Factor code out to data_line_write and make it a wrapper for that. (data_line_write): New. (cmd_dns_cert): New. (register_commands): Register new command. * g10/Makefile.am (LDADD): Remove DNSLIBS. * g10/call-dirmngr.c (dns_cert_parm_s): New. (dns_cert_data_cb, dns_cert_status_cb): New. (gpg_dirmngr_dns_cert): New. (gpg_dirmngr_get_pka): New. * g10/gpgv.c (gpg_dirmngr_get_pka): New dummy function. * g10/keyserver.c (keyserver_import_cert): Replace get_dns_cert by gpg_dirmngr_dns_cert. (keyserver_import_pka): Replace get_pka_info by gpg_dirmngr_get_pka. * g10/mainproc.c: Include call-dirmngr.h. (pka_uri_from_sig): Add CTX arg. Replace get_pka_info by gpg_dirmngr_get_pka. -- With this patch gpg does not do any network access itself but uses dirmngr for that. Note that we need to keep linking to NETLIBS due to the logging code and because we need TCP for our socket emulation under Windows. Probably also required for Solaris etc. Signed-off-by: Werner Koch <[email protected]>
author: Werner Koch <[email protected]> 2015-04-23 13:42:56 +0000
committer: Werner Koch <[email protected]> 2015-04-23 13:52:39 +0000
commit: 154f3ed2bf64de801ae0f9796338a2767ec6357b (patch)
tree: 064311a8189256ab5b8354409fb53e5a1ffa2b43 /dirmngr/dns-cert.c
parent: common: Minor change of hex2str to allow for embedded nul. (diff)
download: gnupg-154f3ed2bf64de801ae0f9796338a2767ec6357b.tar.gz
gnupg-154f3ed2bf64de801ae0f9796338a2767ec6357b.zip
1 files changed, 23 insertions, 9 deletions
diff --git a/common/dns-cert.c b/dirmngr/dns-cert.c
index 405ca293e..de523b5f2 100644
--- a/common/dns-cert.c
+++ b/dirmngr/dns-cert.c
@@ -62,7 +62,7 @@
 
 
 /* Returns 0 on success or an error code.  If a PGP CERT record was
-   found, a new estream with that key will be returned at R_KEY and
+   found, the malloced data is returned at (R_KEY, R_KEYLEN) and
    the other return parameters are set to NULL/0.  If an IPGP CERT
    record was found the fingerprint is stored as an allocated block at
    R_FPR and its length at R_FPRLEN; an URL is is allocated as a
@@ -70,10 +70,10 @@
    returns the first CERT found with a supported type; it is expected
    that only one CERT record is used.  If WANT_CERTTYPE is one of the
    supported certtypes only records wih this certtype are considered
-   and the first found is returned.  R_KEY is optional. */
+   and the first found is returned.  (R_KEY,R_KEYLEN) are optional. */
 gpg_error_t
 get_dns_cert (const char *name, int want_certtype,
-              estream_t *r_key,
+              void **r_key, size_t *r_keylen,
               unsigned char **r_fpr, size_t *r_fprlen, char **r_url)
 {
 #ifdef USE_DNS_CERT
@@ -86,6 +86,8 @@ get_dns_cert (const char *name, int want_certtype,
 
   if (r_key)
     *r_key = NULL;
+  if (r_keylen)
+    *r_keylen = 0;
   *r_fpr = NULL;
   *r_fprlen = 0;
   *r_url = NULL;
@@ -130,16 +132,20 @@ get_dns_cert (const char *name, int want_certtype,
 
       if (want_certtype && want_certtype != ctype)
         ; /* Not of the requested certtype.  */
-      else if (ctype == DNS_CERTTYPE_PGP && datalen >= 11 && r_key)
+      else if (ctype == DNS_CERTTYPE_PGP && datalen >= 11 && r_key && r_keylen)
         {
           /* CERT type is PGP.  Gpg checks for a minimum length of 11,
              thus we do the same.  */
-          *r_key = es_fopenmem_init (0, "rwb", data, datalen);
+          *r_key = xtrymalloc (datalen);
           if (!*r_key)
             err = gpg_err_make (default_errsource,
                                 gpg_err_code_from_syserror ());
           else
-            err = 0;
+            {
+              memcpy (*r_key, data, datalen);
+              *r_keylen = datalen;
+              err = 0;
+            }
           goto leave;
         }
       else if (ctype == DNS_CERTTYPE_IPGP && datalen && datalen < 1023
@@ -200,6 +206,8 @@ get_dns_cert (const char *name, int want_certtype,
 
   if (r_key)
     *r_key = NULL;
+  if (r_keylen)
+    *r_keylen = 0;
   *r_fpr = NULL;
   *r_fprlen = 0;
   *r_url = NULL;
@@ -294,15 +302,19 @@ get_dns_cert (const char *name, int want_certtype,
           /* 15 bytes takes us to here */
           if (want_certtype && want_certtype != ctype)
             ; /* Not of the requested certtype.  */
-          else if (ctype == DNS_CERTTYPE_PGP && dlen && r_key)
+          else if (ctype == DNS_CERTTYPE_PGP && dlen && r_key && r_keylen)
             {
               /* PGP type */
-              *r_key = es_fopenmem_init (0, "rwb", pt, dlen);
+              *r_key = xtrymalloc (dlen);
               if (!*r_key)
                 err = gpg_err_make (default_errsource,
                                     gpg_err_code_from_syserror ());
               else
-                err = 0;
+                {
+                  memcpy (*r_key, pt, dlen);
+                  *r_keylen = dlen;
+                  err = 0;
+                }
               goto leave;
             }
           else if (ctype == DNS_CERTTYPE_IPGP
@@ -359,6 +371,8 @@ get_dns_cert (const char *name, int want_certtype,
   (void)name;
   if (r_key)
     *r_key = NULL;
+  if (r_keylen)
+    *r_keylen = NULL;
   *r_fpr = NULL;
   *r_fprlen = 0;
   *r_url = NULL;
author	Werner Koch <[email protected]>	2015-04-23 13:42:56 +0000
committer	Werner Koch <[email protected]>	2015-04-23 13:52:39 +0000
commit	154f3ed2bf64de801ae0f9796338a2767ec6357b (patch)
tree	064311a8189256ab5b8354409fb53e5a1ffa2b43 /dirmngr/dns-cert.c
parent	common: Minor change of hex2str to allow for embedded nul. (diff)
download	gnupg-154f3ed2bf64de801ae0f9796338a2767ec6357b.tar.gz gnupg-154f3ed2bf64de801ae0f9796338a2767ec6357b.zip