diff options
| author | Werner Koch <[email protected]> | 2015-03-19 14:37:05 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2015-03-19 14:37:05 +0000 |
| commit | dc10d466bff53821f23d2cb4814c259d40c5d9c5 (patch) | |
| tree | 9e32be3b0fc3633463245582196dd1cd219be013 /dirmngr/ks-engine-hkp.c | |
| parent | Define replacement error codes from libgpg-error 1.19. (diff) | |
| download | gnupg-dc10d466bff53821f23d2cb4814c259d40c5d9c5.tar.gz gnupg-dc10d466bff53821f23d2cb4814c259d40c5d9c5.zip | |
hkps: Fix host name verification when using pools.
* common/http.c (send_request): Set the requested for SNI.
* dirmngr/ks-engine-hkp.c (map_host): Return the poolname and not
the selecting a host.
--
GnuPG-bug-id: 1792
Thanks to davidw for figuring out the problem.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to '')
| -rw-r--r-- | dirmngr/ks-engine-hkp.c | 25 |
1 files changed, 18 insertions, 7 deletions
diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c index ea607cb93..056809431 100644 --- a/dirmngr/ks-engine-hkp.c +++ b/dirmngr/ks-engine-hkp.c @@ -521,6 +521,14 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, hi = hosttable[idx]; if (hi->pool) { + /* Deal with the pool name before selecting a host. */ + if (r_poolname && hi->cname) + { + *r_poolname = xtrystrdup (hi->cname); + if (!*r_poolname) + return gpg_error_from_syserror (); + } + /* If the currently selected host is now marked dead, force a re-selection . */ if (force_reselect) @@ -536,6 +544,11 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, if (hi->poolidx == -1) { log_error ("no alive host found in pool '%s'\n", name); + if (r_poolname) + { + xfree (*r_poolname); + *r_poolname = NULL; + } return gpg_error (GPG_ERR_NO_KEYSERVER); } } @@ -548,6 +561,11 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, if (hi->dead) { log_error ("host '%s' marked as dead\n", hi->name); + if (r_poolname) + { + xfree (*r_poolname); + *r_poolname = NULL; + } return gpg_error (GPG_ERR_NO_KEYSERVER); } @@ -564,13 +582,6 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, *r_httpflags |= HTTP_FLAG_IGNORE_IPv6; } - if (r_poolname && hi->pool && hi->cname) - { - *r_poolname = xtrystrdup (hi->cname); - if (!*r_poolname) - return gpg_error_from_syserror (); - } - *r_host = xtrystrdup (hi->name); if (!*r_host) { |