aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--dirmngr/crlfetch.c6
-rw-r--r--dirmngr/dirmngr.c15
-rw-r--r--dirmngr/dirmngr.h4
-rw-r--r--dirmngr/ks-engine-hkp.c4
-rw-r--r--dirmngr/ks-engine-http.c4
-rw-r--r--dirmngr/ocsp.c2
-rw-r--r--dirmngr/server.c17
7 files changed, 36 insertions, 16 deletions
diff --git a/dirmngr/crlfetch.c b/dirmngr/crlfetch.c
index 2c4a24783..3b3916a23 100644
--- a/dirmngr/crlfetch.c
+++ b/dirmngr/crlfetch.c
@@ -157,10 +157,6 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader)
char *free_this = NULL;
int redirects_left = 2; /* We allow for 2 redirect levels. */
-#ifndef USE_LDAP
- (void)ctrl;
-#endif
-
*reader = NULL;
if (!url)
@@ -202,7 +198,7 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader)
err = http_open_document (&hd, url, NULL,
(opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0)
|(DBG_LOOKUP? HTTP_FLAG_LOG_RESP:0),
- opt.http_proxy, NULL, NULL, NULL);
+ ctrl->http_proxy, NULL, NULL, NULL);
switch ( err? 99999 : http_get_status_code (hd) )
{
diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
index 4c17c8c46..437c6ebdd 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
@@ -1277,6 +1277,7 @@ main (int argc, char **argv)
for (; !rc && argc; argc--, argv++)
rc = crl_cache_load (&ctrlbuf, *argv);
}
+ dirmngr_deinit_default_ctrl (&ctrlbuf);
}
else if (cmd == aFetchCRL)
{
@@ -1306,6 +1307,7 @@ main (int argc, char **argv)
argv[0], gpg_strerror (rc));
crl_close_reader (reader);
}
+ dirmngr_deinit_default_ctrl (&ctrlbuf);
}
else if (cmd == aFlush)
{
@@ -1465,9 +1467,18 @@ dirmngr_exit (int rc)
void
dirmngr_init_default_ctrl (ctrl_t ctrl)
{
- (void)ctrl;
+ if (opt.http_proxy)
+ ctrl->http_proxy = xstrdup (opt.http_proxy);
+}
+
- /* Nothing for now. */
+void
+dirmngr_deinit_default_ctrl (ctrl_t ctrl)
+{
+ if (!ctrl)
+ return;
+ xfree (ctrl->http_proxy);
+ ctrl->http_proxy = NULL;
}
diff --git a/dirmngr/dirmngr.h b/dirmngr/dirmngr.h
index 56abc86d4..4f037e714 100644
--- a/dirmngr/dirmngr.h
+++ b/dirmngr/dirmngr.h
@@ -99,7 +99,7 @@ struct
int disable_http; /* Do not use HTTP at all. */
int disable_ldap; /* Do not use LDAP at all. */
int honor_http_proxy; /* Honor the http_proxy env variable. */
- const char *http_proxy; /* Use given HTTP proxy. */
+ const char *http_proxy; /* The default HTTP proxy. */
const char *ldap_proxy; /* Use given LDAP proxy. */
int only_ldap_proxy; /* Only use the LDAP proxy; no fallback. */
int ignore_http_dp; /* Ignore HTTP CRL distribution points. */
@@ -174,12 +174,14 @@ struct server_control_s
response. */
int audit_events; /* Send audit events to client. */
+ char *http_proxy; /* The used http_proxy or NULL. */
};
/*-- dirmngr.c --*/
void dirmngr_exit( int ); /* Wrapper for exit() */
void dirmngr_init_default_ctrl (ctrl_t ctrl);
+void dirmngr_deinit_default_ctrl (ctrl_t ctrl);
void dirmngr_sighup_action (void);
diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
index fcdd71ee6..a0104117d 100644
--- a/dirmngr/ks-engine-hkp.c
+++ b/dirmngr/ks-engine-hkp.c
@@ -965,8 +965,8 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
request,
httphost,
/* fixme: AUTH */ NULL,
- httpflags,
- /* fixme: proxy*/ NULL,
+ (httpflags | (opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0)),
+ ctrl->http_proxy,
session,
NULL,
/*FIXME curl->srvtag*/NULL);
diff --git a/dirmngr/ks-engine-http.c b/dirmngr/ks-engine-http.c
index e4c2b788b..13e51c69e 100644
--- a/dirmngr/ks-engine-http.c
+++ b/dirmngr/ks-engine-http.c
@@ -77,8 +77,8 @@ ks_http_fetch (ctrl_t ctrl, const char *url, estream_t *r_fp)
url,
/* httphost */ NULL,
/* fixme: AUTH */ NULL,
- 0,
- /* fixme: proxy*/ NULL,
+ (opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0),
+ ctrl->http_proxy,
session,
NULL,
/*FIXME curl->srvtag*/NULL);
diff --git a/dirmngr/ocsp.c b/dirmngr/ocsp.c
index f8c437d1d..8971b9ffa 100644
--- a/dirmngr/ocsp.c
+++ b/dirmngr/ocsp.c
@@ -166,7 +166,7 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md,
once_more:
err = http_open (&http, HTTP_REQ_POST, url, NULL, NULL,
(opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0),
- opt.http_proxy, NULL, NULL, NULL);
+ ctrl->http_proxy, NULL, NULL, NULL);
if (err)
{
log_error (_("error connecting to '%s': %s\n"), url, gpg_strerror (err));
diff --git a/dirmngr/server.c b/dirmngr/server.c
index 3e6d99d18..c0f63ac7d 100644
--- a/dirmngr/server.c
+++ b/dirmngr/server.c
@@ -582,6 +582,7 @@ static gpg_error_t
option_handler (assuan_context_t ctx, const char *key, const char *value)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
+ gpg_error_t err = 0;
if (!strcmp (key, "force-crl-refresh"))
{
@@ -593,12 +594,21 @@ option_handler (assuan_context_t ctx, const char *key, const char *value)
int i = *value? atoi (value) : 0;
ctrl->audit_events = i;
}
+ else if (!strcmp (key, "http-proxy"))
+ {
+ xfree (ctrl->http_proxy);
+ if (!*value || !strcmp (value, "none"))
+ ctrl->http_proxy = NULL;
+ else if (!(ctrl->http_proxy = xtrystrdup (value)))
+ err = gpg_error_from_syserror ();
+ }
else
- return gpg_error (GPG_ERR_UNKNOWN_OPTION);
+ err = gpg_error (GPG_ERR_UNKNOWN_OPTION);
- return 0;
+ return err;
}
+
static const char hlp_ldapserver[] =
"LDAPSERVER <data>\n"
"\n"
@@ -1633,7 +1643,7 @@ static const char hlp_ks_get[] =
"\n"
"Get the keys matching PATTERN from the configured OpenPGP keyservers\n"
"(see command KEYSERVER). Each pattern should be a keyid, a fingerprint,\n"
- "or an exact name indicastes by the '=' prefix.";
+ "or an exact name indicated by the '=' prefix.";
static gpg_error_t
cmd_ks_get (assuan_context_t ctx, char *line)
{
@@ -2096,6 +2106,7 @@ start_command_handler (assuan_fd_t fd)
{
release_ctrl_ocsp_certs (ctrl);
xfree (ctrl->server_local);
+ dirmngr_deinit_default_ctrl (ctrl);
xfree (ctrl);
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-28 12:03:46 +0000