diff options
| author | David Shaw <dshaw@jabberwocky.com> | 2006-03-17 06:20:13 +0100 |
|---|---|---|
| committer | David Shaw <dshaw@jabberwocky.com> | 2006-03-17 06:20:13 +0100 |
| commit | 3cfc77097d9ab120e3f5102b7ad07c56223272c9 (patch) | |
| tree | 62e8a18976cd95af90e97c49be447c837537c41c | |
| parent | * cert.c (get_cert): Handle the fixed IPGP type with fingerprint. (diff) | |
| download | gnupg2-3cfc77097d9ab120e3f5102b7ad07c56223272c9.tar.xz gnupg2-3cfc77097d9ab120e3f5102b7ad07c56223272c9.zip | |
* keyserver.c (keyserver_import_cert): Handle the IPGP CERT type for
both the fingerprint alone, and fingerprint+URL cases.
* getkey.c (get_pubkey_byname): Minor cleanup.
| -rw-r--r-- | g10/ChangeLog | 7 | ||||
| -rw-r--r-- | g10/getkey.c | 23 | ||||
| -rw-r--r-- | g10/keyserver.c | 37 |
3 files changed, 43 insertions, 24 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index d3df2552b..27a7c04ef 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,10 @@ +2006-03-16 David Shaw <dshaw@jabberwocky.com> + + * keyserver.c (keyserver_import_cert): Handle the IPGP CERT type + for both the fingerprint alone, and fingerprint+URL cases. + + * getkey.c (get_pubkey_byname): Minor cleanup. + 2006-03-13 David Shaw <dshaw@jabberwocky.com> * keyserver-internal.h, keyserver.c (keyserver_import_pka): Use diff --git a/g10/getkey.c b/g10/getkey.c index 8594ad9e6..0a314c4ee 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -917,7 +917,6 @@ get_pubkey_byname (PKT_public_key *pk, if (rc == G10ERR_NO_PUBKEY && is_valid_mailbox(name)) { - int res; struct akl *akl; for(akl=opt.auto_key_locate;akl;akl=akl->next) @@ -929,29 +928,29 @@ get_pubkey_byname (PKT_public_key *pk, { case AKL_CERT: glo_ctrl.in_auto_key_retrieve++; - res=keyserver_import_cert(name,&fpr,&fpr_len); + rc=keyserver_import_cert(name,&fpr,&fpr_len); glo_ctrl.in_auto_key_retrieve--; - if(res==0) + if(rc==0) log_info(_("Automatically retrieved `%s' via %s\n"), name,"DNS CERT"); break; case AKL_PKA: glo_ctrl.in_auto_key_retrieve++; - res=keyserver_import_pka(name,&fpr,&fpr_len); + rc=keyserver_import_pka(name,&fpr,&fpr_len); - if(res==0) + if(rc==0) log_info(_("Automatically retrieved `%s' via %s\n"), name,"PKA"); break; case AKL_LDAP: glo_ctrl.in_auto_key_retrieve++; - res=keyserver_import_ldap(name,&fpr,&fpr_len); + rc=keyserver_import_ldap(name,&fpr,&fpr_len); glo_ctrl.in_auto_key_retrieve--; - if(res==0) + if(rc==0) log_info(_("Automatically retrieved `%s' via %s\n"), name,"LDAP"); break; @@ -964,10 +963,10 @@ get_pubkey_byname (PKT_public_key *pk, if(opt.keyserver) { glo_ctrl.in_auto_key_retrieve++; - res=keyserver_import_name(name,&fpr,&fpr_len,opt.keyserver); + rc=keyserver_import_name(name,&fpr,&fpr_len,opt.keyserver); glo_ctrl.in_auto_key_retrieve--; - if(res==0) + if(rc==0) log_info(_("Automatically retrieved `%s' via %s\n"), name,opt.keyserver->uri); } @@ -979,10 +978,10 @@ get_pubkey_byname (PKT_public_key *pk, keyserver=keyserver_match(akl->spec); glo_ctrl.in_auto_key_retrieve++; - res=keyserver_import_name(name,&fpr,&fpr_len,keyserver); + rc=keyserver_import_name(name,&fpr,&fpr_len,keyserver); glo_ctrl.in_auto_key_retrieve--; - if(res==0) + if(rc==0) log_info(_("Automatically retrieved `%s' via %s\n"), name,akl->spec->uri); } @@ -996,7 +995,7 @@ get_pubkey_byname (PKT_public_key *pk, requirement as the URL might point to a key put in by an attacker. By forcing the use of the fingerprint, we won't use the attacker's key here. */ - if(res==0 && fpr) + if(rc==0 && fpr) { int i; char fpr_string[MAX_FINGERPRINT_LEN*2+1]; diff --git a/g10/keyserver.c b/g10/keyserver.c index 30e8ae6d6..256691a2a 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -1985,7 +1985,7 @@ keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len) { char *domain,*look,*url; IOBUF key; - int type,rc=-1; + int type,rc=G10ERR_GENERAL; look=xstrdup(name); @@ -1993,7 +1993,7 @@ keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len) if(domain) *domain='.'; - type=get_cert(look,max_cert_size,&key,NULL,NULL,&url); + type=get_cert(look,max_cert_size,&key,fpr,fpr_len,&url); if(type==1) { int armor_status=opt.no_armor; @@ -2008,21 +2008,34 @@ keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len) iobuf_close(key); } - else if(type==2) + else if(type==2 && *fpr) { - struct keyserver_spec *spec; - - spec=parse_keyserver_uri(url,1,NULL,0); - if(spec) + /* We only consider the IPGP type if a fingerprint was provided. + This lets us select the right key regardless of what a URL + points to, or get the key from a keyserver. */ + if(url) { - STRLIST list=NULL; + struct keyserver_spec *spec; - add_to_strlist(&list,url); + spec=parse_keyserver_uri(url,1,NULL,0); + if(spec) + { + STRLIST list=NULL; - rc=keyserver_fetch(list); + add_to_strlist(&list,url); - free_strlist(list); - free_keyserver_spec(spec); + rc=keyserver_fetch(list); + + free_strlist(list); + free_keyserver_spec(spec); + } + } + else if(opt.keyserver) + { + /* If only a fingerprint is provided, try and fetch it from + our --keyserver */ + + rc=keyserver_import_fprint(*fpr,*fpr_len,opt.keyserver); } xfree(url); |