dirmngr: Support https for KS_FETCH.

* dirmngr/ks-engine-hkp.c (cert_log_cb): Move to ... * dirmngr/misc.c (cert_log_cb): here. * dirmngr/ks-engine-http.c (ks_http_fetch): Support 307-redirection and https. -- Note that this requires that the root certificates are registered using the --hkp-cacert option. Eventually we may introduce a separate option to allow using different CAs for KS_FETCH and keyserver based requests.
author: Werner Koch <wk@gnupg.org> 2014-09-10 10:37:48 +0200
committer: Werner Koch <wk@gnupg.org> 2014-09-10 10:37:48 +0200
commit: 84419f42da0fd436a9e0e669730157e74ce38b77 (patch)
tree: dd82975cf054da5fa383c12670e7c84377a5cfed /dirmngr/misc.h
parent: dirmngr: Fix the ks_fetch command for the http scheme. (diff)
download: gnupg2-84419f42da0fd436a9e0e669730157e74ce38b77.tar.xz
gnupg2-84419f42da0fd436a9e0e669730157e74ce38b77.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/dirmngr/misc.h b/dirmngr/misc.h
index 928bf78ae..2dc298557 100644
--- a/dirmngr/misc.h
+++ b/dirmngr/misc.h
@@ -68,6 +68,10 @@ void dump_string (const char *string);
    TEXT.  This is used for debugging. */
 void dump_cert (const char *text, ksba_cert_t cert);
 
+/* Callback to print infos about the TLS certificates.  */
+void cert_log_cb (http_session_t sess, gpg_error_t err,
+                  const char *hostname, const void **certs, size_t *certlens);
+
 /* Return the host name and the port (0 if none was given) from the
    URL.  Return NULL on error or if host is not included in the
    URL.  */
author	Werner Koch <wk@gnupg.org>	2014-09-10 10:37:48 +0200
committer	Werner Koch <wk@gnupg.org>	2014-09-10 10:37:48 +0200
commit	84419f42da0fd436a9e0e669730157e74ce38b77 (patch)
tree	dd82975cf054da5fa383c12670e7c84377a5cfed /dirmngr/misc.h
parent	dirmngr: Fix the ks_fetch command for the http scheme. (diff)
download	gnupg2-84419f42da0fd436a9e0e669730157e74ce38b77.tar.xz gnupg2-84419f42da0fd436a9e0e669730157e74ce38b77.zip