Changeset View
Changeset View
Standalone View
Standalone View
b/dirmngr/http.c
Context not available. | |||||
"01234567890@" \ | "01234567890@" \ | ||||
"!\"#$%&'()*+,-./:;<=>?[\\]^_{|}~" | "!\"#$%&'()*+,-./:;<=>?[\\]^_{|}~" | ||||
#define HKPS_POOL_CA_PEM GNUPG_DATADIR "/sks-keyservers.netCA.pem" | |||||
/* A long counter type. */ | /* A long counter type. */ | ||||
#ifdef HAVE_STRTOULL | #ifdef HAVE_STRTOULL | ||||
typedef unsigned long long longcounter_t; | typedef unsigned long long longcounter_t; | ||||
Context not available. | |||||
/* Create a new session object which is currently used to enable TLS | /* Create a new session object which is currently used to enable TLS | ||||
support. It may eventually allow reusing existing connections. */ | support. It may eventually allow reusing existing connections. */ | ||||
gpg_error_t | gpg_error_t | ||||
http_session_new (http_session_t *r_session, const char *tls_priority) | http_session_new (http_session_t *r_session, const char *tls_priority, | ||||
const char *intended_hostname) | |||||
{ | { | ||||
gpg_error_t err; | gpg_error_t err; | ||||
http_session_t sess; | http_session_t sess; | ||||
Context not available. | |||||
goto leave; | goto leave; | ||||
} | } | ||||
/* if the user has not specified a CA list, and they are looking | |||||
* for the hkps pool from sks-keyservers.net, then default to | |||||
* Kristian's certificate authority: | |||||
*/ | |||||
if (!tls_ca_certlist) | |||||
{ | |||||
if (intended_hostname && | |||||
0 == strcasecmp("hkps.pool.sks-keyservers.net", intended_hostname)) | |||||
{ | |||||
rc = gnutls_certificate_set_x509_trust_file | |||||
(sess->certcred, HKPS_POOL_CA_PEM, GNUTLS_X509_FMT_PEM); | |||||
if (rc < 0) | |||||
log_info ("setting CA from file '" HKPS_POOL_CA_PEM "' failed: %s\n", | |||||
gnutls_strerror (rc)); | |||||
} | |||||
} | |||||
for (sl = tls_ca_certlist; sl; sl = sl->next) | for (sl = tls_ca_certlist; sl; sl = sl->next) | ||||
{ | { | ||||
rc = gnutls_certificate_set_x509_trust_file | rc = gnutls_certificate_set_x509_trust_file | ||||
Context not available. |