From: Daniel Kahn Gillmor Date: Tue, 11 Jun 2019 07:25:46 +0000 (+0100) Subject: dirmngr: fix handling of HTTPS redirections during HKP X-Git-Tag: archive/raspbian/2.2.12-1+rpi1+deb10u1^2~12 X-Git-Url: https://dgit.raspbian.org/%22http://www.example.com/cgi/%22/%22http:/www.example.com/cgi/%22?a=commitdiff_plain;h=1d452871228a395754ab0d621b9caeca443240d8;p=gnupg2.git dirmngr: fix handling of HTTPS redirections during HKP * dirmngr/ks-engine-hkp.c (send_request): Reinitialize HTTP session when following a HTTP redirection. -- inspired by patch from Damien Goutte-Gattat GnuPG-Bug_id: 4566 Signed-off-by: Daniel Kahn Gillmor (cherry picked from commit efb6e08ea2ca1cf2d39135d94195802cd69b9ea6) Gbp-Pq: Topic from-2.2.17 Gbp-Pq: Name dirmngr-fix-handling-of-HTTPS-redirections-during-HKP.patch --- diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c index 3ebd651..9ca1cae 100644 --- a/dirmngr/ks-engine-hkp.c +++ b/dirmngr/ks-engine-hkp.c @@ -1174,6 +1174,7 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr, /* FIXME: I am not sure whey we allow a downgrade for hkp requests. * Needs at least an explanation here.. */ + once_more: err = http_session_new (&session, httphost, ((ctrl->http_no_crl? HTTP_FLAG_NO_CRL : 0) | HTTP_FLAG_TRUST_DEF), @@ -1183,7 +1184,6 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr, http_session_set_log_cb (session, cert_log_cb); http_session_set_timeout (session, ctrl->timeout); - once_more: err = http_open (&http, post_cb? HTTP_REQ_POST : HTTP_REQ_GET, request, @@ -1263,6 +1263,8 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr, request = request_buffer; http_close (http, 0); http = NULL; + http_session_release (session); + session = NULL; } goto once_more;