Bug#201589: GnuPG does not work with Privoxy

Sat, 05 Jan 2008 13:51:18 -0800 

reassign 201589 gnupg 1.4.6-2
retitle 201589 GnuPG does not work with Privoxy (and maybe other HTTP proxies?) 
[patch]
tags 201589 + patch
thanks

Hi,

there was a long-standing bug against Privoxy that keyserver access does 
not work with GnuPG. I actually found out that GnuPG is the culprit, not 
Privoxy.

The problem only occurs with the built-in "curl-shim.c" code, not when 
libcurl is used. BTW, you should explicitly build --without-curl, otherwise 
any installed curl dev package on the build machine will be picked up.

The attached patch simply disables two lines of code. I'm not sure what 
their purpose is - without them, keyserver access for sending and 
retrieving keys works both with and without a proxy. 
HTTP_FLAG_NO_SHUTDOWN isn't actually used anywhere else in the code.

The patch also adds a "Host:" header when an HTTP proxy is used. I think 
the host header is always required by the spec, and if it's not there, this 
might cause problems with some proxies/servers. Virtual keyserver hosting 
is fairly uncommon these days ;) - nevertheless, having "Host:" is more 
correct.

Finally: Maybe consider changing to --with-curl - that curl-shim code looks 
quite hacked up and does a lot of ugly string/malloc operations...

Cheers,

  Richard

-- 
  __   _
  |_) /|  Richard Atterer
  | \/¯|  http://atterer.net
  ¯ '` ¯


--- ./util/http.c.orig  2006-07-24 15:46:27.000000000 +0200
+++ ./util/http.c       2008-01-05 20:53:08.706898505 +0100
@@ -212,8 +212,10 @@
     iobuf_ioctl (hd->fp_write, 1, 1, NULL); /* keep the socket open */
     iobuf_close (hd->fp_write);
     hd->fp_write = NULL;
+#if 0
     if ( !(hd->flags & HTTP_FLAG_NO_SHUTDOWN) )
         shutdown( hd->sock, 1 );
+#endif
     hd->in_data = 0;
 
     hd->fp_read = iobuf_sockopen( hd->sock , "r" );
@@ -573,13 +575,14 @@
 
     request=xmalloc(strlen(server)*2 + strlen(p)
                    + (authstr?strlen(authstr):0)
-                   + (proxy_authstr?strlen(proxy_authstr):0) + 65);
+                   + (proxy_authstr?strlen(proxy_authstr):0) + 256);
     if( proxy && *proxy )
-      sprintf( request, "%s http://%s:%hu%s%s HTTP/1.0\r\n%s%s",
+      sprintf( request, "%s http://%s:%hu%s%s HTTP/1.0\r\nHost: 
%s:%hu\r\n%s%s",
               hd->req_type == HTTP_REQ_GET ? "GET" :
               hd->req_type == HTTP_REQ_HEAD? "HEAD":
               hd->req_type == HTTP_REQ_POST? "POST": "OOPS",
               server, port,  *p == '/'? "":"/", p,
+              server, port,
               authstr?authstr:"",proxy_authstr?proxy_authstr:"" );
     else
       {

Reply via email to