dirmngr: Allow redirection from https to http for CRLs
authorWerner Koch <wk@gnupg.org>
Wed, 25 Apr 2018 10:37:34 +0000 (12:37 +0200)
committerWerner Koch <wk@gnupg.org>
Wed, 25 Apr 2018 10:38:04 +0000 (12:38 +0200)
commit1de4462974113ac18cf98f903e97cd1127fa842f
tree4a6bb39fa00a2dcee2dc9bfe635821bd3f8832a8
parent705d8e9cf0d109005b3441766270c0e584f7847d
dirmngr: Allow redirection from https to http for CRLs

* dirmngr/ks-engine.h (KS_HTTP_FETCH_NOCACHE): New flag.
(KS_HTTP_FETCH_TRUST_CFG): Ditto.
(KS_HTTP_FETCH_NO_CRL): Ditto.
(KS_HTTP_FETCH_ALLOW_DOWNGRADE): Ditto.
* dirmngr/ks-engine-http.c (ks_http_fetch): Replace args send_no_cache
and extra_http_trust_flags by a new flags arg.  Allow redirectiong
from https to http it KS_HTTP_FETCH_ALLOW_DOWNGRADE is set.
* dirmngr/loadswdb.c (fetch_file): Call with KS_HTTP_FETCH_NOCACHE.
* dirmngr/ks-action.c (ks_action_get): Ditto.
(ks_action_fetch): Ditto.
* dirmngr/crlfetch.c (crl_fetch): Call with the appropriate flags.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
dirmngr/crlfetch.c
dirmngr/ks-action.c
dirmngr/ks-engine-http.c
dirmngr/ks-engine.h
dirmngr/loadswdb.c