a keyserver.
We fall back on the environment, as before. This required splitting
untaint out into its own module.
use strict;
use warnings;
use parent qw(Crypt::Monkeysphere::Logger);
+use Crypt::Monkeysphere::Util qw(untaint);
our $default_keyserver='hkp://pool.sks-keyservers.net';
my $self=$class->SUPER::new($opts{loglevel} || 'info');
- $self->{keyserver} = $opts{keyserver} || $self->_get_keyserver();
+ # gnupg should be initialized first, before figuring out
+ # what keyserver to use.
+
$self->{gnupg} = $opts{gnupg} || new GnuPG::Interface();
+
+ $self->{keyserver} = $opts{keyserver} || $self->_get_keyserver();
return $self;
}
my $self=shift;
- my $gpghome;
+ my $gpghome=$self->{gnupg}->options->homedir;
+
+ if (!defined($gpghome)) {
+ if (exists $ENV{GNUPGHOME} and $ENV{GNUPGHOME} ne '') {
+ $gpghome = untaint($ENV{GNUPGHOME});
+ } else {
+ my $userhome=File::HomeDir->my_home;
+ if (defined($userhome)) {
+ $gpghome = File::Spec->catfile($userhome, '.gnupg');
+ }
+ }
+ }
- if (exists $ENV{GNUPGHOME} and $ENV{GNUPGHOME} ne '') {
- $gpghome = untaint($ENV{GNUPGHOME});
+ if (defined $gpghome) {
+ return $self->_read_keyserver_from_gpg_conf($gpghome) || $default_keyserver;
} else {
- $gpghome = File::Spec->catfile(File::HomeDir->my_home, '.gnupg');
+ return $default_keyserver;
}
+
+}
+
+sub _read_keyserver_from_gpg_conf() {
+ my $self=shift;
+ my $gpghome=shift;
+
my $gpgconf = File::Spec->catfile($gpghome, 'gpg.conf');
if (-f $gpgconf) {
if (-r $gpgconf) {
} else {
$self->log('info', "Did not find GnuPG configuration file while looking for keyserver '%s'\n", $gpgconf);
}
-
- return $default_keyserver;
+ return undef;
+
}
-
sub fetch_uid {
my $self= shift;
my $uid = shift || croak("uid argument mandatory");
use Config::General;
use Crypt::Monkeysphere::MSVA::MarginalUI;
use Crypt::Monkeysphere::Logger;
+ use Crypt::Monkeysphere::Util qw(untaint);
use Crypt::Monkeysphere::MSVA::Monitor;
use JSON;
}
}
- # use sparingly! We want to keep taint mode around for the data we
- # get over the network. this is only here because we want to treat
- # the command line arguments differently for the subprocess.
- sub untaint {
- my $x = shift;
- $x =~ /^(.*)$/ ;
- return $1;
- }
-
sub post_bind_hook {
my $self = shift;
my $server = shift;
--- /dev/null
+package Crypt::Monkeysphere::Util;
+
+use strict;
+use warnings;
+
+use Exporter qw(import);
+our @EXPORT_OK=qw(untaint);
+
+
+# use sparingly! We want to keep taint mode around for the data we
+# get over the network. this is only here because we want to treat
+# the command line arguments differently for the subprocess.
+sub untaint {
+ my $x = shift;
+ $x =~ /^(.*)$/ ;
+ return $1;
+}
+
+1;
--- /dev/null
+# -*- perl -*-
+use Test::More;
+
+use Crypt::Monkeysphere::Keyserver;
+use GnuPG::Interface;
+use File::Temp qw(tempdir);
+use strict;
+use warnings;
+
+my $fpr='762B57BB784206AD';
+plan tests =>5;
+
+{
+
+ $ENV{HOME}='/nonexistant';
+ my $ks = new Crypt::Monkeysphere::Keyserver();
+
+ isa_ok($ks,'Crypt::Monkeysphere::Keyserver');
+ is($ks->{keyserver},$Crypt::Monkeysphere::Keyserver::default_keyserver);
+
+}
+
+my $tempdir = tempdir("/tmp/unitXXXXX", CLEANUP=> 1);
+my $gnupg = new GnuPG::Interface();
+my $testks = 'hkp://keys.gnupg.net';
+$gnupg->options->hash_init(homedir=>$tempdir);
+
+is($gnupg->options->homedir,$tempdir);
+
+open GPGCONF, '>', "$tempdir/gpg.conf";
+print GPGCONF "keyserver $testks\n";
+close GPGCONF;
+
+my $ks=new Crypt::Monkeysphere::Keyserver(gnupg=>$gnupg,
+ loglevel=>'debug');
+
+isa_ok($ks,'Crypt::Monkeysphere::Keyserver');
+
+is($ks->{keyserver},$testks);
projects / monkeysphere-validation-agent.git / commitdiff