Bug 159918 – Validate keyserver uris

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 159918 - Validate keyserver uris


Summary:	Validate keyserver uris


Status:	RESOLVED FIXED

Product:	seahorse
Classification:	Applications
Component:	general
Version:	0.7.x
Hardware:	Other Linux

Importance:	Normal normal
Target Milestone:	---
Assigned To:	Seahorse Maintainer
QA Contact:	Seahorse Maintainer

URL:
Whiteboard:

Depends on:
Blocks:	157818

Reported:	2004-11-29 23:13 UTC by Stef Walter
Modified:	2005-04-25 00:31 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Stef Walter 2004-11-29 23:13:50 UTC

In the preferences window we need to validate the keyserver uris. This can be
done by parsing the uri and then checking to see if the appropriate executable
plugin works.

Comment 1 Adam Schreiber 2004-11-30 00:47:43 UTC

What constitutes a valid URI?  pgp.mit.edu? http://pgp.mit.edu?

Is there documentation available on the gpg plugins we're using?

Comment 2 Stef Walter 2004-11-30 02:50:40 UTC

The GPG keys plugins are distributed with GPG. They handle interaction with a
certain type of keyserver. The plugins are named like this:

gpgkeys_<scheme>

So the plugin for ldap uris is called 'gpgkeys_ldap'. These plugins are found in
the /usr/lib/gnupg/gpgkeys_ldap or such directory. In the code plugins without a
scheme use a default scheme (ldap, last time i checked). So I think, basically
validating it means checking that the URI parses, and we have the plugin for
that scheme.

Comment 3 Adam Schreiber 2004-12-22 20:02:04 UTC

Right now, there's an unimplemented  validate function in
seahorse-ldap-source.c.    Are we going to keep the validate functions burried
in the sources it seems like a lot of the validation is common to all protocols?  

Would the validate code work something like:

 * Starts with valid protocol i.e. ldap:// hkn:// etc
 * Portion after protocol contains at least one dot "."
 * Portion after protocol doesn't contain any non-escaped US-ASCII excluded 
characters: 2.4.3. Excluded US-ASCII Characters from
http://www.ietf.org/rfc/rfc2396.txt

Any other tests needed?

Resources:
http://www.w3.org/Addressing/
http://www.ietf.org/rfc/rfc2396.txt

Comment 4 Stef Walter 2004-12-22 20:45:11 UTC

The idea is to have seahorse_server_source_validate_uri (or whatever it's
called) call each of the specific remote source uri validation functions in turn
(ie: seahorse_ldap_source_validate_uri). 

Currently we only have native support for LDAP, but I'll be putting back the
support for the GPG plugins eventually.

This type of scheme would also allow us to hand off the URIs to the correct
remote source class.

URIs without a scheme prefix, get a default one added (propably ldap://).

Comment 5 Stef Walter 2005-04-25 00:30:51 UTC

Committed validation code. Added a keyserver creation dialog. 

BTW, we don't support the gpgkeys_* plugins anymore. It's much more efficient
and reliable for us to interact with the keyservers directly. If there comes a
time when it makes sense for us to use gpgkeys_* we can always resurect the old
code and dust it off.