| blob | 64a3a7029496615e7be84095cc417be5aa8ce579 |
1 /* gpgkeys_hkp.c - talk to an HKP keyserver
2 * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,
3 * 2009 Free Software Foundation, Inc.
4 *
5 * This file is part of GnuPG.
6 *
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 *
20 * In addition, as a special exception, the Free Software Foundation
21 * gives permission to link the code of the keyserver helper tools:
22 * gpgkeys_ldap, gpgkeys_curl and gpgkeys_hkp with the OpenSSL
23 * project's "OpenSSL" library (or with modified versions of it that
24 * use the same license as the "OpenSSL" library), and distribute the
25 * linked executables. You must obey the GNU General Public License
26 * in all respects for all of the code used other than "OpenSSL". If
27 * you modify this file, you may extend this exception to your version
28 * of the file, but you are not obligated to do so. If you do not
29 * wish to do so, delete this exception statement from your version.
30 */
32 #include <config.h>
33 #include <stdio.h>
34 #include <string.h>
35 #include <stdlib.h>
36 #include <errno.h>
37 #include <unistd.h>
38 #ifdef HAVE_GETOPT_H
39 #include <getopt.h>
40 #endif
41 #ifdef HAVE_LIBCURL
42 #include <curl/curl.h>
43 #else
45 #endif
46 #ifdef USE_DNS_SRV
48 #endif
61 static size_t
63 {
67 {
68 /* If the document begins with a '<', assume it's a HTML
69 response, which we don't support. Discard the whole message
70 body. GPG can handle it, but this is an optimization to deal
71 with it on this side of the pipe. */
77 }
81 else
83 }
85 /* Append but avoid creating a double slash // in the path. */
88 {
95 }
97 int
99 {
100 CURLcode res;
108 /* Read and throw away input until we see the BEGIN */
113 {
116 }
119 {
120 /* i.e. eof before the KEY BEGIN was found. This isn't an
121 error. */
125 }
127 /* Now slurp up everything until we see the END */
132 {
135 }
136 else
137 {
139 {
145 {
150 }
153 }
157 }
160 {
165 }
169 {
173 }
179 {
183 }
194 /* request is MAX_URL+15 bytes long - MAX_URL covers the whole URL,
195 including any supplied path. The 15 covers /pks/add. */
208 {
212 }
213 else
218 fail:
226 }
228 static int
230 {
231 CURLcode res;
238 /* Build the search string. HKP only uses the short key IDs. */
246 {
251 }
259 /* request is MAX_URL+55 bytes long - MAX_URL covers the whole URL,
260 including any supplied path. The 60 overcovers this /pks/... etc
261 string plus the 8 bytes of key id */
264 /* fingerprint or long key id. Take the last 8 characters and treat
265 it like a short key id */
268 else
283 {
286 }
287 else
288 {
291 {
295 }
296 else
298 }
301 }
303 static int
305 {
306 CURLcode res;
316 {
320 }
324 {
328 }
354 {
357 }
358 else
359 {
362 {
365 }
366 else
367 {
370 }
371 }
373 fail:
381 }
383 static int
385 {
386 CURLcode res;
400 {
404 }
408 {
412 }
424 /* HKP keyservers like the 0x to be present when searching by
425 keyid */
443 {
446 }
447 else
448 {
451 }
453 fail:
462 }
464 void
466 {
471 {
474 {
477 }
479 }
480 else
482 {
485 }
486 }
488 #ifdef HAVE_LIBCURL
489 /* If there is a SRV record, take the highest ranked possibility.
490 This is a hack, as we don't proceed downwards. */
491 static void
493 {
494 #ifdef USE_DNS_SRV
502 {
510 }
513 {
519 {
525 }
526 else
527 {
530 }
531 }
532 #endif
533 }
534 #endif
536 static void
538 {
543 }
545 int
547 {
557 /* Kludge to implement standard GNU options. */
559 {
563 }
565 {
568 }
572 {
585 {
589 }
592 }
595 {
598 {
602 }
603 }
615 /* Get the command and info block */
618 {
627 {
630 }
635 {
642 {
645 }
648 {
650 {
653 }
655 {
657 {
660 }
661 }
662 }
664 {
667 else
669 }
672 }
673 }
676 {
680 }
683 {
686 }
687 else
688 {
691 }
694 {
697 }
700 {
703 }
708 {
712 }
714 /* If the user gives a :port, then disable SRV. The semantics of a
715 specified port and SRV do not play well together. */
719 {
726 else
729 #ifdef HAVE_LIBCURL
730 /* We're using libcurl, so fake SRV support via our wrapper.
731 This isn't as good as true SRV support, as we do not try all
732 possible targets at one particular level and work our way
733 down the list, but it's better than nothing. */
735 #else
736 /* We're using our internal curl shim, so we can use its (true)
737 SRV support. Obviously, CURLOPT_SRVTAG_GPG_HACK isn't a real
738 libcurl option. It's specific to our shim. */
740 #endif
741 }
749 {
753 }
758 /* Avoid caches to get the most recent copy of the key. This is bug
759 #1061. In pre-curl versions of the code, we didn't do it. Then
760 we did do it (as a curl default) until curl changed the default.
761 Now we're doing it again, but in such a way that changing
762 defaults in the future won't impact us. We set both the Pragma
763 and Cache-Control versions of the header, so we're good with both
764 HTTP 1.0 and 1.1. */
770 {
774 }
781 /* If it's a GET or a SEARCH, the next thing to come in is the
782 keyids. If it's a SEND, then there are no keyids. */
788 {
790 {
795 else
796 {
802 {
807 }
811 /* Trim the trailing \n */
816 /* Always attach at the end to keep the list in proper
817 order for searching */
820 else
824 }
825 }
826 }
827 else
828 {
831 }
833 /* Send the response */
839 {
846 }
849 {
853 {
857 failed++;
860 }
861 }
863 {
867 {
871 failed++;
874 }
875 }
877 {
880 do
881 {
885 failed++;
886 }
888 }
890 {
896 /* To search, we stick a space in between each key to search
897 for. */
901 {
904 }
908 {
912 }
918 {
922 }
924 /* Nail that last space */
929 failed++;
932 }
933 else
939 fail:
941 {
945 }
963 }