search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
* gpg.texi (GPG Configuration Options): Make http_proxy option
[gnupg.git] / g10 / keyserver.c
blob049b971a9c5929509748cb62dc07dfe2a7df4039
1 /* keyserver.c - generic keyserver code
2 * Copyright (C) 2001, 2002, 2003, 2004, 2005,
3 * 2006 Free Software Foundation, Inc.
4 *
5 * This file is part of GnuPG.
6 *
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
20 * USA.
21 */
22
23 #include <config.h>
24 #include <ctype.h>
25 #include <stdio.h>
26 #include <string.h>
27 #include <stdlib.h>
28 #include <assert.h>
29 #include <errno.h>
30
31 #include "gpg.h"
32 #include "iobuf.h"
33 #include "filter.h"
34 #include "keydb.h"
35 #include "status.h"
36 #include "exec.h"
37 #include "main.h"
38 #include "i18n.h"
39 #include "ttyio.h"
40 #include "options.h"
41 #include "packet.h"
42 #include "trustdb.h"
43 #include "keyserver-internal.h"
44 #include "util.h"
45 #include "dns-cert.h"
46 #include "pka.h"
47
48
49 struct keyrec
50 {
51 KEYDB_SEARCH_DESC desc;
52 u32 createtime,expiretime;
53 int size,flags;
54 byte type;
55 IOBUF uidbuf;
56 unsigned int lines;
57 };
58
59 enum ks_action {KS_UNKNOWN=0,KS_GET,KS_GETNAME,KS_SEND,KS_SEARCH};
60
61 static struct parse_options keyserver_opts[]=
62 {
63 /* some of these options are not real - just for the help
64 message */
65 {"max-cert-size",0,NULL,NULL},
66 {"include-revoked",0,NULL,N_("include revoked keys in search results")},
67 {"include-subkeys",0,NULL,N_("include subkeys when searching by key ID")},
68 {"use-temp-files",0,NULL,
69 N_("use temporary files to pass data to keyserver helpers")},
70 {"keep-temp-files",KEYSERVER_KEEP_TEMP_FILES,NULL,
71 N_("do not delete temporary files after using them")},
72 {"refresh-add-fake-v3-keyids",KEYSERVER_ADD_FAKE_V3,NULL,
73 NULL},
74 {"auto-key-retrieve",KEYSERVER_AUTO_KEY_RETRIEVE,NULL,
75 N_("automatically retrieve keys when verifying signatures")},
76 {"honor-keyserver-url",KEYSERVER_HONOR_KEYSERVER_URL,NULL,
77 N_("honor the preferred keyserver URL set on the key")},
78 {"honor-pka-record",KEYSERVER_HONOR_PKA_RECORD,NULL,
79 N_("honor the PKA record set on a key when retrieving keys")},
80 {NULL,0,NULL,NULL}
81 };
82
83 static int keyserver_work(enum ks_action action,strlist_t list,
84 KEYDB_SEARCH_DESC *desc,int count,
85 unsigned char **fpr,size_t *fpr_len,
86 struct keyserver_spec *keyserver);
87
88 /* Reasonable guess */
89 #define DEFAULT_MAX_CERT_SIZE 16384
90
91 static size_t max_cert_size=DEFAULT_MAX_CERT_SIZE;
92
93 static void
94 add_canonical_option(char *option,strlist_t *list)
95 {
96 char *arg=argsplit(option);
97
98 if(arg)
99 {
100 char *joined;
101
102 joined=xmalloc(strlen(option)+1+strlen(arg)+1);
103 /* Make a canonical name=value form with no spaces */
104 strcpy(joined,option);
105 strcat(joined,"=");
106 strcat(joined,arg);
107 append_to_strlist(list,joined);
108 xfree(joined);
109 }
110 else
111 append_to_strlist(list,option);
112 }
113
114 int
115 parse_keyserver_options(char *options)
116 {
117 int ret=1;
118 char *tok;
119 char *max_cert=NULL;
120
121 keyserver_opts[0].value=&max_cert;
122
123 while((tok=optsep(&options)))
124 {
125 if(tok[0]=='\0')
126 continue;
127
128 /* For backwards compatibility. 1.2.x used honor-http-proxy and
129 there are a good number of documents published that recommend
130 it. */
131 if(ascii_strcasecmp(tok,"honor-http-proxy")==0)
132 tok="http-proxy";
133 else if(ascii_strcasecmp(tok,"no-honor-http-proxy")==0)
134 tok="no-http-proxy";
135
136 /* We accept quite a few possible options here - some options to
137 handle specially, the keyserver_options list, and import and
138 export options that pertain to keyserver operations. Note
139 that you must use strncasecmp here as there might be an
140 =argument attached which will foil the use of strcasecmp. */
141
142 #ifdef EXEC_TEMPFILE_ONLY
143 if(ascii_strncasecmp(tok,"use-temp-files",14)==0 ||
144 ascii_strncasecmp(tok,"no-use-temp-files",17)==0)
145 log_info(_("WARNING: keyserver option `%s' is not used"
146 " on this platform\n"),tok);
147 #else
148 if(ascii_strncasecmp(tok,"use-temp-files",14)==0)
149 opt.keyserver_options.options|=KEYSERVER_USE_TEMP_FILES;
150 else if(ascii_strncasecmp(tok,"no-use-temp-files",17)==0)
151 opt.keyserver_options.options&=~KEYSERVER_USE_TEMP_FILES;
152 #endif
153 else if(!parse_options(tok,&opt.keyserver_options.options,
154 keyserver_opts,0)
155 && !parse_import_options(tok,
156 &opt.keyserver_options.import_options,0)
157 && !parse_export_options(tok,
158 &opt.keyserver_options.export_options,0))
159 {
160 /* All of the standard options have failed, so the option is
161 destined for a keyserver plugin. */
162 add_canonical_option(tok,&opt.keyserver_options.other);
163 }
164 }
165
166 if(max_cert)
167 {
168 max_cert_size=strtoul(max_cert,(char **)NULL,10);
169
170 if(max_cert_size==0)
171 max_cert_size=DEFAULT_MAX_CERT_SIZE;
172 }
173
174 return ret;
175 }
176
177 void
178 free_keyserver_spec(struct keyserver_spec *keyserver)
179 {
180 xfree(keyserver->uri);
181 xfree(keyserver->scheme);
182 xfree(keyserver->auth);
183 xfree(keyserver->host);
184 xfree(keyserver->port);
185 xfree(keyserver->path);
186 xfree(keyserver->opaque);
187 free_strlist(keyserver->options);
188 xfree(keyserver);
189 }
190
191 /* Return 0 for match */
192 static int
193 cmp_keyserver_spec(struct keyserver_spec *one,struct keyserver_spec *two)
194 {
195 if(ascii_strcasecmp(one->scheme,two->scheme)==0)
196 {
197 if(one->host && two->host && ascii_strcasecmp(one->host,two->host)==0)
198 {
199 if((one->port && two->port
200 && ascii_strcasecmp(one->port,two->port)==0)
201 || (!one->port && !two->port))
202 return 0;
203 }
204 else if(one->opaque && two->opaque
205 && ascii_strcasecmp(one->opaque,two->opaque)==0)
206 return 0;
207 }
208
209 return 1;
210 }
211
212 /* Try and match one of our keyservers. If we can, return that. If
213 we can't, return our input. */
214 struct keyserver_spec *
215 keyserver_match(struct keyserver_spec *spec)
216 {
217 struct keyserver_spec *ks;
218
219 for(ks=opt.keyserver;ks;ks=ks->next)
220 if(cmp_keyserver_spec(spec,ks)==0)
221 return ks;
222
223 return spec;
224 }
225
226 /* TODO: once we cut over to an all-curl world, we don't need this
227 parser any longer so it can be removed, or at least moved to
228 keyserver/ksutil.c for limited use in gpgkeys_ldap or the like. */
229
230 struct keyserver_spec *
231 parse_keyserver_uri(const char *string,int require_scheme,
232 const char *configname,unsigned int configlineno)
233 {
234 int assume_hkp=0;
235 struct keyserver_spec *keyserver;
236 const char *idx;
237 int count;
238 char *uri,*options;
239
240 assert(string!=NULL);
241
242 keyserver=xmalloc_clear(sizeof(struct keyserver_spec));
243
244 uri=xstrdup(string);
245
246 options=strchr(uri,' ');
247 if(options)
248 {
249 char *tok;
250
251 *options='\0';
252 options++;
253
254 while((tok=optsep(&options)))
255 add_canonical_option(tok,&keyserver->options);
256 }
257
258 /* Get the scheme */
259
260 for(idx=uri,count=0;*idx && *idx!=':';idx++)
261 {
262 count++;
263
264 /* Do we see the start of an RFC-2732 ipv6 address here? If so,
265 there clearly isn't a scheme so get out early. */
266 if(*idx=='[')
267 {
268 /* Was the '[' the first thing in the string? If not, we
269 have a mangled scheme with a [ in it so fail. */
270 if(count==1)
271 break;
272 else
273 goto fail;
274 }
275 }
276
277 if(count==0)
278 goto fail;
279
280 if(*idx=='\0' || *idx=='[')
281 {
282 if(require_scheme)
283 return NULL;
284
285 /* Assume HKP if there is no scheme */
286 assume_hkp=1;
287 keyserver->scheme=xstrdup("hkp");
288
289 keyserver->uri=xmalloc(strlen(keyserver->scheme)+3+strlen(uri)+1);
290 strcpy(keyserver->uri,keyserver->scheme);
291 strcat(keyserver->uri,"://");
292 strcat(keyserver->uri,uri);
293 }
294 else
295 {
296 int i;
297
298 keyserver->uri=xstrdup(uri);
299
300 keyserver->scheme=xmalloc(count+1);
301
302 /* Force to lowercase */
303 for(i=0;i<count;i++)
304 keyserver->scheme[i]=ascii_tolower(uri[i]);
305
306 keyserver->scheme[i]='\0';
307
308 /* Skip past the scheme and colon */
309 uri+=count+1;
310 }
311
312 if(ascii_strcasecmp(keyserver->scheme,"x-broken-hkp")==0)
313 {
314 deprecated_warning(configname,configlineno,"x-broken-hkp",
315 "--keyserver-options ","broken-http-proxy");
316 xfree(keyserver->scheme);
317 keyserver->scheme=xstrdup("hkp");
318 append_to_strlist(&opt.keyserver_options.other,"broken-http-proxy");
319 }
320 else if(ascii_strcasecmp(keyserver->scheme,"x-hkp")==0)
321 {
322 /* Canonicalize this to "hkp" so it works with both the internal
323 and external keyserver interface. */
324 xfree(keyserver->scheme);
325 keyserver->scheme=xstrdup("hkp");
326 }
327
328 if(assume_hkp || (uri[0]=='/' && uri[1]=='/'))
329 {
330 /* Two slashes means network path. */
331
332 /* Skip over the "//", if any */
333 if(!assume_hkp)
334 uri+=2;
335
336 /* Do we have userinfo auth data present? */
337 for(idx=uri,count=0;*idx && *idx!='@' && *idx!='/';idx++)
338 count++;
339
340 /* We found a @ before the slash, so that means everything
341 before the @ is auth data. */
342 if(*idx=='@')
343 {
344 if(count==0)
345 goto fail;
346
347 keyserver->auth=xmalloc(count+1);
348 strncpy(keyserver->auth,uri,count);
349 keyserver->auth[count]='\0';
350 uri+=count+1;
351 }
352
353 /* Is it an RFC-2732 ipv6 [literal address] ? */
354 if(*uri=='[')
355 {
356 for(idx=uri+1,count=1;*idx
357 && ((isascii (*idx) && isxdigit(*idx))
358 || *idx==':' || *idx=='.');idx++)
359 count++;
360
361 /* Is the ipv6 literal address terminated? */
362 if(*idx==']')
363 count++;
364 else
365 goto fail;
366 }
367 else
368 for(idx=uri,count=0;*idx && *idx!=':' && *idx!='/';idx++)
369 count++;
370
371 if(count==0)
372 goto fail;
373
374 keyserver->host=xmalloc(count+1);
375 strncpy(keyserver->host,uri,count);
376 keyserver->host[count]='\0';
377
378 /* Skip past the host */
379 uri+=count;
380
381 if(*uri==':')
382 {
383 /* It would seem to be reasonable to limit the range of the
384 ports to values between 1-65535, but RFC 1738 and 1808
385 imply there is no limit. Of course, the real world has
386 limits. */
387
388 for(idx=uri+1,count=0;*idx && *idx!='/';idx++)
389 {
390 count++;
391
392 /* Ports are digits only */
393 if(!digitp(idx))
394 goto fail;
395 }
396
397 keyserver->port=xmalloc(count+1);
398 strncpy(keyserver->port,uri+1,count);
399 keyserver->port[count]='\0';
400
401 /* Skip past the colon and port number */
402 uri+=1+count;
403 }
404
405 /* Everything else is the path */
406 if(*uri)
407 keyserver->path=xstrdup(uri);
408 else
409 keyserver->path=xstrdup("/");
410
411 if(keyserver->path[1])
412 keyserver->flags.direct_uri=1;
413 }
414 else if(uri[0]!='/')
415 {
416 /* No slash means opaque. Just record the opaque blob and get
417 out. */
418 keyserver->opaque=xstrdup(uri);
419 }
420 else
421 {
422 /* One slash means absolute path. We don't need to support that
423 yet. */
424 goto fail;
425 }
426
427 return keyserver;
428
429 fail:
430 free_keyserver_spec(keyserver);
431
432 return NULL;
433 }
434
435 struct keyserver_spec *
436 parse_preferred_keyserver(PKT_signature *sig)
437 {
438 struct keyserver_spec *spec=NULL;
439 const byte *p;
440 size_t plen;
441
442 p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&plen);
443 if(p && plen)
444 {
445 byte *dupe=xmalloc(plen+1);
446
447 memcpy(dupe,p,plen);
448 dupe[plen]='\0';
449 spec=parse_keyserver_uri(dupe,1,NULL,0);
450 xfree(dupe);
451 }
452
453 return spec;
454 }
455
456 static void
457 print_keyrec(int number,struct keyrec *keyrec)
458 {
459 int i;
460
461 iobuf_writebyte(keyrec->uidbuf,0);
462 iobuf_flush_temp(keyrec->uidbuf);
463 printf("(%d)\t%s ",number,iobuf_get_temp_buffer(keyrec->uidbuf));
464
465 if(keyrec->size>0)
466 printf("%d bit ",keyrec->size);
467
468 if(keyrec->type)
469 {
470 const char *str = gcry_pk_algo_name (keyrec->type);
471
472 if(str)
473 printf("%s ",str);
474 else
475 printf("unknown ");
476 }
477
478 switch(keyrec->desc.mode)
479 {
480 /* If the keyserver helper gave us a short keyid, we have no
481 choice but to use it. Do check --keyid-format to add a 0x if
482 needed. */
483 case KEYDB_SEARCH_MODE_SHORT_KID:
484 printf("key %s%08lX",
485 (opt.keyid_format==KF_0xSHORT
486 || opt.keyid_format==KF_0xLONG)?"0x":"",
487 (ulong)keyrec->desc.u.kid[1]);
488 break;
489
490 /* However, if it gave us a long keyid, we can honor
491 --keyid-format */
492 case KEYDB_SEARCH_MODE_LONG_KID:
493 printf("key %s",keystr(keyrec->desc.u.kid));
494 break;
495
496 case KEYDB_SEARCH_MODE_FPR16:
497 printf("key ");
498 for(i=0;i<16;i++)
499 printf("%02X",keyrec->desc.u.fpr[i]);
500 break;
501
502 case KEYDB_SEARCH_MODE_FPR20:
503 printf("key ");
504 for(i=0;i<20;i++)
505 printf("%02X",keyrec->desc.u.fpr[i]);
506 break;
507
508 default:
509 BUG();
510 break;
511 }
512
513 if(keyrec->createtime>0)
514 {
515 printf(", ");
516 printf(_("created: %s"),strtimestamp(keyrec->createtime));
517 }
518
519 if(keyrec->expiretime>0)
520 {
521 printf(", ");
522 printf(_("expires: %s"),strtimestamp(keyrec->expiretime));
523 }
524
525 if(keyrec->flags&1)
526 printf(" (%s)",_("revoked"));
527 if(keyrec->flags&2)
528 printf(" (%s)",_("disabled"));
529 if(keyrec->flags&4)
530 printf(" (%s)",_("expired"));
531
532 printf("\n");
533 }
534
535 /* Returns a keyrec (which must be freed) once a key is complete, and
536 NULL otherwise. Call with a NULL keystring once key parsing is
537 complete to return any unfinished keys. */
538 static struct keyrec *
539 parse_keyrec(char *keystring)
540 {
541 static struct keyrec *work=NULL;
542 struct keyrec *ret=NULL;
543 char *record;
544 int i;
545
546 if(keystring==NULL)
547 {
548 if(work==NULL)
549 return NULL;
550 else if(work->desc.mode==KEYDB_SEARCH_MODE_NONE)
551 {
552 xfree(work);
553 return NULL;
554 }
555 else
556 {
557 ret=work;
558 work=NULL;
559 return ret;
560 }
561 }
562
563 if(work==NULL)
564 {
565 work=xmalloc_clear(sizeof(struct keyrec));
566 work->uidbuf=iobuf_temp();
567 }
568
569 /* Remove trailing whitespace */
570 for(i=strlen(keystring);i>0;i--)
571 if(ascii_isspace(keystring[i-1]))
572 keystring[i-1]='\0';
573 else
574 break;
575
576 if((record=strsep(&keystring,":"))==NULL)
577 return ret;
578
579 if(ascii_strcasecmp("pub",record)==0)
580 {
581 char *tok;
582
583 if(work->desc.mode)
584 {
585 ret=work;
586 work=xmalloc_clear(sizeof(struct keyrec));
587 work->uidbuf=iobuf_temp();
588 }
589
590 if((tok=strsep(&keystring,":"))==NULL)
591 return ret;
592
593 classify_user_id(tok,&work->desc);
594 if(work->desc.mode!=KEYDB_SEARCH_MODE_SHORT_KID
595 && work->desc.mode!=KEYDB_SEARCH_MODE_LONG_KID
596 && work->desc.mode!=KEYDB_SEARCH_MODE_FPR16
597 && work->desc.mode!=KEYDB_SEARCH_MODE_FPR20)
598 {
599 work->desc.mode=KEYDB_SEARCH_MODE_NONE;
600 return ret;
601 }
602
603 /* Note all items after this are optional. This allows us to
604 have a pub line as simple as pub:keyid and nothing else. */
605
606 work->lines++;
607
608 if((tok=strsep(&keystring,":"))==NULL)
609 return ret;
610
611 work->type=atoi(tok);
612
613 if((tok=strsep(&keystring,":"))==NULL)
614 return ret;
615
616 work->size=atoi(tok);
617
618 if((tok=strsep(&keystring,":"))==NULL)
619 return ret;
620
621 if(atoi(tok)<=0)
622 work->createtime=0;
623 else
624 work->createtime=atoi(tok);
625
626 if((tok=strsep(&keystring,":"))==NULL)
627 return ret;
628
629 if(atoi(tok)<=0)
630 work->expiretime=0;
631 else
632 {
633 work->expiretime=atoi(tok);
634 /* Force the 'e' flag on if this key is expired. */
635 if(work->expiretime<=make_timestamp())
636 work->flags|=4;
637 }
638
639 if((tok=strsep(&keystring,":"))==NULL)
640 return ret;
641
642 while(*tok)
643 switch(*tok++)
644 {
645 case 'r':
646 case 'R':
647 work->flags|=1;
648 break;
649
650 case 'd':
651 case 'D':
652 work->flags|=2;
653 break;
654
655 case 'e':
656 case 'E':
657 work->flags|=4;
658 break;
659 }
660 }
661 else if(ascii_strcasecmp("uid",record)==0 && work->desc.mode)
662 {
663 char *userid,*tok,*decoded;
664
665 if((tok=strsep(&keystring,":"))==NULL)
666 return ret;
667
668 if(strlen(tok)==0)
669 return ret;
670
671 userid=tok;
672
673 /* By definition, de-%-encoding is always smaller than the
674 original string so we can decode in place. */
675
676 i=0;
677
678 while(*tok)
679 if(tok[0]=='%' && tok[1] && tok[2])
680 {
681 if((userid[i]=hextobyte(&tok[1]))==-1)
682 userid[i]='?';
683
684 i++;
685 tok+=3;
686 }
687 else
688 userid[i++]=*tok++;
689
690 /* We don't care about the other info provided in the uid: line
691 since no keyserver supports marking userids with timestamps
692 or revoked/expired/disabled yet. */
693
694 /* No need to check for control characters, as utf8_to_native
695 does this for us. */
696
697 decoded=utf8_to_native(userid,i,0);
698 if(strlen(decoded)>opt.screen_columns-10)
699 decoded[opt.screen_columns-10]='\0';
700 iobuf_writestr(work->uidbuf,decoded);
701 xfree(decoded);
702 iobuf_writestr(work->uidbuf,"\n\t");
703 work->lines++;
704 }
705
706 /* Ignore any records other than "pri" and "uid" for easy future
707 growth. */
708
709 return ret;
710 }
711
712 /* TODO: do this as a list sent to keyserver_work rather than calling
713 it once for each key to get the correct counts after the import
714 (cosmetics, really) and to better take advantage of the keyservers
715 that can do multiple fetches in one go (LDAP). */
716 static int
717 show_prompt(KEYDB_SEARCH_DESC *desc,int numdesc,int count,const char *search)
718 {
719 char *answer;
720
721 if(count && opt.command_fd==-1)
722 {
723 static int from=1;
724 tty_printf("Keys %d-%d of %d for \"%s\". ",from,numdesc,count,search);
725 from=numdesc+1;
726 }
727
728 answer=cpr_get_no_help("keysearch.prompt",
729 _("Enter number(s), N)ext, or Q)uit > "));
730 /* control-d */
731 if(answer[0]=='\x04')
732 {
733 printf("Q\n");
734 answer[0]='q';
735 }
736
737 if(answer[0]=='q' || answer[0]=='Q')
738 {
739 xfree(answer);
740 return 1;
741 }
742 else if(atoi(answer)>=1 && atoi(answer)<=numdesc)
743 {
744 char *split=answer,*num;
745
746 while((num=strsep(&split," ,"))!=NULL)
747 if(atoi(num)>=1 && atoi(num)<=numdesc)
748 keyserver_work(KS_GET,NULL,&desc[atoi(num)-1],1,
749 NULL,NULL,opt.keyserver);
750
751 xfree(answer);
752 return 1;
753 }
754
755 return 0;
756 }
757
758 /* Count and searchstr are just for cosmetics. If the count is too
759 small, it will grow safely. If negative it disables the "Key x-y
760 of z" messages. searchstr should be UTF-8 (rather than native). */
761 static void
762 keyserver_search_prompt(IOBUF buffer,const char *searchstr)
763 {
764 int i=0,validcount=0,started=0,header=0,count=1;
765 unsigned int maxlen,buflen,numlines=0;
766 KEYDB_SEARCH_DESC *desc;
767 byte *line=NULL;
768 char *localstr=NULL;
769
770 if(searchstr)
771 localstr=utf8_to_native(searchstr,strlen(searchstr),0);
772
773 desc=xmalloc(count*sizeof(KEYDB_SEARCH_DESC));
774
775 for(;;)
776 {
777 struct keyrec *keyrec;
778 int rl;
779
780 maxlen=1024;
781 rl=iobuf_read_line(buffer,&line,&buflen,&maxlen);
782
783 if(opt.with_colons)
784 {
785 if(!header && ascii_strncasecmp("SEARCH ",line,7)==0
786 && ascii_strncasecmp(" BEGIN",&line[strlen(line)-7],6)==0)
787 {
788 header=1;
789 continue;
790 }
791 else if(ascii_strncasecmp("SEARCH ",line,7)==0
792 && ascii_strncasecmp(" END",&line[strlen(line)-5],4)==0)
793 continue;
794
795 printf("%s",line);
796 }
797
798 /* Look for an info: line. The only current info: values
799 defined are the version and key count. */
800 if(!started && rl>0 && ascii_strncasecmp("info:",line,5)==0)
801 {
802 char *tok,*str=&line[5];
803
804 if((tok=strsep(&str,":"))!=NULL)
805 {
806 int version;
807
808 if(sscanf(tok,"%d",&version)!=1)
809 version=1;
810
811 if(version!=1)
812 {
813 log_error(_("invalid keyserver protocol "
814 "(us %d!=handler %d)\n"),1,version);
815 break;
816 }
817 }
818
819 if((tok=strsep(&str,":"))!=NULL && sscanf(tok,"%d",&count)==1)
820 {
821 if(count==0)
822 goto notfound;
823 else if(count<0)
824 count=10;
825 else
826 validcount=1;
827
828 desc=xrealloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
829 }
830
831 started=1;
832 continue;
833 }
834
835 if(rl==0)
836 {
837 keyrec=parse_keyrec(NULL);
838
839 if(keyrec==NULL)
840 {
841 if(i==0)
842 {
843 count=0;
844 break;
845 }
846
847 if(i!=count)
848 validcount=0;
849
850 for(;;)
851 {
852 if(show_prompt(desc,i,validcount?count:0,localstr))
853 break;
854 validcount=0;
855 }
856
857 break;
858 }
859 }
860 else
861 keyrec=parse_keyrec(line);
862
863 if(i==count)
864 {
865 /* keyserver helper sent more keys than they claimed in the
866 info: line. */
867 count+=10;
868 desc=xrealloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
869 validcount=0;
870 }
871
872 if(keyrec)
873 {
874 desc[i]=keyrec->desc;
875
876 if(!opt.with_colons)
877 {
878 /* screen_lines - 1 for the prompt. */
879 if(numlines+keyrec->lines>opt.screen_lines-1)
880 {
881 if(show_prompt(desc,i,validcount?count:0,localstr))
882 break;
883 else
884 numlines=0;
885 }
886
887 print_keyrec(i+1,keyrec);
888 }
889
890 numlines+=keyrec->lines;
891 iobuf_close(keyrec->uidbuf);
892 xfree(keyrec);
893
894 started=1;
895 i++;
896 }
897 }
898
899 notfound:
900 /* Leave this commented out or now, and perhaps for a very long
901 time. All HKPish servers return HTML error messages for
902 no-key-found. */
903 /*
904 if(!started)
905 log_info(_("keyserver does not support searching\n"));
906 else
907 */
908 if(count==0)
909 {
910 if(localstr)
911 log_info(_("key \"%s\" not found on keyserver\n"),localstr);
912 else
913 log_info(_("key not found on keyserver\n"));
914 }
915
916 xfree(localstr);
917 xfree(desc);
918 xfree(line);
919 }
920
921 /* We sometimes want to use a different gpgkeys_xxx for a given
922 protocol (for example, ldaps is handled by gpgkeys_ldap). Map
923 these here. */
924 static const char *
925 keyserver_typemap(const char *type)
926 {
927 if(strcmp(type,"ldaps")==0)
928 return "ldap";
929 else
930 return type;
931 }
932
933 /* The PGP LDAP and the curl fetch-a-LDAP-object methodologies are
934 sufficiently different that we can't use curl to do LDAP. */
935 static int
936 direct_uri_map(const char *scheme,unsigned int is_direct)
937 {
938 if(is_direct && strcmp(scheme,"ldap")==0)
939 return 1;
940
941 return 0;
942 }
943
944 #if GNUPG_MAJOR_VERSION == 2
945 #define GPGKEYS_PREFIX "gpg2keys_"
946 #else
947 #define GPGKEYS_PREFIX "gpgkeys_"
948 #endif
949 #define GPGKEYS_CURL GPGKEYS_PREFIX "curl" EXEEXT
950 #define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_CURL))
951 #define KEYSERVER_ARGS_KEEP " -o \"%O\" \"%I\""
952 #define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\""
953
954 static int
955 keyserver_spawn(enum ks_action action,strlist_t list,KEYDB_SEARCH_DESC *desc,
956 int count,int *prog,unsigned char **fpr,size_t *fpr_len,
957 struct keyserver_spec *keyserver)
958 {
959 int ret=0,i,gotversion=0,outofband=0;
960 strlist_t temp;
961 unsigned int maxlen,buflen;
962 char *command,*end,*searchstr=NULL;
963 byte *line=NULL;
964 struct exec_info *spawn;
965 const char *scheme;
966 const char *libexecdir = get_libexecdir ();
967
968 assert(keyserver);
969
970 #ifdef EXEC_TEMPFILE_ONLY
971 opt.keyserver_options.options|=KEYSERVER_USE_TEMP_FILES;
972 #endif
973
974 /* Build the filename for the helper to execute */
975 scheme=keyserver_typemap(keyserver->scheme);
976
977 #ifdef DISABLE_KEYSERVER_PATH
978 /* Destroy any path we might have. This is a little tricky,
979 portability-wise. It's not correct to delete the PATH
980 environment variable, as that may fall back to a system built-in
981 PATH. Similarly, it is not correct to set PATH to the null
982 string (PATH="") since this actually deletes the PATH environment
983 variable under MinGW. The safest thing to do here is to force
984 PATH to be GNUPG_LIBEXECDIR. All this is not that meaningful on
985 Unix-like systems (since we're going to give a full path to
986 gpgkeys_foo), but on W32 it prevents loading any DLLs from
987 directories in %PATH%.
988
989 After some more thinking about this we came to the conclusion
990 that it is better to load the helpers from the directory where
991 the program of this process lives. Fortunately Windows provides
992 a way to retrieve this and our get_libexecdir function has been
993 modified to return just this. Setting the exec-path is not
994 anymore required.
995 set_exec_path(libexecdir);
996 */
997 #else
998 if(opt.exec_path_set)
999 {
1000 /* If exec-path was set, and DISABLE_KEYSERVER_PATH is
1001 undefined, then don't specify a full path to gpgkeys_foo, so
1002 that the PATH can work. */
1003 command=xmalloc(GPGKEYS_PREFIX_LEN+strlen(scheme)+3+strlen(EXEEXT)+1);
1004 command[0]='\0';
1005 }
1006 else
1007 #endif
1008 {
1009 /* Specify a full path to gpgkeys_foo. */
1010 command=xmalloc(strlen(libexecdir)+strlen(DIRSEP_S)+
1011 GPGKEYS_PREFIX_LEN+strlen(scheme)+3+strlen(EXEEXT)+1);
1012 strcpy(command,libexecdir);
1013 strcat(command,DIRSEP_S);
1014 }
1015
1016 end=command+strlen(command);
1017
1018 /* Build a path for the keyserver helper. If it is direct_uri
1019 (i.e. an object fetch and not a keyserver), then add "_uri" to
1020 the end to distinguish the keyserver helper from an object
1021 fetcher that can speak that protocol (this is a problem for
1022 LDAP). */
1023
1024 strcat(command,GPGKEYS_PREFIX);
1025 strcat(command,scheme);
1026
1027 /* This "_uri" thing is in case we need to call a direct handler
1028 instead of the keyserver handler. This lets us use gpgkeys_curl
1029 or gpgkeys_ldap_uri (we don't provide it, but a user might)
1030 instead of gpgkeys_ldap to fetch things like
1031 ldap://keyserver.pgp.com/o=PGP%20keys?pgpkey?sub?pgpkeyid=99242560 */
1032
1033 if(direct_uri_map(scheme,keyserver->flags.direct_uri))
1034 strcat(command,"_uri");
1035
1036 strcat(command,EXEEXT);
1037
1038 /* Can we execute it? If not, try curl as our catchall. */
1039 if(path_access(command,X_OK)!=0)
1040 strcpy(end,GPGKEYS_CURL);
1041
1042 if(opt.keyserver_options.options&KEYSERVER_USE_TEMP_FILES)
1043 {
1044 if(opt.keyserver_options.options&KEYSERVER_KEEP_TEMP_FILES)
1045 {
1046 command=xrealloc(command,strlen(command)+
1047 strlen(KEYSERVER_ARGS_KEEP)+1);
1048 strcat(command,KEYSERVER_ARGS_KEEP);
1049 }
1050 else
1051 {
1052 command=xrealloc(command,strlen(command)+
1053 strlen(KEYSERVER_ARGS_NOKEEP)+1);
1054 strcat(command,KEYSERVER_ARGS_NOKEEP);
1055 }
1056
1057 ret=exec_write(&spawn,NULL,command,NULL,0,0);
1058 }
1059 else
1060 ret=exec_write(&spawn,command,NULL,NULL,0,0);
1061
1062 xfree(command);
1063
1064 if(ret)
1065 return ret;
1066
1067 fprintf(spawn->tochild,
1068 "# This is a GnuPG %s keyserver communications file\n",VERSION);
1069 fprintf(spawn->tochild,"VERSION %d\n",KEYSERVER_PROTO_VERSION);
1070 fprintf(spawn->tochild,"PROGRAM %s\n",VERSION);
1071 fprintf(spawn->tochild,"SCHEME %s\n",keyserver->scheme);
1072
1073 if(keyserver->opaque)
1074 fprintf(spawn->tochild,"OPAQUE %s\n",keyserver->opaque);
1075 else
1076 {
1077 if(keyserver->auth)
1078 fprintf(spawn->tochild,"AUTH %s\n",keyserver->auth);
1079
1080 if(keyserver->host)
1081 fprintf(spawn->tochild,"HOST %s\n",keyserver->host);
1082
1083 if(keyserver->port)
1084 fprintf(spawn->tochild,"PORT %s\n",keyserver->port);
1085
1086 if(keyserver->path)
1087 fprintf(spawn->tochild,"PATH %s\n",keyserver->path);
1088 }
1089
1090 /* Write global options */
1091
1092 for(temp=opt.keyserver_options.other;temp;temp=temp->next)
1093 fprintf(spawn->tochild,"OPTION %s\n",temp->d);
1094
1095 /* Write per-keyserver options */
1096
1097 for(temp=keyserver->options;temp;temp=temp->next)
1098 fprintf(spawn->tochild,"OPTION %s\n",temp->d);
1099
1100 switch(action)
1101 {
1102 case KS_GET:
1103 {
1104 fprintf(spawn->tochild,"COMMAND GET\n\n");
1105
1106 /* Which keys do we want? */
1107
1108 for(i=0;i<count;i++)
1109 {
1110 int quiet=0;
1111
1112 if(desc[i].mode==KEYDB_SEARCH_MODE_FPR20)
1113 {
1114 int f;
1115
1116 fprintf(spawn->tochild,"0x");
1117
1118 for(f=0;f<MAX_FINGERPRINT_LEN;f++)
1119 fprintf(spawn->tochild,"%02X",desc[i].u.fpr[f]);
1120
1121 fprintf(spawn->tochild,"\n");
1122 }
1123 else if(desc[i].mode==KEYDB_SEARCH_MODE_FPR16)
1124 {
1125 int f;
1126
1127 fprintf(spawn->tochild,"0x");
1128
1129 for(f=0;f<16;f++)
1130 fprintf(spawn->tochild,"%02X",desc[i].u.fpr[f]);
1131
1132 fprintf(spawn->tochild,"\n");
1133 }
1134 else if(desc[i].mode==KEYDB_SEARCH_MODE_LONG_KID)
1135 fprintf(spawn->tochild,"0x%08lX%08lX\n",
1136 (ulong)desc[i].u.kid[0],
1137 (ulong)desc[i].u.kid[1]);
1138 else if(desc[i].mode==KEYDB_SEARCH_MODE_SHORT_KID)
1139 fprintf(spawn->tochild,"0x%08lX\n",
1140 (ulong)desc[i].u.kid[1]);
1141 else if(desc[i].mode==KEYDB_SEARCH_MODE_EXACT)
1142 {
1143 fprintf(spawn->tochild,"0x0000000000000000\n");
1144 quiet=1;
1145 }
1146 else if(desc[i].mode==KEYDB_SEARCH_MODE_NONE)
1147 continue;
1148 else
1149 BUG();
1150
1151 if(!quiet)
1152 {
1153 if(keyserver->host)
1154 log_info(_("requesting key %s from %s server %s\n"),
1155 keystr_from_desc(&desc[i]),
1156 keyserver->scheme,keyserver->host);
1157 else
1158 log_info(_("requesting key %s from %s\n"),
1159 keystr_from_desc(&desc[i]),keyserver->uri);
1160 }
1161 }
1162
1163 fprintf(spawn->tochild,"\n");
1164
1165 break;
1166 }
1167
1168 case KS_GETNAME:
1169 {
1170 strlist_t key;
1171
1172 fprintf(spawn->tochild,"COMMAND GETNAME\n\n");
1173
1174 /* Which names do we want? */
1175
1176 for(key=list;key!=NULL;key=key->next)
1177 fprintf(spawn->tochild,"%s\n",key->d);
1178
1179 fprintf(spawn->tochild,"\n");
1180
1181 if(keyserver->host)
1182 log_info(_("searching for names from %s server %s\n"),
1183 keyserver->scheme,keyserver->host);
1184 else
1185 log_info(_("searching for names from %s\n"),keyserver->uri);
1186
1187 break;
1188 }
1189
1190 case KS_SEND:
1191 {
1192 strlist_t key;
1193
1194 /* Note the extra \n here to send an empty keylist block */
1195 fprintf(spawn->tochild,"COMMAND SEND\n\n\n");
1196
1197 for(key=list;key!=NULL;key=key->next)
1198 {
1199 armor_filter_context_t *afx;
1200 IOBUF buffer = iobuf_temp ();
1201 KBNODE block;
1202
1203 temp=NULL;
1204 add_to_strlist(&temp,key->d);
1205
1206 afx = new_armor_context ();
1207 afx->what = 1;
1208 /* Tell the armor filter to use Unix-style \n line
1209 endings, since we're going to fprintf this to a file
1210 that (on Win32) is open in text mode. The win32 stdio
1211 will transform the \n to \r\n and we'll end up with the
1212 proper line endings on win32. This is a no-op on
1213 Unix. */
1214 afx->eol[0] = '\n';
1215 push_armor_filter (afx, buffer);
1216 release_armor_context (afx);
1217
1218 /* TODO: Remove Comment: lines from keys exported this
1219 way? */
1220
1221 if(export_pubkeys_stream(buffer,temp,&block,
1222 opt.keyserver_options.export_options)==-1)
1223 iobuf_close(buffer);
1224 else
1225 {
1226 KBNODE node;
1227
1228 iobuf_flush_temp(buffer);
1229
1230 merge_keys_and_selfsig(block);
1231
1232 fprintf(spawn->tochild,"INFO %08lX%08lX BEGIN\n",
1233 (ulong)block->pkt->pkt.public_key->keyid[0],
1234 (ulong)block->pkt->pkt.public_key->keyid[1]);
1235
1236 for(node=block;node;node=node->next)
1237 {
1238 switch(node->pkt->pkttype)
1239 {
1240 default:
1241 continue;
1242
1243 case PKT_PUBLIC_KEY:
1244 case PKT_PUBLIC_SUBKEY:
1245 {
1246 PKT_public_key *pk=node->pkt->pkt.public_key;
1247
1248 keyid_from_pk(pk,NULL);
1249
1250 fprintf(spawn->tochild,"%sb:%08lX%08lX:%u:%u:%u:%u:",
1251 node->pkt->pkttype==PKT_PUBLIC_KEY?"pu":"su",
1252 (ulong)pk->keyid[0],(ulong)pk->keyid[1],
1253 pk->pubkey_algo,
1254 nbits_from_pk(pk),
1255 pk->timestamp,
1256 pk->expiredate);
1257
1258 if(pk->is_revoked)
1259 fprintf(spawn->tochild,"r");
1260 if(pk->has_expired)
1261 fprintf(spawn->tochild,"e");
1262
1263 fprintf(spawn->tochild,"\n");
1264 }
1265 break;
1266
1267 case PKT_USER_ID:
1268 {
1269 PKT_user_id *uid=node->pkt->pkt.user_id;
1270 int r;
1271
1272 if(uid->attrib_data)
1273 continue;
1274
1275 fprintf(spawn->tochild,"uid:");
1276
1277 /* Quote ':', '%', and any 8-bit
1278 characters */
1279 for(r=0;r<uid->len;r++)
1280 {
1281 if(uid->name[r]==':' || uid->name[r]=='%'
1282 || uid->name[r]&0x80)
1283 fprintf(spawn->tochild,"%%%02X",
1284 (byte)uid->name[r]);
1285 else
1286 fprintf(spawn->tochild,"%c",uid->name[r]);
1287 }
1288
1289 fprintf(spawn->tochild,":%u:%u:",
1290 uid->created,uid->expiredate);
1291
1292 if(uid->is_revoked)
1293 fprintf(spawn->tochild,"r");
1294 if(uid->is_expired)
1295 fprintf(spawn->tochild,"e");
1296
1297 fprintf(spawn->tochild,"\n");
1298 }
1299 break;
1300
1301 /* This bit is really for the benefit of
1302 people who store their keys in LDAP
1303 servers. It makes it easy to do queries
1304 for things like "all keys signed by
1305 Isabella". */
1306 case PKT_SIGNATURE:
1307 {
1308 PKT_signature *sig=node->pkt->pkt.signature;
1309
1310 if(!IS_UID_SIG(sig))
1311 continue;
1312
1313 fprintf(spawn->tochild,"sig:%08lX%08lX:%X:%u:%u\n",
1314 (ulong)sig->keyid[0],(ulong)sig->keyid[1],
1315 sig->sig_class,sig->timestamp,
1316 sig->expiredate);
1317 }
1318 break;
1319 }
1320 }
1321
1322 fprintf(spawn->tochild,"INFO %08lX%08lX END\n",
1323 (ulong)block->pkt->pkt.public_key->keyid[0],
1324 (ulong)block->pkt->pkt.public_key->keyid[1]);
1325
1326 fprintf(spawn->tochild,"KEY %08lX%08lX BEGIN\n",
1327 (ulong)block->pkt->pkt.public_key->keyid[0],
1328 (ulong)block->pkt->pkt.public_key->keyid[1]);
1329 fwrite(iobuf_get_temp_buffer(buffer),
1330 iobuf_get_temp_length(buffer),1,spawn->tochild);
1331 fprintf(spawn->tochild,"KEY %08lX%08lX END\n",
1332 (ulong)block->pkt->pkt.public_key->keyid[0],
1333 (ulong)block->pkt->pkt.public_key->keyid[1]);
1334
1335 iobuf_close(buffer);
1336
1337 if(keyserver->host)
1338 log_info(_("sending key %s to %s server %s\n"),
1339 keystr(block->pkt->pkt.public_key->keyid),
1340 keyserver->scheme,keyserver->host);
1341 else
1342 log_info(_("sending key %s to %s\n"),
1343 keystr(block->pkt->pkt.public_key->keyid),
1344 keyserver->uri);
1345
1346 release_kbnode(block);
1347 }
1348
1349 free_strlist(temp);
1350 }
1351
1352 break;
1353 }
1354
1355 case KS_SEARCH:
1356 {
1357 strlist_t key;
1358
1359 fprintf(spawn->tochild,"COMMAND SEARCH\n\n");
1360
1361 /* Which keys do we want? Remember that the gpgkeys_ program
1362 is going to lump these together into a search string. */
1363
1364 for(key=list;key!=NULL;key=key->next)
1365 {
1366 fprintf(spawn->tochild,"%s\n",key->d);
1367 if(key!=list)
1368 {
1369 searchstr=xrealloc(searchstr,
1370 strlen(searchstr)+strlen(key->d)+2);
1371 strcat(searchstr," ");
1372 }
1373 else
1374 {
1375 searchstr=xmalloc(strlen(key->d)+1);
1376 searchstr[0]='\0';
1377 }
1378
1379 strcat(searchstr,key->d);
1380 }
1381
1382 fprintf(spawn->tochild,"\n");
1383
1384 if(keyserver->host)
1385 log_info(_("searching for \"%s\" from %s server %s\n"),
1386 searchstr,keyserver->scheme,keyserver->host);
1387 else
1388 log_info(_("searching for \"%s\" from %s\n"),
1389 searchstr,keyserver->uri);
1390
1391 break;
1392 }
1393
1394 default:
1395 log_fatal(_("no keyserver action!\n"));
1396 break;
1397 }
1398
1399 /* Done sending, so start reading. */
1400 ret=exec_read(spawn);
1401 if(ret)
1402 goto fail;
1403
1404 /* Now handle the response */
1405
1406 for(;;)
1407 {
1408 int plen;
1409 char *ptr;
1410
1411 maxlen=1024;
1412 if(iobuf_read_line(spawn->fromchild,&line,&buflen,&maxlen)==0)
1413 {
1414 ret = gpg_error_from_syserror ();
1415 goto fail; /* i.e. EOF */
1416 }
1417
1418 ptr=line;
1419
1420 /* remove trailing whitespace */
1421 plen=strlen(ptr);
1422 while(plen>0 && ascii_isspace(ptr[plen-1]))
1423 plen--;
1424 plen[ptr]='\0';
1425
1426 if(*ptr=='\0')
1427 break;
1428
1429 if(ascii_strncasecmp(ptr,"VERSION ",8)==0)
1430 {
1431 gotversion=1;
1432
1433 if(atoi(&ptr[8])!=KEYSERVER_PROTO_VERSION)
1434 {
1435 log_error(_("invalid keyserver protocol (us %d!=handler %d)\n"),
1436 KEYSERVER_PROTO_VERSION,atoi(&ptr[8]));
1437 goto fail;
1438 }
1439 }
1440 else if(ascii_strncasecmp(ptr,"PROGRAM ",8)==0)
1441 {
1442 if(ascii_strncasecmp(&ptr[8],VERSION,strlen(VERSION))!=0)
1443 log_info(_("WARNING: keyserver handler from a different"
1444 " version of GnuPG (%s)\n"),&ptr[8]);
1445 }
1446 else if(ascii_strncasecmp(ptr,"OPTION OUTOFBAND",16)==0)
1447 outofband=1; /* Currently the only OPTION */
1448 }
1449
1450 if(!gotversion)
1451 {
1452 log_error(_("keyserver did not send VERSION\n"));
1453 goto fail;
1454 }
1455
1456 if(!outofband)
1457 switch(action)
1458 {
1459 case KS_GET:
1460 case KS_GETNAME:
1461 {
1462 void *stats_handle;
1463
1464 stats_handle=import_new_stats_handle();
1465
1466 /* Slurp up all the key data. In the future, it might be
1467 nice to look for KEY foo OUTOFBAND and FAILED indicators.
1468 It's harmless to ignore them, but ignoring them does make
1469 gpg complain about "no valid OpenPGP data found". One
1470 way to do this could be to continue parsing this
1471 line-by-line and make a temp iobuf for each key. */
1472
1473 import_keys_stream(spawn->fromchild,stats_handle,fpr,fpr_len,
1474 opt.keyserver_options.import_options);
1475
1476 import_print_stats(stats_handle);
1477 import_release_stats_handle(stats_handle);
1478
1479 break;
1480 }
1481
1482 /* Nothing to do here */
1483 case KS_SEND:
1484 break;
1485
1486 case KS_SEARCH:
1487 keyserver_search_prompt(spawn->fromchild,searchstr);
1488 break;
1489
1490 default:
1491 log_fatal(_("no keyserver action!\n"));
1492 break;
1493 }
1494
1495 fail:
1496 xfree(line);
1497 xfree(searchstr);
1498
1499
1500 *prog=exec_finish(spawn);
1501
1502 return ret;
1503 }
1504
1505 static int
1506 keyserver_work(enum ks_action action,strlist_t list,KEYDB_SEARCH_DESC *desc,
1507 int count,unsigned char **fpr,size_t *fpr_len,
1508 struct keyserver_spec *keyserver)
1509 {
1510 int rc=0,ret=0;
1511
1512 if(!keyserver)
1513 {
1514 log_error(_("no keyserver known (use option --keyserver)\n"));
1515 return G10ERR_BAD_URI;
1516 }
1517
1518 #ifdef DISABLE_KEYSERVER_HELPERS
1519
1520 log_error(_("external keyserver calls are not supported in this build\n"));
1521 return G10ERR_KEYSERVER;
1522
1523 #else
1524 /* Spawn a handler */
1525
1526 rc=keyserver_spawn(action,list,desc,count,&ret,fpr,fpr_len,keyserver);
1527 if(ret)
1528 {
1529 switch(ret)
1530 {
1531 case KEYSERVER_SCHEME_NOT_FOUND:
1532 log_error(_("no handler for keyserver scheme `%s'\n"),
1533 keyserver->scheme);
1534 break;
1535
1536 case KEYSERVER_NOT_SUPPORTED:
1537 log_error(_("action `%s' not supported with keyserver "
1538 "scheme `%s'\n"),
1539 action==KS_GET?"get":action==KS_SEND?"send":
1540 action==KS_SEARCH?"search":"unknown",
1541 keyserver->scheme);
1542 break;
1543
1544 case KEYSERVER_VERSION_ERROR:
1545 log_error(_(GPGKEYS_PREFIX "%s does not support"
1546 " handler version %d\n"),
1547 keyserver_typemap(keyserver->scheme),
1548 KEYSERVER_PROTO_VERSION);
1549 break;
1550
1551 case KEYSERVER_TIMEOUT:
1552 log_error(_("keyserver timed out\n"));
1553 break;
1554
1555 case KEYSERVER_INTERNAL_ERROR:
1556 default:
1557 log_error(_("keyserver internal error\n"));
1558 break;
1559 }
1560
1561 return G10ERR_KEYSERVER;
1562 }
1563
1564 if(rc)
1565 {
1566 log_error(_("keyserver communications error: %s\n"),g10_errstr(rc));
1567
1568 return rc;
1569 }
1570
1571 return 0;
1572 #endif /* ! DISABLE_KEYSERVER_HELPERS*/
1573 }
1574
1575 int
1576 keyserver_export(strlist_t users)
1577 {
1578 strlist_t sl=NULL;
1579 KEYDB_SEARCH_DESC desc;
1580 int rc=0;
1581
1582 /* Weed out descriptors that we don't support sending */
1583 for(;users;users=users->next)
1584 {
1585 classify_user_id (users->d, &desc);
1586 if(desc.mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
1587 desc.mode!=KEYDB_SEARCH_MODE_LONG_KID &&
1588 desc.mode!=KEYDB_SEARCH_MODE_FPR16 &&
1589 desc.mode!=KEYDB_SEARCH_MODE_FPR20)
1590 {
1591 log_error(_("\"%s\" not a key ID: skipping\n"),users->d);
1592 continue;
1593 }
1594 else
1595 append_to_strlist(&sl,users->d);
1596 }
1597
1598 if(sl)
1599 {
1600 rc=keyserver_work(KS_SEND,sl,NULL,0,NULL,NULL,opt.keyserver);
1601 free_strlist(sl);
1602 }
1603
1604 return rc;
1605 }
1606
1607 int
1608 keyserver_import(strlist_t users)
1609 {
1610 KEYDB_SEARCH_DESC *desc;
1611 int num=100,count=0;
1612 int rc=0;
1613
1614 /* Build a list of key ids */
1615 desc=xmalloc(sizeof(KEYDB_SEARCH_DESC)*num);
1616
1617 for(;users;users=users->next)
1618 {
1619 classify_user_id (users->d, &desc[count]);
1620 if(desc[count].mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
1621 desc[count].mode!=KEYDB_SEARCH_MODE_LONG_KID &&
1622 desc[count].mode!=KEYDB_SEARCH_MODE_FPR16 &&
1623 desc[count].mode!=KEYDB_SEARCH_MODE_FPR20)
1624 {
1625 log_error(_("\"%s\" not a key ID: skipping\n"),users->d);
1626 continue;
1627 }
1628
1629 count++;
1630 if(count==num)
1631 {
1632 num+=100;
1633 desc=xrealloc(desc,sizeof(KEYDB_SEARCH_DESC)*num);
1634 }
1635 }
1636
1637 if(count>0)
1638 rc=keyserver_work(KS_GET,NULL,desc,count,NULL,NULL,opt.keyserver);
1639
1640 xfree(desc);
1641
1642 return rc;
1643 }
1644
1645 int
1646 keyserver_import_fprint(const byte *fprint,size_t fprint_len,
1647 struct keyserver_spec *keyserver)
1648 {
1649 KEYDB_SEARCH_DESC desc;
1650
1651 memset(&desc,0,sizeof(desc));
1652
1653 if(fprint_len==16)
1654 desc.mode=KEYDB_SEARCH_MODE_FPR16;
1655 else if(fprint_len==20)
1656 desc.mode=KEYDB_SEARCH_MODE_FPR20;
1657 else
1658 return -1;
1659
1660 memcpy(desc.u.fpr,fprint,fprint_len);
1661
1662 /* TODO: Warn here if the fingerprint we got doesn't match the one
1663 we asked for? */
1664 return keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,keyserver);
1665 }
1666
1667 int
1668 keyserver_import_keyid(u32 *keyid,struct keyserver_spec *keyserver)
1669 {
1670 KEYDB_SEARCH_DESC desc;
1671
1672 memset(&desc,0,sizeof(desc));
1673
1674 desc.mode=KEYDB_SEARCH_MODE_LONG_KID;
1675 desc.u.kid[0]=keyid[0];
1676 desc.u.kid[1]=keyid[1];
1677
1678 return keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,keyserver);
1679 }
1680
1681 /* code mostly stolen from do_export_stream */
1682 static int
1683 keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
1684 {
1685 int rc=0,ndesc,num=100;
1686 KBNODE keyblock=NULL,node;
1687 KEYDB_HANDLE kdbhd;
1688 KEYDB_SEARCH_DESC *desc;
1689 strlist_t sl;
1690
1691 *count=0;
1692
1693 *klist=xmalloc(sizeof(KEYDB_SEARCH_DESC)*num);
1694
1695 kdbhd=keydb_new(0);
1696
1697 if(!users)
1698 {
1699 ndesc = 1;
1700 desc = xmalloc_clear ( ndesc * sizeof *desc);
1701 desc[0].mode = KEYDB_SEARCH_MODE_FIRST;
1702 }
1703 else
1704 {
1705 for (ndesc=0, sl=users; sl; sl = sl->next, ndesc++)
1706 ;
1707 desc = xmalloc ( ndesc * sizeof *desc);
1708
1709 for (ndesc=0, sl=users; sl; sl = sl->next)
1710 {
1711 if(classify_user_id (sl->d, desc+ndesc))
1712 ndesc++;
1713 else
1714 log_error (_("key \"%s\" not found: %s\n"),
1715 sl->d, g10_errstr (G10ERR_INV_USER_ID));
1716 }
1717 }
1718
1719 while (!(rc = keydb_search (kdbhd, desc, ndesc)))
1720 {
1721 if (!users)
1722 desc[0].mode = KEYDB_SEARCH_MODE_NEXT;
1723
1724 /* read the keyblock */
1725 rc = keydb_get_keyblock (kdbhd, &keyblock );
1726 if( rc )
1727 {
1728 log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) );
1729 goto leave;
1730 }
1731
1732 if((node=find_kbnode(keyblock,PKT_PUBLIC_KEY)))
1733 {
1734 /* This is to work around a bug in some keyservers (pksd and
1735 OKS) that calculate v4 RSA keyids as if they were v3 RSA.
1736 The answer is to refresh both the correct v4 keyid
1737 (e.g. 99242560) and the fake v3 keyid (e.g. 68FDDBC7).
1738 This only happens for key refresh using the HKP scheme
1739 and if the refresh-add-fake-v3-keyids keyserver option is
1740 set. */
1741 if(fakev3 && is_RSA(node->pkt->pkt.public_key->pubkey_algo) &&
1742 node->pkt->pkt.public_key->version>=4)
1743 {
1744 (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
1745 v3_keyid (node->pkt->pkt.public_key->pkey[0],
1746 (*klist)[*count].u.kid);
1747 (*count)++;
1748
1749 if(*count==num)
1750 {
1751 num+=100;
1752 *klist=xrealloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
1753 }
1754 }
1755
1756 /* v4 keys get full fingerprints. v3 keys get long keyids.
1757 This is because it's easy to calculate any sort of keyid
1758 from a v4 fingerprint, but not a v3 fingerprint. */
1759
1760 if(node->pkt->pkt.public_key->version<4)
1761 {
1762 (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
1763 keyid_from_pk(node->pkt->pkt.public_key,
1764 (*klist)[*count].u.kid);
1765 }
1766 else
1767 {
1768 size_t dummy;
1769
1770 (*klist)[*count].mode=KEYDB_SEARCH_MODE_FPR20;
1771 fingerprint_from_pk(node->pkt->pkt.public_key,
1772 (*klist)[*count].u.fpr,&dummy);
1773 }
1774
1775 /* This is a little hackish, using the skipfncvalue as a
1776 void* pointer to the keyserver spec, but we don't need
1777 the skipfnc here, and it saves having an additional field
1778 for this (which would be wasted space most of the
1779 time). */
1780
1781 (*klist)[*count].skipfncvalue=NULL;
1782
1783 /* Are we honoring preferred keyservers? */
1784 if(opt.keyserver_options.options&KEYSERVER_HONOR_KEYSERVER_URL)
1785 {
1786 PKT_user_id *uid=NULL;
1787 PKT_signature *sig=NULL;
1788
1789 merge_keys_and_selfsig(keyblock);
1790
1791 for(node=node->next;node;node=node->next)
1792 {
1793 if(node->pkt->pkttype==PKT_USER_ID
1794 && node->pkt->pkt.user_id->is_primary)
1795 uid=node->pkt->pkt.user_id;
1796 else if(node->pkt->pkttype==PKT_SIGNATURE
1797 && node->pkt->pkt.signature->
1798 flags.chosen_selfsig && uid)
1799 {
1800 sig=node->pkt->pkt.signature;
1801 break;
1802 }
1803 }
1804
1805 /* Try and parse the keyserver URL. If it doesn't work,
1806 then we end up writing NULL which indicates we are
1807 the same as any other key. */
1808 if(sig)
1809 (*klist)[*count].skipfncvalue=parse_preferred_keyserver(sig);
1810 }
1811
1812 (*count)++;
1813
1814 if(*count==num)
1815 {
1816 num+=100;
1817 *klist=xrealloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
1818 }
1819 }
1820 }
1821
1822 if(rc==-1)
1823 rc=0;
1824
1825 leave:
1826 if(rc)
1827 xfree(*klist);
1828 xfree(desc);
1829 keydb_release(kdbhd);
1830 release_kbnode(keyblock);
1831
1832 return rc;
1833 }
1834
1835 /* Note this is different than the original HKP refresh. It allows
1836 usernames to refresh only part of the keyring. */
1837
1838 int
1839 keyserver_refresh(strlist_t users)
1840 {
1841 int rc,count,numdesc,fakev3=0;
1842 KEYDB_SEARCH_DESC *desc;
1843 unsigned int options=opt.keyserver_options.import_options;
1844
1845 /* We switch merge-only on during a refresh, as 'refresh' should
1846 never import new keys, even if their keyids match. */
1847 opt.keyserver_options.import_options|=IMPORT_MERGE_ONLY;
1848
1849 /* Similarly, we switch on fast-import, since refresh may make
1850 multiple import sets (due to preferred keyserver URLs). We don't
1851 want each set to rebuild the trustdb. Instead we do it once at
1852 the end here. */
1853 opt.keyserver_options.import_options|=IMPORT_FAST;
1854
1855 /* If refresh_add_fake_v3_keyids is on and it's a HKP or MAILTO
1856 scheme, then enable fake v3 keyid generation. */
1857 if((opt.keyserver_options.options&KEYSERVER_ADD_FAKE_V3) && opt.keyserver
1858 && (ascii_strcasecmp(opt.keyserver->scheme,"hkp")==0 ||
1859 ascii_strcasecmp(opt.keyserver->scheme,"mailto")==0))
1860 fakev3=1;
1861
1862 rc=keyidlist(users,&desc,&numdesc,fakev3);
1863 if(rc)
1864 return rc;
1865
1866 count=numdesc;
1867 if(count>0)
1868 {
1869 int i;
1870
1871 /* Try to handle preferred keyserver keys first */
1872 for(i=0;i<numdesc;i++)
1873 {
1874 if(desc[i].skipfncvalue)
1875 {
1876 struct keyserver_spec *keyserver=desc[i].skipfncvalue;
1877
1878 /* We use the keyserver structure we parsed out before.
1879 Note that a preferred keyserver without a scheme://
1880 will be interpreted as hkp:// */
1881
1882 rc=keyserver_work(KS_GET,NULL,&desc[i],1,NULL,NULL,keyserver);
1883 if(rc)
1884 log_info(_("WARNING: unable to refresh key %s"
1885 " via %s: %s\n"),keystr_from_desc(&desc[i]),
1886 keyserver->uri,g10_errstr(rc));
1887 else
1888 {
1889 /* We got it, so mark it as NONE so we don't try and
1890 get it again from the regular keyserver. */
1891
1892 desc[i].mode=KEYDB_SEARCH_MODE_NONE;
1893 count--;
1894 }
1895
1896 free_keyserver_spec(keyserver);
1897 }
1898 }
1899 }
1900
1901 if(count>0)
1902 {
1903 if(opt.keyserver)
1904 {
1905 if(count==1)
1906 log_info(_("refreshing 1 key from %s\n"),opt.keyserver->uri);
1907 else
1908 log_info(_("refreshing %d keys from %s\n"),
1909 count,opt.keyserver->uri);
1910 }
1911
1912 rc=keyserver_work(KS_GET,NULL,desc,numdesc,NULL,NULL,opt.keyserver);
1913 }
1914
1915 xfree(desc);
1916
1917 opt.keyserver_options.import_options=options;
1918
1919 /* If the original options didn't have fast import, and the trustdb
1920 is dirty, rebuild. */
1921 if(!(opt.keyserver_options.import_options&IMPORT_FAST))
1922 trustdb_check_or_update();
1923
1924 return rc;
1925 }
1926
1927 int
1928 keyserver_search(strlist_t tokens)
1929 {
1930 if(tokens)
1931 return keyserver_work(KS_SEARCH,tokens,NULL,0,NULL,NULL,opt.keyserver);
1932 else
1933 return 0;
1934 }
1935
1936 int
1937 keyserver_fetch(strlist_t urilist)
1938 {
1939 KEYDB_SEARCH_DESC desc;
1940 strlist_t sl;
1941 unsigned int options=opt.keyserver_options.import_options;
1942
1943 /* Switch on fast-import, since fetch can handle more than one
1944 import and we don't want each set to rebuild the trustdb.
1945 Instead we do it once at the end. */
1946 opt.keyserver_options.import_options|=IMPORT_FAST;
1947
1948 /* A dummy desc since we're not actually fetching a particular key
1949 ID */
1950 memset(&desc,0,sizeof(desc));
1951 desc.mode=KEYDB_SEARCH_MODE_EXACT;
1952
1953 for(sl=urilist;sl;sl=sl->next)
1954 {
1955 struct keyserver_spec *spec;
1956
1957 spec=parse_keyserver_uri(sl->d,1,NULL,0);
1958 if(spec)
1959 {
1960 int rc;
1961
1962 rc=keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,spec);
1963 if(rc)
1964 log_info (_("WARNING: unable to fetch URI %s: %s\n"),
1965 sl->d,g10_errstr(rc));
1966
1967 free_keyserver_spec(spec);
1968 }
1969 else
1970 log_info (_("WARNING: unable to parse URI %s\n"),sl->d);
1971 }
1972
1973 opt.keyserver_options.import_options=options;
1974
1975 /* If the original options didn't have fast import, and the trustdb
1976 is dirty, rebuild. */
1977 if(!(opt.keyserver_options.import_options&IMPORT_FAST))
1978 trustdb_check_or_update();
1979
1980 return 0;
1981 }
1982
1983 /* Import key in a CERT or pointed to by a CERT */
1984 int
1985 keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len)
1986 {
1987 char *domain,*look,*url;
1988 IOBUF key;
1989 int type,rc=G10ERR_GENERAL;
1990
1991 look=xstrdup(name);
1992
1993 domain=strrchr(look,'@');
1994 if(domain)
1995 *domain='.';
1996
1997 type=get_dns_cert(look,max_cert_size,&key,fpr,fpr_len,&url);
1998 if(type==1)
1999 {
2000 int armor_status=opt.no_armor;
2001
2002 /* CERTs are always in binary format */
2003 opt.no_armor=1;
2004
2005 rc=import_keys_stream(key,NULL,fpr,fpr_len,
2006 opt.keyserver_options.import_options);
2007
2008 opt.no_armor=armor_status;
2009
2010 iobuf_close(key);
2011 }
2012 else if(type==2 && *fpr)
2013 {
2014 /* We only consider the IPGP type if a fingerprint was provided.
2015 This lets us select the right key regardless of what a URL
2016 points to, or get the key from a keyserver. */
2017 if(url)
2018 {
2019 struct keyserver_spec *spec;
2020
2021 spec=parse_keyserver_uri(url,1,NULL,0);
2022 if(spec)
2023 {
2024 strlist_t list=NULL;
2025
2026 add_to_strlist(&list,url);
2027
2028 rc=keyserver_fetch(list);
2029
2030 free_strlist(list);
2031 free_keyserver_spec(spec);
2032 }
2033 }
2034 else if(opt.keyserver)
2035 {
2036 /* If only a fingerprint is provided, try and fetch it from
2037 our --keyserver */
2038
2039 rc=keyserver_import_fprint(*fpr,*fpr_len,opt.keyserver);
2040 }
2041 else
2042 log_info(_("no keyserver known (use option --keyserver)\n"));
2043
2044 /* Give a better string here? "CERT fingerprint for \"%s\"
2045 found, but no keyserver" " known (use option
2046 --keyserver)\n" ? */
2047
2048 xfree(url);
2049 }
2050
2051 xfree(look);
2052
2053 return rc;
2054 }
2055
2056 /* Import key pointed to by a PKA record. Return the requested
2057 fingerprint in fpr. */
2058 int
2059 keyserver_import_pka(const char *name,unsigned char **fpr,size_t *fpr_len)
2060 {
2061 char *uri;
2062 int rc=-1;
2063
2064 *fpr=xmalloc(20);
2065 *fpr_len=20;
2066
2067 uri = get_pka_info (name, *fpr);
2068 if (uri)
2069 {
2070 struct keyserver_spec *spec;
2071 spec = parse_keyserver_uri (uri, 1, NULL, 0);
2072 if (spec)
2073 {
2074 rc=keyserver_import_fprint (*fpr, 20, spec);
2075 free_keyserver_spec (spec);
2076 }
2077 xfree (uri);
2078 }
2079
2080 if(rc!=0)
2081 xfree(*fpr);
2082
2083 return rc;
2084 }
2085
2086 /* Import all keys that match name */
2087 int
2088 keyserver_import_name(const char *name,unsigned char **fpr,size_t *fpr_len,
2089 struct keyserver_spec *keyserver)
2090 {
2091 strlist_t list=NULL;
2092 int rc;
2093
2094 append_to_strlist(&list,name);
2095
2096 rc=keyserver_work(KS_GETNAME,list,NULL,0,fpr,fpr_len,keyserver);
2097
2098 free_strlist(list);
2099
2100 return rc;
2101 }
2102
2103 /* Use the PGP Universal trick of asking ldap://keys.(maildomain) for
2104 the key. */
2105 int
2106 keyserver_import_ldap(const char *name,unsigned char **fpr,size_t *fpr_len)
2107 {
2108 char *domain;
2109 struct keyserver_spec *keyserver;
2110 strlist_t list=NULL;
2111 int rc;
2112
2113 append_to_strlist(&list,name);
2114
2115 /* Parse out the domain */
2116 domain=strrchr(name,'@');
2117 if(!domain)
2118 return G10ERR_GENERAL;
2119
2120 domain++;
2121
2122 keyserver=xmalloc_clear(sizeof(struct keyserver_spec));
2123
2124 keyserver->scheme=xstrdup("ldap");
2125 keyserver->host=xmalloc(5+strlen(domain)+1);
2126 strcpy(keyserver->host,"keys.");
2127 strcat(keyserver->host,domain);
2128 keyserver->uri=xmalloc(strlen(keyserver->scheme)+
2129 3+strlen(keyserver->host)+1);
2130 strcpy(keyserver->uri,keyserver->scheme);
2131 strcat(keyserver->uri,"://");
2132 strcat(keyserver->uri,keyserver->host);
2133
2134 rc=keyserver_work(KS_GETNAME,list,NULL,0,fpr,fpr_len,keyserver);
2135
2136 free_strlist(list);
2137
2138 free_keyserver_spec(keyserver);
2139
2140 return rc;
2141 }
gnupg svn clone