| blob | 2e7f8078ab52923111f30e205d5b436cc8de5c8c |
1 /* gpgkeys_hkp.c - talk to an HKP keyserver
2 * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,
3 * 2009 Free Software Foundation, Inc.
4 *
5 * This file is part of GnuPG.
6 *
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 *
20 * In addition, as a special exception, the Free Software Foundation
21 * gives permission to link the code of the keyserver helper tools:
22 * gpgkeys_ldap, gpgkeys_curl and gpgkeys_hkp with the OpenSSL
23 * project's "OpenSSL" library (or with modified versions of it that
24 * use the same license as the "OpenSSL" library), and distribute the
25 * linked executables. You must obey the GNU General Public License
26 * in all respects for all of the code used other than "OpenSSL". If
27 * you modify this file, you may extend this exception to your version
28 * of the file, but you are not obligated to do so. If you do not
29 * wish to do so, delete this exception statement from your version.
30 */
32 #include <config.h>
33 #include <stdio.h>
34 #include <string.h>
35 #include <stdlib.h>
36 #include <errno.h>
37 #include <unistd.h>
38 #ifdef HAVE_GETOPT_H
39 #include <getopt.h>
40 #endif
41 #ifdef HAVE_LIBCURL
42 #include <curl/curl.h>
43 #else
45 #endif
46 #ifdef USE_DNS_SRV
48 #endif
61 static size_t
63 {
67 {
68 /* If the document begins with a '<', assume it's a HTML
69 response, which we don't support. Discard the whole message
70 body. GPG can handle it, but this is an optimization to deal
71 with it on this side of the pipe. */
77 }
81 else
83 }
85 /* Append but avoid creating a double slash // in the path. */
88 {
95 }
97 int
99 {
100 CURLcode res;
108 /* Read and throw away input until we see the BEGIN */
113 {
116 }
119 {
120 /* i.e. eof before the KEY BEGIN was found. This isn't an
121 error. */
125 }
127 /* Now slurp up everything until we see the END */
132 {
135 }
136 else
137 {
139 {
145 {
150 }
153 }
157 }
160 {
165 }
169 {
173 }
179 {
183 }
194 /* request is MAX_URL+15 bytes long - MAX_URL covers the whole URL,
195 including any supplied path. The 15 covers /pks/add. */
208 {
212 }
213 else
218 fail:
226 }
228 static int
230 {
231 CURLcode res;
238 /* Build the search string. HKP only uses the short key IDs. */
246 {
251 }
259 /* request is MAX_URL+55 bytes long - MAX_URL covers the whole URL,
260 including any supplied path. The 60 overcovers this /pks/... etc
261 string plus the 8 bytes of key id */
264 /* fingerprint or long key id. Take the last 8 characters and treat
265 it like a short key id */
268 else
283 {
286 }
287 else
288 {
291 {
295 }
296 else
298 }
301 }
303 static int
305 {
306 CURLcode res;
316 {
320 }
324 {
328 }
354 {
357 }
358 else
359 {
362 {
365 }
366 else
367 {
370 }
371 }
373 fail:
381 }
383 static int
385 {
386 CURLcode res;
400 {
404 }
408 {
412 }
424 /* HKP keyservers like the 0x to be present when searching by
425 keyid */
443 {
446 }
447 else
448 {
451 }
453 fail:
462 }
464 void
466 {
471 {
474 {
477 }
479 }
480 else
482 {
485 }
486 }
488 #ifdef HAVE_LIBCURL
489 /* If there is a SRV record, take the highest ranked possibility.
490 This is a hack, as we don't proceed downwards. */
491 static void
493 {
494 #ifdef USE_DNS_SRV
499 {
507 }
510 {
516 {
522 }
523 else
524 {
527 }
528 }
529 #endif
530 }
531 #endif
533 static void
535 {
540 }
542 int
544 {
554 /* Kludge to implement standard GNU options. */
556 {
560 }
562 {
565 }
569 {
582 {
586 }
589 }
592 {
595 {
599 }
600 }
612 /* Get the command and info block */
615 {
624 {
627 }
632 {
639 {
642 }
645 {
647 {
650 }
652 {
654 {
657 }
658 }
659 }
661 {
664 else
666 }
669 }
670 }
673 {
677 }
680 {
683 }
684 else
685 {
688 }
691 {
694 }
697 {
700 }
705 {
709 }
711 /* If the user gives a :port, then disable SRV. The semantics of a
712 specified port and SRV do not play well together. */
716 {
717 #ifdef HAVE_LIBCURL
718 /* We're using libcurl, so fake SRV support via our wrapper.
719 This isn't as good as true SRV support, as we do not try all
720 possible targets at one particular level and work our way
721 down the list, but it's better than nothing. */
723 #else
724 /* We're using our internal curl shim, so we can use its (true)
725 SRV support. Obviously, CURLOPT_SRVTAG_GPG_HACK isn't a real
726 libcurl option. It's specific to our shim. */
728 #endif
729 }
737 {
741 }
746 /* Avoid caches to get the most recent copy of the key. This is bug
747 #1061. In pre-curl versions of the code, we didn't do it. Then
748 we did do it (as a curl default) until curl changed the default.
749 Now we're doing it again, but in such a way that changing
750 defaults in the future won't impact us. We set both the Pragma
751 and Cache-Control versions of the header, so we're good with both
752 HTTP 1.0 and 1.1. */
758 {
762 }
769 /* If it's a GET or a SEARCH, the next thing to come in is the
770 keyids. If it's a SEND, then there are no keyids. */
776 {
778 {
783 else
784 {
790 {
795 }
799 /* Trim the trailing \n */
804 /* Always attach at the end to keep the list in proper
805 order for searching */
808 else
812 }
813 }
814 }
815 else
816 {
819 }
821 /* Send the response */
827 {
834 }
837 {
841 {
845 failed++;
848 }
849 }
851 {
855 {
859 failed++;
862 }
863 }
865 {
868 do
869 {
873 failed++;
874 }
876 }
878 {
884 /* To search, we stick a space in between each key to search
885 for. */
889 {
892 }
896 {
900 }
906 {
910 }
912 /* Nail that last space */
917 failed++;
920 }
921 else
927 fail:
929 {
933 }
951 }