/[winpt]/trunk/Src/wptKeyserver.cpp
ViewVC logotype

Annotation of /trunk/Src/wptKeyserver.cpp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 48 - (hide annotations)
Mon Oct 31 21:14:11 2005 UTC (19 years, 4 months ago) by werner
File size: 31084 byte(s) 
More changes.  Compiles again but there are at least gettext issues with
w32-gettext.c.  I can't get a gpg-error build with ENABLE_NLS.
1 werner 36 /* wptKeyserver.cpp - W32 Keyserver Access
2     * Copyright (C) 2000-2005 Timo Schulz
3     * Copyright (C) 2001 Marco Cunha
4     *
5     * This file is part of WinPT.
6     *
7     * WinPT is free software; you can redistribute it and/or
8     * modify it under the terms of the GNU General Public License
9     * as published by the Free Software Foundation; either version 2
10     * of the License, or (at your option) any later version.
11     *
12     * WinPT is distributed in the hope that it will be useful,
13     * but WITHOUT ANY WARRANTY; without even the implied warranty of
14     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15     * General Public License for more details.
16     *
17     * You should have received a copy of the GNU General Public License
18     * along with WinPT; if not, write to the Free Software Foundation,
19     * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20     */
21    
22     #ifdef HAVE_CONFIG_H
23     #include <config.h>
24     #endif
25    
26     #include <windows.h>
27     #include <stdio.h>
28     #include <sys/stat.h>
29     #include <ctype.h>
30    
31     #include "wptKeyserver.h"
32     #include "wptErrors.h"
33     #include "wptTypes.h"
34     #include "wptNLS.h"
35     #include "wptW32API.h"
36     #include "wptVersion.h"
37     #include "wptGPG.h"
38     #include "wptRegistry.h"
39    
40     static char base64code[] =
41     "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
42    
43     keyserver server[MAX_KEYSERVERS] = {0};
44     static keyserver_proxy_ctx proxy = {0};
45     static const char * server_list[] = {
46     "hkp://wwwkeys.nl.pgp.net",
47     "hkp://wwwkeys.pl.pgp.net",
48     "hkp://wwwkeys.at.pgp.net",
49     "hkp://wwwkeys.ch.pgp.net",
50     "hkp://wwwkeys.de.pgp.net",
51     "hkp://wwwkeys.dk.pgp.net",
52     "hkp://wwwkeys.cz.pgp.net",
53     "hkp://wwwkeys.es.pgp.net",
54     "hkp://wwwkeys.eu.pgp.net",
55     "hkp://wwwkeys.uk.pgp.net",
56     "hkp://wwwkeys.us.pgp.net",
57     "hkp://gnv.us.ks.cryptnet.net",
58     "hkp://subkeys.pgp.net",
59     "ldap://keyserver.pgp.com",
60     NULL
61     };
62     static char hkp_errmsg[1024];
63     static int hkp_err = 0;
64     static u32 conf_timestamp = 0;
65     char * default_keyserver = NULL;
66     unsigned short default_keyserver_port = 0;
67    
68    
69     static void
70     base64_encode( const char *inputstr, char *outputstr, int maxlen )
71     {
72     int index = 0, temp = 0, res = 0, i = 0, inputlen = 0, len = 0;
73    
74     inputlen = strlen (inputstr); /* fixme: check if len > maxlen */
75     for (i = 0; i <inputlen; i++) {
76     res = temp;
77     res = (res << 8) | (inputstr[i] & 0xFF);
78     switch (index++) {
79     case 0: outputstr[len++] = base64code[res >> 2 & 0x3F]; res &= 0x3; break;
80     case 1: outputstr[len++] = base64code[res >> 4 & 0x3F]; res &= 0xF; break;
81     case 2: outputstr[len++] = base64code[res >> 6 & 0x3F];
82     outputstr[len++] = base64code[res & 0x3F]; res = index = 0; break;
83     }
84     temp = res;
85     }
86    
87     switch( index ) {
88     case 0: break;
89     case 2: outputstr[len++] = base64code[temp << 2 & 0x3F];
90     outputstr[len++] = '='; break;
91     case 1: outputstr[len++] = base64code[temp << 4 & 0x3F];
92     outputstr[len++] = '=';
93     outputstr[len++] = '=';
94     }
95    
96     outputstr[len] = '\0';
97     } /* base64_encode */
98    
99    
100     /* Skip the URL schema and return only the host part of it. */
101     static const char *
102     skip_type_prefix (const char * hostname)
103     {
104     if (hostname && !strncmp (hostname, "http://", 7))
105     hostname += 7;
106     else if (hostname && !strncmp (hostname, "hkp://", 6))
107     hostname += 6;
108     else if (hostname && !strncmp (hostname, "finger://", 9))
109     hostname += 9;
110     else if (hostname && !strncmp (hostname, "ldap://", 7))
111     hostname += 7;
112     return hostname;
113     }
114    
115    
116     /* Check that the keyserver response indicates an OK.
117     Return 0 on success. */
118     static int
119     check_hkp_response (const char *resp, int recv)
120     {
121     int ec, len;
122     char *p, * end;
123    
124     ec = recv ? WPTERR_WINSOCK_RECVKEY : WPTERR_WINSOCK_SENDKEY;
125     if (!strstr (resp, "HTTP/1.0 200 OK") &&
126     !strstr (resp, "HTTP/1.1 200 OK")) /* http error */
127     return ec;
128     if (strstr (resp, "Public Key Server -- Error")
129     || strstr (resp, "Public Key Server -- Error")
130     || strstr (resp, "No matching keys in database")) {
131     p = strstr (resp, "<p>");
132     if (p && strlen (p) < sizeof (hkp_errmsg)) {
133     end = strstr (p, "</p>");
134     len = end? (end - p + 1) : strlen (p);
135     strncpy (hkp_errmsg, p, len);
136     hkp_err = 1;
137     }
138     return ec;
139     }
140     return 0;
141     }
142    
143    
144     /* Read a single line (\r\n) from a socket.
145     Return 0 on success. */
146     static int
147     sock_getline (int fd, char *buf, int buflen, int *nbytes)
148     {
149     char ch;
150     int count = 0;
151    
152     if (nbytes)
153     *nbytes = 0;
154     *buf = 0;
155     while (recv (fd, &ch, 1, 0) > 0) {
156     *buf++ = ch;
157     count++;
158     if (ch == '\n' || count == (buflen - 1)) {
159     *buf = 0;
160     if (nbytes)
161     *nbytes = count;
162     return 0;
163     }
164     }
165    
166     return -1;
167     }
168    
169    
170     /* Perform a select() on the given fd to find out
171     is there is data for reading. Wait at least @nsecs seconds. */
172     static int
173     sock_select (int fd, int nsecs)
174     {
175     FD_SET rfd;
176     timeval tv = {nsecs, 0};
177    
178     FD_ZERO (&rfd);
179     FD_SET (fd, &rfd);
180     if (select (fd + 1, &rfd, NULL, NULL, &tv) == SOCKET_ERROR)
181     return SOCKET_ERROR;
182     if (FD_ISSET (fd, &rfd))
183     return 1;
184     return 0;
185     }
186    
187    
188     /* Read from a socket with a fixed timeout of 10 seconds.
189     Return value: 0 on success. */
190     static int
191     sock_read (int fd, char *buf, int buflen, int *nbytes)
192     {
193     DWORD nread;
194     int nleft = buflen;
195     int rc, n = 0;
196    
197     while (nleft > 0) {
198     if (n >= 10)
199     return WPTERR_WINSOCK_TIMEOUT;
200     rc = sock_select (fd, 1);
201     if (rc == SOCKET_ERROR)
202     return SOCKET_ERROR;
203     else if( !rc )
204     n++;
205     else {
206     nread = recv (fd, buf, nleft, 0);
207     if (nread == SOCKET_ERROR)
208     return SOCKET_ERROR;
209     else if (!nread)
210     break;
211     nleft -= nread;
212     buf += nread;
213     }
214     }
215     if (nbytes)
216     *nbytes = buflen - nleft;
217    
218     return 0;
219     }
220    
221    
222     /* Write @buf to a socket @fd. */
223     static int
224     sock_write (int fd, const char *buf, int buflen)
225     {
226     DWORD nwritten;
227     int nleft = buflen;
228    
229     while (nleft > 0) {
230     nwritten = send (fd, buf, nleft, 0);
231     if (nwritten == SOCKET_ERROR)
232     return SOCKET_ERROR;
233     nleft -= nwritten;
234     buf += nwritten;
235     }
236    
237     return 0;
238     }
239    
240    
241     void
242     set_default_kserver (void)
243     {
244     char * p = get_reg_entry_keyserver ("Default");
245     free_if_alloc (default_keyserver);
246     default_keyserver = p && *p != ' ' ? p : m_strdup (DEF_HKP_KEYSERVER);
247     p = get_reg_entry_keyserver ("Default_Port");
248     if (p && *p) {
249     default_keyserver_port = (u16)strtoul (p, NULL, 10);
250     free_if_alloc (p);
251     }
252     else
253     default_keyserver_port = HKP_PORT;
254     }
255    
256    
257     /* Initialize the Winsock2 interface.*/
258     int
259     wsock_init (void)
260     {
261     WSADATA wsa;
262    
263     if (WSAStartup (0x202, &wsa))
264     return WPTERR_WINSOCK_INIT;
265     set_default_kserver ();
266     return 0;
267     }
268    
269    
270     /* Cleanup the Winsock2 interface. */
271     void
272     wsock_end (void)
273     {
274     int i;
275    
276     free_if_alloc (default_keyserver);
277     default_keyserver = NULL;
278     for (i=0; i < MAX_KEYSERVERS; i++) {
279     if (server[i].used)
280     free_if_alloc (server[i].name);
281     }
282     WSACleanup ();
283     }
284    
285    
286     /* Return a string representation of a winsock error. */
287     const char*
288     wsock_strerror (void)
289     {
290     static char buf[384];
291     int ec = WSAGetLastError ();
292    
293     switch (ec) {
294     case WSAENETDOWN:
295     return _("The network subsystem has failed");
296     case WSAHOST_NOT_FOUND:
297     return _("Authoritative Answer Host not found");
298     case WSAETIMEDOUT:
299     return _("The connection has been dropped because of a network failure");
300     default:
301     _snprintf (buf, sizeof (buf) -1, _("Unknown Winsock error ec=%d"),ec);
302     return buf;
303     }
304     return NULL;
305     }
306    
307    
308     /* Return the last keyserver error as a string. */
309     const char*
310     kserver_strerror (void)
311     {
312     if (hkp_err)
313     return hkp_errmsg;
314     return NULL;
315     }
316    
317    
318     /* Read a keyserver from the list at index @idx.
319     Return value: keyserver name at the given position. */
320     const char*
321     kserver_get_hostname (int idx, int type, u16 *port)
322     {
323     if (type == -1) {
324     *port = default_keyserver_port;
325     return default_keyserver;
326     }
327     else if (!type && idx < DIM (server_list)) {
328     *port = HKP_PORT;
329     return server_list[idx];
330     }
331     return NULL;
332     }
333    
334    
335     /* Check if the computer is connected to the internet.
336     Return 0 on success -1 otherwise. */
337     int
338     kserver_check_inet_connection (void)
339     {
340     int fd;
341    
342     if (!kserver_connect (default_keyserver, default_keyserver_port, &fd)) {
343     closesocket (fd);
344     return 0;
345     }
346     return -1;
347     }
348    
349    
350     /*
351     * If the request contains the keyid, it have to be
352     * always postfix with '0x'+keyid. This code checks
353     * if the keyid is a decimal value and if so if it contains
354     * the '0x'. If not it is inserted.
355     */
356     const char*
357     kserver_check_keyid (const char *keyid)
358     {
359     static char id[20];
360    
361     if (strstr (keyid, "@"))
362     return keyid; /* email address */
363     if (strncmp (keyid, "0x", 2)) {
364     memset (&id, 0, sizeof (id));
365     _snprintf (id, sizeof (id)-1, "0x%s", keyid);
366     return id;
367     }
368     return keyid;
369     } /* kserver_check_keyid */
370    
371    
372     static void
373     kserver_update_proxyuser (const char *proxy_user, const char *proxy_pass)
374     {
375     char t[257]; /* user:pass = 127+1+127+1 = 257 */
376     int n = 0;
377    
378     n = 4*strlen (proxy_user) / 3 + 32 + strlen (proxy_pass) + 2;
379     free_if_alloc (proxy.base64_user);
380     proxy.base64_user = new char[n];
381     if (!proxy.base64_user)
382     BUG (0);
383     _snprintf (t, sizeof (t)-1, "%s:%s", proxy_user, proxy_pass);
384     base64_encode (t, proxy.base64_user, 257);
385     free_if_alloc (proxy.user);
386     free_if_alloc (proxy.pass);
387     proxy.user = m_strdup (proxy_user);
388     proxy.pass = m_strdup (proxy_pass);
389     } /* kserver_update_proxyuser */
390    
391    
392     /* Check that the given buffer contains a valid keyserver URL. */
393     static int
394     check_URL (const char * buf)
395     {
396     if (strlen (buf) < 7)
397     return -1;
398     if (!strstr (buf, "ldap://")
399     && !strstr (buf, "http://")
400     && !strstr (buf, "finger://")
401     && !strstr (buf, "hkp://"))
402     return -1;
403     return 0;
404     }
405    
406    
407     /* Get the port number from the given protocol. */
408     static int
409     port_from_proto (int proto)
410     {
411     switch (proto) {
412     case KSPROTO_LDAP: return 0;
413     case KSPROTO_FINGER: return FINGER_PORT;
414     case KSPROTO_HTTP: return HKP_PORT;
415     }
416     return 0;
417     }
418    
419    
420     /* Get the port number from the given URL. */
421     static int
422     proto_from_URL (const char * buf)
423     {
424     if (strstr( buf, "ldap"))
425     return KSPROTO_LDAP;
426     else if (strstr( buf, "finger"))
427     return KSPROTO_FINGER;
428     return KSPROTO_HKP;
429     }
430    
431    
432     void
433     keyserver_set_default (const char * hostname, u16 port)
434     {
435     if (hostname) {
436     free_if_alloc (default_keyserver);
437     default_keyserver = m_strdup (hostname);
438     if (!default_keyserver)
439     BUG (0);
440     default_keyserver_port = port;
441     }
442     server[0].name = m_strdup (default_keyserver);
443     server[0].used = 1;
444     server[0].port = port;
445     server[0].proto = proto_from_URL (default_keyserver);
446     } /* keyserver_set_default */
447    
448    
449     static const char *
450     skip_whitespace (const char * str)
451     {
452     while (str && *str)
453     {
454     if (*str == ' ' ||
455     *str == '\t' ||
456     *str == '\n' ||
457     *str == '\r')
458     {
459     str++;
460     continue;
461     }
462     break;
463     }
464     return str;
465     }
466    
467    
468     int
469     kserver_load_conf (const char * conf)
470     {
471     struct stat statbuf;
472     FILE *fp;
473     char buf[1024], * s, * p;
474     char *user = NULL, *pass = NULL;
475     int pos, proxy_auth = 0;
476     int no_config=0, chk_pos=0;
477    
478     for (pos = 0; pos < MAX_KEYSERVERS; pos++) {
479     server[pos].used = 0;
480     server[pos].port = HKP_PORT;
481     }
482    
483     fp = fopen (conf, "rb");
484     if (!fp) {
485     for (pos = 0; server_list[pos]; pos++) {
486     server[pos].used = 1;
487     server[pos].name = m_strdup (server_list[pos]);
488     server[pos].proto = proto_from_URL (server_list[pos]);
489     }
490     no_config=1;
491     }
492     get_reg_proxy_prefs (&proxy.host, &proxy.port, &user, &pass);
493     if (user && pass)
494     kserver_update_proxyuser (user, pass);
495     else if (user && !pass || !user && pass) {
496     msg_box( NULL, _("Invalid proxy configuration."
497     "You need to set a user and a password"
498     "to use proxy authentication!"), _("Proxy Error"), MB_ERR );
499     }
500     /* check if the host has a http:// prefix and skip it */
501     if( proxy.host && !strncmp( proxy.host, "http://", 7 ) ) {
502     const char *s = proxy.host+7;
503     char * p = m_strdup (s);
504     if (!p)
505     BUG (0);
506     free_if_alloc (proxy.host);
507     proxy.host = p;
508     }
509     free_if_alloc (user);
510     free_if_alloc (pass);
511    
512     pos = 0;
513     while( fp && !feof( fp ) ) {
514     s = fgets (buf, sizeof (buf)-1, fp);
515     if (!s)
516     break;
517     if (strstr (buf, "\r\n"))
518     buf[strlen (buf)-2] = '\0';
519     if (strstr (buf, "\n"))
520     buf[strlen (buf)-1] = '\0';
521     s = (char *)skip_whitespace (buf);
522     if (*s == '#' || strlen (s) < 7)
523     continue;
524     if (check_URL (s)) {
525     msg_box (NULL, _("All entries of this file must have a valid prefix.\n"
526     "Currently HKP/HTTP, LDAP and FINGER are supported.\n"),
527     _("Keyserver Error"), MB_ERR);
528     continue;
529     }
530     chk_pos=6;
531     if (strstr (s, "finger"))
532     chk_pos = 10;
533     p = strchr (s+chk_pos, ':');
534     server[pos].used = 1;
535     server[pos].proto = proto_from_URL (s);
536     server[pos].port = port_from_proto (server[pos].proto);
537     if (!p)
538     server[pos].name = m_strdup (s);
539     else {
540     server[pos].port = atol (p+1);
541     if (server[pos].port < 0 || server[pos].port > 65536)
542     server[pos].port = HKP_PORT;
543     server[pos].name = new char [(p-s)+2];
544     if (!server[pos].name)
545     BUG (0);
546     memset (server[pos].name, 0, (p-s)+2);
547     memcpy (server[pos].name, s, (p-s));
548     }
549     pos++;
550     if (pos > MAX_KEYSERVERS)
551     {
552     msg_box (NULL, _("The keyserver limit is exceeded"), _("Keyserver Warning"), MB_INFO);
553     break;
554     }
555     }
556     if (fp)
557     fclose (fp);
558     if (!pos)
559     {
560     /* only issue an error if the config file exist but it has no valid entries. */
561     keyserver_set_default (NULL, HKP_PORT);
562     if (!no_config)
563     return WPTERR_CONFIG_FILE;
564     }
565    
566     if (!stat (conf, &statbuf))
567     conf_timestamp = statbuf.st_mtime;
568     return 0;
569     } /* kserver_load_conf */
570    
571    
572     const char *
573     kserver_get_proxy (int * r_port)
574     {
575     if (proxy.host) {
576     if (r_port)
577     *r_port = proxy.port;
578     return proxy.host;
579     }
580     return NULL;
581     } /* kserver_get_proxy */
582    
583    
584     const char *
585     kserver_get_proxy_info (int id)
586     {
587     switch (id) {
588     case PROXY_USER: return proxy.user;
589     case PROXY_PASS: return proxy.pass;
590     }
591     return NULL;
592     } /* kserver_get_proxy_info */
593    
594    
595     /* Connect to the keyserver @hostname. */
596     int
597     kserver_connect (const char *hostname, u16 port, int *conn_fd)
598     {
599     int rc, fd;
600     u32 iaddr;
601     char host[128] = {0};
602     struct hostent *hp;
603     struct sockaddr_in sock;
604    
605     log_debug ("kserver_connect: %s:%d\r\n", hostname, port);
606    
607     if (!port)
608     port = HKP_PORT;
609     if (conn_fd)
610     *conn_fd = 0;
611     hostname = skip_type_prefix (hostname);
612    
613     memset (&sock, 0, sizeof (sock));
614     sock.sin_family = AF_INET;
615     sock.sin_port = proxy.host? htons (proxy.port) : htons (port);
616     if (proxy.host)
617     strncpy (host, proxy.host, 127);
618     else
619     strncpy (host, hostname, 127);
620    
621     if ((iaddr = inet_addr (host)) != INADDR_NONE)
622     memcpy (&sock.sin_addr, &iaddr, sizeof (iaddr));
623     else if ((hp = gethostbyname (host))) {
624     if (hp->h_addrtype != AF_INET || hp->h_length != 4) {
625     log_debug ("gethostbyname: unknown address type.\r\n");
626     return WPTERR_WINSOCK_RESOLVE;
627     }
628     memcpy (&sock.sin_addr, hp->h_addr, hp->h_length);
629     }
630     else {
631     log_debug ("gethostbyname: failed.\r\n");
632     return WPTERR_WINSOCK_RESOLVE;
633     }
634     fd = socket (AF_INET, SOCK_STREAM, 0);
635     if (fd == INVALID_SOCKET)
636     return WPTERR_WINSOCK_SOCKET;
637     rc = connect (fd, (struct sockaddr *) &sock, sizeof (sock));
638     if (rc == SOCKET_ERROR) {
639     log_debug ("connect: failed.\r\n");
640     closesocket (fd);
641     return WPTERR_WINSOCK_CONNECT;
642     }
643    
644     if (conn_fd)
645     *conn_fd = fd;
646     WSASetLastError (0);
647     return 0;
648     } /* kserver_connect */
649    
650    
651     /* Perform URL-encoding on the given pubkey blob. */
652     static char*
653     kserver_urlencode (const char *pubkey, size_t octets, size_t *newlen)
654     {
655     char *p, numbuf[5];
656     size_t j = 0;
657     size_t i, size;
658    
659     p = new char [2*octets];
660     if (!p)
661     BUG (0);
662    
663     for (size=0, i=0; i < octets; i++) {
664     if (isalnum (pubkey[i]) || pubkey[i] == '-') {
665     p[size] = pubkey[i];
666     size++;
667     }
668     else if (pubkey[i] == ' ') {
669     p[size] = '+';
670     size++;
671     }
672     else {
673     sprintf(numbuf, "%%%02X", pubkey[i]);
674     for (j = 0; j<strlen(numbuf); j++) {
675     p[size] = numbuf[j];
676     size++;
677     }
678     }
679     }
680     p[size] = '\0';
681     *newlen = size;
682     return p;
683     }
684    
685    
686     /* Format a request for the given keyid (send). */
687     static char*
688     kserver_send_request (const char *hostname, u16 port, const char *pubkey, int octets)
689     {
690     char *request = NULL, *enc_pubkey = NULL;
691     int reqlen;
692     size_t enc_octets;
693    
694     log_debug ("kserver_send_request: %s:%d\n", hostname, port);
695    
696     if (!port)
697     port = HKP_PORT;
698     reqlen = 512 + strlen (hostname) + 2*strlen (pubkey);
699     request = new char[reqlen];
700     if (!request)
701     BUG (0);
702     enc_pubkey = kserver_urlencode (pubkey, octets, &enc_octets);
703     if (!enc_pubkey || !enc_octets) {
704     free_if_alloc (request);
705     return NULL;
706     }
707    
708     if (proxy.user) {
709     _snprintf (request, reqlen-1,
710     "POST http://%s:%d/pks/add HTTP/1.0\r\n"
711     "Referer: \r\n"
712     "User-Agent: WinPT/W32\r\n"
713     "Host: %s:%d\r\n"
714     "Proxy-Authorization: Basic %s\r\n"
715     "Content-type: application/x-www-form-urlencoded\r\n"
716     "Content-length: %d\r\n"
717     "\r\n"
718     "keytext=%s"
719     "\n",
720     skip_type_prefix (hostname), port, hostname, port,
721     proxy.base64_user, enc_octets+9, enc_pubkey);
722     }
723     else {
724     _snprintf (request, reqlen-1,
725     "POST /pks/add HTTP/1.0\r\n"
726     "Referer: \r\n"
727     "User-Agent: WinPT/W32\r\n"
728     "Host: %s:%d\r\n"
729     "Content-type: application/x-www-form-urlencoded\r\n"
730     "Content-length: %d\r\n"
731     "\r\n"
732     "keytext=%s"
733     "\n",
734     skip_type_prefix (hostname), port, enc_octets+9, enc_pubkey);
735     }
736     free_if_alloc (enc_pubkey);
737    
738     log_debug ("%s\n", request);
739     return request;
740     } /* kserver_send_request */
741    
742    
743     /* Interface receiving a public key. */
744     int
745     kserver_recvkey (const char *hostname, u16 port, const char *keyid, char *key, int maxkeylen)
746     {
747     int rc, n;
748     int conn_fd;
749     char *request = NULL;
750    
751     if (!port)
752     port = HKP_PORT;
753     hkp_err = 0; /* reset */
754     rc = kserver_connect (hostname, port, &conn_fd);
755     if (rc)
756     goto leave;
757    
758     request = new char[300+1];
759     if (!request)
760     BUG (0);
761    
762     if (proxy.host && proxy.user) {
763     _snprintf (request, 300,
764     "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n"
765     "Proxy-Authorization: Basic %s\r\n\r\n",
766     skip_type_prefix (hostname), port, keyid, proxy.base64_user);
767     }
768     else if (proxy.host) {
769     _snprintf (request, 300,
770     "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n",
771     skip_type_prefix (hostname), port, keyid);
772     }
773     else {
774     _snprintf (request, 300,
775     "GET /pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n", keyid);
776     }
777    
778     log_debug ("%s\r\n", request);
779    
780     rc = sock_write (conn_fd, request, strlen (request));
781     if (rc == SOCKET_ERROR) {
782     rc = WPTERR_WINSOCK_RECVKEY;
783     goto leave;
784     }
785    
786     rc = sock_read( conn_fd, key, maxkeylen, &n );
787     if( rc == SOCKET_ERROR ) {
788     rc = WPTERR_WINSOCK_RECVKEY;
789     goto leave;
790     }
791    
792     log_debug("%s\r\n", key);
793     rc = check_hkp_response (key, 1);
794     if (rc)
795     goto leave;
796    
797     WSASetLastError (0);
798    
799     leave:
800     closesocket (conn_fd);
801     free_if_alloc (request);
802     return rc;
803     } /* kserver_recvkey */
804    
805    
806     /* Interface to send a public key. */
807     int
808     kserver_sendkey (const char *hostname, u16 port, const char *pubkey, int len )
809     {
810     int n, rc;
811     int conn_fd;
812     char *request = NULL;
813     char log[2048];
814    
815     hkp_err = 0; /* reset */
816     rc = kserver_connect (hostname, port, &conn_fd);
817     if (rc)
818     goto leave;
819    
820     request = kserver_send_request (hostname, port, pubkey, len);
821     if (request == NULL) {
822     rc = WPTERR_GENERAL;
823     goto leave;
824     }
825    
826     rc = sock_write( conn_fd, request, lstrlen(request) );
827     if( rc == SOCKET_ERROR ) {
828     rc = WPTERR_WINSOCK_SENDKEY;
829     goto leave;
830     }
831    
832     rc = sock_read( conn_fd, log, sizeof (log)-1, &n );
833     if( rc == SOCKET_ERROR ) {
834     rc = WPTERR_WINSOCK_SENDKEY;
835     goto leave;
836     }
837    
838     log_debug ("kserver_sendkey:\r\n%s\r\n", log);
839    
840     rc = check_hkp_response (log, 0);
841     if( rc )
842     goto leave;
843    
844     WSASetLastError (0);
845    
846     leave:
847     closesocket (conn_fd);
848     free_if_alloc (request);
849     return rc;
850     } /* kserver_sendkey */
851    
852    
853     int
854     kserver_search_init (const char * hostname, u16 port, const char * keyid, int * conn_fd)
855     {
856     int rc, sock_fd;
857     int n=0;
858 twoaday 2 char * request = NULL;
859 werner 36
860     rc = kserver_connect (hostname, port, &sock_fd);
861     if (rc) {
862     *conn_fd = 0;
863     goto leave;
864     }
865    
866     n=300;
867     request = new char[n+1];
868     if (!request)
869     BUG (0);
870    
871     if (proxy.host && proxy.user) {
872     _snprintf (request, n,
873     "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n"
874     "Proxy-Authorization: Basic %s\r\n\r\n",
875     skip_type_prefix (hostname), port, keyid, proxy.base64_user);
876     }
877     else if (proxy.host) {
878     _snprintf (request, n,
879     "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n",
880     skip_type_prefix (hostname), port, keyid);
881     }
882     else {
883     _snprintf (request, n,
884     "GET /pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n", keyid);
885     }
886    
887     log_debug ("kserver_search_init:\r\n%s\r\n", request);
888    
889     if (sock_write (sock_fd, request, strlen (request)) == SOCKET_ERROR) {
890     rc = WPTERR_GENERAL;
891     goto leave;
892     }
893    
894     *conn_fd = sock_fd;
895    
896     leave:
897     free_if_alloc (request);
898     return rc;
899     } /* kserver_search_init */
900    
901    
902     int
903     kserver_search_chkresp (int fd)
904     {
905     char buf[128];
906     int n=0;
907    
908     /* parse response 'HTTP/1.0 500 OK' */
909     if (sock_getline (fd, buf, 127, &n))
910     return WPTERR_KEYSERVER_NOTFOUND;
911    
912     log_debug ("kserver_search_chkpresp: %s\r\n", buf);
913     if (strncmp (buf, "HTTP/1.", 7))
914     return WPTERR_KEYSERVER_NOTFOUND;
915     if (strncmp (buf+(8+1), "200", 3))
916     return WPTERR_KEYSERVER_NOTFOUND;
917     return 0;
918     } /* kserver_search_chkresp */
919    
920    
921     int
922     kserver_search (int fd, keyserver_key * key)
923     {
924     char buf[1024], *p;
925     int uidlen, nbytes, pos = 0;
926    
927     log_debug ("keyserver_search:\n");
928    
929     if (sock_getline (fd, buf, sizeof (buf) - 1, &nbytes))
930     return WPTERR_GENERAL;
931    
932     log_debug ("%s\n", buf);
933    
934     if (!strncmp (buf, "pub", 3)) {
935     int revoked = strstr (buf, "KEY REVOKED") != NULL? 1 : 0;
936     key->bits = atol (buf+3);
937     p = strchr (buf, '>');
938     if (!p)
939     goto fail;
940     pos = p - buf + 1;
941     memcpy (key->keyid, buf + pos, 8);
942     key->keyid[8] = '\0';
943     p = strstr (buf, "</a>");
944     if (!p)
945     goto fail;
946     pos = p - buf + 5;
947     memcpy (key->date, buf + pos, 10);
948     key->date[10] = '\0';
949     if (revoked) {
950     strcpy (key->uid, "KEY REVOKED: not checked");
951     return 0;
952     }
953     pos += 10;
954     p = buf + pos + 1;
955     while (p && *p != '>')
956     p++;
957     p++;
958     uidlen = strlen (p) - 10;
959     memcpy (key->uid, p, uidlen);
960     key->uid[uidlen] = '\0';
961     strcat (key->uid, ">");
962     p = strchr (key->uid, '&');
963     if (p) {
964     key->uid[(p-key->uid)] = '<';
965     memmove (key->uid+(p-key->uid)+1, key->uid+(p-key->uid)+4, strlen (key->uid)-3);
966     }
967     return 0;
968     }
969    
970     fail:
971     key->bits = 0;
972     memset (key, 0, sizeof *key);
973     return 0;
974     } /* kserver_search */
975    
976    
977     static int
978     add_node( keyserver_cfgfile *cfg, const char *entry )
979     {
980     keyserver_node *node;
981     char *p = NULL;
982    
983     p = strchr( entry, '=' );
984     if( p == NULL )
985     return WPTERR_GENERAL;
986     node = new keyserver_node;
987     if( !node )
988     BUG( NULL );
989    
990     memset( node, 0, sizeof *node );
991     node->used = 1;
992    
993     node->host.used = 1;
994     node->host.proto = proto_from_URL( entry );
995     memcpy( node->host.name, entry+7, p-entry-7 );
996     node->next = cfg->list;
997     cfg->list = node;
998    
999     return 0;
1000     } /* add_node */
1001    
1002    
1003     void
1004     kserver_change_proxy( keyserver_proxy_ctx *ctx )
1005     {
1006     proxy.port = ctx->port;
1007     free_if_alloc (proxy.host);
1008     proxy.host = ctx->host? m_strdup( ctx->host ) : NULL;
1009     free_if_alloc( proxy.pass );
1010     proxy.pass = ctx->pass? m_strdup( ctx->pass ) : NULL;
1011     free_if_alloc( proxy.user );
1012     proxy.user = ctx->user? m_strdup( ctx->user ) : NULL;
1013     set_reg_proxy_prefs( proxy.host, proxy.port, proxy.user, proxy.pass );
1014     } /* kserver_change_proxy */
1015    
1016    
1017     int
1018     kserver_read_config( const char *fname, keyserver_cfgfile **ret_cfg )
1019     {
1020     FILE *fp;
1021     keyserver_cfgfile *cfg;
1022     char buf[256];
1023     int rc = 0;
1024    
1025     *ret_cfg = NULL;
1026     fp = fopen( fname, "rb" );
1027     if( fp == NULL )
1028     return WPTERR_FILE_OPEN;
1029    
1030     cfg = new keyserver_cfgfile;
1031     if ( !cfg )
1032     BUG( NULL );
1033     memset( cfg, 0, sizeof *cfg );
1034    
1035     while ( !feof( fp ) ) {
1036     if ( fgets( buf, sizeof(buf)-1, fp ) == NULL )
1037     break;
1038     if ( *buf == '\r' || *buf == '\n' || *buf == '#' )
1039     continue;
1040     buf[strlen(buf) -2] = '\0';
1041     if ( !strncmp( buf, "use_proxy=", 10 ) ) {
1042     char *p = strchr(buf, ':');
1043     if (!p)
1044     continue;
1045     cfg->proxy.port = atol( buf+(p-buf+1) );
1046     buf[p-buf] = '\0';
1047     cfg->proxy.host = m_strdup( buf+10 );
1048     }
1049     else if ( !strncmp( buf, "proxy_user=", 11 ) )
1050     cfg->proxy.user = m_strdup( buf+11 );
1051     else if ( !strncmp( buf, "proxy_pass=", 11 ) )
1052     cfg->proxy.pass = m_strdup( buf+11 );
1053     if ( !strncmp( buf, "http://", 7 )
1054     || !strncmp( buf, "hkp://", 6 )
1055     || !strncmp( buf, "ldap://", 7 ) ) {
1056     add_node( cfg, buf );
1057     cfg->nlist++;
1058     }
1059     }
1060    
1061     fclose( fp );
1062     *ret_cfg = cfg;
1063    
1064     return rc;
1065     } /* kserver_read_config */
1066    
1067    
1068     int
1069     kserver_write_config( const char * fname, keyserver_cfgfile * cfg )
1070     {
1071    
1072     return 0;
1073     }
1074    
1075    
1076     void
1077     kserver_cfgfile_release( keyserver_cfgfile *cfg )
1078     {
1079     keyserver_node *k, *k2;
1080    
1081     proxy_release( &cfg->proxy );
1082     for( k = cfg->list; cfg->nlist--; k = k2 ) {
1083     k2 = k->next;
1084     free_if_alloc( k );
1085     }
1086     free_if_alloc( cfg );
1087     } /* kserver_cfgfile_release */
1088    
1089    
1090     void
1091     proxy_release( keyserver_proxy_ctx *ctx )
1092     {
1093     free_if_alloc( ctx->host );
1094     free_if_alloc( ctx->pass );
1095     free_if_alloc( ctx->user );
1096     } /* proxy_release */
1097    
1098    
1099     int
1100     ldap_recvkey (const char * host, const char * keyid, char * key, int maxkeylen)
1101     {
1102     const char *s;
1103     char *ksprg = NULL, *p = NULL;
1104     char temp[512], outf[512];
1105     FILE * inp;
1106     int rc, start_key = 0;
1107     STARTUPINFO si;
1108     PROCESS_INFORMATION pi;
1109    
1110     p = get_gnupg_path ();
1111     ksprg = new char[strlen (p) + 1 + 128];
1112     if (!ksprg)
1113     BUG (0);
1114     strcpy (ksprg, p);
1115     strcat (ksprg, "\\");
1116     strcat (ksprg, "gpgkeys_ldap.exe");
1117     free_if_alloc (p);
1118     if (file_exist_check (ksprg)) {
1119     log_box ( "LDAP Keyserver Plugin", MB_ERR, "Could not find LDAP keyserver module!");
1120     rc = -1;
1121     goto leave;
1122     }
1123     GetTempPath (sizeof (temp)-1, temp);
1124     strcpy (outf, temp);
1125     strcat (outf, keyid);
1126     strcat (outf, ".out");
1127     strcat (temp, keyid);
1128     inp = fopen (temp, "w+b");
1129     if( !inp ) {
1130     log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", temp,
1131     winpt_strerror (WPTERR_FILE_OPEN));
1132     rc = -1;
1133     goto leave;
1134     }
1135     fprintf (inp,
1136     "VERSION 0\n"
1137     "HOST %s\n"
1138     "OPTION verbose\n"
1139     "COMMAND GET\n"
1140     "\n"
1141     "%s\n", host? skip_type_prefix (host): "64.94.85.200", keyid);
1142     fclose (inp);
1143    
1144     memset (&si, 0, sizeof (si));
1145     si.cb = sizeof (si);
1146     si.dwFlags = STARTF_USESHOWWINDOW;
1147     si.wShowWindow = SW_HIDE;
1148     memset (&pi, 0, sizeof (pi));
1149     p = new char[strlen (ksprg) + strlen (temp) + strlen (outf) + 32];
1150     sprintf (p, "%s -o %s %s", ksprg, outf, temp);
1151     rc = CreateProcess (NULL, p, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi);
1152     if (!rc) {
1153     log_box ("LDAP Keyserver Plugin", MB_ERR, "Could not spawn process");
1154     rc = -1;
1155     goto leave;
1156     }
1157     CloseHandle (pi.hThread);
1158     WaitForSingleObject (pi.hProcess, INFINITE);
1159     CloseHandle (pi.hProcess);
1160    
1161     inp = fopen (outf, "rb");
1162     if (!inp) {
1163     log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", outf,
1164     winpt_strerror (WPTERR_FILE_OPEN));
1165     rc = -1;
1166     goto leave;
1167     }
1168     memset (key, 0, maxkeylen);
1169     while( !feof( inp ) ) {
1170     s = fgets( temp, sizeof (temp)-1, inp );
1171     if( !s )
1172     break;
1173     if( !start_key && strstr( s, "KEY" ) && strstr( s, "BEGIN" ) ) {
1174     start_key = 1;
1175     continue;
1176     }
1177     if( !start_key )
1178     continue;
1179     strcat( key, temp );
1180     maxkeylen -= strlen( temp );
1181     if( maxkeylen < 0 || (strstr( s, "KEY" ) && strstr( s, "END" )) )
1182     break;
1183     }
1184     fclose( inp );
1185    
1186     leave:
1187     if( !strlen( key ) )
1188     rc = WPTERR_WINSOCK_RECVKEY;
1189     free_if_alloc( p );
1190     free_if_alloc( ksprg );
1191     return rc;
1192     } /* ldap_recvkey */
1193    
1194    
1195     static int
1196     finger_readline (int fd, char * buf, int nbytes)
1197     {
1198     char c = 0;
1199     int n, pos = 0;
1200    
1201     while (nbytes > 0) {
1202     n = recv (fd, &c, 1, 0);
1203     if (n <= 0)
1204     break;
1205     if (c == '\n')
1206     break;
1207     buf[pos++] = c;
1208     nbytes--;
1209     }
1210     if (nbytes > 0)
1211     buf[pos++] = '\0';
1212     if (n <= 0)
1213     pos = n;
1214     return pos;
1215     }
1216    
1217    
1218     int
1219     finger_recvkey (const char * host, const char * user, char * key, int maxkeylen)
1220     {
1221     struct hostent * hp;
1222     struct sockaddr_in saddr;
1223     char buf[128];
1224     int fd, nread;
1225     int start_key = 0;
1226     int rc=0;
1227    
1228     fd = socket (PF_INET, SOCK_STREAM, 0);
1229     if (fd == -1)
1230     return WPTERR_WINSOCK_SOCKET;
1231     hp = gethostbyname (skip_type_prefix (host));
1232     if (!hp) {
1233     closesocket (fd);
1234     return WPTERR_WINSOCK_RESOLVE;
1235     }
1236    
1237     memset (&saddr, 0, sizeof (saddr));
1238     saddr.sin_family = AF_INET;
1239     saddr.sin_port = htons (FINGER_PORT);
1240     saddr.sin_addr = *(struct in_addr *)hp->h_addr;
1241     if (connect (fd, (struct sockaddr *)&saddr, sizeof (saddr))) {
1242     closesocket (fd);
1243     return WPTERR_WINSOCK_CONNECT;
1244     }
1245     send (fd, user, strlen (user), 0);
1246     send (fd, "\r\n", 2, 0);
1247    
1248     memset (key, 0, maxkeylen);
1249     while (maxkeylen > 0) {
1250     nread = finger_readline (fd, buf, sizeof (buf)-1);
1251     if (nread <= 0)
1252     break;
1253     strcat (buf, "\n");
1254     if (strstr (buf, "BEGIN PGP PUBLIC KEY BLOCK")) {
1255     strcat (key, buf);
1256     start_key = 1;
1257     maxkeylen -= nread;
1258     }
1259     else if (strstr (buf, "END PGP PUBLIC KEY BLOCK" ) && start_key) {
1260     strcat (key, buf);
1261     start_key--;
1262     maxkeylen -= nread;
1263     break;
1264     }
1265     else if (start_key) {
1266     strcat (key, buf);
1267     maxkeylen -= nread;
1268     }
1269     }
1270     closesocket (fd);
1271     if (start_key != 0)
1272     rc = WPTERR_WINSOCK_RECVKEY;
1273     return rc;
1274     }
1275    
1276    
1277     int
1278     check_IP_or_hostname (const char *name)
1279     {
1280     const char *not_allowed = "=!ยง$%&@#*~\\/}][{<>|,;:'";
1281     size_t i, j;
1282    
1283     for (i=0; i < strlen (name); i++) {
1284     for (j =0; j < strlen (not_allowed); j++) {
1285     if (name[i] == not_allowed[j])
1286     return -1;
1287     }
1288     }
1289     return 0;
1290     }

Properties

Name Value
svn:eol-style native
[email protected]
 ViewVC Help
Powered by ViewVC 1.1.26