/[winpt]/trunk/Src/wptKeyserver.cpp
ViewVC logotype

Contents of /trunk/Src/wptKeyserver.cpp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 133 - (show annotations)
Mon Jan 9 09:15:29 2006 UTC (19 years, 1 month ago) by twoaday
File size: 32513 byte(s) 
A lot of minor bug fixes.
New icons.

For a complete history, see the ChangeLog entries.
1 /* wptKeyserver.cpp - W32 Keyserver Access
2 * Copyright (C) 2000-2005 Timo Schulz
3 * Copyright (C) 2001 Marco Cunha
4 *
5 * This file is part of WinPT.
6 *
7 * WinPT is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
11 *
12 * WinPT is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with WinPT; if not, write to the Free Software Foundation,
19 * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21
22 #ifdef HAVE_CONFIG_H
23 #include <config.h>
24 #endif
25
26 #include <windows.h>
27 #include <stdio.h>
28 #include <sys/stat.h>
29 #include <ctype.h>
30
31 #include "wptKeyserver.h"
32 #include "wptErrors.h"
33 #include "wptTypes.h"
34 #include "wptNLS.h"
35 #include "wptW32API.h"
36 #include "wptVersion.h"
37 #include "wptGPG.h"
38 #include "wptRegistry.h"
39
40 #define net_errno ((int)WSAGetLastError ())
41
42 static char base64code[] =
43 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
44
45 keyserver server[MAX_KEYSERVERS] = {0};
46 static keyserver_proxy_ctx proxy = {0};
47 static const char *server_list[] = {
48 "hkp://wwwkeys.nl.pgp.net",
49 "hkp://wwwkeys.pl.pgp.net",
50 "hkp://wwwkeys.at.pgp.net",
51 "hkp://wwwkeys.ch.pgp.net",
52 "hkp://wwwkeys.de.pgp.net",
53 "hkp://wwwkeys.dk.pgp.net",
54 "hkp://wwwkeys.cz.pgp.net",
55 "hkp://wwwkeys.es.pgp.net",
56 "hkp://wwwkeys.eu.pgp.net",
57 "hkp://wwwkeys.uk.pgp.net",
58 "hkp://wwwkeys.us.pgp.net",
59 "hkp://gnv.us.ks.cryptnet.net",
60 "hkp://subkeys.pgp.net",
61 "ldap://keyserver.pgp.com",
62 NULL
63 };
64
65
66 static char hkp_errmsg[1024]; /* Holds the error message from the server */
67 static int hkp_err = 0; /* != 0 indicates an error occurred. */
68 static DWORD conf_timestamp = 0;/* timestamp of the configuration fiele. */
69
70 char *default_keyserver = NULL;
71 WORD default_keyserver_port = 0;
72
73
74 /* Basic64 encode the input @inputstr to @outputstr. */
75 static void
76 base64_encode (const char *inputstr, char *outputstr, int maxlen)
77 {
78 int index = 0, temp = 0, res = 0, i = 0, inputlen = 0, len = 0;
79
80 /* XXX: check len < maxlen. */
81 inputlen = strlen (inputstr);
82 for (i = 0; i <inputlen; i++) {
83 res = temp;
84 res = (res << 8) | (inputstr[i] & 0xFF);
85 switch (index++) {
86 case 0: outputstr[len++] = base64code[res >> 2 & 0x3F]; res &= 0x3; break;
87 case 1: outputstr[len++] = base64code[res >> 4 & 0x3F]; res &= 0xF; break;
88 case 2: outputstr[len++] = base64code[res >> 6 & 0x3F];
89 outputstr[len++] = base64code[res & 0x3F]; res = index = 0; break;
90 }
91 temp = res;
92 }
93
94 switch (index) {
95 case 0: break;
96 case 2: outputstr[len++] = base64code[temp << 2 & 0x3F];
97 outputstr[len++] = '='; break;
98 case 1: outputstr[len++] = base64code[temp << 4 & 0x3F];
99 outputstr[len++] = '=';
100 outputstr[len++] = '=';
101 }
102
103 outputstr[len] = '\0';
104 }
105
106
107 /* Skip the URL schema and return only the host part of it. */
108 static const char*
109 skip_type_prefix (const char *hostname)
110 {
111 if (hostname && !strncmp (hostname, "http://", 7))
112 hostname += 7;
113 else if (hostname && !strncmp (hostname, "hkp://", 6))
114 hostname += 6;
115 else if (hostname && !strncmp (hostname, "finger://", 9))
116 hostname += 9;
117 else if (hostname && !strncmp (hostname, "ldap://", 7))
118 hostname += 7;
119 return hostname;
120 }
121
122
123 /* Check that the keyserver response indicates an OK.
124 Return 0 on success. */
125 static int
126 check_hkp_response (const char *resp, int recv)
127 {
128 char *p, *end;
129 int ec, len;
130
131 ec = recv ? WPTERR_WINSOCK_RECVKEY : WPTERR_WINSOCK_SENDKEY;
132 if (!strstr (resp, "HTTP/1.0 200 OK") &&
133 !strstr (resp, "HTTP/1.1 200 OK")) /* http error */
134 return ec;
135 if (strstr (resp, "Public Key Server -- Error")
136 || strstr (resp, "Public Key Server -- Error")
137 || strstr (resp, "No matching keys in database")) {
138 p = strstr (resp, "<p>");
139 if (p && strlen (p) < sizeof (hkp_errmsg)) {
140 end = strstr (p, "</p>");
141 len = end? (end - p + 1) : strlen (p);
142 memset (hkp_errmsg, 0, sizeof (hkp_errmsg));
143 strncpy (hkp_errmsg, p, len);
144 hkp_err = 1;
145 }
146 return ec;
147 }
148 return 0;
149 }
150
151
152 /* Read a single line (\r\n) from a socket.
153 Return 0 on success. */
154 static int
155 sock_getline (int fd, char *buf, int buflen, int *nbytes)
156 {
157 char ch;
158 int count = 0;
159
160 if (nbytes)
161 *nbytes = 0;
162 *buf = 0;
163 while (recv (fd, &ch, 1, 0) > 0) {
164 *buf++ = ch;
165 count++;
166 /* XXX: remove the '\r' */
167 if (ch == '\n' || count == (buflen - 1)) {
168 *buf = 0;
169 if (nbytes)
170 *nbytes = count;
171 return 0;
172 }
173 }
174
175 return -1;
176 }
177
178
179 /* Perform a select() on the given fd to find out
180 is there is data for reading. Wait at least @nsecs seconds. */
181 static int
182 sock_select (int fd, int nsecs)
183 {
184 FD_SET rfd;
185 timeval tv = {nsecs, 0};
186
187 FD_ZERO (&rfd);
188 FD_SET (fd, &rfd);
189 if (select (fd + 1, &rfd, NULL, NULL, &tv) == SOCKET_ERROR) {
190 log_debug ("sock_select: select() failed ec=%d.\r\n", net_errno);
191 return SOCKET_ERROR;
192 }
193 if (FD_ISSET (fd, &rfd))
194 return 1;
195 return 0;
196 }
197
198
199 /* Read from a socket @fd to buffer @buf with a fixed timeout
200 of 10 seconds. The amount of bytes which were read are
201 returned in @nbytes.
202 Return value: 0 on success. */
203 static int
204 sock_read (int fd, char *buf, int buflen, int *nbytes)
205 {
206 DWORD nread;
207 int nleft = buflen;
208 int rc, n = 0;
209
210 while (nleft > 0) {
211 if (n >= 10)
212 return WPTERR_WINSOCK_TIMEOUT;
213 rc = sock_select (fd, 1);
214 if (rc == SOCKET_ERROR)
215 return rc;
216 else if (!rc)
217 n++;
218 else {
219 nread = recv (fd, buf, nleft, 0);
220 if (nread == SOCKET_ERROR) {
221 log_debug ("sock_read: recv() failed ec=%d.\r\n", net_errno);
222 return SOCKET_ERROR;
223 }
224 else if (!nread)
225 break;
226 nleft -= nread;
227 buf += nread;
228 }
229 }
230 if (nbytes)
231 *nbytes = buflen - nleft;
232
233 return 0;
234 }
235
236
237 /* Write the buffer @buf with the length @buflen to a socket @fd. */
238 static int
239 sock_write (int fd, const char *buf, int buflen)
240 {
241 DWORD nwritten;
242 int nleft = buflen;
243
244 while (nleft > 0) {
245 nwritten = send (fd, buf, nleft, 0);
246 if (nwritten == SOCKET_ERROR) {
247 log_debug ("sock_write: send() failed ec=%d\r\n", net_errno);
248 return SOCKET_ERROR;
249 }
250 nleft -= nwritten;
251 buf += nwritten;
252 }
253
254 return 0;
255 }
256
257
258 /* Set the default keyserver. */
259 void
260 set_default_kserver (void)
261 {
262 char *p = get_reg_entry_keyserver ("Default");
263 free_if_alloc (default_keyserver);
264 default_keyserver = p && *p != ' ' ? p : m_strdup (DEF_HKP_KEYSERVER);
265 p = get_reg_entry_keyserver ("Default_Port");
266 if (p && *p) {
267 default_keyserver_port = (WORD)strtoul (p, NULL, 10);
268 free_if_alloc (p);
269 }
270 else
271 default_keyserver_port = HKP_PORT;
272 }
273
274
275 /* Initialize the Winsock2 interface.*/
276 int
277 wsock_init (void)
278 {
279 WSADATA wsa;
280
281 if (WSAStartup (0x202, &wsa)) {
282 log_debug ("wsock_init: WSAStartup failed ec=%d\r\n", net_errno);
283 return WPTERR_WINSOCK_INIT;
284 }
285 set_default_kserver ();
286 return 0;
287 }
288
289
290 /* Cleanup the Winsock2 interface. */
291 void
292 wsock_end (void)
293 {
294 int i;
295
296 free_if_alloc (default_keyserver);
297 default_keyserver = NULL;
298 for (i=0; i < MAX_KEYSERVERS; i++) {
299 if (server[i].used)
300 free_if_alloc (server[i].name);
301 }
302 WSACleanup ();
303 }
304
305
306 /* Return a string representation of a winsock error. */
307 const char*
308 wsock_strerror (void)
309 {
310 static char buf[384];
311 int ec = WSAGetLastError ();
312
313 switch (ec) {
314 case WSAENETDOWN:
315 return _("The network subsystem has failed");
316 case WSAHOST_NOT_FOUND:
317 return _("Authoritative Answer Host not found");
318 case WSAETIMEDOUT:
319 return _("The connection has been dropped because of a network failure");
320 default:
321 _snprintf (buf, sizeof (buf) -1, _("Unknown Winsock error ec=%d"),ec);
322 return buf;
323 }
324 return NULL;
325 }
326
327
328 /* Return the last keyserver error as a string. */
329 const char*
330 kserver_strerror (void)
331 {
332 if (hkp_err)
333 return hkp_errmsg;
334 return NULL;
335 }
336
337
338 /* Read a keyserver from the list at index @idx.
339 Return value: keyserver name at the given position. */
340 const char*
341 kserver_get_hostname (int idx, int type, WORD *port)
342 {
343 if (type == -1) {
344 *port = default_keyserver_port;
345 return default_keyserver;
346 }
347 else if (!type && idx < DIM (server_list)) {
348 *port = HKP_PORT;
349 return server_list[idx];
350 }
351 return NULL;
352 }
353
354
355 /* Check if the computer is connected to the internet.
356 Return 0 on success -1 otherwise. */
357 int
358 kserver_check_inet_connection (void)
359 {
360 int fd;
361
362 if (!kserver_connect (default_keyserver, default_keyserver_port, &fd)) {
363 closesocket (fd);
364 return 0;
365 }
366 return -1;
367 }
368
369
370 /* If the request contains the keyid, it have to be
371 always postfix with '0x'+keyid. This code checks
372 if the keyid is a decimal value and if so if it contains
373 the '0x'. If not it is inserted. */
374 const char*
375 kserver_check_keyid (const char *keyid)
376 {
377 static char id[21];
378
379 if (strstr (keyid, "@"))
380 return keyid; /* email address */
381 if (strncmp (keyid, "0x", 2)) {
382 memset (&id, 0, sizeof (id));
383 _snprintf (id, sizeof (id)-1, "0x%s", keyid);
384 return id;
385 }
386 return keyid;
387 }
388
389
390 /* Update the keyserver proxy user. */
391 static void
392 kserver_update_proxyuser (const char *proxy_user, const char *proxy_pass)
393 {
394 char t[257]; /* user:pass = 127+1+127+1 = 257 */
395 int n = 0;
396
397 n = 4*strlen (proxy_user) / 3 + 32 + strlen (proxy_pass) + 2;
398 free_if_alloc (proxy.base64_user);
399 proxy.base64_user = new char[n];
400 if (!proxy.base64_user)
401 BUG (0);
402 _snprintf (t, sizeof (t)-1, "%s:%s", proxy_user, proxy_pass);
403 base64_encode (t, proxy.base64_user, 257);
404 free_if_alloc (proxy.user);
405 free_if_alloc (proxy.pass);
406 proxy.user = m_strdup (proxy_user);
407 proxy.pass = m_strdup (proxy_pass);
408 }
409
410
411 /* Check that the given buffer contains a valid keyserver URL. */
412 static int
413 check_URL (const char * buf)
414 {
415 if (strlen (buf) < 7)
416 return -1;
417 if (!strstr (buf, "ldap://")
418 && !strstr (buf, "http://")
419 && !strstr (buf, "finger://")
420 && !strstr (buf, "hkp://"))
421 return -1;
422 return 0;
423 }
424
425
426 /* Get the port number from the given protocol. */
427 static int
428 port_from_proto (int proto)
429 {
430 switch (proto) {
431 case KSPROTO_LDAP: return 0;
432 case KSPROTO_FINGER: return FINGER_PORT;
433 case KSPROTO_HTTP: return HKP_PORT;
434 }
435 return 0;
436 }
437
438
439 /* Get the port number from the given URL. */
440 static int
441 proto_from_URL (const char * buf)
442 {
443 if (strstr( buf, "ldap"))
444 return KSPROTO_LDAP;
445 else if (strstr( buf, "finger"))
446 return KSPROTO_FINGER;
447 return KSPROTO_HKP;
448 }
449
450
451 void
452 keyserver_set_default (const char *hostname, WORD port)
453 {
454 if (hostname) {
455 free_if_alloc (default_keyserver);
456 default_keyserver = m_strdup (hostname);
457 if (!default_keyserver)
458 BUG (0);
459 default_keyserver_port = port;
460 }
461 server[0].name = m_strdup (default_keyserver);
462 server[0].used = 1;
463 server[0].port = port;
464 server[0].proto = proto_from_URL (default_keyserver);
465 }
466
467
468 /* Skip all kind of whitespace chars in @str. */
469 static const char*
470 skip_whitespace (const char *str)
471 {
472 while (str && *str) {
473 if (*str == ' ' ||
474 *str == '\t' ||
475 *str == '\n' ||
476 *str == '\r') {
477 str++;
478 continue;
479 }
480 break;
481 }
482 return str;
483 }
484
485
486 int
487 kserver_load_conf (const char * conf)
488 {
489 struct stat statbuf;
490 FILE *fp;
491 char buf[1024], * s, * p;
492 char *user = NULL, *pass = NULL;
493 int no_config=0, chk_pos=0;
494 int pos;
495
496 for (pos = 0; pos < MAX_KEYSERVERS; pos++) {
497 server[pos].used = 0;
498 server[pos].port = HKP_PORT;
499 }
500
501 fp = fopen (conf, "rb");
502 if (!fp) {
503 for (pos = 0; server_list[pos]; pos++) {
504 server[pos].used = 1;
505 server[pos].name = m_strdup (server_list[pos]);
506 server[pos].proto = proto_from_URL (server_list[pos]);
507 }
508 no_config=1;
509 }
510 get_reg_proxy_prefs (&proxy.host, &proxy.port, &user, &pass);
511 if (user && pass)
512 kserver_update_proxyuser (user, pass);
513 else if (user && !pass || !user && pass) {
514 msg_box( NULL, _("Invalid proxy configuration."
515 "You need to set a user and a password"
516 "to use proxy authentication!"), _("Proxy Error"), MB_ERR );
517 }
518 /* check if the host has a http:// prefix and skip it */
519 if( proxy.host && !strncmp( proxy.host, "http://", 7 ) ) {
520 char *host = m_strdup (proxy.host+7);
521 if (!host)
522 BUG (0);
523 free_if_alloc (proxy.host);
524 proxy.host = host;
525 }
526 free_if_alloc (user);
527 free_if_alloc (pass);
528
529 pos = 0;
530 while( fp && !feof( fp ) ) {
531 s = fgets (buf, sizeof (buf)-1, fp);
532 if (!s)
533 break;
534 if (strstr (buf, "\r\n"))
535 buf[strlen (buf)-2] = '\0';
536 if (strstr (buf, "\n"))
537 buf[strlen (buf)-1] = '\0';
538 s = (char *)skip_whitespace (buf);
539 if (*s == '#' || strlen (s) < 7)
540 continue;
541 if (check_URL (s)) {
542 msg_box (NULL, _("All entries of this file must have a valid prefix.\n"
543 "Currently HKP/HTTP, LDAP and FINGER are supported.\n"),
544 _("Keyserver Error"), MB_ERR);
545 continue;
546 }
547 chk_pos=6;
548 if (strstr (s, "finger"))
549 chk_pos = 10;
550 p = strchr (s+chk_pos, ':');
551 server[pos].used = 1;
552 server[pos].proto = proto_from_URL (s);
553 server[pos].port = port_from_proto (server[pos].proto);
554 if (!p)
555 server[pos].name = m_strdup (s);
556 else {
557 server[pos].port = atol (p+1);
558 if (server[pos].port < 0 || server[pos].port > 65536)
559 server[pos].port = HKP_PORT;
560 server[pos].name = new char [(p-s)+2];
561 if (!server[pos].name)
562 BUG (0);
563 memset (server[pos].name, 0, (p-s)+2);
564 memcpy (server[pos].name, s, (p-s));
565 }
566 pos++;
567 if (pos > MAX_KEYSERVERS)
568 {
569 msg_box (NULL, _("The keyserver limit is exceeded"), _("Keyserver Warning"), MB_INFO);
570 break;
571 }
572 }
573 if (fp)
574 fclose (fp);
575 if (!pos) {
576 /* only issue an error if the config file exist but it has no valid entries. */
577 keyserver_set_default (NULL, HKP_PORT);
578 if (!no_config)
579 return WPTERR_CONFIG_FILE;
580 }
581
582 if (!stat (conf, &statbuf))
583 conf_timestamp = statbuf.st_mtime;
584 return 0;
585 } /* kserver_load_conf */
586
587
588 /* Return the proxy host and port if available. Null otherwise. */
589 const char*
590 kserver_get_proxy (int *r_port)
591 {
592 if (proxy.host) {
593 if (r_port)
594 *r_port = proxy.port;
595 return proxy.host;
596 }
597 return NULL;
598 }
599
600
601 /* Return a requested item from the proxy environment. */
602 const char*
603 kserver_get_proxy_info (int id)
604 {
605 switch (id) {
606 case PROXY_USER: return proxy.user;
607 case PROXY_PASS: return proxy.pass;
608 }
609 return NULL;
610 }
611
612
613 /* Connect to the keyserver @hostname (port @port).
614 Return value: 0 on success */
615 int
616 kserver_connect (const char *hostname, WORD port, int *conn_fd)
617 {
618 int rc, fd;
619 DWORD iaddr;
620 char host[128] = {0};
621 struct hostent *hp;
622 struct sockaddr_in sock;
623
624 log_debug ("kserver_connect: %s:%d\r\n", hostname, port);
625
626 if (!port)
627 port = HKP_PORT;
628 if (conn_fd)
629 *conn_fd = 0;
630 hostname = skip_type_prefix (hostname);
631
632 memset (&sock, 0, sizeof (sock));
633 sock.sin_family = AF_INET;
634 sock.sin_port = proxy.host? htons (proxy.port) : htons (port);
635 if (proxy.host)
636 strncpy (host, proxy.host, 127);
637 else
638 strncpy (host, hostname, 127);
639
640 if ((iaddr = inet_addr (host)) != INADDR_NONE)
641 memcpy (&sock.sin_addr, &iaddr, sizeof (iaddr));
642 else if ((hp = gethostbyname (host))) {
643 if (hp->h_addrtype != AF_INET || hp->h_length != 4) {
644 log_debug ("gethostbyname: unknown address type.\r\n");
645 return WPTERR_WINSOCK_RESOLVE;
646 }
647 memcpy (&sock.sin_addr, hp->h_addr, hp->h_length);
648 }
649 else {
650 log_debug ("gethostbyname: failed ec=%d.\r\n", net_errno);
651 return WPTERR_WINSOCK_RESOLVE;
652 }
653 fd = socket (AF_INET, SOCK_STREAM, 0);
654 if (fd == INVALID_SOCKET)
655 return WPTERR_WINSOCK_SOCKET;
656 rc = connect (fd, (struct sockaddr *) &sock, sizeof (sock));
657 if (rc == SOCKET_ERROR) {
658 log_debug ("connect: failed ec=%d.\r\n", net_errno);
659 closesocket (fd);
660 return WPTERR_WINSOCK_CONNECT;
661 }
662
663 if (conn_fd)
664 *conn_fd = fd;
665 WSASetLastError (0);
666 return 0;
667 }
668
669
670 /* Perform URL-encoding on the given pubkey blob. */
671 static char*
672 kserver_urlencode (const char *pubkey, size_t octets, size_t *newlen)
673 {
674 char *p, numbuf[5];
675 size_t j;
676 size_t i, size;
677
678 p = new char [2*octets+1];
679 if (!p)
680 BUG (0);
681
682 for (size = 0, i = 0; i < octets; i++) {
683 if (isalnum (pubkey[i]) || pubkey[i] == '-') {
684 p[size] = pubkey[i];
685 size++;
686 }
687 else if (pubkey[i] == ' ') {
688 p[size] = '+';
689 size++;
690 }
691 else {
692 sprintf (numbuf, "%%%02X", pubkey[i]);
693 for (j = 0; j < strlen (numbuf); j++) {
694 p[size] = numbuf[j];
695 size++;
696 }
697 }
698 }
699 p[size] = '\0';
700 *newlen = size;
701 return p;
702 }
703
704
705 /* Format a request for the given keyid (send). */
706 static char*
707 kserver_send_request (const char *hostname, WORD port,
708 const char *pubkey, int octets)
709 {
710 char *request = NULL;
711 char *enc_pubkey = NULL;
712 size_t enc_octets;
713 int reqlen;
714
715 log_debug ("kserver_send_request: %s:%d\r\n", hostname, port);
716
717 if (!port)
718 port = HKP_PORT;
719 reqlen = 512 + strlen (hostname) + 2*strlen (pubkey);
720 request = new char[reqlen];
721 if (!request)
722 BUG (0);
723 enc_pubkey = kserver_urlencode (pubkey, octets, &enc_octets);
724 if (!enc_pubkey || !enc_octets) {
725 free_if_alloc (request);
726 return NULL;
727 }
728
729 if (proxy.user) {
730 _snprintf (request, reqlen-1,
731 "POST http://%s:%d/pks/add HTTP/1.0\r\n"
732 "Referer: \r\n"
733 "User-Agent: WinPT/W32\r\n"
734 "Host: %s:%d\r\n"
735 "Proxy-Authorization: Basic %s\r\n"
736 "Content-type: application/x-www-form-urlencoded\r\n"
737 "Content-length: %d\r\n"
738 "\r\n"
739 "keytext=%s"
740 "\n",
741 skip_type_prefix (hostname), port, hostname, port,
742 proxy.base64_user, enc_octets+9, enc_pubkey);
743 }
744 else {
745 _snprintf (request, reqlen-1,
746 "POST /pks/add HTTP/1.0\r\n"
747 "Referer: \r\n"
748 "User-Agent: WinPT/W32\r\n"
749 "Host: %s:%d\r\n"
750 "Content-type: application/x-www-form-urlencoded\r\n"
751 "Content-length: %d\r\n"
752 "\r\n"
753 "keytext=%s"
754 "\n",
755 skip_type_prefix (hostname), port,
756 enc_octets+9, enc_pubkey);
757 }
758 free_if_alloc (enc_pubkey);
759
760 log_debug ("%s\r\n", request);
761 return request;
762 }
763
764
765 /* Interface for receiving a public key. */
766 int
767 kserver_recvkey (const char *hostname, WORD port, const char *keyid,
768 char *key, int maxkeylen)
769 {
770 char *request = NULL;
771 int conn_fd;
772 int rc, n;
773
774 if (!port)
775 port = HKP_PORT;
776 hkp_err = 0; /* reset */
777 rc = kserver_connect (hostname, port, &conn_fd);
778 if (rc)
779 goto leave;
780
781 request = new char[300+1];
782 if (!request)
783 BUG (0);
784
785 if (proxy.host && proxy.user) {
786 _snprintf (request, 300,
787 "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n"
788 "Proxy-Authorization: Basic %s\r\n\r\n",
789 skip_type_prefix (hostname), port, keyid, proxy.base64_user);
790 }
791 else if (proxy.host) {
792 _snprintf (request, 300,
793 "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n",
794 skip_type_prefix (hostname), port, keyid);
795 }
796 else {
797 _snprintf (request, 300,
798 "GET /pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n", keyid);
799 }
800
801 log_debug ("%s\r\n", request);
802
803 rc = sock_write (conn_fd, request, strlen (request));
804 if (rc == SOCKET_ERROR) {
805 rc = WPTERR_WINSOCK_RECVKEY;
806 goto leave;
807 }
808
809 rc = sock_read( conn_fd, key, maxkeylen, &n );
810 if( rc == SOCKET_ERROR ) {
811 rc = WPTERR_WINSOCK_RECVKEY;
812 goto leave;
813 }
814
815 log_debug("%s\r\n", key);
816 rc = check_hkp_response (key, 1);
817 if (rc)
818 goto leave;
819
820 WSASetLastError (0);
821
822 leave:
823 closesocket (conn_fd);
824 free_if_alloc (request);
825 return rc;
826 }
827
828
829 /* Interface to send a public key. */
830 int
831 kserver_sendkey (const char *hostname, WORD port, const char *pubkey, int len )
832 {
833 char *request = NULL;
834 char log[2048];
835 int conn_fd, n;
836 int rc;
837
838 hkp_err = 0; /* reset */
839 rc = kserver_connect (hostname, port, &conn_fd);
840 if (rc)
841 goto leave;
842
843 request = kserver_send_request (hostname, port, pubkey, len);
844 if (request == NULL) {
845 rc = WPTERR_GENERAL;
846 goto leave;
847 }
848
849 rc = sock_write (conn_fd, request, strlen (request));
850 if (rc == SOCKET_ERROR) {
851 rc = WPTERR_WINSOCK_SENDKEY;
852 goto leave;
853 }
854
855 rc = sock_read (conn_fd, log, sizeof (log)-1, &n);
856 if (rc == SOCKET_ERROR) {
857 rc = WPTERR_WINSOCK_SENDKEY;
858 goto leave;
859 }
860
861 log_debug ("kserver_sendkey:\r\n%s\r\n", log);
862 rc = check_hkp_response (log, 0);
863 if (rc)
864 goto leave;
865
866 WSASetLastError (0);
867
868 leave:
869 closesocket (conn_fd);
870 free_if_alloc (request);
871 return rc;
872 }
873
874
875 int
876 kserver_search_init (const char *hostname, WORD port,
877 const char *keyid, int *conn_fd)
878 {
879 char *request = NULL;
880 int n=0;
881 int rc, sock_fd;
882
883 rc = kserver_connect (hostname, port, &sock_fd);
884 if (rc) {
885 *conn_fd = 0;
886 goto leave;
887 }
888
889 n=300;
890 request = new char[n+1];
891 if (!request)
892 BUG (0);
893
894 if (proxy.host && proxy.user) {
895 _snprintf (request, n,
896 "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n"
897 "Proxy-Authorization: Basic %s\r\n\r\n",
898 skip_type_prefix (hostname), port, keyid, proxy.base64_user);
899 }
900 else if (proxy.host) {
901 _snprintf (request, n,
902 "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n",
903 skip_type_prefix (hostname), port, keyid);
904 }
905 else {
906 _snprintf (request, n,
907 "GET /pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n", keyid);
908 }
909
910 log_debug ("kserver_search_init:\r\n%s\r\n", request);
911
912 if (sock_write (sock_fd, request, strlen (request)) == SOCKET_ERROR) {
913 rc = WPTERR_GENERAL;
914 goto leave;
915 }
916
917 *conn_fd = sock_fd;
918
919 leave:
920 free_if_alloc (request);
921 return rc;
922 }
923
924
925 /* Check keyserver response. */
926 int
927 kserver_search_chkresp (int fd)
928 {
929 char buf[128];
930 int n=0;
931
932 /* parse response 'HTTP/1.0 500 OK' */
933 if (sock_getline (fd, buf, 127, &n))
934 return WPTERR_KEYSERVER_NOTFOUND;
935
936 log_debug ("kserver_search_chkpresp: %s\r\n", buf);
937 if (strncmp (buf, "HTTP/1.", 7))
938 return WPTERR_KEYSERVER_NOTFOUND;
939 if (strncmp (buf+(8+1), "200", 3))
940 return WPTERR_KEYSERVER_NOTFOUND;
941 return 0;
942 }
943
944
945 int
946 kserver_search (int fd, keyserver_key * key)
947 {
948 char buf[1024], *p;
949 int uidlen, nbytes, pos = 0;
950
951 log_debug ("keyserver_search:\r\n");
952
953 if (sock_getline (fd, buf, sizeof (buf) - 1, &nbytes))
954 return WPTERR_GENERAL;
955
956 log_debug ("%s\r\n", buf);
957
958 if (!strncmp (buf, "pub", 3)) {
959 int revoked = strstr (buf, "KEY REVOKED") != NULL? 1 : 0;
960 key->bits = atol (buf+3);
961 p = strchr (buf, '>');
962 if (!p)
963 goto fail;
964 pos = p - buf + 1;
965 memcpy (key->keyid, buf + pos, 8);
966 key->keyid[8] = '\0';
967 p = strstr (buf, "</a>");
968 if (!p)
969 goto fail;
970 pos = p - buf + 5;
971 memcpy (key->date, buf + pos, 10);
972 key->date[10] = '\0';
973 if (revoked) {
974 strcpy (key->uid, "KEY REVOKED: not checked");
975 return 0;
976 }
977 pos += 10;
978 p = buf + pos + 1;
979 while (p && *p != '>')
980 p++;
981 p++;
982 uidlen = strlen (p) - 10;
983 memcpy (key->uid, p, uidlen);
984 key->uid[uidlen] = '\0';
985 strcat (key->uid, ">");
986 p = strchr (key->uid, '&');
987 if (p) {
988 key->uid[(p-key->uid)] = '<';
989 memmove (key->uid+(p-key->uid)+1, key->uid+(p-key->uid)+4,
990 strlen (key->uid)-3);
991 }
992 return 0;
993 }
994
995 fail:
996 key->bits = 0;
997 memset (key, 0, sizeof *key);
998 return 0;
999 } /* kserver_search */
1000
1001
1002 static int
1003 add_node( keyserver_cfgfile *cfg, const char *entry )
1004 {
1005 keyserver_node *node;
1006 char *p = NULL;
1007
1008 p = strchr( entry, '=' );
1009 if( p == NULL )
1010 return WPTERR_GENERAL;
1011 node = new keyserver_node;
1012 if( !node )
1013 BUG (NULL);
1014
1015 memset( node, 0, sizeof *node );
1016 node->used = 1;
1017
1018 node->host.used = 1;
1019 node->host.proto = proto_from_URL( entry );
1020 memcpy( node->host.name, entry+7, p-entry-7 );
1021 node->next = cfg->list;
1022 cfg->list = node;
1023
1024 return 0;
1025 } /* add_node */
1026
1027
1028 void
1029 kserver_change_proxy( keyserver_proxy_ctx *ctx )
1030 {
1031 proxy.port = ctx->port;
1032 free_if_alloc (proxy.host);
1033 proxy.host = ctx->host? m_strdup( ctx->host ) : NULL;
1034 free_if_alloc( proxy.pass );
1035 proxy.pass = ctx->pass? m_strdup( ctx->pass ) : NULL;
1036 free_if_alloc( proxy.user );
1037 proxy.user = ctx->user? m_strdup( ctx->user ) : NULL;
1038 set_reg_proxy_prefs( proxy.host, proxy.port, proxy.user, proxy.pass );
1039 } /* kserver_change_proxy */
1040
1041
1042 int
1043 kserver_read_config( const char *fname, keyserver_cfgfile **ret_cfg )
1044 {
1045 FILE *fp;
1046 keyserver_cfgfile *cfg;
1047 char buf[256];
1048 int rc = 0;
1049
1050 *ret_cfg = NULL;
1051 fp = fopen( fname, "rb" );
1052 if( fp == NULL )
1053 return WPTERR_FILE_OPEN;
1054
1055 cfg = new keyserver_cfgfile;
1056 if ( !cfg )
1057 BUG( NULL );
1058 memset( cfg, 0, sizeof *cfg );
1059
1060 while ( !feof( fp ) ) {
1061 if ( fgets( buf, sizeof(buf)-1, fp ) == NULL )
1062 break;
1063 if ( *buf == '\r' || *buf == '\n' || *buf == '#' )
1064 continue;
1065 buf[strlen(buf) -2] = '\0';
1066 if ( !strncmp( buf, "use_proxy=", 10 ) ) {
1067 char *p = strchr(buf, ':');
1068 if (!p)
1069 continue;
1070 cfg->proxy.port = atol( buf+(p-buf+1) );
1071 buf[p-buf] = '\0';
1072 cfg->proxy.host = m_strdup( buf+10 );
1073 }
1074 else if ( !strncmp( buf, "proxy_user=", 11 ) )
1075 cfg->proxy.user = m_strdup( buf+11 );
1076 else if ( !strncmp( buf, "proxy_pass=", 11 ) )
1077 cfg->proxy.pass = m_strdup( buf+11 );
1078 if ( !strncmp( buf, "http://", 7 )
1079 || !strncmp( buf, "hkp://", 6 )
1080 || !strncmp( buf, "ldap://", 7 ) ) {
1081 add_node( cfg, buf );
1082 cfg->nlist++;
1083 }
1084 }
1085
1086 fclose( fp );
1087 *ret_cfg = cfg;
1088
1089 return rc;
1090 } /* kserver_read_config */
1091
1092
1093 int
1094 kserver_write_config( const char * fname, keyserver_cfgfile * cfg )
1095 {
1096
1097 return 0;
1098 }
1099
1100
1101 void
1102 kserver_cfgfile_release( keyserver_cfgfile *cfg )
1103 {
1104 keyserver_node *k, *k2;
1105
1106 proxy_release( &cfg->proxy );
1107 for( k = cfg->list; cfg->nlist--; k = k2 ) {
1108 k2 = k->next;
1109 free_if_alloc( k );
1110 }
1111 free_if_alloc( cfg );
1112 } /* kserver_cfgfile_release */
1113
1114
1115 /* Release mbmers in the proxy context @ctx. */
1116 void
1117 proxy_release( keyserver_proxy_ctx *ctx )
1118 {
1119 free_if_alloc (ctx->host);
1120 free_if_alloc (ctx->pass);
1121 free_if_alloc (ctx->user);
1122 }
1123
1124
1125 /* Spawn a process given by @cmdl. */
1126 static int
1127 spawn_application (char *cmdl)
1128 {
1129 STARTUPINFO si;
1130 PROCESS_INFORMATION pi;
1131 int rc = 0;
1132
1133 memset (&si, 0, sizeof (si));
1134 si.cb = sizeof (si);
1135 si.dwFlags = STARTF_USESHOWWINDOW;
1136 si.wShowWindow = SW_HIDE;
1137 memset (&pi, 0, sizeof (pi));
1138
1139 if (!CreateProcess (NULL, cmdl, NULL, NULL, FALSE, 0,
1140 NULL, NULL, &si, &pi)) {
1141 log_box ("Keyserver Plugin", MB_ERR, "Could not spawn helper process");
1142 rc = -1;
1143 }
1144
1145 CloseHandle (pi.hThread);
1146 WaitForSingleObject (pi.hProcess, INFINITE);
1147 CloseHandle (pi.hProcess);
1148 return rc;
1149 }
1150
1151
1152 /* Receive an key via LDAP from host @host with the keyid @keyid.
1153 @key contains the key on success. */
1154 int
1155 ldap_recvkey (const char *host, const char *keyid, char *key, int maxkeylen)
1156 {
1157 FILE *inp;
1158 DWORD n;
1159 const char *s;
1160 char *ksprg = NULL, *p = NULL, *sep;
1161 char temp[512], outf[512];
1162 int start_key = 0, failed = 0;
1163 int rc = 0;
1164
1165 p = get_gnupg_prog ();
1166 n = strlen (p) + 1 + 128;
1167 ksprg = new char[n+1];
1168 if (!ksprg)
1169 BUG (0);
1170 sep = strrchr (p, '\\');
1171 if (sep != NULL)
1172 p[(sep-p)] = 0;
1173
1174 _snprintf (ksprg, n, "%s\\gpgkeys_ldap.exe", p);
1175 free_if_alloc (p);
1176 if (file_exist_check (ksprg)) {
1177 log_box ("LDAP Keyserver Plugin", MB_ERR,
1178 "%s: could not find LDAP keyserver module!", ksprg);
1179 rc = -1;
1180 goto leave;
1181 }
1182 GetTempPath (sizeof (temp)-1, temp);
1183 _snprintf (outf, sizeof (outf)-1, "%s%s.out", temp, keyid);
1184 strcat (temp, keyid);
1185 inp = fopen (temp, "w+b");
1186 if (!inp) {
1187 log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", temp,
1188 winpt_strerror (WPTERR_FILE_OPEN));
1189 rc = -1;
1190 goto leave;
1191 }
1192 fprintf (inp,
1193 "VERSION 1\n"
1194 "PROGRAM 1.4.3-cvs\n"
1195 "SCHEME ldap\n"
1196 "HOST %s\n"
1197 "COMMAND GET\n"
1198 "\n"
1199 "%s\n",
1200 host? skip_type_prefix (host): "64.94.85.200", keyid);
1201 fclose (inp);
1202
1203 p = new char[strlen (ksprg) + strlen (temp) + strlen (outf) + 32];
1204 if (!p)
1205 BUG (NULL);
1206 sprintf (p, "%s -o %s %s", ksprg, outf, temp);
1207 if (spawn_application (p)) {
1208 rc = -1;
1209 goto leave;
1210 }
1211 DeleteFile (temp);
1212
1213 inp = fopen (outf, "rb");
1214 if (!inp) {
1215 log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", outf,
1216 winpt_strerror (WPTERR_FILE_OPEN));
1217 rc = -1;
1218 goto leave;
1219 }
1220 memset (key, 0, maxkeylen);
1221 while (!feof (inp)) {
1222 s = fgets (temp, sizeof (temp)-1, inp);
1223 if (!s)
1224 break;
1225 if (strstr (s, "KEY") && strstr (s, "FAILED")) {
1226 failed = 1;
1227 break;
1228 }
1229 if (!start_key && strstr (s, "KEY") && strstr (s, "BEGIN")) {
1230 start_key = 1;
1231 continue;
1232 }
1233 if (!start_key)
1234 continue;
1235 strcat (key, temp);
1236 maxkeylen -= strlen (temp);
1237 if (maxkeylen < 0 || (strstr (s, "KEY") && strstr (s, "END")))
1238 break;
1239 }
1240 fclose (inp);
1241
1242 leave:
1243 if (failed || !strlen (key))
1244 rc = WPTERR_WINSOCK_RECVKEY;
1245 DeleteFile (outf);
1246 free_if_alloc (p);
1247 free_if_alloc (ksprg);
1248 return rc;
1249 }
1250
1251
1252 static int
1253 finger_readline (int fd, char *buf, int nbytes)
1254 {
1255 char c = 0;
1256 int n, pos = 0;
1257
1258 while (nbytes > 0) {
1259 n = recv (fd, &c, 1, 0);
1260 if (n <= 0)
1261 break;
1262 if (c == '\n')
1263 break;
1264 buf[pos++] = c;
1265 nbytes--;
1266 }
1267 if (nbytes > 0)
1268 buf[pos++] = '\0';
1269 if (n <= 0)
1270 pos = n;
1271 return pos;
1272 }
1273
1274
1275 /* Receive an key via FINGER from host @host with the user @user.
1276 On success @key contains the key. */
1277 int
1278 finger_recvkey (const char *host, const char *user, char *key, int maxkeylen)
1279 {
1280 struct hostent * hp;
1281 struct sockaddr_in saddr;
1282 char buf[128];
1283 int fd, nread;
1284 int start_key = 0;
1285 int rc=0;
1286
1287 fd = socket (PF_INET, SOCK_STREAM, 0);
1288 if (fd == -1)
1289 return WPTERR_WINSOCK_SOCKET;
1290 hp = gethostbyname (skip_type_prefix (host));
1291 if (!hp) {
1292 closesocket (fd);
1293 return WPTERR_WINSOCK_RESOLVE;
1294 }
1295
1296 memset (&saddr, 0, sizeof (saddr));
1297 saddr.sin_family = AF_INET;
1298 saddr.sin_port = htons (FINGER_PORT);
1299 saddr.sin_addr = *(struct in_addr *)hp->h_addr;
1300 if (connect (fd, (struct sockaddr *)&saddr, sizeof (saddr))) {
1301 closesocket (fd);
1302 return WPTERR_WINSOCK_CONNECT;
1303 }
1304 send (fd, user, strlen (user), 0);
1305 send (fd, "\r\n", 2, 0);
1306
1307 memset (key, 0, maxkeylen);
1308 while (maxkeylen > 0) {
1309 nread = finger_readline (fd, buf, sizeof (buf)-1);
1310 if (nread <= 0)
1311 break;
1312 strcat (buf, "\n");
1313 if (strstr (buf, "BEGIN PGP PUBLIC KEY BLOCK")) {
1314 strcat (key, buf);
1315 start_key = 1;
1316 maxkeylen -= nread;
1317 }
1318 else if (strstr (buf, "END PGP PUBLIC KEY BLOCK" ) && start_key) {
1319 strcat (key, buf);
1320 start_key--;
1321 maxkeylen -= nread;
1322 break;
1323 }
1324 else if (start_key) {
1325 strcat (key, buf);
1326 maxkeylen -= nread;
1327 }
1328 }
1329 closesocket (fd);
1330 if (start_key != 0)
1331 rc = WPTERR_WINSOCK_RECVKEY;
1332 return rc;
1333 }
1334
1335
1336 /* Check if the given name @name is a valid hostname. */
1337 int
1338 check_IP_or_hostname (const char *name)
1339 {
1340 const char *not_allowed = "=!ยง$%&@#*~\\/}][{<>|,;:'";
1341 size_t i, j;
1342
1343 for (i=0; i < strlen (name); i++) {
1344 for (j =0; j < strlen (not_allowed); j++) {
1345 if (name[i] == not_allowed[j])
1346 return -1;
1347 }
1348 }
1349 return 0;
1350 }

Properties

Name Value
svn:eol-style native
[email protected]
 ViewVC Help
Powered by ViewVC 1.1.26