/[winpt]/trunk/Src/wptKeyserver.cpp
ViewVC logotype

Contents of /trunk/Src/wptKeyserver.cpp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2 - (show annotations)
Mon Jan 31 11:02:21 2005 UTC (20 years, 1 month ago) by twoaday
File size: 30744 byte(s) 
WinPT initial checkin.
1 /* wptKeyserver.cpp - W32 Keyserver Access
2 * Copyright (C) 2000-2005 Timo Schulz
3 * Copyright (C) 2001 Marco Cunha
4 *
5 * This file is part of WinPT.
6 *
7 * WinPT is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
11 *
12 * WinPT is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with WinPT; if not, write to the Free Software Foundation,
19 * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21
22 #include <windows.h>
23 #include <stdio.h>
24 #include <sys/stat.h>
25 #include <ctype.h>
26
27 #include "wptKeyserver.h"
28 #include "wptErrors.h"
29 #include "wptTypes.h"
30 #include "wptNLS.h"
31 #include "wptW32API.h"
32 #include "wptVersion.h"
33 #include "wptGPG.h"
34 #include "wptRegistry.h"
35
36 static char base64code[] =
37 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
38
39 keyserver server[MAX_KEYSERVERS] = {0};
40 static keyserver_proxy_ctx proxy = {0};
41 static const char * server_list[] = {
42 "hkp://wwwkeys.nl.pgp.net",
43 "hkp://wwwkeys.pl.pgp.net",
44 "hkp://wwwkeys.at.pgp.net",
45 "hkp://wwwkeys.ch.pgp.net",
46 "hkp://wwwkeys.de.pgp.net",
47 "hkp://wwwkeys.dk.pgp.net",
48 "hkp://wwwkeys.cz.pgp.net",
49 "hkp://wwwkeys.es.pgp.net",
50 "hkp://wwwkeys.eu.pgp.net",
51 "hkp://wwwkeys.uk.pgp.net",
52 "hkp://wwwkeys.us.pgp.net",
53 "hkp://gnv.us.ks.cryptnet.net",
54 "hkp://subkeys.pgp.net",
55 "ldap://keyserver.pgp.com",
56 NULL
57 };
58 static char hkp_errmsg[1024];
59 static int hkp_err = 0;
60 static u32 conf_timestamp = 0;
61 char * default_keyserver = NULL;
62 unsigned short default_keyserver_port = 0;
63
64
65 static void
66 base64_encode( const char *inputstr, char *outputstr, int maxlen )
67 {
68 int index = 0, temp = 0, res = 0, i = 0, inputlen = 0, len = 0;
69
70 inputlen = strlen (inputstr); /* fixme: check if len > maxlen */
71 for (i = 0; i <inputlen; i++) {
72 res = temp;
73 res = (res << 8) | (inputstr[i] & 0xFF);
74 switch (index++) {
75 case 0: outputstr[len++] = base64code[res >> 2 & 0x3F]; res &= 0x3; break;
76 case 1: outputstr[len++] = base64code[res >> 4 & 0x3F]; res &= 0xF; break;
77 case 2: outputstr[len++] = base64code[res >> 6 & 0x3F];
78 outputstr[len++] = base64code[res & 0x3F]; res = index = 0; break;
79 }
80 temp = res;
81 }
82
83 switch( index ) {
84 case 0: break;
85 case 2: outputstr[len++] = base64code[temp << 2 & 0x3F];
86 outputstr[len++] = '='; break;
87 case 1: outputstr[len++] = base64code[temp << 4 & 0x3F];
88 outputstr[len++] = '=';
89 outputstr[len++] = '=';
90 }
91
92 outputstr[len] = '\0';
93 } /* base64_encode */
94
95
96 static const char *
97 skip_type_prefix (const char * hostname)
98 {
99 if (hostname && !strncmp (hostname, "http://", 7))
100 hostname += 7;
101 else if (hostname && !strncmp (hostname, "hkp://", 6))
102 hostname += 6;
103 else if (hostname && !strncmp (hostname, "finger://", 9))
104 hostname += 9;
105 else if (hostname && !strncmp (hostname, "ldap://", 7))
106 hostname += 7;
107 return hostname;
108 }
109
110
111 static int
112 check_hkp_response (const char *resp, int recv)
113 {
114 int ec, len;
115 char *p, * end;
116
117 ec = recv ? WPTERR_WINSOCK_RECVKEY : WPTERR_WINSOCK_SENDKEY;
118 if (!strstr (resp, "HTTP/1.0 200 OK")) /* http error */
119 return ec;
120 if (strstr (resp, "Public Key Server -- Error")
121 || strstr (resp, "Public Key Server -- Error")
122 || strstr (resp, "No matching keys in database")) {
123 p = strstr (resp, "<p>");
124 if (p && strlen (p) < sizeof (hkp_errmsg)) {
125 end = strstr (p, "</p>");
126 len = end? (end - p + 1) : strlen (p);
127 strncpy (hkp_errmsg, p, len);
128 hkp_err = 1;
129 }
130 return ec;
131 }
132 return 0;
133 } /* check_hkp_response */
134
135
136 static int
137 sock_getline (int fd, char *buf, int buflen, int *nbytes)
138 {
139 char ch;
140 int count = 0;
141
142 if (nbytes)
143 *nbytes = 0;
144 *buf = 0;
145 while (recv (fd, &ch, 1, 0) > 0) {
146 *buf++ = ch;
147 count++;
148 if (ch == '\n' || count == (buflen - 1)) {
149 *buf = 0;
150 if (nbytes)
151 *nbytes = count;
152 return 0;
153 }
154 }
155
156 return -1;
157 } /* sock_getline */
158
159
160 static int
161 sock_select( int fd )
162 {
163 FD_SET rfd;
164 timeval tv = {1, 0};
165
166 FD_ZERO( &rfd );
167 FD_SET( fd, &rfd );
168 if( select( fd + 1, &rfd, NULL, NULL, &tv ) == SOCKET_ERROR )
169 return SOCKET_ERROR;
170 if( FD_ISSET( fd, &rfd ) )
171 return 1;
172 return 0;
173 } /* sock_select */
174
175
176 static int
177 sock_read( int fd, char *buf, int buflen, int *nbytes )
178 {
179 DWORD nread;
180 int nleft = buflen;
181 int rc, n = 0;
182
183 while (nleft > 0) {
184 if (n >= 10)
185 return WPTERR_WINSOCK_TIMEOUT;
186 if ( (rc = sock_select( fd )) == SOCKET_ERROR )
187 return SOCKET_ERROR;
188 else if( !rc )
189 n++;
190 else {
191 nread = recv(fd, buf, nleft, 0);
192 if (nread == SOCKET_ERROR)
193 return SOCKET_ERROR;
194 else if (!nread)
195 break;
196 nleft -= nread;
197 buf += nread;
198 }
199 }
200 if (nbytes)
201 *nbytes = buflen - nleft;
202
203 return 0;
204 } /* sock_read */
205
206
207 static int
208 sock_write( int fd, const char *buf, int buflen )
209 {
210 DWORD nwritten;
211 int nleft = buflen;
212
213 while (nleft > 0) {
214 nwritten = send (fd, buf, nleft, 0);
215 if (nwritten == SOCKET_ERROR)
216 return SOCKET_ERROR;
217 nleft -= nwritten;
218 buf += nwritten;
219 }
220
221 return 0;
222 } /* sock_write */
223
224
225 void
226 set_default_kserver (void)
227 {
228 char * p = get_reg_entry_keyserver ("Default");
229 free_if_alloc (default_keyserver);
230 default_keyserver = p && *p != ' ' ? p : m_strdup (DEF_HKP_KEYSERVER);
231 p = get_reg_entry_keyserver ("Default_Port");
232 if (p && *p) {
233 default_keyserver_port = (u16)strtoul (p, NULL, 10);
234 free_if_alloc (p);
235 }
236 else
237 default_keyserver_port = HKP_PORT;
238 } /* set_default_kserver */
239
240
241 /*
242 * Initialize the Winsock2 interface.
243 */
244 int
245 wsock_init (void)
246 {
247 WSADATA wsa;
248
249 if (WSAStartup (0x202, &wsa))
250 return WPTERR_WINSOCK_INIT;
251 set_default_kserver ();
252 return 0;
253 } /* wsock_init */
254
255
256 /*
257 * Should be called after the keyserver access.
258 */
259 void
260 wsock_end (void)
261 {
262 int i;
263
264 free_if_alloc (default_keyserver);
265 default_keyserver = NULL;
266 for (i=0; i < MAX_KEYSERVERS; i++) {
267 if (server[i].used)
268 free_if_alloc (server[i].name);
269 }
270 WSACleanup ();
271 } /* wsock_end */
272
273
274 const char*
275 wsock_strerror( void )
276 {
277 static char buf[384];
278 int ec = WSAGetLastError( );
279
280 switch ( ec ) {
281 case WSAENETDOWN: return _("The network subsystem has failed");
282 case WSAHOST_NOT_FOUND: return _("Authoritative Answer Host not found");
283 case WSAETIMEDOUT: return _("The connection has been dropped because of a network failure");
284 default: _snprintf( buf, sizeof (buf) -1, _("Unknown Winsock error ec=%d"),ec); return buf;
285 }
286 return NULL;
287 } /* wsock_strerror */
288
289
290 const char*
291 kserver_strerror( void )
292 {
293 if( hkp_err )
294 return hkp_errmsg;
295 return NULL;
296 } /* kserver_strerror */
297
298
299 const char *
300 kserver_get_hostname (int idx, int type, u16 *port)
301 {
302 if (type == -1) {
303 *port = default_keyserver_port;
304 return default_keyserver;
305 }
306 else if (!type && idx < DIM (server_list)) {
307 *port = HKP_PORT;
308 return server_list[idx];
309 }
310 return NULL;
311 }
312
313
314 int
315 kserver_check_inet_connection (void)
316 {
317 int fd;
318
319 if (!kserver_connect (default_keyserver, default_keyserver_port, &fd)) {
320 closesocket (fd);
321 return 0;
322 }
323 return -1;
324 }
325
326
327 /*
328 * If the request contains the keyid, it have to be
329 * always postfix with '0x'+keyid. This code checks
330 * if the keyid is a decimal value and if so if it contains
331 * the '0x'. If not it is inserted.
332 */
333 const char*
334 kserver_check_keyid (const char *keyid)
335 {
336 static char id[20];
337
338 if (strstr (keyid, "@"))
339 return keyid; /* email address */
340 if (strncmp (keyid, "0x", 2)) {
341 memset (&id, 0, sizeof (id));
342 _snprintf (id, sizeof (id)-1, "0x%s", keyid);
343 return id;
344 }
345 return keyid;
346 } /* kserver_check_keyid */
347
348
349 static void
350 kserver_update_proxyuser (const char *proxy_user, const char *proxy_pass)
351 {
352 char t[257]; /* user:pass = 127+1+127+1 = 257 */
353
354 free_if_alloc (proxy.base64_user);
355 proxy.base64_user = new char[4*strlen( proxy_user ) / 3 + 32];
356 if( !proxy.base64_user )
357 BUG (0);
358 _snprintf (t, sizeof (t)-1, "%s:%s", proxy_user, proxy_pass);
359 base64_encode (t, proxy.base64_user, 257);
360 free_if_alloc (proxy.user);
361 free_if_alloc (proxy.pass);
362 proxy.user = m_strdup (proxy_user);
363 proxy.pass = m_strdup (proxy_pass);
364 } /* kserver_update_proxyuser */
365
366
367 static int
368 check_URL (const char * buf)
369 {
370 if (strlen (buf) < 7)
371 return -1;
372 if( !strstr (buf, "ldap://")
373 && !strstr (buf, "http://")
374 && !strstr (buf, "finger://")
375 && !strstr (buf, "hkp://"))
376 return -1;
377 return 0;
378 } /* check_URL */
379
380
381 static int
382 proto_from_URL (const char * buf)
383 {
384 if (strstr( buf, "ldap"))
385 return KSPROTO_LDAP;
386 else if (strstr( buf, "finger"))
387 return KSPROTO_FINGER;
388 return KSPROTO_HTTP;
389 } /* proto_from_URL */
390
391
392 void
393 keyserver_set_default (const char * hostname, u16 port)
394 {
395 if (hostname) {
396 free_if_alloc (default_keyserver);
397 default_keyserver = m_strdup (hostname);
398 if (!default_keyserver)
399 BUG (0);
400 default_keyserver_port = port;
401 }
402 server[0].name = default_keyserver;
403 server[0].used = 1;
404 server[0].port = port;
405 server[0].proto = proto_from_URL (default_keyserver);
406 } /* keyserver_set_default */
407
408
409 static const char *
410 skip_whitespace (const char * str)
411 {
412 while (str && *str)
413 {
414 if (*str == ' ' ||
415 *str == '\t' ||
416 *str == '\n' ||
417 *str == '\r')
418 {
419 str++;
420 continue;
421 }
422 break;
423 }
424 return str;
425 }
426
427
428 int
429 kserver_load_conf (const char * conf)
430 {
431 struct stat statbuf;
432 FILE *fp;
433 char buf[1024], * s, * p;
434 char *user = NULL, *pass = NULL;
435 int pos, proxy_auth = 0;
436 int no_config=0;
437
438 for (pos = 0; pos < MAX_KEYSERVERS; pos++) {
439 server[pos].used = 0;
440 server[pos].port = HKP_PORT;
441 }
442
443 fp = fopen (conf, "rb");
444 if (!fp) {
445 for( pos = 0; server_list[pos]; pos++ ) {
446 server[pos].used = 1;
447 server[pos].name = (char *)server_list[pos];
448 server[pos].proto = proto_from_URL( server_list[pos] );
449 }
450 no_config=1;
451 }
452 get_reg_proxy_prefs( &proxy.host, &proxy.port, &user, &pass );
453 if( user && pass )
454 kserver_update_proxyuser( user, pass );
455 else if( user && !pass || !user && pass ) {
456 msg_box( NULL, _("Invalid proxy configuration."
457 "You need to set a user and a password"
458 "to use proxy authentication!"), _("Proxy Error"), MB_ERR );
459 }
460 /* check if the host has a http:// prefix and skip it */
461 if( proxy.host && !strncmp( proxy.host, "http://", 7 ) ) {
462 const char *s = proxy.host+7;
463 char * p = m_strdup (s);
464 if (!p)
465 BUG (0);
466 free_if_alloc (proxy.host);
467 proxy.host = p;
468 }
469 free_if_alloc (user);
470 free_if_alloc (pass);
471
472 pos = 0;
473 while( fp && !feof( fp ) ) {
474 s = fgets (buf, sizeof (buf)-1, fp);
475 if (!s)
476 break;
477 if (strstr (buf, "\r\n"))
478 buf[strlen (buf)-2] = '\0';
479 if (strstr (buf, "\n"))
480 buf[strlen (buf)-1] = '\0';
481 s = (char *)skip_whitespace (buf);
482 if (*s == '#' || strlen (s) < 7)
483 continue;
484 if (check_URL (s)) {
485 msg_box (NULL, _("All entries of this file must have a valid prefix.\n"
486 "Currently HKP/HTTP, LDAP and FINGER are supported.\n"),
487 _("Keyserver Error"), MB_ERR);
488 continue;
489 }
490 p = strchr (s+6, ':');
491 server[pos].used = 1;
492 server[pos].proto = proto_from_URL (s);
493 if (!p)
494 server[pos].name = m_strdup (s);
495 else {
496 server[pos].port = atol (p+1);
497 if (server[pos].port < 0 || server[pos].port > 65536)
498 server[pos].port = HKP_PORT;
499 server[pos].name = new char [(p-s)+2];
500 if (!server[pos].name)
501 BUG (0);
502 memset (server[pos].name, 0, (p-s)+2);
503 memcpy (server[pos].name, s, (p-s));
504 }
505 pos++;
506 if (pos > MAX_KEYSERVERS)
507 {
508 msg_box (NULL, _("The keyserver limit is exceeded"), _("Keyserver Warning"), MB_INFO);
509 break;
510 }
511 }
512 if (fp)
513 fclose (fp);
514 if (!pos)
515 {
516 /* only issue an error if the config file exist but it has no valid entries. */
517 keyserver_set_default (NULL, HKP_PORT);
518 if (!no_config)
519 return WPTERR_CONFIG_FILE;
520 }
521
522 if (!stat (conf, &statbuf))
523 conf_timestamp = statbuf.st_mtime;
524 return 0;
525 } /* kserver_load_conf */
526
527
528 const char *
529 kserver_get_proxy (int * r_port)
530 {
531 if (proxy.host)
532 {
533 if (r_port)
534 *r_port = proxy.port;
535 return proxy.host;
536 }
537 return NULL;
538 } /* kserver_get_proxy */
539
540
541 const char *
542 kserver_get_proxy_info( int id )
543 {
544 switch( id ) {
545 case PROXY_USER: return proxy.user;
546 case PROXY_PASS: return proxy.pass;
547 }
548 return NULL;
549 } /* kserver_get_proxy_info */
550
551
552 /*
553 * Connect to the keyserver 'hostname'.
554 * We always use the HKP port.
555 */
556 int
557 kserver_connect (const char *hostname, u16 port, int *conn_fd)
558 {
559 int rc, fd;
560 u32 iaddr;
561 char host[128] = {0};
562 struct hostent *hp;
563 struct sockaddr_in sock;
564
565 if (debug)
566 log_f ("kserver_connect: %s:%d\r\n", hostname, port);
567 if (!port)
568 port = HKP_PORT;
569 if (conn_fd)
570 *conn_fd = 0;
571 hostname = skip_type_prefix (hostname);
572
573 memset (&sock, 0, sizeof (sock));
574 sock.sin_family = AF_INET;
575 sock.sin_port = proxy.host? htons (proxy.port) : htons (port);
576 if (proxy.host)
577 strncpy (host, proxy.host, 127);
578 else
579 strncpy (host, hostname, 127);
580
581 if ((iaddr = inet_addr (host)) != INADDR_NONE)
582 memcpy (&sock.sin_addr, &iaddr, sizeof (iaddr));
583 else if ((hp = gethostbyname (host))) {
584 if (hp->h_addrtype != AF_INET)
585 return WPTERR_WINSOCK_RESOLVE;
586 else if (hp->h_length != 4)
587 return WPTERR_WINSOCK_RESOLVE;
588 memcpy (&sock.sin_addr, hp->h_addr, hp->h_length);
589 }
590 else {
591 if (debug)
592 log_f ("gethostbyname: failed.\r\n");
593 return WPTERR_WINSOCK_RESOLVE;
594 }
595 fd = socket (AF_INET, SOCK_STREAM, 0);
596 if (fd == INVALID_SOCKET)
597 return WPTERR_WINSOCK_SOCKET;
598 rc = connect (fd, (struct sockaddr *) &sock, sizeof (sock));
599 if (rc == SOCKET_ERROR) {
600 if (debug)
601 log_f ("connect: failed.\r\n");
602 closesocket(fd);
603 return WPTERR_WINSOCK_CONNECT;
604 }
605
606 if (conn_fd)
607 *conn_fd = fd;
608 WSASetLastError(0);
609 return 0;
610 } /* kserver_connect */
611
612
613 static char*
614 kserver_urlencode (const char *pubkey, int octets, int *newlen)
615 {
616 char *p, numbuf[5];
617 size_t j = 0;
618 int i, size;
619
620 p = new char [2*octets];
621 if (!p)
622 BUG (0);
623
624 for (size=0, i=0; i<octets; i++) {
625 if (isalnum (pubkey[i]) || pubkey[i] == '-') {
626 p[size] = pubkey[i];
627 size++;
628 }
629 else if (pubkey[i] == ' ') {
630 p[size] = '+';
631 size++;
632 }
633 else {
634 sprintf(numbuf, "%%%02X", pubkey[i]);
635 for (j = 0; j<strlen(numbuf); j++) {
636 p[size] = numbuf[j];
637 size++;
638 }
639 }
640 }
641 p[size] = '\0';
642 *newlen = size;
643 return p;
644 } /* kserver_urlencode */
645
646
647 /*
648 * Format a request for the given keyid (send).
649 */
650 static char*
651 kserver_send_request (const char *hostname, u16 port, const char *pubkey, int octets)
652 {
653 char *request = NULL, *enc_pubkey = NULL;
654 int reqlen, enc_octets;
655
656 if (debug)
657 log_f ("kserver_send_request: %s:%d\n", hostname, port);
658 if (!port)
659 port = HKP_PORT;
660 reqlen = 512 + strlen (hostname) + 2*strlen (pubkey);
661 request = new char[reqlen];
662 if (!request)
663 BUG (0);
664 enc_pubkey = kserver_urlencode (pubkey, octets, &enc_octets);
665 if (!enc_pubkey || !enc_octets) {
666 free_if_alloc (request);
667 return NULL;
668 }
669
670 if (proxy.user) {
671 _snprintf (request, reqlen-1,
672 "POST http://%s:%d/pks/add HTTP/1.0\r\n"
673 "Referer: \r\n"
674 "User-Agent: WinPT/W32\r\n"
675 "Host: %s:%d\r\n"
676 "Proxy-Authorization: Basic %s\r\n"
677 "Content-type: application/x-www-form-urlencoded\r\n"
678 "Content-length: %d\r\n"
679 "\r\n"
680 "keytext=%s"
681 "\n",
682 skip_type_prefix (hostname), port, hostname, port,
683 proxy.base64_user, enc_octets+9, enc_pubkey);
684 }
685 else {
686 _snprintf (request, reqlen-1,
687 "POST /pks/add HTTP/1.0\r\n"
688 "Referer: \r\n"
689 "User-Agent: WinPT/W32\r\n"
690 "Host: %s:%d\r\n"
691 "Content-type: application/x-www-form-urlencoded\r\n"
692 "Content-length: %d\r\n"
693 "\r\n"
694 "keytext=%s"
695 "\n",
696 skip_type_prefix (hostname), port, enc_octets+9, enc_pubkey);
697 }
698 free_if_alloc (enc_pubkey);
699 if (debug)
700 log_f("%s\n", request);
701 return request;
702 } /* kserver_send_request */
703
704
705 /*
706 * Interface receiving a public key.
707 */
708 int
709 kserver_recvkey (const char *hostname, u16 port, const char *keyid, char *key, int maxkeylen)
710 {
711 int rc, n;
712 int conn_fd;
713 char *request = NULL;
714
715 if (!port)
716 port = HKP_PORT;
717 hkp_err = 0; /* reset */
718 rc = kserver_connect (hostname, port, &conn_fd);
719 if (rc)
720 goto leave;
721
722 request = new char[300+1];
723 if (!request)
724 BUG (0);
725
726 if (proxy.host && proxy.user) {
727 _snprintf (request, 300,
728 "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n"
729 "Proxy-Authorization: Basic %s\r\n\r\n",
730 skip_type_prefix (hostname), port, keyid, proxy.base64_user);
731 }
732 else if (proxy.host) {
733 _snprintf (request, 300,
734 "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n",
735 skip_type_prefix (hostname), port, keyid);
736 }
737 else {
738 _snprintf (request, 300,
739 "GET /pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n", keyid);
740 }
741 if (debug)
742 log_f ("%s\n", request);
743
744 rc = sock_write (conn_fd, request, strlen (request));
745 if (rc == SOCKET_ERROR) {
746 rc = WPTERR_WINSOCK_RECVKEY;
747 goto leave;
748 }
749
750 rc = sock_read( conn_fd, key, maxkeylen, &n );
751 if( rc == SOCKET_ERROR ) {
752 rc = WPTERR_WINSOCK_RECVKEY;
753 goto leave;
754 }
755
756 if( debug )
757 log_f("%s\n", key);
758
759 rc = check_hkp_response( key, 1 );
760 if( rc )
761 goto leave;
762
763 WSASetLastError( 0 );
764
765 leave:
766 closesocket( conn_fd );
767 free_if_alloc( request );
768 return rc;
769 } /* kserver_recvkey */
770
771
772 /*
773 * Interface to send a public key.
774 */
775 int
776 kserver_sendkey (const char *hostname, u16 port, const char *pubkey, int len )
777 {
778 int n, rc;
779 int conn_fd;
780 char *request = NULL;
781 char log[2048];
782
783 hkp_err = 0; /* reset */
784 rc = kserver_connect (hostname, port, &conn_fd);
785 if (rc)
786 goto leave;
787
788 request = kserver_send_request (hostname, port, pubkey, len);
789 if( request == NULL ) {
790 rc = WPTERR_GENERAL;
791 goto leave;
792 }
793
794 rc = sock_write( conn_fd, request, lstrlen(request) );
795 if( rc == SOCKET_ERROR ) {
796 rc = WPTERR_WINSOCK_SENDKEY;
797 goto leave;
798 }
799
800 rc = sock_read( conn_fd, log, sizeof (log)-1, &n );
801 if( rc == SOCKET_ERROR ) {
802 rc = WPTERR_WINSOCK_SENDKEY;
803 goto leave;
804 }
805 if (debug)
806 log_f("%s\n", log);
807
808 rc = check_hkp_response( log, 0 );
809 if( rc )
810 goto leave;
811
812 WSASetLastError( 0 );
813
814 leave:
815 closesocket( conn_fd );
816 free_if_alloc( request );
817 return rc;
818 } /* kserver_sendkey */
819
820
821 int
822 kserver_search_init (const char * hostname, u16 port, const char * keyid, int * conn_fd)
823 {
824 int rc, sock_fd;
825 char * request = NULL;
826
827 rc = kserver_connect (hostname, port, &sock_fd);
828 if (rc) {
829 *conn_fd = 0;
830 goto leave;
831 }
832
833 request = new char[300+1];
834 if (!request)
835 BUG (0);
836
837 if (proxy.host && proxy.user) {
838 _snprintf (request, 300,
839 "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n"
840 "Proxy-Authorization: Basic %s\r\n\r\n",
841 skip_type_prefix (hostname), port, keyid, proxy.base64_user);
842 }
843 else if (proxy.host) {
844 _snprintf (request, 300,
845 "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n",
846 skip_type_prefix (hostname), port, keyid);
847 }
848 else {
849 _snprintf (request, 300,
850 "GET /pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n", keyid);
851 }
852
853 if (debug)
854 log_f("%s\n", request);
855
856 if (sock_write (sock_fd, request, strlen (request)) == SOCKET_ERROR) {
857 rc = WPTERR_GENERAL;
858 goto leave;
859 }
860
861 *conn_fd = sock_fd;
862
863 leave:
864 free_if_alloc (request);
865 return rc;
866 } /* kserver_search_init */
867
868
869 int
870 kserver_search_chkresp (int fd)
871 {
872 char buf[128];
873 int n=0, i=0;
874
875 /* parse response 'HTTP/1.0 500 OK' */
876 if (sock_getline (fd, buf, 127, &n))
877 return WPTERR_KEYSERVER_NOTFOUND;
878 if (strncmp (buf, "HTTP/1.", 7))
879 return WPTERR_KEYSERVER_NOTFOUND;
880 i = 8+1;
881 if (strncmp (buf+i, "200", 3))
882 return WPTERR_KEYSERVER_NOTFOUND;
883 return 0;
884 } /* kserver_search_chkresp */
885
886
887 int
888 kserver_search (int fd, keyserver_key * key)
889 {
890 char buf[1024], *p;
891 int uid_len, nbytes, pos = 0;
892
893 if (debug)
894 log_f ("keyserver_search:\n");
895
896 if (sock_getline (fd, buf, sizeof (buf), &nbytes))
897 return WPTERR_GENERAL;
898
899 if (debug)
900 log_f ("%s\n", buf);
901
902 if (!strncmp (buf, "pub", 3)) {
903 key->bits = atol (buf+3);
904 p = strchr (buf, '>');
905 if (p)
906 pos = p-buf+1;
907 memcpy (key->keyid, buf+pos, 8);
908 key->keyid[8] = '\0';
909 p = strstr (buf, "</a>");
910 if (p)
911 pos = p-buf+5;
912 memcpy (key->date, buf+pos, 10);
913 key->date[10] = '\0';
914 pos += 10;
915 p = buf+pos+1;
916 while (p && *p != '>')
917 p++;
918 p++;
919 uid_len = strlen (p) - 10;
920 memcpy (key->uid, p, uid_len);
921 key->uid[uid_len] = '\0';
922 strcat (key->uid, ">");
923 p = strchr (key->uid, '&');
924 if (p) {
925 key->uid[(p-key->uid)] = '<';
926 memmove (key->uid+(p-key->uid)+1, key->uid+(p-key->uid)+4, strlen (key->uid)-3);
927 }
928 }
929 else {
930 key->bits = 0;
931 memset (key, 0, sizeof *key);
932 }
933
934 return 0;
935 } /* kserver_search */
936
937
938 static int
939 add_node( keyserver_cfgfile *cfg, const char *entry )
940 {
941 keyserver_node *node;
942 char *p = NULL;
943
944 p = strchr( entry, '=' );
945 if( p == NULL )
946 return WPTERR_GENERAL;
947 node = new keyserver_node;
948 if( !node )
949 BUG( NULL );
950
951 memset( node, 0, sizeof *node );
952 node->used = 1;
953
954 node->host.used = 1;
955 node->host.proto = proto_from_URL( entry );
956 memcpy( node->host.name, entry+7, p-entry-7 );
957 node->next = cfg->list;
958 cfg->list = node;
959
960 return 0;
961 } /* add_node */
962
963
964 void
965 kserver_change_proxy( keyserver_proxy_ctx *ctx )
966 {
967 proxy.port = ctx->port;
968 free_if_alloc (proxy.host);
969 proxy.host = ctx->host? m_strdup( ctx->host ) : NULL;
970 free_if_alloc( proxy.pass );
971 proxy.pass = ctx->pass? m_strdup( ctx->pass ) : NULL;
972 free_if_alloc( proxy.user );
973 proxy.user = ctx->user? m_strdup( ctx->user ) : NULL;
974 set_reg_proxy_prefs( proxy.host, proxy.port, proxy.user, proxy.pass );
975 } /* kserver_change_proxy */
976
977
978 int
979 kserver_read_config( const char *fname, keyserver_cfgfile **ret_cfg )
980 {
981 FILE *fp;
982 keyserver_cfgfile *cfg;
983 char buf[256];
984 int rc = 0;
985
986 *ret_cfg = NULL;
987 fp = fopen( fname, "rb" );
988 if( fp == NULL )
989 return WPTERR_FILE_OPEN;
990
991 cfg = new keyserver_cfgfile;
992 if ( !cfg )
993 BUG( NULL );
994 memset( cfg, 0, sizeof *cfg );
995
996 while ( !feof( fp ) ) {
997 if ( fgets( buf, sizeof(buf)-1, fp ) == NULL )
998 break;
999 if ( *buf == '\r' || *buf == '\n' || *buf == '#' )
1000 continue;
1001 buf[strlen(buf) -2] = '\0';
1002 if ( !strncmp( buf, "use_proxy=", 10 ) ) {
1003 char *p = strchr(buf, ':');
1004 if (!p)
1005 continue;
1006 cfg->proxy.port = atol( buf+(p-buf+1) );
1007 buf[p-buf] = '\0';
1008 cfg->proxy.host = m_strdup( buf+10 );
1009 }
1010 else if ( !strncmp( buf, "proxy_user=", 11 ) )
1011 cfg->proxy.user = m_strdup( buf+11 );
1012 else if ( !strncmp( buf, "proxy_pass=", 11 ) )
1013 cfg->proxy.pass = m_strdup( buf+11 );
1014 if ( !strncmp( buf, "http://", 7 )
1015 || !strncmp( buf, "hkp://", 6 )
1016 || !strncmp( buf, "ldap://", 7 ) ) {
1017 add_node( cfg, buf );
1018 cfg->nlist++;
1019 }
1020 }
1021
1022 fclose( fp );
1023 *ret_cfg = cfg;
1024
1025 return rc;
1026 } /* kserver_read_config */
1027
1028
1029 int
1030 kserver_write_config( const char * fname, keyserver_cfgfile * cfg )
1031 {
1032
1033 return 0;
1034 }
1035
1036
1037 void
1038 kserver_cfgfile_release( keyserver_cfgfile *cfg )
1039 {
1040 keyserver_node *k, *k2;
1041
1042 proxy_release( &cfg->proxy );
1043 for( k = cfg->list; cfg->nlist--; k = k2 ) {
1044 k2 = k->next;
1045 free_if_alloc( k );
1046 }
1047 free_if_alloc( cfg );
1048 } /* kserver_cfgfile_release */
1049
1050
1051 void
1052 proxy_release( keyserver_proxy_ctx *ctx )
1053 {
1054 free_if_alloc( ctx->host );
1055 free_if_alloc( ctx->pass );
1056 free_if_alloc( ctx->user );
1057 } /* proxy_release */
1058
1059
1060 int
1061 ldap_recvkey (const char * host, const char * keyid, char * key, int maxkeylen)
1062 {
1063 const char *s;
1064 char *ksprg = NULL, *p = NULL;
1065 char temp[512], outf[512];
1066 FILE * inp;
1067 int rc, start_key = 0;
1068 STARTUPINFO si;
1069 PROCESS_INFORMATION pi;
1070
1071 p = get_gnupg_path ();
1072 ksprg = new char[strlen (p) + 1 + 128];
1073 if (!ksprg)
1074 BUG (0);
1075 strcpy (ksprg, p);
1076 strcat (ksprg, "\\");
1077 strcat (ksprg, "gpgkeys_ldap.exe");
1078 free_if_alloc (p);
1079 if (file_exist_check (ksprg)) {
1080 log_box ( "LDAP Keyserver Plugin", MB_ERR, "Could not find LDAP keyserver module!");
1081 rc = -1;
1082 goto leave;
1083 }
1084 GetTempPath (sizeof (temp)-1, temp);
1085 strcpy (outf, temp);
1086 strcat (outf, keyid);
1087 strcat (outf, ".out");
1088 strcat (temp, keyid);
1089 inp = fopen (temp, "w+b");
1090 if( !inp ) {
1091 log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", temp,
1092 winpt_strerror (WPTERR_FILE_OPEN));
1093 rc = -1;
1094 goto leave;
1095 }
1096 fprintf (inp,
1097 "VERSION 0\n"
1098 "HOST %s\n"
1099 "OPTION verbose\n"
1100 "COMMAND GET\n"
1101 "\n"
1102 "%s\n", host? skip_type_prefix (host): "64.94.85.200", keyid);
1103 fclose (inp);
1104
1105 memset (&si, 0, sizeof (si));
1106 si.cb = sizeof (si);
1107 si.dwFlags = STARTF_USESHOWWINDOW;
1108 si.wShowWindow = SW_HIDE;
1109 memset (&pi, 0, sizeof (pi));
1110 p = new char[strlen (ksprg) + strlen (temp) + strlen (outf) + 32];
1111 sprintf (p, "%s -o %s %s", ksprg, outf, temp);
1112 rc = CreateProcess (NULL, p, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi);
1113 if (!rc) {
1114 log_box ("LDAP Keyserver Plugin", MB_ERR, "Could not spawn process");
1115 rc = -1;
1116 goto leave;
1117 }
1118 CloseHandle (pi.hThread);
1119 WaitForSingleObject (pi.hProcess, INFINITE);
1120 CloseHandle (pi.hProcess);
1121
1122 inp = fopen (outf, "rb");
1123 if (!inp) {
1124 log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", outf,
1125 winpt_strerror (WPTERR_FILE_OPEN));
1126 rc = -1;
1127 goto leave;
1128 }
1129 memset (key, 0, maxkeylen);
1130 while( !feof( inp ) ) {
1131 s = fgets( temp, sizeof (temp)-1, inp );
1132 if( !s )
1133 break;
1134 if( !start_key && strstr( s, "KEY" ) && strstr( s, "BEGIN" ) ) {
1135 start_key = 1;
1136 continue;
1137 }
1138 if( !start_key )
1139 continue;
1140 strcat( key, temp );
1141 maxkeylen -= strlen( temp );
1142 if( maxkeylen < 0 || (strstr( s, "KEY" ) && strstr( s, "END" )) )
1143 break;
1144 }
1145 fclose( inp );
1146
1147 leave:
1148 if( !strlen( key ) )
1149 rc = WPTERR_WINSOCK_RECVKEY;
1150 free_if_alloc( p );
1151 free_if_alloc( ksprg );
1152 return rc;
1153 } /* ldap_recvkey */
1154
1155
1156 static int
1157 finger_readline (int fd, char * buf, int nbytes)
1158 {
1159 char c = 0;
1160 int n, pos = 0;
1161
1162 while (nbytes > 0) {
1163 n = recv (fd, &c, 1, 0);
1164 if (n <= 0)
1165 break;
1166 if (c == '\n')
1167 break;
1168 buf[pos++] = c;
1169 nbytes--;
1170 }
1171 if (nbytes > 0)
1172 buf[pos++] = '\0';
1173 if (n <= 0)
1174 pos = n;
1175 return pos;
1176 }
1177
1178
1179 int
1180 finger_recvkey (const char * host, const char * user, char * key, int maxkeylen)
1181 {
1182 struct hostent * hp;
1183 struct sockaddr_in saddr;
1184 char buf[128];
1185 int fd, nread;
1186 int start_key = 0;
1187 int rc=0;
1188
1189 fd = socket (PF_INET, SOCK_STREAM, 0);
1190 if (fd == -1)
1191 return WPTERR_WINSOCK_SOCKET;
1192 hp = gethostbyname (skip_type_prefix (host));
1193 if (!hp) {
1194 closesocket (fd);
1195 return WPTERR_WINSOCK_RESOLVE;
1196 }
1197
1198 memset (&saddr, 0, sizeof (saddr));
1199 saddr.sin_family = AF_INET;
1200 saddr.sin_port = htons (FINGER_PORT);
1201 saddr.sin_addr = *(struct in_addr *)hp->h_addr;
1202 if (connect (fd, (struct sockaddr *)&saddr, sizeof (saddr))) {
1203 closesocket (fd);
1204 return WPTERR_WINSOCK_CONNECT;
1205 }
1206 send (fd, user, strlen (user), 0);
1207 send (fd, "\r\n", 2, 0);
1208
1209 memset (key, 0, maxkeylen);
1210 while (maxkeylen > 0) {
1211 nread = finger_readline (fd, buf, sizeof (buf)-1);
1212 if (nread <= 0)
1213 break;
1214 strcat (buf, "\n");
1215 if (strstr (buf, "BEGIN PGP PUBLIC KEY BLOCK")) {
1216 strcat (key, buf);
1217 start_key = 1;
1218 maxkeylen -= nread;
1219 }
1220 else if (strstr (buf, "END PGP PUBLIC KEY BLOCK" ) && start_key) {
1221 strcat (key, buf);
1222 start_key--;
1223 maxkeylen -= nread;
1224 break;
1225 }
1226 else if (start_key) {
1227 strcat (key, buf);
1228 maxkeylen -= nread;
1229 }
1230 }
1231 closesocket (fd);
1232 if (start_key != 0)
1233 rc = WPTERR_WINSOCK_RECVKEY;
1234 return rc;
1235 }
[email protected]
 ViewVC Help
Powered by ViewVC 1.1.26