/[winpt]/trunk/Src/wptKeyserver.cpp
ViewVC logotype

Contents of /trunk/Src/wptKeyserver.cpp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 197 - (show annotations)
Mon Apr 10 07:38:06 2006 UTC (18 years, 10 months ago) by twoaday
File size: 32443 byte(s) 
2006-04-09  Timo Schulz  <ts@g10code.de>
 
        * wptGPGPrefsDlg.cpp (gpgprefs_dlg_proc): Only return true
        if the homedir value was changed.
        * wptGPG.cpp (default_key_from_cache): Only return secret key
        if public part is available.
        (set_gnupg_default_key): Fix NULL problem.
        * wptKeyEditDlgs.cpp (do_editkey_clean): Set update flag.
        * wptFileCBS.cpp (write_cb, read_cb): Better error handling.
        * wptFileManagerDlg.cpp (file_manager_dlg_proc): Handle
        'always-on-top' correctly.
        * wptKeylist.cpp (keylist_get_recipients): Allocate enough
        mem to hold all possible keys.
        (keylist_enum_keys): Likewise.
1 /* wptKeyserver.cpp - W32 Keyserver Access
2 * Copyright (C) 2000-2005 Timo Schulz
3 * Copyright (C) 2001 Marco Cunha
4 *
5 * This file is part of WinPT.
6 *
7 * WinPT is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
11 *
12 * WinPT is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with WinPT; if not, write to the Free Software Foundation,
19 * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21
22 #ifdef HAVE_CONFIG_H
23 #include <config.h>
24 #endif
25
26 #include <windows.h>
27 #include <shlobj.h>
28 #include <stdio.h>
29 #include <sys/stat.h>
30 #include <ctype.h>
31
32 #include "wptKeyserver.h"
33 #include "wptErrors.h"
34 #include "wptTypes.h"
35 #include "wptNLS.h"
36 #include "wptW32API.h"
37 #include "wptGPG.h"
38 #include "wptRegistry.h"
39
40 /* just map net_errno to a winsock error. */
41 #define net_errno ((int)WSAGetLastError ())
42
43
44 keyserver server[MAX_KEYSERVERS] = {0};
45 keyserver_proxy_s proxy = {0};
46 static const char *server_list[] = {
47 "hkp://gnv.us.ks.cryptnet.net",
48 "hkp://keyserver.kjsl.com",
49 "hkp://sks.keyserver.penguin.de",
50 "hkp://subkeys.pgp.net",
51 "ldap://keyserver.pgp.com",
52 NULL
53 };
54
55
56 static char hkp_errmsg[1024]; /* Holds the error message from the server */
57 static int hkp_err = 0; /* != 0 indicates an error occurred. */
58
59 /* Default keyserver and port. */
60 char *default_keyserver = NULL;
61 WORD default_keyserver_port = 0;
62
63 /* Default socket timeout. */
64 static int default_socket_timeout = 6;
65
66 /* Basic64 encode the input @inbuf to @outbuf. */
67 static void
68 base64_encode (const char *inbuf, char *outbuf)
69 {
70 char base64code[] =
71 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
72 int index = 0, temp = 0, res = 0;
73 int i = 0, inputlen = 0, len = 0;
74
75 inputlen = strlen (inbuf);
76 for (i = 0; i < inputlen; i++) {
77 res = temp;
78 res = (res << 8) | (inbuf[i] & 0xFF);
79 switch (index++) {
80 case 0:
81 outbuf[len++] = base64code[res >> 2 & 0x3F];
82 res &= 0x3;
83 break;
84 case 1:
85 outbuf[len++] = base64code[res >> 4 & 0x3F];
86 res &= 0xF;
87 break;
88 case 2:
89 outbuf[len++] = base64code[res >> 6 & 0x3F];
90 outbuf[len++] = base64code[res & 0x3F];
91 res = index = 0;
92 break;
93 }
94 temp = res;
95 }
96
97 if (index == 2) {
98 outbuf[len++] = base64code[temp << 2 & 0x3F];
99 outbuf[len++] = '=';
100 }
101 else if (index == 1) {
102 outbuf[len++] = base64code[temp << 4 & 0x3F];
103 outbuf[len++] = '=';
104 outbuf[len++] = '=';
105 }
106
107 outbuf[len] = '\0';
108 }
109
110
111 /* Skip the URL schema and return only the host part of it. */
112 static const char*
113 skip_type_prefix (const char *hostname)
114 {
115 if (hostname && !strncmp (hostname, "http://", 7))
116 hostname += 7;
117 else if (hostname && !strncmp (hostname, "hkp://", 6))
118 hostname += 6;
119 else if (hostname && !strncmp (hostname, "finger://", 9))
120 hostname += 9;
121 else if (hostname && !strncmp (hostname, "ldap://", 7))
122 hostname += 7;
123 return hostname;
124 }
125
126
127 /* Check that the keyserver response indicates an OK.
128 Return 0 on success. */
129 static int
130 check_hkp_response (const char *resp, int recv)
131 {
132 char *p, *end;
133 int ec, len;
134
135 ec = recv ? WPTERR_WINSOCK_RECVKEY : WPTERR_WINSOCK_SENDKEY;
136 if (!strstr (resp, "HTTP/1.0 200 OK") &&
137 !strstr (resp, "HTTP/1.1 200 OK")) /* http error */
138 return ec;
139 if (strstr (resp, "Public Key Server -- Error")
140 || strstr (resp, "Public Key Server -- Error")
141 || strstr (resp, "No matching keys in database")) {
142 p = strstr (resp, "<p>");
143 if (p && strlen (p) < sizeof (hkp_errmsg)) {
144 end = strstr (p, "</p>");
145 len = end? (end - p + 1) : strlen (p);
146 memset (hkp_errmsg, 0, sizeof (hkp_errmsg));
147 strncpy (hkp_errmsg, p, len);
148 hkp_err = 1;
149 }
150 return ec;
151 }
152 return 0;
153 }
154
155
156 /* Read a single line (\r\n) from a socket.
157 Return 0 on success. */
158 static int
159 sock_getline (int fd, char *buf, int buflen, int *nbytes)
160 {
161 char ch;
162 int nread = 0;
163
164 if (nbytes)
165 *nbytes = 0;
166 *buf = 0;
167 while (recv (fd, &ch, 1, 0) > 0) {
168 *buf++ = ch;
169 nread++;
170 if (ch == '\r')
171 continue; /* remove this char. */
172 if (ch == '\n' || nread == (buflen - 1)) {
173 *buf = 0;
174 if (nbytes)
175 *nbytes = nread;
176 return 0;
177 }
178 }
179
180 return -1;
181 }
182
183
184 /* Perform a select() on the given fd to find out
185 is there is data for reading. Wait at least @nsecs seconds. */
186 static int
187 sock_select (int fd, int nsecs)
188 {
189 FD_SET rfd;
190 timeval tv = {nsecs, 0};
191
192 FD_ZERO (&rfd);
193 FD_SET (fd, &rfd);
194 if (select (fd + 1, &rfd, NULL, NULL, &tv) == SOCKET_ERROR) {
195 log_debug ("sock_select: select() failed ec=%d.\r\n", net_errno);
196 return SOCKET_ERROR;
197 }
198 if (FD_ISSET (fd, &rfd))
199 return 1;
200 return 0;
201 }
202
203
204 /* Read from a socket @fd to buffer @buf with a fixed timeout
205 of 10 seconds. The amount of bytes which were read are
206 returned in @nbytes.
207 Return value: 0 on success. */
208 static int
209 sock_read (int fd, char *buf, int buflen, int *nbytes)
210 {
211 DWORD nread;
212 int nleft = buflen;
213 int rc, n = 0;
214
215 if (nbytes)
216 *nbytes = 0;
217 while (nleft > 0) {
218 if (n >= default_socket_timeout)
219 return WPTERR_WINSOCK_TIMEOUT;
220 rc = sock_select (fd, 1);
221 if (rc == SOCKET_ERROR)
222 return rc;
223 else if (!rc)
224 n++;
225 else {
226 nread = recv (fd, buf, nleft, 0);
227 if (nread == SOCKET_ERROR) {
228 log_debug ("sock_read: recv() failed ec=%d.\r\n", net_errno);
229 return SOCKET_ERROR;
230 }
231 else if (!nread)
232 break;
233 nleft -= nread;
234 buf += nread;
235 }
236 }
237 if (nbytes)
238 *nbytes = buflen - nleft;
239
240 return 0;
241 }
242
243 /* Read much data as possible from the socket @fd and
244 return the data in @buffer. Caller must free data.
245 Return value: 0 on success. */
246 int
247 sock_read_ext (int fd, char **buffer, int *r_bufferlen)
248 {
249 gpgme_data_t dh;
250 char buf[1024], *p;
251 size_t n=0;
252 int nread, rc;
253
254 gpgme_data_new (&dh);
255 while (n < 10) {
256 rc = sock_select (fd, 1);
257 if (rc == SOCKET_ERROR) {
258 gpgme_data_release (dh);
259 return rc;
260 }
261 else if (!rc)
262 n++;
263 else {
264 nread = recv (fd, buf, sizeof (buf), 0);
265 if (nread == SOCKET_ERROR)
266 return SOCKET_ERROR;
267 else if (!nread)
268 break;
269 gpgme_data_write (dh, buf, nread);
270 }
271 }
272 gpg_data_putc (dh, '\0');
273 p = gpgme_data_release_and_get_mem (dh, &n);
274 *buffer = m_strdup (p);
275 if (r_bufferlen)
276 *r_bufferlen = n;
277 gpgme_free (p);
278 return 0;
279 }
280
281
282 /* Write the buffer @buf with the length @buflen to a socket @fd. */
283 static int
284 sock_write (int fd, const char *buf, int buflen)
285 {
286 DWORD nwritten;
287 int nleft = buflen;
288
289 while (nleft > 0) {
290 nwritten = send (fd, buf, nleft, 0);
291 if (nwritten == SOCKET_ERROR) {
292 log_debug ("sock_write: send() failed ec=%d\r\n", net_errno);
293 return SOCKET_ERROR;
294 }
295 nleft -= nwritten;
296 buf += nwritten;
297 }
298
299 return 0;
300 }
301
302
303 /* Initialize the Winsock2 interface.*/
304 int
305 wsock_init (void)
306 {
307 WSADATA wsa;
308
309 if (WSAStartup (0x202, &wsa)) {
310 log_debug ("wsock_init: WSAStartup failed ec=%d\r\n", net_errno);
311 return WPTERR_WINSOCK_INIT;
312 }
313 return 0;
314 }
315
316
317 /* Cleanup the Winsock2 interface. */
318 void
319 wsock_end (void)
320 {
321 char *p;
322 int i;
323
324 p = make_special_filename (CSIDL_APPDATA, "winpt\\keyserver.conf", NULL);
325 kserver_save_conf (p);
326 free_if_alloc (p);
327 free_if_alloc (default_keyserver);
328 for (i=0; i < MAX_KEYSERVERS; i++) {
329 if (server[i].used && server[i].name != NULL)
330 free_if_alloc (server[i].name);
331 }
332 kserver_proxy_release (&proxy);
333 WSACleanup ();
334 }
335
336
337 /* Return a string representation of a winsock error. */
338 const char*
339 wsock_strerror (void)
340 {
341 static char buf[384];
342 int ec = WSAGetLastError ();
343
344 switch (ec) {
345 case WSAENETDOWN:
346 return _("The network subsystem has failed");
347 case WSAHOST_NOT_FOUND:
348 return _("Authoritative Answer Host not found");
349 case WSAETIMEDOUT:
350 return _("The connection has been dropped because of a network failure");
351 default:
352 _snprintf (buf, sizeof (buf) -1, _("Unknown Winsock error ec=%d"),ec);
353 return buf;
354 }
355 return NULL;
356 }
357
358
359 /* Set default socket timeout for all reading operations. */
360 void
361 kserver_set_socket_timeout (int nsec)
362 {
363 if (nsec < 0)
364 nsec = 0;
365 default_socket_timeout = nsec;
366 }
367
368
369 /* Return the last keyserver error as a string. */
370 const char*
371 kserver_strerror (void)
372 {
373 if (hkp_err)
374 return hkp_errmsg;
375 return NULL;
376 }
377
378
379 /* Read a keyserver from the list at index @idx.
380 Return value: keyserver name at the given position. */
381 const char*
382 kserver_get_hostname (int idx, int type, WORD *port)
383 {
384 if (type == -1) {
385 *port = default_keyserver_port;
386 return default_keyserver;
387 }
388 else if (!type && idx < DIM (server_list)) {
389 *port = HKP_PORT;
390 return server_list[idx];
391 }
392 return NULL;
393 }
394
395
396 /* Check if the computer is connected to the internet.
397 Return 0 on success -1 otherwise. */
398 int
399 kserver_check_inet_connection (void)
400 {
401 int fd;
402
403 if (!kserver_connect (default_keyserver, default_keyserver_port, &fd)) {
404 closesocket (fd);
405 return 0;
406 }
407 return -1;
408 }
409
410
411 /* If the request contains the keyid, it have to be
412 always postfix with '0x'+keyid. This code checks
413 if the keyid is a decimal value and if so if it contains
414 the '0x'. If not it is inserted. */
415 const char*
416 kserver_check_keyid (const char *keyid)
417 {
418 static char id[21];
419
420 if (strstr (keyid, "@"))
421 return keyid; /* email address */
422 if (strncmp (keyid, "0x", 2)) {
423 memset (&id, 0, sizeof (id));
424 _snprintf (id, sizeof (id)-1, "0x%s", keyid);
425 return id;
426 }
427 return keyid;
428 }
429
430
431 /* Update the keyserver proxy user. */
432 static void
433 update_proxy_user (const char *proxy_user, const char *proxy_pass)
434 {
435 char t[257]; /* user:pass = 127+1+127+1 = 257 */
436 int n = 0;
437
438 n = 4*strlen (proxy_user) / 3 + 32 + strlen (proxy_pass) + 2;
439 free_if_alloc (proxy.base64_user);
440 proxy.base64_user = new char[n];
441 if (!proxy.base64_user)
442 BUG (0);
443 _snprintf (t, sizeof (t)-1, "%s:%s", proxy_user, proxy_pass);
444 base64_encode (t, proxy.base64_user);
445 free_if_alloc (proxy.user);
446 free_if_alloc (proxy.pass);
447 proxy.user = m_strdup (proxy_user);
448 proxy.pass = m_strdup (proxy_pass);
449 }
450
451
452 /* Check that the given buffer contains a valid keyserver URL. */
453 static int
454 check_URL (const char * buf)
455 {
456 if (strlen (buf) < 7)
457 return -1;
458 if (!strstr (buf, "ldap://")
459 && !strstr (buf, "http://")
460 && !strstr (buf, "finger://")
461 && !strstr (buf, "hkp://"))
462 return -1;
463 return 0;
464 }
465
466
467 /* Get the port number from the given protocol. */
468 static int
469 port_from_proto (int proto)
470 {
471 switch (proto) {
472 case KSPROTO_LDAP: return 0;
473 case KSPROTO_FINGER: return FINGER_PORT;
474 case KSPROTO_HTTP: return HKP_PORT;
475 }
476 return 0;
477 }
478
479
480 /* Get the port number from the given URL. */
481 static int
482 proto_from_URL (const char *buf)
483 {
484 if (strstr( buf, "ldap"))
485 return KSPROTO_LDAP;
486 else if (strstr( buf, "finger"))
487 return KSPROTO_FINGER;
488 return KSPROTO_HKP;
489 }
490
491
492 void
493 keyserver_set_default (const char *hostname, WORD port)
494 {
495 if (hostname != NULL) {
496 free_if_alloc (default_keyserver);
497 default_keyserver = m_strdup (hostname);
498 if (!default_keyserver)
499 BUG (0);
500 default_keyserver_port = port;
501 }
502 if (!port)
503 port = HKP_PORT;
504 if (!default_keyserver)
505 default_keyserver = m_strdup (DEF_HKP_KEYSERVER);
506 server[0].name = m_strdup (default_keyserver);
507 server[0].used = 1;
508 server[0].port = port;
509 server[0].proto = proto_from_URL (default_keyserver);
510 }
511
512
513 /* Skip all kind of whitespace chars in @str. */
514 static const char*
515 skip_whitespace (const char *str)
516 {
517 while (str && *str) {
518 if (*str == ' ' ||
519 *str == '\t' ||
520 *str == '\n' ||
521 *str == '\r') {
522 str++;
523 continue;
524 }
525 break;
526 }
527 return str;
528 }
529
530
531 /* Save the keyserver config file in @conf. */
532 int
533 kserver_save_conf (const char *conf)
534 {
535 FILE *fp;
536 int pos;
537
538 fp = fopen (conf, "wb");
539 if (!fp) {
540 msg_box (NULL, _("Could not save keyserver.conf file"),
541 _("Keyserver"), MB_ERR);
542 return -1;
543 }
544
545 fprintf (fp, "# do NOT manually modify this file, it will be "
546 "generated automatically!!\r\n");
547 for (pos = 0; pos < MAX_KEYSERVERS; pos++) {
548 if (!server[pos].used)
549 continue;
550 fprintf (fp, "%s:%d\r\n", server[pos].name, server[pos].port);
551 }
552 fclose (fp);
553 return 0;
554 }
555
556
557 /* Load the keyserver config file @conf. */
558 int
559 kserver_load_conf (const char *conf)
560 {
561 FILE *fp;
562 char buf[1024], *s, *p;
563 char *user = NULL, *pass = NULL;
564 int no_config=0, chk_pos=0;
565 int pos;
566
567 for (pos = 0; pos < MAX_KEYSERVERS; pos++) {
568 server[pos].used = 0;
569 server[pos].port = HKP_PORT;
570 }
571
572 fp = fopen (conf, "rb");
573 if (!fp) {
574 for (pos = 0; server_list[pos]; pos++) {
575 server[pos].used = 1;
576 server[pos].name = m_strdup (server_list[pos]);
577 server[pos].proto = proto_from_URL (server_list[pos]);
578 }
579 no_config=1;
580 }
581 get_reg_proxy_prefs (&proxy);
582 if (user && pass)
583 update_proxy_user (user, pass);
584 else if (user && !pass || !user && pass) {
585 msg_box (NULL, _("Invalid proxy configuration."
586 "You need to set a user and a password"
587 "to use proxy authentication!"),
588 _("Proxy Error"), MB_ERR);
589 }
590 /* check if the host has a http:// prefix and skip it */
591 if (proxy.host && !strncmp (proxy.host, "http://", 7)) {
592 char *host = m_strdup (proxy.host+7);
593 if (!host)
594 BUG (0);
595 free_if_alloc (proxy.host);
596 proxy.host = host;
597 }
598 free_if_alloc (user);
599 free_if_alloc (pass);
600
601 pos = 0;
602 while (fp && !feof (fp)) {
603 s = fgets (buf, sizeof (buf)-1, fp);
604 if (!s)
605 break;
606 if (strstr (buf, "\r\n"))
607 buf[strlen (buf)-2] = '\0';
608 if (strstr (buf, "\n"))
609 buf[strlen (buf)-1] = '\0';
610 s = (char *)skip_whitespace (buf);
611 if (*s == '#' || strlen (s) < 7)
612 continue;
613 if (check_URL (s)) {
614 msg_box (NULL, _("All entries of this file must have a valid prefix.\n"
615 "Currently HKP/HTTP, LDAP and FINGER are supported.\n"),
616 _("Keyserver Error"), MB_ERR);
617 continue;
618 }
619 chk_pos = 6;
620 if (strstr (s, "finger"))
621 chk_pos = 10;
622 p = strchr (s+chk_pos, ':');
623 server[pos].used = 1;
624 server[pos].proto = proto_from_URL (s);
625 server[pos].port = port_from_proto (server[pos].proto);
626 if (!p)
627 server[pos].name = m_strdup (s);
628 else {
629 server[pos].port = atol (p+1);
630 if (server[pos].port < 0 || server[pos].port > 65536)
631 server[pos].port = HKP_PORT;
632 server[pos].name = new char [(p-s)+2];
633 if (!server[pos].name)
634 BUG (0);
635 memset (server[pos].name, 0, (p-s)+2);
636 memcpy (server[pos].name, s, (p-s));
637 }
638 pos++;
639 if (pos > MAX_KEYSERVERS) {
640 msg_box (NULL, _("The keyserver limit is exceeded"),
641 _("Keyserver Warning"), MB_INFO);
642 break;
643 }
644 }
645 if (fp)
646 fclose (fp);
647 if (!pos) {
648 /* only issue an error if the config file exist but
649 it has no valid entries. */
650 keyserver_set_default (NULL, HKP_PORT);
651 if (!no_config)
652 return WPTERR_CONFIG_FILE;
653 }
654
655 return 0;
656 }
657
658
659 /* Connect to the keyserver @hostname (port @port).
660 Return value: 0 on success */
661 int
662 kserver_connect (const char *hostname, WORD port, int *conn_fd)
663 {
664 struct hostent *hp;
665 struct sockaddr_in sock;
666 char host[128] = {0};
667 DWORD iaddr;
668 int rc, fd;
669
670 log_debug ("kserver_connect: %s:%d\r\n", hostname, port);
671
672 if (!port)
673 port = HKP_PORT;
674 if (conn_fd)
675 *conn_fd = 0;
676 hostname = skip_type_prefix (hostname);
677
678 if (proxy.host && proxy.proto == PROXY_PROTO_HTTP)
679 port = proxy.port;
680 memset (&sock, 0, sizeof (sock));
681 sock.sin_family = AF_INET;
682 sock.sin_port = htons (port);
683 if (proxy.host)
684 strncpy (host, proxy.host, 127);
685 else
686 strncpy (host, hostname, 127);
687
688 if ((iaddr = inet_addr (host)) != INADDR_NONE)
689 memcpy (&sock.sin_addr, &iaddr, sizeof (iaddr));
690 else if ((hp = gethostbyname (host))) {
691 if (hp->h_addrtype != AF_INET || hp->h_length != 4) {
692 log_debug ("gethostbyname: unknown address type.\r\n");
693 return WPTERR_WINSOCK_RESOLVE;
694 }
695 memcpy (&sock.sin_addr, hp->h_addr, hp->h_length);
696 }
697 else {
698 log_debug ("gethostbyname: failed ec=%d.\r\n", net_errno);
699 return WPTERR_WINSOCK_RESOLVE;
700 }
701 fd = socket (AF_INET, SOCK_STREAM, 0);
702 if (fd == INVALID_SOCKET)
703 return WPTERR_WINSOCK_SOCKET;
704 rc = connect (fd, (struct sockaddr *) &sock, sizeof (sock));
705 if (rc == SOCKET_ERROR) {
706 log_debug ("connect: failed ec=%d.\r\n", net_errno);
707 closesocket (fd);
708 return WPTERR_WINSOCK_CONNECT;
709 }
710
711 if (proxy.proto == PROXY_PROTO_SOCKS5) {
712 rc = socks_handshake (&proxy, fd, hostname, port);
713 if (rc) {
714 closesocket (fd);
715 return WPTERR_GENERAL; /* XXX: use better code. */
716 }
717 }
718
719 if (conn_fd)
720 *conn_fd = fd;
721 WSASetLastError (0);
722 return 0;
723 }
724
725
726 static bool
727 URL_must_encoded (const char *url)
728 {
729 if (strchr (url, '.') || strchr (url, '@') || strchr (url, ' '))
730 return true;
731 return false;
732 }
733
734
735 /* Perform URL encoding of the given data. */
736 static char*
737 URL_encode (const char *url, size_t ulen, size_t *ret_nlen)
738 {
739 gpgme_data_t hd;
740 char numbuf[5], *pp, *p;
741 size_t i, n;
742
743 gpgme_data_new (&hd);
744 for (i=0; i < ulen; i++) {
745 if (isalnum (url[i]) || url[i] == '-')
746 gpg_data_putc (hd, url[i]);
747 else if (url[i] == ' ')
748 gpg_data_putc (hd, '+');
749 else {
750 sprintf (numbuf, "%%%02X", url[i]);
751 gpgme_data_write (hd, numbuf, strlen (numbuf));
752 }
753 }
754 gpg_data_putc (hd, '\0');
755
756 /* Copy memory to avoid that we need to use gpgme_free later. */
757 pp = gpgme_data_release_and_get_mem (hd, &n);
758 p = m_strdup (pp);
759 gpgme_free (pp);
760 if (ret_nlen)
761 *ret_nlen = n;
762 return p;
763 }
764
765
766 /* Format a request for the given keyid (send). */
767 static char*
768 kserver_send_request (const char *hostname, WORD port,
769 const char *pubkey, int octets)
770 {
771 char *request = NULL;
772 char *enc_pubkey = NULL;
773 size_t enc_octets;
774 int reqlen;
775
776 log_debug ("kserver_send_request: %s:%d\r\n", hostname, port);
777
778 if (!port)
779 port = HKP_PORT;
780 reqlen = 512 + strlen (hostname) + 2*strlen (pubkey);
781 if (proxy.proto == PROXY_PROTO_HTTP && proxy.base64_user)
782 reqlen += strlen (proxy.base64_user) + 1;
783 request = new char[reqlen];
784 if (!request)
785 BUG (0);
786 enc_pubkey = URL_encode (pubkey, octets, &enc_octets);
787 if (!enc_pubkey || !enc_octets) {
788 free_if_alloc (request);
789 return NULL;
790 }
791
792 if (proxy.user && proxy.proto == PROXY_PROTO_HTTP) {
793 _snprintf (request, reqlen-1,
794 "POST http://%s:%d/pks/add HTTP/1.0\r\n"
795 "Referer: \r\n"
796 "User-Agent: WinPT/W32\r\n"
797 "Host: %s:%d\r\n"
798 "Proxy-Authorization: Basic %s\r\n"
799 "Content-type: application/x-www-form-urlencoded\r\n"
800 "Content-length: %d\r\n"
801 "\r\n"
802 "keytext=%s"
803 "\r\n",
804 skip_type_prefix (hostname), port, hostname, port,
805 proxy.base64_user, enc_octets+9, enc_pubkey);
806 }
807 else {
808 _snprintf (request, reqlen-1,
809 "POST /pks/add HTTP/1.0\r\n"
810 "Referer: \r\n"
811 "User-Agent: WinPT/W32\r\n"
812 "Host: %s:%d\r\n"
813 "Content-type: application/x-www-form-urlencoded\r\n"
814 "Content-length: %d\r\n"
815 "\r\n"
816 "keytext=%s"
817 "\r\n",
818 skip_type_prefix (hostname), port,
819 enc_octets+9, enc_pubkey);
820 }
821 free_if_alloc (enc_pubkey);
822
823 log_debug ("%s\r\n", request);
824 return request;
825 }
826
827
828 int
829 kserver_recvkey_ext (const char *hostname, WORD port, const char *keyid,
830 char **r_key, int *r_keylen)
831 {
832 char *request = NULL;
833 int conn_fd;
834 int rc, n;
835
836 if (!port)
837 port = HKP_PORT;
838 hkp_err = 0; /* reset */
839 rc = kserver_connect (hostname, port, &conn_fd);
840 if (rc)
841 goto leave;
842
843 request = new char[300+1];
844 if (!request)
845 BUG (0);
846
847 if (proxy.host && proxy.user && proxy.proto == PROXY_PROTO_HTTP) {
848 _snprintf (request, 300,
849 "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n"
850 "Proxy-Authorization: Basic %s\r\n\r\n",
851 skip_type_prefix (hostname), port, keyid, proxy.base64_user);
852 }
853 else if (proxy.host && proxy.proto == PROXY_PROTO_HTTP) {
854 _snprintf (request, 300,
855 "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n",
856 skip_type_prefix (hostname), port, keyid);
857 }
858 else {
859 _snprintf (request, 300,
860 "GET /pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n", keyid);
861 }
862
863 log_debug ("%s\r\n", request);
864
865 rc = sock_write (conn_fd, request, strlen (request));
866 if (rc == SOCKET_ERROR) {
867 rc = WPTERR_WINSOCK_RECVKEY;
868 goto leave;
869 }
870
871 rc = sock_read_ext (conn_fd, r_key, &n);
872 if (rc == SOCKET_ERROR) {
873 rc = WPTERR_WINSOCK_RECVKEY;
874 goto leave;
875 }
876
877 if (r_keylen)
878 *r_keylen = n;
879 log_debug ("%s\r\n", *r_key);
880 rc = check_hkp_response (*r_key, 1);
881 if (rc)
882 goto leave;
883
884 WSASetLastError (0);
885
886 leave:
887 closesocket (conn_fd);
888 free_if_alloc (request);
889 return rc;
890 }
891
892 /* Interface for receiving a public key. */
893 int
894 kserver_recvkey (const char *hostname, WORD port, const char *keyid,
895 char *key, int maxkeylen)
896 {
897 char *tmpkey;
898 int rc, nread=0;
899
900 /* XXX: just a wrapper around the new method, replace it
901 soon as possible. */
902 rc = kserver_recvkey_ext (hostname, port, keyid, &tmpkey, &nread);
903 if (rc)
904 return rc;
905
906 if (nread > maxkeylen) {
907 free_if_alloc (tmpkey);
908 return WPTERR_GENERAL;
909 }
910 strcpy (key, tmpkey);
911 free_if_alloc (tmpkey);
912 return 0;
913 }
914
915
916 /* Interface to send a public key. */
917 int
918 kserver_sendkey (const char *hostname, WORD port, const char *pubkey, int len )
919 {
920 char *request = NULL;
921 char log[2048] = {0};
922 int conn_fd, n;
923 int rc;
924
925 hkp_err = 0; /* reset */
926 rc = kserver_connect (hostname, port, &conn_fd);
927 if (rc)
928 goto leave;
929
930 request = kserver_send_request (hostname, port, pubkey, len);
931 if (request == NULL) {
932 rc = WPTERR_GENERAL;
933 goto leave;
934 }
935
936 rc = sock_write (conn_fd, request, strlen (request));
937 if (rc == SOCKET_ERROR) {
938 rc = WPTERR_WINSOCK_SENDKEY;
939 goto leave;
940 }
941
942 rc = sock_read (conn_fd, log, sizeof (log)-1, &n);
943 if (rc == SOCKET_ERROR) {
944 rc = WPTERR_WINSOCK_SENDKEY;
945 goto leave;
946 }
947
948 log_debug ("kserver_sendkey: read %d bytes\r\n%s\r\n", n, log);
949 rc = check_hkp_response (log, 0);
950 if (rc)
951 goto leave;
952
953 WSASetLastError (0);
954
955 leave:
956 closesocket (conn_fd);
957 free_if_alloc (request);
958 return rc;
959 }
960
961
962 /* Check keyserver response. */
963 static int
964 kserver_search_chkresp (int fd)
965 {
966 char buf[128];
967 int n=0;
968
969 /* parse response 'HTTP/1.0 500 OK' */
970 if (sock_getline (fd, buf, 127, &n))
971 return WPTERR_KEYSERVER_NOTFOUND;
972
973 log_debug ("kserver_search_chkpresp: %s\r\n", buf);
974 if (strncmp (buf, "HTTP/1.", 7))
975 return WPTERR_KEYSERVER_NOTFOUND;
976 if (strncmp (buf+(8+1), "200", 3))
977 return WPTERR_KEYSERVER_NOTFOUND;
978 return 0;
979 }
980
981
982 /* End the keyserver search procedure. */
983 void
984 kserver_search_end (int conn_fd)
985 {
986 log_debug ("kserver_search_end: fd=%d\r\n", conn_fd);
987 closesocket (conn_fd);
988 }
989
990
991 /* Begin keyserver search procedure. */
992 int
993 kserver_search_begin (const char *hostname, WORD port,
994 const char *pattern, int *conn_fd)
995 {
996 char *request = NULL;
997 char *enc_patt = NULL;
998 int n;
999 int rc, sock_fd;
1000
1001 rc = kserver_connect (hostname, port, &sock_fd);
1002 if (rc) {
1003 *conn_fd = 0;
1004 goto leave;
1005 }
1006
1007 enc_patt = URL_encode (pattern, strlen (pattern), NULL);
1008 n = 140 + strlen (enc_patt) + strlen (hostname) + 32 + 2;
1009 if (proxy.base64_user)
1010 n += strlen (proxy.base64_user) + 1;
1011 request = new char[n+1];
1012 if (!request)
1013 BUG (0);
1014
1015 if (proxy.host && proxy.user && proxy.proto == PROXY_PROTO_HTTP) {
1016 _snprintf (request, n,
1017 "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n"
1018 "Proxy-Authorization: Basic %s\r\n\r\n",
1019 skip_type_prefix (hostname), port, enc_patt, proxy.base64_user);
1020 }
1021 else if (proxy.host && proxy.proto == PROXY_PROTO_HTTP) {
1022 _snprintf (request, n,
1023 "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n",
1024 skip_type_prefix (hostname), port, enc_patt);
1025 }
1026 else {
1027 _snprintf (request, n,
1028 "GET /pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n",
1029 enc_patt);
1030 }
1031
1032 log_debug ("kserver_search_begin:\r\n%s\r\n", request);
1033
1034 if (sock_write (sock_fd, request, strlen (request)) == SOCKET_ERROR) {
1035 rc = WPTERR_GENERAL;
1036 goto leave;
1037 }
1038
1039 rc = kserver_search_chkresp (sock_fd);
1040 if (rc) {
1041 closesocket (sock_fd);
1042 sock_fd = 0;
1043 }
1044
1045 *conn_fd = sock_fd;
1046
1047 leave:
1048 free_if_alloc (request);
1049 free_if_alloc (enc_patt);
1050 return rc;
1051 }
1052
1053
1054
1055
1056 /* Convert an iso date @iso_date (YYYY-MM-DD) into the locale
1057 representation and store it into @loc_date.
1058 Return value: 0 on success. */
1059 static int
1060 parse_iso_date (const char *iso_date, char *loc_date, size_t loclen)
1061 {
1062 SYSTEMTIME st;
1063 char buf[16] = {0}, *p;
1064 int pos=0;
1065
1066 strncpy (buf, iso_date, sizeof (buf)-1);
1067 p = strtok (buf, "-");
1068 while (p != NULL) {
1069 switch (pos) {
1070 case 0: st.wYear = (WORD)atoi (p); pos++; break;
1071 case 1: st.wMonth = (WORD)atoi (p); pos++; break;
1072 case 2: st.wDay = (WORD)atoi (p); pos++; break;
1073 default: break;
1074 }
1075 p = strtok (NULL, "-");
1076 }
1077 if (pos != 3)
1078 return -1;
1079
1080 if (!GetDateFormat (LOCALE_USER_DEFAULT, DATE_SHORTDATE, &st,
1081 NULL, loc_date, loclen))
1082 return -1;
1083 return 0;
1084 }
1085
1086
1087 int
1088 kserver_search_next (int fd, keyserver_key *key)
1089 {
1090 char buf[1024], *p;
1091 int uidlen, nbytes, pos = 0;
1092
1093 log_debug ("keyserver_search_next:\r\n");
1094
1095 if (sock_getline (fd, buf, sizeof (buf) - 1, &nbytes))
1096 return WPTERR_GENERAL;
1097
1098 /* XXX: use maschine readable option. */
1099 log_debug ("%s\r\n", buf);
1100
1101 if (!strncmp (buf, "pub", 3)) {
1102 int revoked = strstr (buf, "KEY REVOKED") != NULL? 1 : 0;
1103 key->bits = atol (buf+3);
1104 p = strchr (buf, '>');
1105 if (!p)
1106 goto fail;
1107 pos = p - buf + 1;
1108 memcpy (key->keyid, buf + pos, 8);
1109 key->keyid[8] = '\0';
1110 p = strstr (buf, "</a>");
1111 if (!p)
1112 goto fail;
1113 pos = p - buf + 5;
1114 memcpy (key->date, buf + pos, 10);
1115 key->date[10] = '\0';
1116 parse_iso_date (key->date, key->date, sizeof (key->date)-1);
1117 if (revoked) {
1118 strcpy (key->uid, "KEY REVOKED: not checked");
1119 return 0;
1120 }
1121 pos += 10;
1122 p = buf + pos + 1;
1123 while (p && *p != '>')
1124 p++;
1125 p++;
1126 uidlen = strlen (p) - 10;
1127 if (!strstr (p, "&lt;") && !strstr (p, "&gt;")) {
1128 pos=0;
1129 while (p && *p && pos < sizeof (key->uid)-1) {
1130 if (*p == '<')
1131 break;
1132 key->uid[pos++] = *p++;
1133 }
1134 key->uid[pos] ='\0';
1135 return 0;
1136 }
1137
1138 if (uidlen > sizeof (key->uid)-1)
1139 uidlen = sizeof (key->uid)-1;
1140 memcpy (key->uid, p, uidlen);
1141 key->uid[uidlen] = '\0';
1142 strcat (key->uid, ">");
1143 p = strchr (key->uid, '&');
1144 if (p) {
1145 key->uid[(p-key->uid)] = '<';
1146 memmove (key->uid+(p-key->uid)+1, key->uid+(p-key->uid)+4,
1147 strlen (key->uid)-3);
1148 }
1149 return 0;
1150 }
1151
1152 fail:
1153 key->bits = 0;
1154 memset (key, 0, sizeof *key);
1155 return 0;
1156 }
1157
1158
1159 /* Release mbmers in the proxy context @ctx. */
1160 void
1161 kserver_proxy_release (keyserver_proxy_t ctx)
1162 {
1163 free_if_alloc (ctx->host);
1164 free_if_alloc (ctx->pass);
1165 free_if_alloc (ctx->user);
1166 ctx->port = ctx->proto = 0;
1167 }
1168
1169
1170 /* Spawn a process given by @cmdl. */
1171 static int
1172 spawn_application (char *cmdl)
1173 {
1174 STARTUPINFO si;
1175 PROCESS_INFORMATION pi;
1176 int rc = 0;
1177
1178 memset (&si, 0, sizeof (si));
1179 si.cb = sizeof (si);
1180 si.dwFlags = STARTF_USESHOWWINDOW;
1181 si.wShowWindow = SW_HIDE;
1182 memset (&pi, 0, sizeof (pi));
1183
1184 if (!CreateProcess (NULL, cmdl, NULL, NULL, FALSE, 0,
1185 NULL, NULL, &si, &pi)) {
1186 log_box ("Keyserver Plugin", MB_ERR, "Could not spawn helper process");
1187 rc = -1;
1188 }
1189
1190 CloseHandle (pi.hThread);
1191 WaitForSingleObject (pi.hProcess, INFINITE);
1192 CloseHandle (pi.hProcess);
1193 return rc;
1194 }
1195
1196
1197 /* Receive an key via LDAP from host @host with the keyid @keyid.
1198 @key contains the key on success. */
1199 int
1200 ldap_recvkey (const char *host, const char *keyid, char *key, int maxkeylen)
1201 {
1202 FILE *fp;
1203 const char *s;
1204 char *ksprg = NULL, *p = NULL, *sep;
1205 char inf[256], outf[256], buf[512];
1206 DWORD n;
1207 int start_key = 0, failed = 0;
1208 int rc = 0;
1209
1210 p = get_gnupg_prog ();
1211 n = strlen (p) + 1 + 128;
1212 ksprg = new char[n+1];
1213 if (!ksprg)
1214 BUG (0);
1215 sep = strrchr (p, '\\');
1216 if (sep != NULL)
1217 p[(sep-p)] = 0;
1218
1219 _snprintf (ksprg, n, "%s\\gpgkeys_ldap.exe", p);
1220 free_if_alloc (p);
1221 if (file_exist_check (ksprg)) {
1222 log_box ("LDAP Keyserver Plugin", MB_ERR,
1223 "%s: could not find LDAP keyserver module!", ksprg);
1224 rc = -1;
1225 goto leave;
1226 }
1227 get_temp_name (outf, sizeof (outf)-1, keyid);
1228 get_temp_name (inf, sizeof (inf)-1, NULL);
1229 fp = fopen (inf, "w+b");
1230 if (!fp) {
1231 log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", inf,
1232 winpt_strerror (WPTERR_FILE_OPEN));
1233 rc = -1;
1234 goto leave;
1235 }
1236 fprintf (fp,
1237 "VERSION 1\n"
1238 "PROGRAM 1.4.3-cvs\n"
1239 "SCHEME ldap\n"
1240 "HOST %s\n"
1241 "COMMAND GET\n"
1242 "\n"
1243 "%s\n",
1244 host? skip_type_prefix (host): "64.94.85.200", keyid);
1245 fclose (fp);
1246
1247 p = new char[strlen (ksprg) + strlen (inf) + strlen (outf) + 32];
1248 if (!p)
1249 BUG (NULL);
1250 sprintf (p, "%s -o %s %s", ksprg, outf, inf);
1251 if (spawn_application (p)) {
1252 rc = -1;
1253 goto leave;
1254 }
1255
1256 fp = fopen (outf, "rb");
1257 if (!fp) {
1258 log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", outf,
1259 winpt_strerror (WPTERR_FILE_OPEN));
1260 rc = -1;
1261 goto leave;
1262 }
1263 memset (key, 0, maxkeylen);
1264 while (!feof (fp)) {
1265 s = fgets (buf, sizeof (buf)-1, fp);
1266 if (!s)
1267 break;
1268 if (strstr (s, "KEY") && strstr (s, "FAILED")) {
1269 failed = 1;
1270 break;
1271 }
1272 if (!start_key && strstr (s, "KEY") && strstr (s, "BEGIN")) {
1273 start_key = 1;
1274 continue;
1275 }
1276 if (!start_key)
1277 continue;
1278 strcat (key, buf);
1279 maxkeylen -= strlen (buf);
1280 if (maxkeylen < 0 || (strstr (s, "KEY") && strstr (s, "END")))
1281 break;
1282 }
1283 fclose (fp);
1284
1285 leave:
1286 if (failed || !strlen (key))
1287 rc = WPTERR_WINSOCK_RECVKEY;
1288 DeleteFile (inf);
1289 DeleteFile (outf);
1290 free_if_alloc (p);
1291 free_if_alloc (ksprg);
1292 return rc;
1293 }
1294
1295
1296 /* Receive an key via FINGER from host @host with the user @user.
1297 On success @key contains the key. */
1298 int
1299 finger_recvkey (const char *host, const char *user, char *key, int maxkeylen)
1300 {
1301 char buf[128];
1302 int fd, nread;
1303 int start_key = 0;
1304 int rc=0;
1305
1306 rc = kserver_connect (host, FINGER_PORT, &fd);
1307 if (rc)
1308 return rc;
1309
1310 sock_write (fd, user, strlen (user));
1311 sock_write (fd, "\r\n", 2);
1312
1313 memset (key, 0, maxkeylen);
1314 while (maxkeylen > 0) {
1315 if (sock_getline (fd, buf, sizeof (buf), &nread))
1316 break;
1317 strcat (buf, "\n");
1318 if (strstr (buf, "BEGIN PGP PUBLIC KEY BLOCK")) {
1319 strcat (key, buf);
1320 start_key = 1;
1321 maxkeylen -= nread;
1322 }
1323 else if (strstr (buf, "END PGP PUBLIC KEY BLOCK" ) && start_key) {
1324 strcat (key, buf);
1325 start_key--;
1326 maxkeylen -= nread;
1327 break;
1328 }
1329 else if (start_key) {
1330 strcat (key, buf);
1331 maxkeylen -= nread;
1332 }
1333 }
1334 closesocket (fd);
1335 if (start_key != 0)
1336 rc = WPTERR_WINSOCK_RECVKEY;
1337 return rc;
1338 }
1339
1340
1341 /* Check if the given name @name is a valid hostname. */
1342 int
1343 check_IP_or_hostname (const char *name)
1344 {
1345 const char *not_allowed = "=!ยง$%&@#*~\\/}][{<>|,;:'";
1346 size_t i, j;
1347
1348 for (i=0; i < strlen (name); i++) {
1349 for (j =0; j < strlen (not_allowed); j++) {
1350 if (name[i] == not_allowed[j])
1351 return -1;
1352 }
1353 }
1354 return 0;
1355 }

Properties

Name Value
svn:eol-style native
[email protected]
 ViewVC Help
Powered by ViewVC 1.1.26