/[winpt]/trunk/Src/wptKeyserver.cpp
ViewVC logotype

Contents of /trunk/Src/wptKeyserver.cpp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 22 - (show annotations)
Wed Aug 10 11:33:35 2005 UTC (19 years, 6 months ago) by twoaday
File size: 31795 byte(s) 
2005-08-06  Timo Schulz  <twoaday@freakmail.de>
 
        * wptGPGME.cpp (keycache_update): Reload OpenPGP parts
        of the secret key.
        (keycache_init): cache name of secret keyring.
        * wptKeyList.cpp (keylist_upd_key): Do not add long keyid.
        (get_key_type): Do not assume 'ultimate' means key pair.
        * wptKeyEditDlgs.cpp (diff_time): New.
        (keyedit_addsubkey_dlg_proc): Changed design and use
        diff_time. Drop checks for invalid keylength (< 1024, > 4096)
        because the combo box automatically handles this.
        * wptKeyManager.cpp (km_set_implicit_trust): Return error code.
        * wptGPG.cpp (get_backup_name): New.
        (gnupg_backup_keyrings): Rotate backup names, from 0..3.
        * wptClipImportDialog.cpp (clip_import_dlg_proc): Free memory.
        * wptKeyManagerDlg.cpp (keymanager_dlg_proc): Use 0x short keyid and
        not the long keyid.
1 /* wptKeyserver.cpp - W32 Keyserver Access
2 * Copyright (C) 2000-2005 Timo Schulz
3 * Copyright (C) 2001 Marco Cunha
4 *
5 * This file is part of WinPT.
6 *
7 * WinPT is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
11 *
12 * WinPT is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with WinPT; if not, write to the Free Software Foundation,
19 * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21
22 #include <windows.h>
23 #include <stdio.h>
24 #include <sys/stat.h>
25 #include <ctype.h>
26
27 #include "wptKeyserver.h"
28 #include "wptErrors.h"
29 #include "wptTypes.h"
30 #include "wptNLS.h"
31 #include "wptW32API.h"
32 #include "wptVersion.h"
33 #include "wptGPG.h"
34 #include "wptRegistry.h"
35
36 static char base64code[] =
37 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
38
39 keyserver server[MAX_KEYSERVERS] = {0};
40 static keyserver_proxy_ctx proxy = {0};
41 static const char * server_list[] = {
42 "hkp://wwwkeys.nl.pgp.net",
43 "hkp://wwwkeys.pl.pgp.net",
44 "hkp://wwwkeys.at.pgp.net",
45 "hkp://wwwkeys.ch.pgp.net",
46 "hkp://wwwkeys.de.pgp.net",
47 "hkp://wwwkeys.dk.pgp.net",
48 "hkp://wwwkeys.cz.pgp.net",
49 "hkp://wwwkeys.es.pgp.net",
50 "hkp://wwwkeys.eu.pgp.net",
51 "hkp://wwwkeys.uk.pgp.net",
52 "hkp://wwwkeys.us.pgp.net",
53 "hkp://gnv.us.ks.cryptnet.net",
54 "hkp://subkeys.pgp.net",
55 "ldap://keyserver.pgp.com",
56 NULL
57 };
58 static char hkp_errmsg[1024];
59 static int hkp_err = 0;
60 static u32 conf_timestamp = 0;
61 char * default_keyserver = NULL;
62 unsigned short default_keyserver_port = 0;
63
64
65 static void
66 base64_encode( const char *inputstr, char *outputstr, int maxlen )
67 {
68 int index = 0, temp = 0, res = 0, i = 0, inputlen = 0, len = 0;
69
70 inputlen = strlen (inputstr); /* fixme: check if len > maxlen */
71 for (i = 0; i <inputlen; i++) {
72 res = temp;
73 res = (res << 8) | (inputstr[i] & 0xFF);
74 switch (index++) {
75 case 0: outputstr[len++] = base64code[res >> 2 & 0x3F]; res &= 0x3; break;
76 case 1: outputstr[len++] = base64code[res >> 4 & 0x3F]; res &= 0xF; break;
77 case 2: outputstr[len++] = base64code[res >> 6 & 0x3F];
78 outputstr[len++] = base64code[res & 0x3F]; res = index = 0; break;
79 }
80 temp = res;
81 }
82
83 switch( index ) {
84 case 0: break;
85 case 2: outputstr[len++] = base64code[temp << 2 & 0x3F];
86 outputstr[len++] = '='; break;
87 case 1: outputstr[len++] = base64code[temp << 4 & 0x3F];
88 outputstr[len++] = '=';
89 outputstr[len++] = '=';
90 }
91
92 outputstr[len] = '\0';
93 } /* base64_encode */
94
95
96 static const char *
97 skip_type_prefix (const char * hostname)
98 {
99 if (hostname && !strncmp (hostname, "http://", 7))
100 hostname += 7;
101 else if (hostname && !strncmp (hostname, "hkp://", 6))
102 hostname += 6;
103 else if (hostname && !strncmp (hostname, "finger://", 9))
104 hostname += 9;
105 else if (hostname && !strncmp (hostname, "ldap://", 7))
106 hostname += 7;
107 return hostname;
108 }
109
110
111 static int
112 check_hkp_response (const char *resp, int recv)
113 {
114 int ec, len;
115 char *p, * end;
116
117 ec = recv ? WPTERR_WINSOCK_RECVKEY : WPTERR_WINSOCK_SENDKEY;
118 if (!strstr (resp, "HTTP/1.0 200 OK") &&
119 !strstr (resp, "HTTP/1.1 200 OK")) /* http error */
120 return ec;
121 if (strstr (resp, "Public Key Server -- Error")
122 || strstr (resp, "Public Key Server -- Error")
123 || strstr (resp, "No matching keys in database")) {
124 p = strstr (resp, "<p>");
125 if (p && strlen (p) < sizeof (hkp_errmsg)) {
126 end = strstr (p, "</p>");
127 len = end? (end - p + 1) : strlen (p);
128 strncpy (hkp_errmsg, p, len);
129 hkp_err = 1;
130 }
131 return ec;
132 }
133 return 0;
134 } /* check_hkp_response */
135
136
137 static int
138 sock_getline (int fd, char *buf, int buflen, int *nbytes)
139 {
140 char ch;
141 int count = 0;
142
143 if (nbytes)
144 *nbytes = 0;
145 *buf = 0;
146 while (recv (fd, &ch, 1, 0) > 0) {
147 *buf++ = ch;
148 count++;
149 if (ch == '\n' || count == (buflen - 1)) {
150 *buf = 0;
151 if (nbytes)
152 *nbytes = count;
153 return 0;
154 }
155 }
156
157 return -1;
158 } /* sock_getline */
159
160
161 static int
162 sock_select (int fd)
163 {
164 FD_SET rfd;
165 timeval tv = {1, 0};
166
167 FD_ZERO (&rfd);
168 FD_SET (fd, &rfd);
169 if (select (fd + 1, &rfd, NULL, NULL, &tv) == SOCKET_ERROR)
170 return SOCKET_ERROR;
171 if (FD_ISSET (fd, &rfd))
172 return 1;
173 return 0;
174 } /* sock_select */
175
176
177 static int
178 sock_read( int fd, char *buf, int buflen, int *nbytes )
179 {
180 DWORD nread;
181 int nleft = buflen;
182 int rc, n = 0;
183
184 while (nleft > 0) {
185 if (n >= 10)
186 return WPTERR_WINSOCK_TIMEOUT;
187 if ( (rc = sock_select( fd )) == SOCKET_ERROR )
188 return SOCKET_ERROR;
189 else if( !rc )
190 n++;
191 else {
192 nread = recv(fd, buf, nleft, 0);
193 if (nread == SOCKET_ERROR)
194 return SOCKET_ERROR;
195 else if (!nread)
196 break;
197 nleft -= nread;
198 buf += nread;
199 }
200 }
201 if (nbytes)
202 *nbytes = buflen - nleft;
203
204 return 0;
205 } /* sock_read */
206
207
208 static int
209 sock_write( int fd, const char *buf, int buflen )
210 {
211 DWORD nwritten;
212 int nleft = buflen;
213
214 while (nleft > 0) {
215 nwritten = send (fd, buf, nleft, 0);
216 if (nwritten == SOCKET_ERROR)
217 return SOCKET_ERROR;
218 nleft -= nwritten;
219 buf += nwritten;
220 }
221
222 return 0;
223 } /* sock_write */
224
225
226 void
227 set_default_kserver (void)
228 {
229 char * p = get_reg_entry_keyserver ("Default");
230 free_if_alloc (default_keyserver);
231 default_keyserver = p && *p != ' ' ? p : m_strdup (DEF_HKP_KEYSERVER);
232 p = get_reg_entry_keyserver ("Default_Port");
233 if (p && *p) {
234 default_keyserver_port = (u16)strtoul (p, NULL, 10);
235 free_if_alloc (p);
236 }
237 else
238 default_keyserver_port = HKP_PORT;
239 } /* set_default_kserver */
240
241
242 /*
243 * Initialize the Winsock2 interface.
244 */
245 int
246 wsock_init (void)
247 {
248 WSADATA wsa;
249
250 if (WSAStartup (0x202, &wsa))
251 return WPTERR_WINSOCK_INIT;
252 set_default_kserver ();
253 return 0;
254 } /* wsock_init */
255
256
257 /*
258 * Should be called after the keyserver access.
259 */
260 void
261 wsock_end (void)
262 {
263 int i;
264
265 free_if_alloc (default_keyserver);
266 default_keyserver = NULL;
267 for (i=0; i < MAX_KEYSERVERS; i++) {
268 if (server[i].used)
269 free_if_alloc (server[i].name);
270 }
271 WSACleanup ();
272 } /* wsock_end */
273
274
275 const char*
276 wsock_strerror( void )
277 {
278 static char buf[384];
279 int ec = WSAGetLastError( );
280
281 switch ( ec ) {
282 case WSAENETDOWN: return _("The network subsystem has failed");
283 case WSAHOST_NOT_FOUND: return _("Authoritative Answer Host not found");
284 case WSAETIMEDOUT: return _("The connection has been dropped because of a network failure");
285 default: _snprintf( buf, sizeof (buf) -1, _("Unknown Winsock error ec=%d"),ec); return buf;
286 }
287 return NULL;
288 } /* wsock_strerror */
289
290
291 const char*
292 kserver_strerror (void)
293 {
294 if (hkp_err)
295 return hkp_errmsg;
296 return NULL;
297 } /* kserver_strerror */
298
299
300 const char *
301 kserver_get_hostname (int idx, int type, u16 *port)
302 {
303 if (type == -1) {
304 *port = default_keyserver_port;
305 return default_keyserver;
306 }
307 else if (!type && idx < DIM (server_list)) {
308 *port = HKP_PORT;
309 return server_list[idx];
310 }
311 return NULL;
312 }
313
314
315 int
316 kserver_check_inet_connection (void)
317 {
318 int fd;
319
320 if (!kserver_connect (default_keyserver, default_keyserver_port, &fd)) {
321 closesocket (fd);
322 return 0;
323 }
324 return -1;
325 }
326
327
328 /*
329 * If the request contains the keyid, it have to be
330 * always postfix with '0x'+keyid. This code checks
331 * if the keyid is a decimal value and if so if it contains
332 * the '0x'. If not it is inserted.
333 */
334 const char*
335 kserver_check_keyid (const char *keyid)
336 {
337 static char id[20];
338
339 if (strstr (keyid, "@"))
340 return keyid; /* email address */
341 if (strncmp (keyid, "0x", 2)) {
342 memset (&id, 0, sizeof (id));
343 _snprintf (id, sizeof (id)-1, "0x%s", keyid);
344 return id;
345 }
346 return keyid;
347 } /* kserver_check_keyid */
348
349
350 static void
351 kserver_update_proxyuser (const char *proxy_user, const char *proxy_pass)
352 {
353 char t[257]; /* user:pass = 127+1+127+1 = 257 */
354 int n = 0;
355
356 n = 4*strlen (proxy_user) / 3 + 32 + strlen (proxy_pass) + 2;
357 free_if_alloc (proxy.base64_user);
358 proxy.base64_user = new char[n];
359 if (!proxy.base64_user)
360 BUG (0);
361 _snprintf (t, sizeof (t)-1, "%s:%s", proxy_user, proxy_pass);
362 base64_encode (t, proxy.base64_user, 257);
363 free_if_alloc (proxy.user);
364 free_if_alloc (proxy.pass);
365 proxy.user = m_strdup (proxy_user);
366 proxy.pass = m_strdup (proxy_pass);
367 } /* kserver_update_proxyuser */
368
369
370 static int
371 check_URL (const char * buf)
372 {
373 if (strlen (buf) < 7)
374 return -1;
375 if (!strstr (buf, "ldap://")
376 && !strstr (buf, "http://")
377 && !strstr (buf, "finger://")
378 && !strstr (buf, "hkp://"))
379 return -1;
380 return 0;
381 } /* check_URL */
382
383
384 static int
385 port_from_proto (int proto)
386 {
387 switch (proto) {
388 case KSPROTO_LDAP: return 0;
389 case KSPROTO_FINGER: return FINGER_PORT;
390 case KSPROTO_HTTP: return HKP_PORT;
391 }
392 return 0;
393 }
394
395
396 static int
397 proto_from_URL (const char * buf)
398 {
399 if (strstr( buf, "ldap"))
400 return KSPROTO_LDAP;
401 else if (strstr( buf, "finger"))
402 return KSPROTO_FINGER;
403 return KSPROTO_HTTP;
404 } /* proto_from_URL */
405
406
407 void
408 keyserver_set_default (const char * hostname, u16 port)
409 {
410 if (hostname) {
411 free_if_alloc (default_keyserver);
412 default_keyserver = m_strdup (hostname);
413 if (!default_keyserver)
414 BUG (0);
415 default_keyserver_port = port;
416 }
417 server[0].name = m_strdup (default_keyserver);
418 server[0].used = 1;
419 server[0].port = port;
420 server[0].proto = proto_from_URL (default_keyserver);
421 } /* keyserver_set_default */
422
423
424 static const char *
425 skip_whitespace (const char * str)
426 {
427 while (str && *str)
428 {
429 if (*str == ' ' ||
430 *str == '\t' ||
431 *str == '\n' ||
432 *str == '\r')
433 {
434 str++;
435 continue;
436 }
437 break;
438 }
439 return str;
440 }
441
442
443 int
444 kserver_load_conf (const char * conf)
445 {
446 struct stat statbuf;
447 FILE *fp;
448 char buf[1024], * s, * p;
449 char *user = NULL, *pass = NULL;
450 int pos, proxy_auth = 0;
451 int no_config=0, chk_pos=0;
452
453 for (pos = 0; pos < MAX_KEYSERVERS; pos++) {
454 server[pos].used = 0;
455 server[pos].port = HKP_PORT;
456 }
457
458 fp = fopen (conf, "rb");
459 if (!fp) {
460 for (pos = 0; server_list[pos]; pos++) {
461 server[pos].used = 1;
462 server[pos].name = m_strdup (server_list[pos]);
463 server[pos].proto = proto_from_URL (server_list[pos]);
464 }
465 no_config=1;
466 }
467 get_reg_proxy_prefs (&proxy.host, &proxy.port, &user, &pass);
468 if (user && pass)
469 kserver_update_proxyuser (user, pass);
470 else if (user && !pass || !user && pass) {
471 msg_box( NULL, _("Invalid proxy configuration."
472 "You need to set a user and a password"
473 "to use proxy authentication!"), _("Proxy Error"), MB_ERR );
474 }
475 /* check if the host has a http:// prefix and skip it */
476 if( proxy.host && !strncmp( proxy.host, "http://", 7 ) ) {
477 const char *s = proxy.host+7;
478 char * p = m_strdup (s);
479 if (!p)
480 BUG (0);
481 free_if_alloc (proxy.host);
482 proxy.host = p;
483 }
484 free_if_alloc (user);
485 free_if_alloc (pass);
486
487 pos = 0;
488 while( fp && !feof( fp ) ) {
489 s = fgets (buf, sizeof (buf)-1, fp);
490 if (!s)
491 break;
492 if (strstr (buf, "\r\n"))
493 buf[strlen (buf)-2] = '\0';
494 if (strstr (buf, "\n"))
495 buf[strlen (buf)-1] = '\0';
496 s = (char *)skip_whitespace (buf);
497 if (*s == '#' || strlen (s) < 7)
498 continue;
499 if (check_URL (s)) {
500 msg_box (NULL, _("All entries of this file must have a valid prefix.\n"
501 "Currently HKP/HTTP, LDAP and FINGER are supported.\n"),
502 _("Keyserver Error"), MB_ERR);
503 continue;
504 }
505 chk_pos=6;
506 if (strstr (s, "finger"))
507 chk_pos = 10;
508 p = strchr (s+chk_pos, ':');
509 server[pos].used = 1;
510 server[pos].proto = proto_from_URL (s);
511 server[pos].port = port_from_proto (server[pos].proto);
512 if (!p)
513 server[pos].name = m_strdup (s);
514 else {
515 server[pos].port = atol (p+1);
516 if (server[pos].port < 0 || server[pos].port > 65536)
517 server[pos].port = HKP_PORT;
518 server[pos].name = new char [(p-s)+2];
519 if (!server[pos].name)
520 BUG (0);
521 memset (server[pos].name, 0, (p-s)+2);
522 memcpy (server[pos].name, s, (p-s));
523 }
524 pos++;
525 if (pos > MAX_KEYSERVERS)
526 {
527 msg_box (NULL, _("The keyserver limit is exceeded"), _("Keyserver Warning"), MB_INFO);
528 break;
529 }
530 }
531 if (fp)
532 fclose (fp);
533 if (!pos)
534 {
535 /* only issue an error if the config file exist but it has no valid entries. */
536 keyserver_set_default (NULL, HKP_PORT);
537 if (!no_config)
538 return WPTERR_CONFIG_FILE;
539 }
540
541 if (!stat (conf, &statbuf))
542 conf_timestamp = statbuf.st_mtime;
543 return 0;
544 } /* kserver_load_conf */
545
546
547 const char *
548 kserver_get_proxy (int * r_port)
549 {
550 if (proxy.host) {
551 if (r_port)
552 *r_port = proxy.port;
553 return proxy.host;
554 }
555 return NULL;
556 } /* kserver_get_proxy */
557
558
559 const char *
560 kserver_get_proxy_info (int id)
561 {
562 switch (id) {
563 case PROXY_USER: return proxy.user;
564 case PROXY_PASS: return proxy.pass;
565 }
566 return NULL;
567 } /* kserver_get_proxy_info */
568
569
570 /*
571 * Connect to the keyserver 'hostname'.
572 * We always use the HKP port.
573 */
574 int
575 kserver_connect (const char *hostname, u16 port, int *conn_fd)
576 {
577 int rc, fd;
578 u32 iaddr;
579 char host[128] = {0};
580 struct hostent *hp;
581 struct sockaddr_in sock;
582
583 if (debug)
584 log_f ("kserver_connect: %s:%d\r\n", hostname, port);
585 if (!port)
586 port = HKP_PORT;
587 if (conn_fd)
588 *conn_fd = 0;
589 hostname = skip_type_prefix (hostname);
590
591 memset (&sock, 0, sizeof (sock));
592 sock.sin_family = AF_INET;
593 sock.sin_port = proxy.host? htons (proxy.port) : htons (port);
594 if (proxy.host)
595 strncpy (host, proxy.host, 127);
596 else
597 strncpy (host, hostname, 127);
598
599 if ((iaddr = inet_addr (host)) != INADDR_NONE)
600 memcpy (&sock.sin_addr, &iaddr, sizeof (iaddr));
601 else if ((hp = gethostbyname (host))) {
602 if (hp->h_addrtype != AF_INET || hp->h_length != 4) {
603 log_f ("gethostbyname: unknown address type.\r\n");
604 return WPTERR_WINSOCK_RESOLVE;
605 }
606 memcpy (&sock.sin_addr, hp->h_addr, hp->h_length);
607 }
608 else {
609 if (debug)
610 log_f ("gethostbyname: failed.\r\n");
611 return WPTERR_WINSOCK_RESOLVE;
612 }
613 fd = socket (AF_INET, SOCK_STREAM, 0);
614 if (fd == INVALID_SOCKET)
615 return WPTERR_WINSOCK_SOCKET;
616 rc = connect (fd, (struct sockaddr *) &sock, sizeof (sock));
617 if (rc == SOCKET_ERROR) {
618 if (debug)
619 log_f ("connect: failed.\r\n");
620 closesocket (fd);
621 return WPTERR_WINSOCK_CONNECT;
622 }
623
624 if (conn_fd)
625 *conn_fd = fd;
626 WSASetLastError (0);
627 return 0;
628 } /* kserver_connect */
629
630
631 static char*
632 kserver_urlencode (const char *pubkey, size_t octets, size_t *newlen)
633 {
634 char *p, numbuf[5];
635 size_t j = 0;
636 size_t i, size;
637
638 p = new char [2*octets];
639 if (!p)
640 BUG (0);
641
642 for (size=0, i=0; i < octets; i++) {
643 if (isalnum (pubkey[i]) || pubkey[i] == '-') {
644 p[size] = pubkey[i];
645 size++;
646 }
647 else if (pubkey[i] == ' ') {
648 p[size] = '+';
649 size++;
650 }
651 else {
652 sprintf(numbuf, "%%%02X", pubkey[i]);
653 for (j = 0; j<strlen(numbuf); j++) {
654 p[size] = numbuf[j];
655 size++;
656 }
657 }
658 }
659 p[size] = '\0';
660 *newlen = size;
661 return p;
662 } /* kserver_urlencode */
663
664
665 /*
666 * Format a request for the given keyid (send).
667 */
668 static char*
669 kserver_send_request (const char *hostname, u16 port, const char *pubkey, int octets)
670 {
671 char *request = NULL, *enc_pubkey = NULL;
672 int reqlen;
673 size_t enc_octets;
674
675 if (debug)
676 log_f ("kserver_send_request: %s:%d\n", hostname, port);
677 if (!port)
678 port = HKP_PORT;
679 reqlen = 512 + strlen (hostname) + 2*strlen (pubkey);
680 request = new char[reqlen];
681 if (!request)
682 BUG (0);
683 enc_pubkey = kserver_urlencode (pubkey, octets, &enc_octets);
684 if (!enc_pubkey || !enc_octets) {
685 free_if_alloc (request);
686 return NULL;
687 }
688
689 if (proxy.user) {
690 _snprintf (request, reqlen-1,
691 "POST http://%s:%d/pks/add HTTP/1.0\r\n"
692 "Referer: \r\n"
693 "User-Agent: WinPT/W32\r\n"
694 "Host: %s:%d\r\n"
695 "Proxy-Authorization: Basic %s\r\n"
696 "Content-type: application/x-www-form-urlencoded\r\n"
697 "Content-length: %d\r\n"
698 "\r\n"
699 "keytext=%s"
700 "\n",
701 skip_type_prefix (hostname), port, hostname, port,
702 proxy.base64_user, enc_octets+9, enc_pubkey);
703 }
704 else {
705 _snprintf (request, reqlen-1,
706 "POST /pks/add HTTP/1.0\r\n"
707 "Referer: \r\n"
708 "User-Agent: WinPT/W32\r\n"
709 "Host: %s:%d\r\n"
710 "Content-type: application/x-www-form-urlencoded\r\n"
711 "Content-length: %d\r\n"
712 "\r\n"
713 "keytext=%s"
714 "\n",
715 skip_type_prefix (hostname), port, enc_octets+9, enc_pubkey);
716 }
717 free_if_alloc (enc_pubkey);
718 if (debug)
719 log_f ("%s\n", request);
720 return request;
721 } /* kserver_send_request */
722
723
724 /*
725 * Interface receiving a public key.
726 */
727 int
728 kserver_recvkey (const char *hostname, u16 port, const char *keyid, char *key, int maxkeylen)
729 {
730 int rc, n;
731 int conn_fd;
732 char *request = NULL;
733
734 if (!port)
735 port = HKP_PORT;
736 hkp_err = 0; /* reset */
737 rc = kserver_connect (hostname, port, &conn_fd);
738 if (rc)
739 goto leave;
740
741 request = new char[300+1];
742 if (!request)
743 BUG (0);
744
745 if (proxy.host && proxy.user) {
746 _snprintf (request, 300,
747 "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n"
748 "Proxy-Authorization: Basic %s\r\n\r\n",
749 skip_type_prefix (hostname), port, keyid, proxy.base64_user);
750 }
751 else if (proxy.host) {
752 _snprintf (request, 300,
753 "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n",
754 skip_type_prefix (hostname), port, keyid);
755 }
756 else {
757 _snprintf (request, 300,
758 "GET /pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n", keyid);
759 }
760 if (debug)
761 log_f ("%s\r\n", request);
762
763 rc = sock_write (conn_fd, request, strlen (request));
764 if (rc == SOCKET_ERROR) {
765 rc = WPTERR_WINSOCK_RECVKEY;
766 goto leave;
767 }
768
769 rc = sock_read( conn_fd, key, maxkeylen, &n );
770 if( rc == SOCKET_ERROR ) {
771 rc = WPTERR_WINSOCK_RECVKEY;
772 goto leave;
773 }
774
775 if (debug)
776 log_f("%s\r\n", key);
777 rc = check_hkp_response (key, 1);
778 if (rc)
779 goto leave;
780
781 WSASetLastError (0);
782
783 leave:
784 closesocket (conn_fd);
785 free_if_alloc (request);
786 return rc;
787 } /* kserver_recvkey */
788
789
790 /*
791 * Interface to send a public key.
792 */
793 int
794 kserver_sendkey (const char *hostname, u16 port, const char *pubkey, int len )
795 {
796 int n, rc;
797 int conn_fd;
798 char *request = NULL;
799 char log[2048];
800
801 hkp_err = 0; /* reset */
802 rc = kserver_connect (hostname, port, &conn_fd);
803 if (rc)
804 goto leave;
805
806 request = kserver_send_request (hostname, port, pubkey, len);
807 if (request == NULL) {
808 rc = WPTERR_GENERAL;
809 goto leave;
810 }
811
812 rc = sock_write( conn_fd, request, lstrlen(request) );
813 if( rc == SOCKET_ERROR ) {
814 rc = WPTERR_WINSOCK_SENDKEY;
815 goto leave;
816 }
817
818 rc = sock_read( conn_fd, log, sizeof (log)-1, &n );
819 if( rc == SOCKET_ERROR ) {
820 rc = WPTERR_WINSOCK_SENDKEY;
821 goto leave;
822 }
823 if (debug)
824 log_f ("kserver_sendkey:\r\n%s\r\n", log);
825
826 rc = check_hkp_response (log, 0);
827 if( rc )
828 goto leave;
829
830 WSASetLastError (0);
831
832 leave:
833 closesocket (conn_fd);
834 free_if_alloc (request);
835 return rc;
836 } /* kserver_sendkey */
837
838
839 int
840 kserver_search_init (const char * hostname, u16 port, const char * keyid, int * conn_fd)
841 {
842 int rc, sock_fd;
843 int n=0;
844 char * request = NULL;
845
846 rc = kserver_connect (hostname, port, &sock_fd);
847 if (rc) {
848 *conn_fd = 0;
849 goto leave;
850 }
851
852 n=300;
853 request = new char[n+1];
854 if (!request)
855 BUG (0);
856
857 if (proxy.host && proxy.user) {
858 _snprintf (request, n,
859 "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n"
860 "Proxy-Authorization: Basic %s\r\n\r\n",
861 skip_type_prefix (hostname), port, keyid, proxy.base64_user);
862 }
863 else if (proxy.host) {
864 _snprintf (request, n,
865 "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n",
866 skip_type_prefix (hostname), port, keyid);
867 }
868 else {
869 _snprintf (request, n,
870 "GET /pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n", keyid);
871 }
872
873 if (debug)
874 log_f ("kserver_search_init:\r\n%s\r\n", request);
875
876 if (sock_write (sock_fd, request, strlen (request)) == SOCKET_ERROR) {
877 rc = WPTERR_GENERAL;
878 goto leave;
879 }
880
881 *conn_fd = sock_fd;
882
883 leave:
884 free_if_alloc (request);
885 return rc;
886 } /* kserver_search_init */
887
888
889 int
890 kserver_search_chkresp (int fd)
891 {
892 char buf[128];
893 int n=0;
894
895 /* parse response 'HTTP/1.0 500 OK' */
896 if (sock_getline (fd, buf, 127, &n))
897 return WPTERR_KEYSERVER_NOTFOUND;
898 if (debug)
899 log_f ("kserver_search_chkpresp: %s\r\n", buf);
900 if (strncmp (buf, "HTTP/1.", 7))
901 return WPTERR_KEYSERVER_NOTFOUND;
902 if (strncmp (buf+(8+1), "200", 3))
903 return WPTERR_KEYSERVER_NOTFOUND;
904 return 0;
905 } /* kserver_search_chkresp */
906
907
908 int
909 kserver_search (int fd, keyserver_key * key)
910 {
911 char buf[1024], *p;
912 int uidlen, nbytes, pos = 0;
913
914 if (debug)
915 log_f ("keyserver_search:\n");
916
917 if (sock_getline (fd, buf, sizeof (buf) - 1, &nbytes))
918 return WPTERR_GENERAL;
919
920 if (debug)
921 log_f ("%s\n", buf);
922
923 if (!strncmp (buf, "pub", 3)) {
924 int revoked = strstr (buf, "KEY REVOKED") != NULL? 1 : 0;
925 key->bits = atol (buf+3);
926 p = strchr (buf, '>');
927 if (!p)
928 goto fail;
929 pos = p - buf + 1;
930 memcpy (key->keyid, buf + pos, 8);
931 key->keyid[8] = '\0';
932 p = strstr (buf, "</a>");
933 if (!p)
934 goto fail;
935 pos = p - buf + 5;
936 memcpy (key->date, buf + pos, 10);
937 key->date[10] = '\0';
938 if (revoked) {
939 strcpy (key->uid, "KEY REVOKED: not checked");
940 return 0;
941 }
942 pos += 10;
943 p = buf + pos + 1;
944 while (p && *p != '>')
945 p++;
946 p++;
947 uidlen = strlen (p) - 10;
948 memcpy (key->uid, p, uidlen);
949 key->uid[uidlen] = '\0';
950 strcat (key->uid, ">");
951 p = strchr (key->uid, '&');
952 if (p) {
953 key->uid[(p-key->uid)] = '<';
954 memmove (key->uid+(p-key->uid)+1, key->uid+(p-key->uid)+4, strlen (key->uid)-3);
955 }
956 return 0;
957 }
958
959 fail:
960 key->bits = 0;
961 memset (key, 0, sizeof *key);
962 return 0;
963 } /* kserver_search */
964
965
966 static int
967 add_node( keyserver_cfgfile *cfg, const char *entry )
968 {
969 keyserver_node *node;
970 char *p = NULL;
971
972 p = strchr( entry, '=' );
973 if( p == NULL )
974 return WPTERR_GENERAL;
975 node = new keyserver_node;
976 if( !node )
977 BUG( NULL );
978
979 memset( node, 0, sizeof *node );
980 node->used = 1;
981
982 node->host.used = 1;
983 node->host.proto = proto_from_URL( entry );
984 memcpy( node->host.name, entry+7, p-entry-7 );
985 node->next = cfg->list;
986 cfg->list = node;
987
988 return 0;
989 } /* add_node */
990
991
992 void
993 kserver_change_proxy( keyserver_proxy_ctx *ctx )
994 {
995 proxy.port = ctx->port;
996 free_if_alloc (proxy.host);
997 proxy.host = ctx->host? m_strdup( ctx->host ) : NULL;
998 free_if_alloc( proxy.pass );
999 proxy.pass = ctx->pass? m_strdup( ctx->pass ) : NULL;
1000 free_if_alloc( proxy.user );
1001 proxy.user = ctx->user? m_strdup( ctx->user ) : NULL;
1002 set_reg_proxy_prefs( proxy.host, proxy.port, proxy.user, proxy.pass );
1003 } /* kserver_change_proxy */
1004
1005
1006 int
1007 kserver_read_config( const char *fname, keyserver_cfgfile **ret_cfg )
1008 {
1009 FILE *fp;
1010 keyserver_cfgfile *cfg;
1011 char buf[256];
1012 int rc = 0;
1013
1014 *ret_cfg = NULL;
1015 fp = fopen( fname, "rb" );
1016 if( fp == NULL )
1017 return WPTERR_FILE_OPEN;
1018
1019 cfg = new keyserver_cfgfile;
1020 if ( !cfg )
1021 BUG( NULL );
1022 memset( cfg, 0, sizeof *cfg );
1023
1024 while ( !feof( fp ) ) {
1025 if ( fgets( buf, sizeof(buf)-1, fp ) == NULL )
1026 break;
1027 if ( *buf == '\r' || *buf == '\n' || *buf == '#' )
1028 continue;
1029 buf[strlen(buf) -2] = '\0';
1030 if ( !strncmp( buf, "use_proxy=", 10 ) ) {
1031 char *p = strchr(buf, ':');
1032 if (!p)
1033 continue;
1034 cfg->proxy.port = atol( buf+(p-buf+1) );
1035 buf[p-buf] = '\0';
1036 cfg->proxy.host = m_strdup( buf+10 );
1037 }
1038 else if ( !strncmp( buf, "proxy_user=", 11 ) )
1039 cfg->proxy.user = m_strdup( buf+11 );
1040 else if ( !strncmp( buf, "proxy_pass=", 11 ) )
1041 cfg->proxy.pass = m_strdup( buf+11 );
1042 if ( !strncmp( buf, "http://", 7 )
1043 || !strncmp( buf, "hkp://", 6 )
1044 || !strncmp( buf, "ldap://", 7 ) ) {
1045 add_node( cfg, buf );
1046 cfg->nlist++;
1047 }
1048 }
1049
1050 fclose( fp );
1051 *ret_cfg = cfg;
1052
1053 return rc;
1054 } /* kserver_read_config */
1055
1056
1057 int
1058 kserver_write_config( const char * fname, keyserver_cfgfile * cfg )
1059 {
1060
1061 return 0;
1062 }
1063
1064
1065 void
1066 kserver_cfgfile_release( keyserver_cfgfile *cfg )
1067 {
1068 keyserver_node *k, *k2;
1069
1070 proxy_release( &cfg->proxy );
1071 for( k = cfg->list; cfg->nlist--; k = k2 ) {
1072 k2 = k->next;
1073 free_if_alloc( k );
1074 }
1075 free_if_alloc( cfg );
1076 } /* kserver_cfgfile_release */
1077
1078
1079 void
1080 proxy_release( keyserver_proxy_ctx *ctx )
1081 {
1082 free_if_alloc( ctx->host );
1083 free_if_alloc( ctx->pass );
1084 free_if_alloc( ctx->user );
1085 } /* proxy_release */
1086
1087
1088 int
1089 ldap_recvkey (const char * host, const char * keyid, char * key, int maxkeylen)
1090 {
1091 const char *s;
1092 char *ksprg = NULL, *p = NULL;
1093 char temp[512], outf[512];
1094 FILE * inp;
1095 int rc, start_key = 0;
1096 STARTUPINFO si;
1097 PROCESS_INFORMATION pi;
1098
1099 p = get_gnupg_path ();
1100 ksprg = new char[strlen (p) + 1 + 128];
1101 if (!ksprg)
1102 BUG (0);
1103 strcpy (ksprg, p);
1104 strcat (ksprg, "\\");
1105 strcat (ksprg, "gpgkeys_ldap.exe");
1106 free_if_alloc (p);
1107 if (file_exist_check (ksprg)) {
1108 log_box ( "LDAP Keyserver Plugin", MB_ERR, "Could not find LDAP keyserver module!");
1109 rc = -1;
1110 goto leave;
1111 }
1112 GetTempPath (sizeof (temp)-1, temp);
1113 strcpy (outf, temp);
1114 strcat (outf, keyid);
1115 strcat (outf, ".out");
1116 strcat (temp, keyid);
1117 inp = fopen (temp, "w+b");
1118 if( !inp ) {
1119 log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", temp,
1120 winpt_strerror (WPTERR_FILE_OPEN));
1121 rc = -1;
1122 goto leave;
1123 }
1124 fprintf (inp,
1125 "VERSION 0\n"
1126 "HOST %s\n"
1127 "OPTION verbose\n"
1128 "COMMAND GET\n"
1129 "\n"
1130 "%s\n", host? skip_type_prefix (host): "64.94.85.200", keyid);
1131 fclose (inp);
1132
1133 memset (&si, 0, sizeof (si));
1134 si.cb = sizeof (si);
1135 si.dwFlags = STARTF_USESHOWWINDOW;
1136 si.wShowWindow = SW_HIDE;
1137 memset (&pi, 0, sizeof (pi));
1138 p = new char[strlen (ksprg) + strlen (temp) + strlen (outf) + 32];
1139 sprintf (p, "%s -o %s %s", ksprg, outf, temp);
1140 rc = CreateProcess (NULL, p, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi);
1141 if (!rc) {
1142 log_box ("LDAP Keyserver Plugin", MB_ERR, "Could not spawn process");
1143 rc = -1;
1144 goto leave;
1145 }
1146 CloseHandle (pi.hThread);
1147 WaitForSingleObject (pi.hProcess, INFINITE);
1148 CloseHandle (pi.hProcess);
1149
1150 inp = fopen (outf, "rb");
1151 if (!inp) {
1152 log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", outf,
1153 winpt_strerror (WPTERR_FILE_OPEN));
1154 rc = -1;
1155 goto leave;
1156 }
1157 memset (key, 0, maxkeylen);
1158 while( !feof( inp ) ) {
1159 s = fgets( temp, sizeof (temp)-1, inp );
1160 if( !s )
1161 break;
1162 if( !start_key && strstr( s, "KEY" ) && strstr( s, "BEGIN" ) ) {
1163 start_key = 1;
1164 continue;
1165 }
1166 if( !start_key )
1167 continue;
1168 strcat( key, temp );
1169 maxkeylen -= strlen( temp );
1170 if( maxkeylen < 0 || (strstr( s, "KEY" ) && strstr( s, "END" )) )
1171 break;
1172 }
1173 fclose( inp );
1174
1175 leave:
1176 if( !strlen( key ) )
1177 rc = WPTERR_WINSOCK_RECVKEY;
1178 free_if_alloc( p );
1179 free_if_alloc( ksprg );
1180 return rc;
1181 } /* ldap_recvkey */
1182
1183
1184 static int
1185 finger_readline (int fd, char * buf, int nbytes)
1186 {
1187 char c = 0;
1188 int n, pos = 0;
1189
1190 while (nbytes > 0) {
1191 n = recv (fd, &c, 1, 0);
1192 if (n <= 0)
1193 break;
1194 if (c == '\n')
1195 break;
1196 buf[pos++] = c;
1197 nbytes--;
1198 }
1199 if (nbytes > 0)
1200 buf[pos++] = '\0';
1201 if (n <= 0)
1202 pos = n;
1203 return pos;
1204 }
1205
1206
1207 int
1208 finger_recvkey (const char * host, const char * user, char * key, int maxkeylen)
1209 {
1210 struct hostent * hp;
1211 struct sockaddr_in saddr;
1212 char buf[128];
1213 int fd, nread;
1214 int start_key = 0;
1215 int rc=0;
1216
1217 fd = socket (PF_INET, SOCK_STREAM, 0);
1218 if (fd == -1)
1219 return WPTERR_WINSOCK_SOCKET;
1220 hp = gethostbyname (skip_type_prefix (host));
1221 if (!hp) {
1222 closesocket (fd);
1223 return WPTERR_WINSOCK_RESOLVE;
1224 }
1225
1226 memset (&saddr, 0, sizeof (saddr));
1227 saddr.sin_family = AF_INET;
1228 saddr.sin_port = htons (FINGER_PORT);
1229 saddr.sin_addr = *(struct in_addr *)hp->h_addr;
1230 if (connect (fd, (struct sockaddr *)&saddr, sizeof (saddr))) {
1231 closesocket (fd);
1232 return WPTERR_WINSOCK_CONNECT;
1233 }
1234 send (fd, user, strlen (user), 0);
1235 send (fd, "\r\n", 2, 0);
1236
1237 memset (key, 0, maxkeylen);
1238 while (maxkeylen > 0) {
1239 nread = finger_readline (fd, buf, sizeof (buf)-1);
1240 if (nread <= 0)
1241 break;
1242 strcat (buf, "\n");
1243 if (strstr (buf, "BEGIN PGP PUBLIC KEY BLOCK")) {
1244 strcat (key, buf);
1245 start_key = 1;
1246 maxkeylen -= nread;
1247 }
1248 else if (strstr (buf, "END PGP PUBLIC KEY BLOCK" ) && start_key) {
1249 strcat (key, buf);
1250 start_key--;
1251 maxkeylen -= nread;
1252 break;
1253 }
1254 else if (start_key) {
1255 strcat (key, buf);
1256 maxkeylen -= nread;
1257 }
1258 }
1259 closesocket (fd);
1260 if (start_key != 0)
1261 rc = WPTERR_WINSOCK_RECVKEY;
1262 return rc;
1263 }
1264
1265
1266 int
1267 check_IP_or_hostname (const char *name)
1268 {
1269 const char *not_allowed = "=!ยง$%&@#*~\\/}][{<>|,;:'";
1270 size_t i, j;
1271
1272 for (i=0; i < strlen (name); i++) {
1273 for (j =0; j < strlen (not_allowed); j++) {
1274 if (name[i] == not_allowed[j])
1275 return -1;
1276 }
1277 }
1278 return 0;
1279 }
[email protected]
 ViewVC Help
Powered by ViewVC 1.1.26