/[winpt]/trunk/Src/wptKeyserver.cpp
ViewVC logotype

Contents of /trunk/Src/wptKeyserver.cpp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 48 - (show annotations)
Mon Oct 31 21:14:11 2005 UTC (19 years, 4 months ago) by werner
File size: 31084 byte(s) 
More changes.  Compiles again but there are at least gettext issues with
w32-gettext.c.  I can't get a gpg-error build with ENABLE_NLS.
1 /* wptKeyserver.cpp - W32 Keyserver Access
2 * Copyright (C) 2000-2005 Timo Schulz
3 * Copyright (C) 2001 Marco Cunha
4 *
5 * This file is part of WinPT.
6 *
7 * WinPT is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
11 *
12 * WinPT is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with WinPT; if not, write to the Free Software Foundation,
19 * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21
22 #ifdef HAVE_CONFIG_H
23 #include <config.h>
24 #endif
25
26 #include <windows.h>
27 #include <stdio.h>
28 #include <sys/stat.h>
29 #include <ctype.h>
30
31 #include "wptKeyserver.h"
32 #include "wptErrors.h"
33 #include "wptTypes.h"
34 #include "wptNLS.h"
35 #include "wptW32API.h"
36 #include "wptVersion.h"
37 #include "wptGPG.h"
38 #include "wptRegistry.h"
39
40 static char base64code[] =
41 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
42
43 keyserver server[MAX_KEYSERVERS] = {0};
44 static keyserver_proxy_ctx proxy = {0};
45 static const char * server_list[] = {
46 "hkp://wwwkeys.nl.pgp.net",
47 "hkp://wwwkeys.pl.pgp.net",
48 "hkp://wwwkeys.at.pgp.net",
49 "hkp://wwwkeys.ch.pgp.net",
50 "hkp://wwwkeys.de.pgp.net",
51 "hkp://wwwkeys.dk.pgp.net",
52 "hkp://wwwkeys.cz.pgp.net",
53 "hkp://wwwkeys.es.pgp.net",
54 "hkp://wwwkeys.eu.pgp.net",
55 "hkp://wwwkeys.uk.pgp.net",
56 "hkp://wwwkeys.us.pgp.net",
57 "hkp://gnv.us.ks.cryptnet.net",
58 "hkp://subkeys.pgp.net",
59 "ldap://keyserver.pgp.com",
60 NULL
61 };
62 static char hkp_errmsg[1024];
63 static int hkp_err = 0;
64 static u32 conf_timestamp = 0;
65 char * default_keyserver = NULL;
66 unsigned short default_keyserver_port = 0;
67
68
69 static void
70 base64_encode( const char *inputstr, char *outputstr, int maxlen )
71 {
72 int index = 0, temp = 0, res = 0, i = 0, inputlen = 0, len = 0;
73
74 inputlen = strlen (inputstr); /* fixme: check if len > maxlen */
75 for (i = 0; i <inputlen; i++) {
76 res = temp;
77 res = (res << 8) | (inputstr[i] & 0xFF);
78 switch (index++) {
79 case 0: outputstr[len++] = base64code[res >> 2 & 0x3F]; res &= 0x3; break;
80 case 1: outputstr[len++] = base64code[res >> 4 & 0x3F]; res &= 0xF; break;
81 case 2: outputstr[len++] = base64code[res >> 6 & 0x3F];
82 outputstr[len++] = base64code[res & 0x3F]; res = index = 0; break;
83 }
84 temp = res;
85 }
86
87 switch( index ) {
88 case 0: break;
89 case 2: outputstr[len++] = base64code[temp << 2 & 0x3F];
90 outputstr[len++] = '='; break;
91 case 1: outputstr[len++] = base64code[temp << 4 & 0x3F];
92 outputstr[len++] = '=';
93 outputstr[len++] = '=';
94 }
95
96 outputstr[len] = '\0';
97 } /* base64_encode */
98
99
100 /* Skip the URL schema and return only the host part of it. */
101 static const char *
102 skip_type_prefix (const char * hostname)
103 {
104 if (hostname && !strncmp (hostname, "http://", 7))
105 hostname += 7;
106 else if (hostname && !strncmp (hostname, "hkp://", 6))
107 hostname += 6;
108 else if (hostname && !strncmp (hostname, "finger://", 9))
109 hostname += 9;
110 else if (hostname && !strncmp (hostname, "ldap://", 7))
111 hostname += 7;
112 return hostname;
113 }
114
115
116 /* Check that the keyserver response indicates an OK.
117 Return 0 on success. */
118 static int
119 check_hkp_response (const char *resp, int recv)
120 {
121 int ec, len;
122 char *p, * end;
123
124 ec = recv ? WPTERR_WINSOCK_RECVKEY : WPTERR_WINSOCK_SENDKEY;
125 if (!strstr (resp, "HTTP/1.0 200 OK") &&
126 !strstr (resp, "HTTP/1.1 200 OK")) /* http error */
127 return ec;
128 if (strstr (resp, "Public Key Server -- Error")
129 || strstr (resp, "Public Key Server -- Error")
130 || strstr (resp, "No matching keys in database")) {
131 p = strstr (resp, "<p>");
132 if (p && strlen (p) < sizeof (hkp_errmsg)) {
133 end = strstr (p, "</p>");
134 len = end? (end - p + 1) : strlen (p);
135 strncpy (hkp_errmsg, p, len);
136 hkp_err = 1;
137 }
138 return ec;
139 }
140 return 0;
141 }
142
143
144 /* Read a single line (\r\n) from a socket.
145 Return 0 on success. */
146 static int
147 sock_getline (int fd, char *buf, int buflen, int *nbytes)
148 {
149 char ch;
150 int count = 0;
151
152 if (nbytes)
153 *nbytes = 0;
154 *buf = 0;
155 while (recv (fd, &ch, 1, 0) > 0) {
156 *buf++ = ch;
157 count++;
158 if (ch == '\n' || count == (buflen - 1)) {
159 *buf = 0;
160 if (nbytes)
161 *nbytes = count;
162 return 0;
163 }
164 }
165
166 return -1;
167 }
168
169
170 /* Perform a select() on the given fd to find out
171 is there is data for reading. Wait at least @nsecs seconds. */
172 static int
173 sock_select (int fd, int nsecs)
174 {
175 FD_SET rfd;
176 timeval tv = {nsecs, 0};
177
178 FD_ZERO (&rfd);
179 FD_SET (fd, &rfd);
180 if (select (fd + 1, &rfd, NULL, NULL, &tv) == SOCKET_ERROR)
181 return SOCKET_ERROR;
182 if (FD_ISSET (fd, &rfd))
183 return 1;
184 return 0;
185 }
186
187
188 /* Read from a socket with a fixed timeout of 10 seconds.
189 Return value: 0 on success. */
190 static int
191 sock_read (int fd, char *buf, int buflen, int *nbytes)
192 {
193 DWORD nread;
194 int nleft = buflen;
195 int rc, n = 0;
196
197 while (nleft > 0) {
198 if (n >= 10)
199 return WPTERR_WINSOCK_TIMEOUT;
200 rc = sock_select (fd, 1);
201 if (rc == SOCKET_ERROR)
202 return SOCKET_ERROR;
203 else if( !rc )
204 n++;
205 else {
206 nread = recv (fd, buf, nleft, 0);
207 if (nread == SOCKET_ERROR)
208 return SOCKET_ERROR;
209 else if (!nread)
210 break;
211 nleft -= nread;
212 buf += nread;
213 }
214 }
215 if (nbytes)
216 *nbytes = buflen - nleft;
217
218 return 0;
219 }
220
221
222 /* Write @buf to a socket @fd. */
223 static int
224 sock_write (int fd, const char *buf, int buflen)
225 {
226 DWORD nwritten;
227 int nleft = buflen;
228
229 while (nleft > 0) {
230 nwritten = send (fd, buf, nleft, 0);
231 if (nwritten == SOCKET_ERROR)
232 return SOCKET_ERROR;
233 nleft -= nwritten;
234 buf += nwritten;
235 }
236
237 return 0;
238 }
239
240
241 void
242 set_default_kserver (void)
243 {
244 char * p = get_reg_entry_keyserver ("Default");
245 free_if_alloc (default_keyserver);
246 default_keyserver = p && *p != ' ' ? p : m_strdup (DEF_HKP_KEYSERVER);
247 p = get_reg_entry_keyserver ("Default_Port");
248 if (p && *p) {
249 default_keyserver_port = (u16)strtoul (p, NULL, 10);
250 free_if_alloc (p);
251 }
252 else
253 default_keyserver_port = HKP_PORT;
254 }
255
256
257 /* Initialize the Winsock2 interface.*/
258 int
259 wsock_init (void)
260 {
261 WSADATA wsa;
262
263 if (WSAStartup (0x202, &wsa))
264 return WPTERR_WINSOCK_INIT;
265 set_default_kserver ();
266 return 0;
267 }
268
269
270 /* Cleanup the Winsock2 interface. */
271 void
272 wsock_end (void)
273 {
274 int i;
275
276 free_if_alloc (default_keyserver);
277 default_keyserver = NULL;
278 for (i=0; i < MAX_KEYSERVERS; i++) {
279 if (server[i].used)
280 free_if_alloc (server[i].name);
281 }
282 WSACleanup ();
283 }
284
285
286 /* Return a string representation of a winsock error. */
287 const char*
288 wsock_strerror (void)
289 {
290 static char buf[384];
291 int ec = WSAGetLastError ();
292
293 switch (ec) {
294 case WSAENETDOWN:
295 return _("The network subsystem has failed");
296 case WSAHOST_NOT_FOUND:
297 return _("Authoritative Answer Host not found");
298 case WSAETIMEDOUT:
299 return _("The connection has been dropped because of a network failure");
300 default:
301 _snprintf (buf, sizeof (buf) -1, _("Unknown Winsock error ec=%d"),ec);
302 return buf;
303 }
304 return NULL;
305 }
306
307
308 /* Return the last keyserver error as a string. */
309 const char*
310 kserver_strerror (void)
311 {
312 if (hkp_err)
313 return hkp_errmsg;
314 return NULL;
315 }
316
317
318 /* Read a keyserver from the list at index @idx.
319 Return value: keyserver name at the given position. */
320 const char*
321 kserver_get_hostname (int idx, int type, u16 *port)
322 {
323 if (type == -1) {
324 *port = default_keyserver_port;
325 return default_keyserver;
326 }
327 else if (!type && idx < DIM (server_list)) {
328 *port = HKP_PORT;
329 return server_list[idx];
330 }
331 return NULL;
332 }
333
334
335 /* Check if the computer is connected to the internet.
336 Return 0 on success -1 otherwise. */
337 int
338 kserver_check_inet_connection (void)
339 {
340 int fd;
341
342 if (!kserver_connect (default_keyserver, default_keyserver_port, &fd)) {
343 closesocket (fd);
344 return 0;
345 }
346 return -1;
347 }
348
349
350 /*
351 * If the request contains the keyid, it have to be
352 * always postfix with '0x'+keyid. This code checks
353 * if the keyid is a decimal value and if so if it contains
354 * the '0x'. If not it is inserted.
355 */
356 const char*
357 kserver_check_keyid (const char *keyid)
358 {
359 static char id[20];
360
361 if (strstr (keyid, "@"))
362 return keyid; /* email address */
363 if (strncmp (keyid, "0x", 2)) {
364 memset (&id, 0, sizeof (id));
365 _snprintf (id, sizeof (id)-1, "0x%s", keyid);
366 return id;
367 }
368 return keyid;
369 } /* kserver_check_keyid */
370
371
372 static void
373 kserver_update_proxyuser (const char *proxy_user, const char *proxy_pass)
374 {
375 char t[257]; /* user:pass = 127+1+127+1 = 257 */
376 int n = 0;
377
378 n = 4*strlen (proxy_user) / 3 + 32 + strlen (proxy_pass) + 2;
379 free_if_alloc (proxy.base64_user);
380 proxy.base64_user = new char[n];
381 if (!proxy.base64_user)
382 BUG (0);
383 _snprintf (t, sizeof (t)-1, "%s:%s", proxy_user, proxy_pass);
384 base64_encode (t, proxy.base64_user, 257);
385 free_if_alloc (proxy.user);
386 free_if_alloc (proxy.pass);
387 proxy.user = m_strdup (proxy_user);
388 proxy.pass = m_strdup (proxy_pass);
389 } /* kserver_update_proxyuser */
390
391
392 /* Check that the given buffer contains a valid keyserver URL. */
393 static int
394 check_URL (const char * buf)
395 {
396 if (strlen (buf) < 7)
397 return -1;
398 if (!strstr (buf, "ldap://")
399 && !strstr (buf, "http://")
400 && !strstr (buf, "finger://")
401 && !strstr (buf, "hkp://"))
402 return -1;
403 return 0;
404 }
405
406
407 /* Get the port number from the given protocol. */
408 static int
409 port_from_proto (int proto)
410 {
411 switch (proto) {
412 case KSPROTO_LDAP: return 0;
413 case KSPROTO_FINGER: return FINGER_PORT;
414 case KSPROTO_HTTP: return HKP_PORT;
415 }
416 return 0;
417 }
418
419
420 /* Get the port number from the given URL. */
421 static int
422 proto_from_URL (const char * buf)
423 {
424 if (strstr( buf, "ldap"))
425 return KSPROTO_LDAP;
426 else if (strstr( buf, "finger"))
427 return KSPROTO_FINGER;
428 return KSPROTO_HKP;
429 }
430
431
432 void
433 keyserver_set_default (const char * hostname, u16 port)
434 {
435 if (hostname) {
436 free_if_alloc (default_keyserver);
437 default_keyserver = m_strdup (hostname);
438 if (!default_keyserver)
439 BUG (0);
440 default_keyserver_port = port;
441 }
442 server[0].name = m_strdup (default_keyserver);
443 server[0].used = 1;
444 server[0].port = port;
445 server[0].proto = proto_from_URL (default_keyserver);
446 } /* keyserver_set_default */
447
448
449 static const char *
450 skip_whitespace (const char * str)
451 {
452 while (str && *str)
453 {
454 if (*str == ' ' ||
455 *str == '\t' ||
456 *str == '\n' ||
457 *str == '\r')
458 {
459 str++;
460 continue;
461 }
462 break;
463 }
464 return str;
465 }
466
467
468 int
469 kserver_load_conf (const char * conf)
470 {
471 struct stat statbuf;
472 FILE *fp;
473 char buf[1024], * s, * p;
474 char *user = NULL, *pass = NULL;
475 int pos, proxy_auth = 0;
476 int no_config=0, chk_pos=0;
477
478 for (pos = 0; pos < MAX_KEYSERVERS; pos++) {
479 server[pos].used = 0;
480 server[pos].port = HKP_PORT;
481 }
482
483 fp = fopen (conf, "rb");
484 if (!fp) {
485 for (pos = 0; server_list[pos]; pos++) {
486 server[pos].used = 1;
487 server[pos].name = m_strdup (server_list[pos]);
488 server[pos].proto = proto_from_URL (server_list[pos]);
489 }
490 no_config=1;
491 }
492 get_reg_proxy_prefs (&proxy.host, &proxy.port, &user, &pass);
493 if (user && pass)
494 kserver_update_proxyuser (user, pass);
495 else if (user && !pass || !user && pass) {
496 msg_box( NULL, _("Invalid proxy configuration."
497 "You need to set a user and a password"
498 "to use proxy authentication!"), _("Proxy Error"), MB_ERR );
499 }
500 /* check if the host has a http:// prefix and skip it */
501 if( proxy.host && !strncmp( proxy.host, "http://", 7 ) ) {
502 const char *s = proxy.host+7;
503 char * p = m_strdup (s);
504 if (!p)
505 BUG (0);
506 free_if_alloc (proxy.host);
507 proxy.host = p;
508 }
509 free_if_alloc (user);
510 free_if_alloc (pass);
511
512 pos = 0;
513 while( fp && !feof( fp ) ) {
514 s = fgets (buf, sizeof (buf)-1, fp);
515 if (!s)
516 break;
517 if (strstr (buf, "\r\n"))
518 buf[strlen (buf)-2] = '\0';
519 if (strstr (buf, "\n"))
520 buf[strlen (buf)-1] = '\0';
521 s = (char *)skip_whitespace (buf);
522 if (*s == '#' || strlen (s) < 7)
523 continue;
524 if (check_URL (s)) {
525 msg_box (NULL, _("All entries of this file must have a valid prefix.\n"
526 "Currently HKP/HTTP, LDAP and FINGER are supported.\n"),
527 _("Keyserver Error"), MB_ERR);
528 continue;
529 }
530 chk_pos=6;
531 if (strstr (s, "finger"))
532 chk_pos = 10;
533 p = strchr (s+chk_pos, ':');
534 server[pos].used = 1;
535 server[pos].proto = proto_from_URL (s);
536 server[pos].port = port_from_proto (server[pos].proto);
537 if (!p)
538 server[pos].name = m_strdup (s);
539 else {
540 server[pos].port = atol (p+1);
541 if (server[pos].port < 0 || server[pos].port > 65536)
542 server[pos].port = HKP_PORT;
543 server[pos].name = new char [(p-s)+2];
544 if (!server[pos].name)
545 BUG (0);
546 memset (server[pos].name, 0, (p-s)+2);
547 memcpy (server[pos].name, s, (p-s));
548 }
549 pos++;
550 if (pos > MAX_KEYSERVERS)
551 {
552 msg_box (NULL, _("The keyserver limit is exceeded"), _("Keyserver Warning"), MB_INFO);
553 break;
554 }
555 }
556 if (fp)
557 fclose (fp);
558 if (!pos)
559 {
560 /* only issue an error if the config file exist but it has no valid entries. */
561 keyserver_set_default (NULL, HKP_PORT);
562 if (!no_config)
563 return WPTERR_CONFIG_FILE;
564 }
565
566 if (!stat (conf, &statbuf))
567 conf_timestamp = statbuf.st_mtime;
568 return 0;
569 } /* kserver_load_conf */
570
571
572 const char *
573 kserver_get_proxy (int * r_port)
574 {
575 if (proxy.host) {
576 if (r_port)
577 *r_port = proxy.port;
578 return proxy.host;
579 }
580 return NULL;
581 } /* kserver_get_proxy */
582
583
584 const char *
585 kserver_get_proxy_info (int id)
586 {
587 switch (id) {
588 case PROXY_USER: return proxy.user;
589 case PROXY_PASS: return proxy.pass;
590 }
591 return NULL;
592 } /* kserver_get_proxy_info */
593
594
595 /* Connect to the keyserver @hostname. */
596 int
597 kserver_connect (const char *hostname, u16 port, int *conn_fd)
598 {
599 int rc, fd;
600 u32 iaddr;
601 char host[128] = {0};
602 struct hostent *hp;
603 struct sockaddr_in sock;
604
605 log_debug ("kserver_connect: %s:%d\r\n", hostname, port);
606
607 if (!port)
608 port = HKP_PORT;
609 if (conn_fd)
610 *conn_fd = 0;
611 hostname = skip_type_prefix (hostname);
612
613 memset (&sock, 0, sizeof (sock));
614 sock.sin_family = AF_INET;
615 sock.sin_port = proxy.host? htons (proxy.port) : htons (port);
616 if (proxy.host)
617 strncpy (host, proxy.host, 127);
618 else
619 strncpy (host, hostname, 127);
620
621 if ((iaddr = inet_addr (host)) != INADDR_NONE)
622 memcpy (&sock.sin_addr, &iaddr, sizeof (iaddr));
623 else if ((hp = gethostbyname (host))) {
624 if (hp->h_addrtype != AF_INET || hp->h_length != 4) {
625 log_debug ("gethostbyname: unknown address type.\r\n");
626 return WPTERR_WINSOCK_RESOLVE;
627 }
628 memcpy (&sock.sin_addr, hp->h_addr, hp->h_length);
629 }
630 else {
631 log_debug ("gethostbyname: failed.\r\n");
632 return WPTERR_WINSOCK_RESOLVE;
633 }
634 fd = socket (AF_INET, SOCK_STREAM, 0);
635 if (fd == INVALID_SOCKET)
636 return WPTERR_WINSOCK_SOCKET;
637 rc = connect (fd, (struct sockaddr *) &sock, sizeof (sock));
638 if (rc == SOCKET_ERROR) {
639 log_debug ("connect: failed.\r\n");
640 closesocket (fd);
641 return WPTERR_WINSOCK_CONNECT;
642 }
643
644 if (conn_fd)
645 *conn_fd = fd;
646 WSASetLastError (0);
647 return 0;
648 } /* kserver_connect */
649
650
651 /* Perform URL-encoding on the given pubkey blob. */
652 static char*
653 kserver_urlencode (const char *pubkey, size_t octets, size_t *newlen)
654 {
655 char *p, numbuf[5];
656 size_t j = 0;
657 size_t i, size;
658
659 p = new char [2*octets];
660 if (!p)
661 BUG (0);
662
663 for (size=0, i=0; i < octets; i++) {
664 if (isalnum (pubkey[i]) || pubkey[i] == '-') {
665 p[size] = pubkey[i];
666 size++;
667 }
668 else if (pubkey[i] == ' ') {
669 p[size] = '+';
670 size++;
671 }
672 else {
673 sprintf(numbuf, "%%%02X", pubkey[i]);
674 for (j = 0; j<strlen(numbuf); j++) {
675 p[size] = numbuf[j];
676 size++;
677 }
678 }
679 }
680 p[size] = '\0';
681 *newlen = size;
682 return p;
683 }
684
685
686 /* Format a request for the given keyid (send). */
687 static char*
688 kserver_send_request (const char *hostname, u16 port, const char *pubkey, int octets)
689 {
690 char *request = NULL, *enc_pubkey = NULL;
691 int reqlen;
692 size_t enc_octets;
693
694 log_debug ("kserver_send_request: %s:%d\n", hostname, port);
695
696 if (!port)
697 port = HKP_PORT;
698 reqlen = 512 + strlen (hostname) + 2*strlen (pubkey);
699 request = new char[reqlen];
700 if (!request)
701 BUG (0);
702 enc_pubkey = kserver_urlencode (pubkey, octets, &enc_octets);
703 if (!enc_pubkey || !enc_octets) {
704 free_if_alloc (request);
705 return NULL;
706 }
707
708 if (proxy.user) {
709 _snprintf (request, reqlen-1,
710 "POST http://%s:%d/pks/add HTTP/1.0\r\n"
711 "Referer: \r\n"
712 "User-Agent: WinPT/W32\r\n"
713 "Host: %s:%d\r\n"
714 "Proxy-Authorization: Basic %s\r\n"
715 "Content-type: application/x-www-form-urlencoded\r\n"
716 "Content-length: %d\r\n"
717 "\r\n"
718 "keytext=%s"
719 "\n",
720 skip_type_prefix (hostname), port, hostname, port,
721 proxy.base64_user, enc_octets+9, enc_pubkey);
722 }
723 else {
724 _snprintf (request, reqlen-1,
725 "POST /pks/add HTTP/1.0\r\n"
726 "Referer: \r\n"
727 "User-Agent: WinPT/W32\r\n"
728 "Host: %s:%d\r\n"
729 "Content-type: application/x-www-form-urlencoded\r\n"
730 "Content-length: %d\r\n"
731 "\r\n"
732 "keytext=%s"
733 "\n",
734 skip_type_prefix (hostname), port, enc_octets+9, enc_pubkey);
735 }
736 free_if_alloc (enc_pubkey);
737
738 log_debug ("%s\n", request);
739 return request;
740 } /* kserver_send_request */
741
742
743 /* Interface receiving a public key. */
744 int
745 kserver_recvkey (const char *hostname, u16 port, const char *keyid, char *key, int maxkeylen)
746 {
747 int rc, n;
748 int conn_fd;
749 char *request = NULL;
750
751 if (!port)
752 port = HKP_PORT;
753 hkp_err = 0; /* reset */
754 rc = kserver_connect (hostname, port, &conn_fd);
755 if (rc)
756 goto leave;
757
758 request = new char[300+1];
759 if (!request)
760 BUG (0);
761
762 if (proxy.host && proxy.user) {
763 _snprintf (request, 300,
764 "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n"
765 "Proxy-Authorization: Basic %s\r\n\r\n",
766 skip_type_prefix (hostname), port, keyid, proxy.base64_user);
767 }
768 else if (proxy.host) {
769 _snprintf (request, 300,
770 "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n",
771 skip_type_prefix (hostname), port, keyid);
772 }
773 else {
774 _snprintf (request, 300,
775 "GET /pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n", keyid);
776 }
777
778 log_debug ("%s\r\n", request);
779
780 rc = sock_write (conn_fd, request, strlen (request));
781 if (rc == SOCKET_ERROR) {
782 rc = WPTERR_WINSOCK_RECVKEY;
783 goto leave;
784 }
785
786 rc = sock_read( conn_fd, key, maxkeylen, &n );
787 if( rc == SOCKET_ERROR ) {
788 rc = WPTERR_WINSOCK_RECVKEY;
789 goto leave;
790 }
791
792 log_debug("%s\r\n", key);
793 rc = check_hkp_response (key, 1);
794 if (rc)
795 goto leave;
796
797 WSASetLastError (0);
798
799 leave:
800 closesocket (conn_fd);
801 free_if_alloc (request);
802 return rc;
803 } /* kserver_recvkey */
804
805
806 /* Interface to send a public key. */
807 int
808 kserver_sendkey (const char *hostname, u16 port, const char *pubkey, int len )
809 {
810 int n, rc;
811 int conn_fd;
812 char *request = NULL;
813 char log[2048];
814
815 hkp_err = 0; /* reset */
816 rc = kserver_connect (hostname, port, &conn_fd);
817 if (rc)
818 goto leave;
819
820 request = kserver_send_request (hostname, port, pubkey, len);
821 if (request == NULL) {
822 rc = WPTERR_GENERAL;
823 goto leave;
824 }
825
826 rc = sock_write( conn_fd, request, lstrlen(request) );
827 if( rc == SOCKET_ERROR ) {
828 rc = WPTERR_WINSOCK_SENDKEY;
829 goto leave;
830 }
831
832 rc = sock_read( conn_fd, log, sizeof (log)-1, &n );
833 if( rc == SOCKET_ERROR ) {
834 rc = WPTERR_WINSOCK_SENDKEY;
835 goto leave;
836 }
837
838 log_debug ("kserver_sendkey:\r\n%s\r\n", log);
839
840 rc = check_hkp_response (log, 0);
841 if( rc )
842 goto leave;
843
844 WSASetLastError (0);
845
846 leave:
847 closesocket (conn_fd);
848 free_if_alloc (request);
849 return rc;
850 } /* kserver_sendkey */
851
852
853 int
854 kserver_search_init (const char * hostname, u16 port, const char * keyid, int * conn_fd)
855 {
856 int rc, sock_fd;
857 int n=0;
858 char * request = NULL;
859
860 rc = kserver_connect (hostname, port, &sock_fd);
861 if (rc) {
862 *conn_fd = 0;
863 goto leave;
864 }
865
866 n=300;
867 request = new char[n+1];
868 if (!request)
869 BUG (0);
870
871 if (proxy.host && proxy.user) {
872 _snprintf (request, n,
873 "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n"
874 "Proxy-Authorization: Basic %s\r\n\r\n",
875 skip_type_prefix (hostname), port, keyid, proxy.base64_user);
876 }
877 else if (proxy.host) {
878 _snprintf (request, n,
879 "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n",
880 skip_type_prefix (hostname), port, keyid);
881 }
882 else {
883 _snprintf (request, n,
884 "GET /pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n", keyid);
885 }
886
887 log_debug ("kserver_search_init:\r\n%s\r\n", request);
888
889 if (sock_write (sock_fd, request, strlen (request)) == SOCKET_ERROR) {
890 rc = WPTERR_GENERAL;
891 goto leave;
892 }
893
894 *conn_fd = sock_fd;
895
896 leave:
897 free_if_alloc (request);
898 return rc;
899 } /* kserver_search_init */
900
901
902 int
903 kserver_search_chkresp (int fd)
904 {
905 char buf[128];
906 int n=0;
907
908 /* parse response 'HTTP/1.0 500 OK' */
909 if (sock_getline (fd, buf, 127, &n))
910 return WPTERR_KEYSERVER_NOTFOUND;
911
912 log_debug ("kserver_search_chkpresp: %s\r\n", buf);
913 if (strncmp (buf, "HTTP/1.", 7))
914 return WPTERR_KEYSERVER_NOTFOUND;
915 if (strncmp (buf+(8+1), "200", 3))
916 return WPTERR_KEYSERVER_NOTFOUND;
917 return 0;
918 } /* kserver_search_chkresp */
919
920
921 int
922 kserver_search (int fd, keyserver_key * key)
923 {
924 char buf[1024], *p;
925 int uidlen, nbytes, pos = 0;
926
927 log_debug ("keyserver_search:\n");
928
929 if (sock_getline (fd, buf, sizeof (buf) - 1, &nbytes))
930 return WPTERR_GENERAL;
931
932 log_debug ("%s\n", buf);
933
934 if (!strncmp (buf, "pub", 3)) {
935 int revoked = strstr (buf, "KEY REVOKED") != NULL? 1 : 0;
936 key->bits = atol (buf+3);
937 p = strchr (buf, '>');
938 if (!p)
939 goto fail;
940 pos = p - buf + 1;
941 memcpy (key->keyid, buf + pos, 8);
942 key->keyid[8] = '\0';
943 p = strstr (buf, "</a>");
944 if (!p)
945 goto fail;
946 pos = p - buf + 5;
947 memcpy (key->date, buf + pos, 10);
948 key->date[10] = '\0';
949 if (revoked) {
950 strcpy (key->uid, "KEY REVOKED: not checked");
951 return 0;
952 }
953 pos += 10;
954 p = buf + pos + 1;
955 while (p && *p != '>')
956 p++;
957 p++;
958 uidlen = strlen (p) - 10;
959 memcpy (key->uid, p, uidlen);
960 key->uid[uidlen] = '\0';
961 strcat (key->uid, ">");
962 p = strchr (key->uid, '&');
963 if (p) {
964 key->uid[(p-key->uid)] = '<';
965 memmove (key->uid+(p-key->uid)+1, key->uid+(p-key->uid)+4, strlen (key->uid)-3);
966 }
967 return 0;
968 }
969
970 fail:
971 key->bits = 0;
972 memset (key, 0, sizeof *key);
973 return 0;
974 } /* kserver_search */
975
976
977 static int
978 add_node( keyserver_cfgfile *cfg, const char *entry )
979 {
980 keyserver_node *node;
981 char *p = NULL;
982
983 p = strchr( entry, '=' );
984 if( p == NULL )
985 return WPTERR_GENERAL;
986 node = new keyserver_node;
987 if( !node )
988 BUG( NULL );
989
990 memset( node, 0, sizeof *node );
991 node->used = 1;
992
993 node->host.used = 1;
994 node->host.proto = proto_from_URL( entry );
995 memcpy( node->host.name, entry+7, p-entry-7 );
996 node->next = cfg->list;
997 cfg->list = node;
998
999 return 0;
1000 } /* add_node */
1001
1002
1003 void
1004 kserver_change_proxy( keyserver_proxy_ctx *ctx )
1005 {
1006 proxy.port = ctx->port;
1007 free_if_alloc (proxy.host);
1008 proxy.host = ctx->host? m_strdup( ctx->host ) : NULL;
1009 free_if_alloc( proxy.pass );
1010 proxy.pass = ctx->pass? m_strdup( ctx->pass ) : NULL;
1011 free_if_alloc( proxy.user );
1012 proxy.user = ctx->user? m_strdup( ctx->user ) : NULL;
1013 set_reg_proxy_prefs( proxy.host, proxy.port, proxy.user, proxy.pass );
1014 } /* kserver_change_proxy */
1015
1016
1017 int
1018 kserver_read_config( const char *fname, keyserver_cfgfile **ret_cfg )
1019 {
1020 FILE *fp;
1021 keyserver_cfgfile *cfg;
1022 char buf[256];
1023 int rc = 0;
1024
1025 *ret_cfg = NULL;
1026 fp = fopen( fname, "rb" );
1027 if( fp == NULL )
1028 return WPTERR_FILE_OPEN;
1029
1030 cfg = new keyserver_cfgfile;
1031 if ( !cfg )
1032 BUG( NULL );
1033 memset( cfg, 0, sizeof *cfg );
1034
1035 while ( !feof( fp ) ) {
1036 if ( fgets( buf, sizeof(buf)-1, fp ) == NULL )
1037 break;
1038 if ( *buf == '\r' || *buf == '\n' || *buf == '#' )
1039 continue;
1040 buf[strlen(buf) -2] = '\0';
1041 if ( !strncmp( buf, "use_proxy=", 10 ) ) {
1042 char *p = strchr(buf, ':');
1043 if (!p)
1044 continue;
1045 cfg->proxy.port = atol( buf+(p-buf+1) );
1046 buf[p-buf] = '\0';
1047 cfg->proxy.host = m_strdup( buf+10 );
1048 }
1049 else if ( !strncmp( buf, "proxy_user=", 11 ) )
1050 cfg->proxy.user = m_strdup( buf+11 );
1051 else if ( !strncmp( buf, "proxy_pass=", 11 ) )
1052 cfg->proxy.pass = m_strdup( buf+11 );
1053 if ( !strncmp( buf, "http://", 7 )
1054 || !strncmp( buf, "hkp://", 6 )
1055 || !strncmp( buf, "ldap://", 7 ) ) {
1056 add_node( cfg, buf );
1057 cfg->nlist++;
1058 }
1059 }
1060
1061 fclose( fp );
1062 *ret_cfg = cfg;
1063
1064 return rc;
1065 } /* kserver_read_config */
1066
1067
1068 int
1069 kserver_write_config( const char * fname, keyserver_cfgfile * cfg )
1070 {
1071
1072 return 0;
1073 }
1074
1075
1076 void
1077 kserver_cfgfile_release( keyserver_cfgfile *cfg )
1078 {
1079 keyserver_node *k, *k2;
1080
1081 proxy_release( &cfg->proxy );
1082 for( k = cfg->list; cfg->nlist--; k = k2 ) {
1083 k2 = k->next;
1084 free_if_alloc( k );
1085 }
1086 free_if_alloc( cfg );
1087 } /* kserver_cfgfile_release */
1088
1089
1090 void
1091 proxy_release( keyserver_proxy_ctx *ctx )
1092 {
1093 free_if_alloc( ctx->host );
1094 free_if_alloc( ctx->pass );
1095 free_if_alloc( ctx->user );
1096 } /* proxy_release */
1097
1098
1099 int
1100 ldap_recvkey (const char * host, const char * keyid, char * key, int maxkeylen)
1101 {
1102 const char *s;
1103 char *ksprg = NULL, *p = NULL;
1104 char temp[512], outf[512];
1105 FILE * inp;
1106 int rc, start_key = 0;
1107 STARTUPINFO si;
1108 PROCESS_INFORMATION pi;
1109
1110 p = get_gnupg_path ();
1111 ksprg = new char[strlen (p) + 1 + 128];
1112 if (!ksprg)
1113 BUG (0);
1114 strcpy (ksprg, p);
1115 strcat (ksprg, "\\");
1116 strcat (ksprg, "gpgkeys_ldap.exe");
1117 free_if_alloc (p);
1118 if (file_exist_check (ksprg)) {
1119 log_box ( "LDAP Keyserver Plugin", MB_ERR, "Could not find LDAP keyserver module!");
1120 rc = -1;
1121 goto leave;
1122 }
1123 GetTempPath (sizeof (temp)-1, temp);
1124 strcpy (outf, temp);
1125 strcat (outf, keyid);
1126 strcat (outf, ".out");
1127 strcat (temp, keyid);
1128 inp = fopen (temp, "w+b");
1129 if( !inp ) {
1130 log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", temp,
1131 winpt_strerror (WPTERR_FILE_OPEN));
1132 rc = -1;
1133 goto leave;
1134 }
1135 fprintf (inp,
1136 "VERSION 0\n"
1137 "HOST %s\n"
1138 "OPTION verbose\n"
1139 "COMMAND GET\n"
1140 "\n"
1141 "%s\n", host? skip_type_prefix (host): "64.94.85.200", keyid);
1142 fclose (inp);
1143
1144 memset (&si, 0, sizeof (si));
1145 si.cb = sizeof (si);
1146 si.dwFlags = STARTF_USESHOWWINDOW;
1147 si.wShowWindow = SW_HIDE;
1148 memset (&pi, 0, sizeof (pi));
1149 p = new char[strlen (ksprg) + strlen (temp) + strlen (outf) + 32];
1150 sprintf (p, "%s -o %s %s", ksprg, outf, temp);
1151 rc = CreateProcess (NULL, p, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi);
1152 if (!rc) {
1153 log_box ("LDAP Keyserver Plugin", MB_ERR, "Could not spawn process");
1154 rc = -1;
1155 goto leave;
1156 }
1157 CloseHandle (pi.hThread);
1158 WaitForSingleObject (pi.hProcess, INFINITE);
1159 CloseHandle (pi.hProcess);
1160
1161 inp = fopen (outf, "rb");
1162 if (!inp) {
1163 log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", outf,
1164 winpt_strerror (WPTERR_FILE_OPEN));
1165 rc = -1;
1166 goto leave;
1167 }
1168 memset (key, 0, maxkeylen);
1169 while( !feof( inp ) ) {
1170 s = fgets( temp, sizeof (temp)-1, inp );
1171 if( !s )
1172 break;
1173 if( !start_key && strstr( s, "KEY" ) && strstr( s, "BEGIN" ) ) {
1174 start_key = 1;
1175 continue;
1176 }
1177 if( !start_key )
1178 continue;
1179 strcat( key, temp );
1180 maxkeylen -= strlen( temp );
1181 if( maxkeylen < 0 || (strstr( s, "KEY" ) && strstr( s, "END" )) )
1182 break;
1183 }
1184 fclose( inp );
1185
1186 leave:
1187 if( !strlen( key ) )
1188 rc = WPTERR_WINSOCK_RECVKEY;
1189 free_if_alloc( p );
1190 free_if_alloc( ksprg );
1191 return rc;
1192 } /* ldap_recvkey */
1193
1194
1195 static int
1196 finger_readline (int fd, char * buf, int nbytes)
1197 {
1198 char c = 0;
1199 int n, pos = 0;
1200
1201 while (nbytes > 0) {
1202 n = recv (fd, &c, 1, 0);
1203 if (n <= 0)
1204 break;
1205 if (c == '\n')
1206 break;
1207 buf[pos++] = c;
1208 nbytes--;
1209 }
1210 if (nbytes > 0)
1211 buf[pos++] = '\0';
1212 if (n <= 0)
1213 pos = n;
1214 return pos;
1215 }
1216
1217
1218 int
1219 finger_recvkey (const char * host, const char * user, char * key, int maxkeylen)
1220 {
1221 struct hostent * hp;
1222 struct sockaddr_in saddr;
1223 char buf[128];
1224 int fd, nread;
1225 int start_key = 0;
1226 int rc=0;
1227
1228 fd = socket (PF_INET, SOCK_STREAM, 0);
1229 if (fd == -1)
1230 return WPTERR_WINSOCK_SOCKET;
1231 hp = gethostbyname (skip_type_prefix (host));
1232 if (!hp) {
1233 closesocket (fd);
1234 return WPTERR_WINSOCK_RESOLVE;
1235 }
1236
1237 memset (&saddr, 0, sizeof (saddr));
1238 saddr.sin_family = AF_INET;
1239 saddr.sin_port = htons (FINGER_PORT);
1240 saddr.sin_addr = *(struct in_addr *)hp->h_addr;
1241 if (connect (fd, (struct sockaddr *)&saddr, sizeof (saddr))) {
1242 closesocket (fd);
1243 return WPTERR_WINSOCK_CONNECT;
1244 }
1245 send (fd, user, strlen (user), 0);
1246 send (fd, "\r\n", 2, 0);
1247
1248 memset (key, 0, maxkeylen);
1249 while (maxkeylen > 0) {
1250 nread = finger_readline (fd, buf, sizeof (buf)-1);
1251 if (nread <= 0)
1252 break;
1253 strcat (buf, "\n");
1254 if (strstr (buf, "BEGIN PGP PUBLIC KEY BLOCK")) {
1255 strcat (key, buf);
1256 start_key = 1;
1257 maxkeylen -= nread;
1258 }
1259 else if (strstr (buf, "END PGP PUBLIC KEY BLOCK" ) && start_key) {
1260 strcat (key, buf);
1261 start_key--;
1262 maxkeylen -= nread;
1263 break;
1264 }
1265 else if (start_key) {
1266 strcat (key, buf);
1267 maxkeylen -= nread;
1268 }
1269 }
1270 closesocket (fd);
1271 if (start_key != 0)
1272 rc = WPTERR_WINSOCK_RECVKEY;
1273 return rc;
1274 }
1275
1276
1277 int
1278 check_IP_or_hostname (const char *name)
1279 {
1280 const char *not_allowed = "=!ยง$%&@#*~\\/}][{<>|,;:'";
1281 size_t i, j;
1282
1283 for (i=0; i < strlen (name); i++) {
1284 for (j =0; j < strlen (not_allowed); j++) {
1285 if (name[i] == not_allowed[j])
1286 return -1;
1287 }
1288 }
1289 return 0;
1290 }

Properties

Name Value
svn:eol-style native
[email protected]
 ViewVC Help
Powered by ViewVC 1.1.26