/[winpt]/trunk/Src/wptKeyserver.cpp

Diff of /trunk/Src/wptKeyserver.cpp

Parent Directory | Revision Log | View Patch Patch

-revision 197 by twoaday,
Mon Apr 10 07:38:06 2006 UTC
+revision 328 by twoaday,
Fri Sep 25 16:07:38 2009 UTC
 Line 1
  /* wptKeyserver.cpp - W32 Keyserver Access
-  *      Copyright (C) 2000-2005 Timo Schulz
+  *      Copyright (C) 2000-2009 Timo Schulz
   *      Copyright (C) 2001 Marco Cunha
   *
   * This file is part of WinPT.
 Line 13
   * but WITHOUT ANY WARRANTY; without even the implied warranty of
   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
   * General Public License for more details.
-  *
-  * You should have received a copy of the GNU General Public License
-  * along with WinPT; if not, write to the Free Software Foundation,
-  * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
   */
  #ifdef HAVE_CONFIG_H
  #include <config.h>
  #endif
-Line 29
+Line 24
  #include <sys/stat.h>
  #include <ctype.h>
+ #include "wptGPG.h"
  #include "wptKeyserver.h"
  #include "wptErrors.h"
  #include "wptTypes.h"
  #include "wptNLS.h"
  #include "wptW32API.h"
- #include "wptGPG.h"
  #include "wptRegistry.h"
+ #include "wptUTF8.h"
+ #include "wptVersion.h"
+ #include "StringBuffer.h"
- /* just map net_errno to a winsock error. */
- #define net_errno ((int)WSAGetLastError ())
+ /* Map net_errno to a winsock error. */
+ #define net_errno ((int)WSAGetLastError ())
  keyserver server[MAX_KEYSERVERS] = {0};
  keyserver_proxy_s proxy = {0};
  static const char *server_list[] = {
-     "hkp://gnv.us.ks.cryptnet.net",
+     "hkp://pool.sks-keyservers.net",
-     "hkp://keyserver.kjsl.com",
-     "hkp://sks.keyserver.penguin.de",
      "hkp://subkeys.pgp.net",
-     "ldap://keyserver.pgp.com",
+     "http://minsky.surfnet.nl",
      NULL
  };
+ #define NUM_DEF_KEYSERVERS 3
+ static char  hkp_err_msg[384];  /* Holds the error message from the server */
- static char  hkp_errmsg[1024];  /* Holds the error message from the server */
+ static int   hkp_has_err = 0;   /* != 0 indicates an error occurred. */
- static int   hkp_err = 0;       /* != 0 indicates an error occurred. */
  /* Default keyserver and port. */
  char *default_keyserver = NULL;
  WORD default_keyserver_port = 0;
- /* Default socket timeout. */
+ /* Default socket timeout (secs). */
- static int default_socket_timeout = 6;
+ static size_t default_socket_timeout = 6;
+ /* Wrapper for safe memory allocation. */
+ static char*
+ safe_alloc (DWORD n)
+ {
+     char *p = new char[n+1];
+     if (!p)
+         BUG (0);
+     memset (p, 0, n);
+     return p;
+ }
  /* Basic64 encode the input @inbuf to @outbuf. */
  static void
-Line 70 
 base64_encode (const char *inbuf, char *
+Line 79 
 base64_encode (const char *inbuf, char *
      char base64code[] =
          "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
      int index = 0, temp = 0, res = 0;
-     int i = 0, inputlen = 0, len = 0;
+     int inputlen, len = 0;
      inputlen = strlen (inbuf);
-     for (i = 0; i < inputlen; i++) {
+     for (int i = 0; i < inputlen; i++) {
          res = temp;
          res = (res << 8) | (inbuf[i] & 0xFF);
          switch (index++) {
-Line 83 
 base64_encode (const char *inbuf, char *
+Line 92 
 base64_encode (const char *inbuf, char *
              break;
          case 1:
              outbuf[len++] = base64code[res >> 4 & 0x3F];
              res &= 0xF;
              break;
          case 2:
              outbuf[len++] = base64code[res >> 6 & 0x3F];
-Line 108 
 base64_encode (const char *inbuf, char *
+Line 117 
 base64_encode (const char *inbuf, char *
  }
+ /* Check that the given buffer contains a valid keyserver URL
+    and return the prefix length, 0 in case of an error. */
+ static int
+ check_URL (const char *buf)
+ {
+     if (strstr (buf, "hkp://"))
+         return 6;
+     if (strstr (buf, "http://"))
+         return 7;
+     return 0;
+ }
  /* Skip the URL schema and return only the host part of it. */
  static const char*
  skip_type_prefix (const char *hostname)
  {
-     if (hostname && !strncmp (hostname, "http://", 7))
+     int pos;
-         hostname += 7;
-     else if (hostname && !strncmp (hostname, "hkp://", 6))
+     if (!hostname)
-         hostname += 6;
+         return hostname;
-     else if (hostname && !strncmp (hostname, "finger://", 9))
-         hostname += 9;
+     pos = check_URL (hostname);
-     else if (hostname && !strncmp (hostname, "ldap://", 7))
+     if (pos > 0)
-         hostname += 7;
+         hostname += pos;
      return hostname;
  }
+ /* Parse the keyserver response and extract the human
+    readable text passages. */
+ static int
+ parse_keyserver_error (const char *resp, char *txt, size_t txtlen)
+ {
+     char *p, *p2;
+     /* If we find no 'Error' substring we assume a success. */
+     if (!stristr (resp, "Error"))
+         return -1;
+     memset (txt, 0, txtlen);
+     p = strstr (resp, "\r\n\r\n");
+     if (!p)
+         return -1;
+     resp += (p-resp);
+     p = strstr (resp, "<h1>");
+     if (!p)
+         return -1;
+     resp += (p-resp)+strlen ("<h1>");
+     p = strstr (resp, "</h1>");
+     if (!p)
+         return -1;
+     resp += (p-resp)+strlen ("</h1>");
+     p2 = strstr (resp, "</body>");
+     if (p2 != NULL)
+         memcpy (txt, resp, (p2-resp));
+     else {
+         if (!strnicmp (resp, "<p>", 3))
+             resp += 3;
+         while (resp && (*resp == '\r' || *resp == '\n'))
+             resp++;
+         memcpy (txt, resp, strlen (resp));
+     }
+     return 0;
+ }
  /* Check that the keyserver response indicates an OK.
     Return 0 on success. */
  static int
  check_hkp_response (const char *resp, int recv)
  {
-     char *p, *end;
+     int ec;
-     int ec, len;
      ec = recv ? WPTERR_WINSOCK_RECVKEY : WPTERR_WINSOCK_SENDKEY;
-     if (!strstr (resp, "HTTP/1.0 200 OK") &&
+     if (!resp)
-         !strstr (resp, "HTTP/1.1 200 OK")) /* http error */
          return ec;
-     if (strstr (resp, "Public Key Server -- Error")
+     log_debug ("check_hkp_response: '%s'\r\n", resp);
-         || strstr (resp, "Public Key Server -- Error")
+     if (!strstr (resp, "HTTP/1.0 200 OK") &&
-         || strstr (resp, "No matching keys in database")) {
+         !strstr (resp, "HTTP/1.1 200 OK") &&
-         p = strstr (resp, "<p>");
+         !strstr (resp, "HTTP/1.0 500 OK") &&
-         if (p && strlen (p) < sizeof (hkp_errmsg)) {
+         !strstr (resp, "HTTP/1.1 500 OK"))
-             end = strstr (p, "</p>");
+         return ec; /* http error */
-             len = end? (end - p + 1) : strlen (p);
-             memset (hkp_errmsg, 0, sizeof (hkp_errmsg));
+     if (!parse_keyserver_error (resp, hkp_err_msg, DIM (hkp_err_msg)-2)) {
-             strncpy (hkp_errmsg, p, len);
+         if (!strlen (hkp_err_msg))
-             hkp_err = 1;
+             _snprintf (hkp_err_msg, DIM (hkp_err_msg)-1,
-         }
+                         "Unknown keyserver error");
+         hkp_has_err = 1;
          return ec;
      }
      return 0;
-Line 159 
 static int
+Line 218 
 static int
  sock_getline (int fd, char *buf, int buflen, int *nbytes)
  {
      char ch;
-     int nread = 0;
+     int nread;
      if (nbytes)
          *nbytes = 0;
      *buf = 0;
+     nread = 0;
      while (recv (fd, &ch, 1, 0) > 0) {
          *buf++ = ch;
          nread++;
-Line 182 
 sock_getline (int fd, char *buf, int buf
+Line 242 
 sock_getline (int fd, char *buf, int buf
  /* Perform a select() on the given fd to find out
-    is there is data for reading. Wait at least @nsecs seconds. */
+    is there is data for reading. Wait at least @nsecs milli seconds. */
  static int
- sock_select (int fd, int nsecs)
+ sock_select (int fd, int nmsecs)
  {
      FD_SET rfd;
-     timeval tv = {nsecs, 0};
+     timeval tv = {0, nmsecs*1000};
      FD_ZERO (&rfd);
      FD_SET (fd, &rfd);
-Line 206 
 sock_select (int fd, int nsecs)
+Line 266 
 sock_select (int fd, int nsecs)
     returned in @nbytes.
     Return value: 0 on success. */
  static int
- sock_read (int fd, char *buf, int buflen, int *nbytes)
+ sock_read (int fd, char *buf, size_t buflen, int *nbytes)
  {
-     DWORD nread;
+     size_t nleft = buflen;
-     int nleft = buflen;
+     size_t n;
-     int rc, n = 0;
+     int nread;
+     int rc;
      if (nbytes)
          *nbytes = 0;
+     n = 0;
      while (nleft > 0) {
          if (n >= default_socket_timeout)
              return WPTERR_WINSOCK_TIMEOUT;
-         rc = sock_select (fd, 1);
+         rc = sock_select (fd, 400);
          if (rc == SOCKET_ERROR)
              return rc;
          else if (!rc)
-Line 240 
 sock_read (int fd, char *buf, int buflen
+Line 302 
 sock_read (int fd, char *buf, int buflen
      return 0;
  }
+ /* Helper to create a string from the gpgme data and
+    then release the gpgme data object. */
+ char*
+ data_release_and_get_mem (gpgme_data_t in, size_t *r_bufferlen)
+ {
+     char *buffer, *p;
+     size_t n;
+     gpg_data_putc (in, '\0');
+     p = gpgme_data_release_and_get_mem (in, &n);
+     buffer = m_strdup (p);
+     if (r_bufferlen)
+         *r_bufferlen = n;
+     gpgme_free (p);
+     return buffer;
+ }
  /* Read much data as possible from the socket @fd and
     return the data in @buffer. Caller must free data.
     Return value: 0 on success. */
  int
- sock_read_ext (int fd, char **buffer, int *r_bufferlen)
+ sock_read_ext (int fd, char **buffer, size_t *r_bufferlen)
  {
      gpgme_data_t dh;
-     char buf[1024], *p;
+     char buf[1024];
-     size_t n=0;
+     size_t timeout=0;
-     int nread, rc;
+     int rc;
-     gpgme_data_new (&dh);
+     *buffer = NULL;
-     while (n < 10) {
+     if (gpgme_data_new (&dh))
-         rc = sock_select (fd, 1);
+         return SOCKET_ERROR;
+     while (timeout < default_socket_timeout) {
+         rc = sock_select (fd, 500);
          if (rc == SOCKET_ERROR) {
              gpgme_data_release (dh);
              return rc;
          }
          else if (!rc)
-             n++;
+             timeout++; /* socket not ready yet. */
          else {
-             nread = recv (fd, buf, sizeof (buf), 0);
+             int nread = recv (fd, buf, DIM (buf), 0);
+             log_debug ("recv n=%d bytes\r\n", nread);
              if (nread == SOCKET_ERROR)
                  return SOCKET_ERROR;
              else if (!nread)
-Line 269 
 sock_read_ext (int fd, char **buffer, in
+Line 353 
 sock_read_ext (int fd, char **buffer, in
              gpgme_data_write (dh, buf, nread);
          }
      }
-     gpg_data_putc (dh, '\0');
-     p = gpgme_data_release_and_get_mem (dh, &n);
+     if (timeout >= default_socket_timeout) {
-     *buffer = m_strdup (p);
+         gpgme_data_release (dh);
-     if (r_bufferlen)
+         log_debug ("sock_read_ext: timeout\r\n");
-         *r_bufferlen = n;
+         return WPTERR_WINSOCK_TIMEOUT;
-     gpgme_free (p);
+     }
+     log_debug ("sock_read_ext: success\r\n");
+     *buffer = data_release_and_get_mem (dh, r_bufferlen);
      return 0;
  }
  /* Write the buffer @buf with the length @buflen to a socket @fd. */
  static int
- sock_write (int fd, const char *buf, int buflen)
+ sock_write (int fd, const char *buf, size_t buflen)
  {
-     DWORD nwritten;
+     int nwritten;
      int nleft = buflen;
      while (nleft > 0) {
-Line 314 
 wsock_init (void)
+Line 400 
 wsock_init (void)
  }
- /* Cleanup the Winsock2 interface. */
+ /* Cleanup the Winsock2 interface and free all resources. */
  void
  wsock_end (void)
  {
-     char *p;
+     if (default_keyserver != NULL) {
-     int i;
+         char str_port[64];
+         set_reg_entry_keyserver ("Default", default_keyserver);
-     p = make_special_filename (CSIDL_APPDATA, "winpt\\keyserver.conf", NULL);
+         free_if_alloc (default_keyserver);
-     kserver_save_conf (p);
+         sprintf (str_port, "%d", default_keyserver_port);
-     free_if_alloc (p);
+         set_reg_entry_keyserver ("Default_Port", str_port);
-     free_if_alloc (default_keyserver);
+     }
-     for (i=0; i < MAX_KEYSERVERS; i++) {
+     for (int i=0; i < MAX_KEYSERVERS; i++) {
-         if (server[i].used && server[i].name != NULL)
+         if (server[i].name != NULL)
              free_if_alloc (server[i].name);
      }
      kserver_proxy_release (&proxy);
      WSACleanup ();
+     log_debug ("wsock_end: cleanup finished.\r\n");
  }
  /* Return a string representation of a winsock error. */
  const char*
  wsock_strerror (void)
  {
-     static char buf[384];
      int ec = WSAGetLastError ();
+     if (!ec)
+         return "";
      switch (ec) {
+     case WSANOTINITIALISED:
+         return _("Winsock subsystem has not been initialized");
      case WSAENETDOWN:
-         return _("The network subsystem has failed");
+         return _("Network subsystem has failed");
+     case WSATRY_AGAIN:
+         return _("Nonauthoritative host not found, or server failure");
      case WSAHOST_NOT_FOUND:
-         return _("Authoritative Answer Host not found");
+         return _("Could not resolve host name");
      case WSAETIMEDOUT:
-         return _("The connection has been dropped because of a network failure");
+     case WSAECONNABORTED:
+         return _("Connection timeout");
+     case WSAENETRESET:
+     case WSAECONNRESET:
+         return _("Connection resetted by peer");
+     case WSAENETUNREACH:
+         return _("The network cannot be reached from this host at this time");
+     case WSAEHOSTUNREACH:
+         return _("A socket operation was attempted to an unreachable host");
+     case WSAECONNREFUSED:
+         return _("The attempt to connect was forcefully rejected");
+     case WSAESHUTDOWN:
+         return _("Socket has been shutdown");
      default:
-         _snprintf (buf, sizeof (buf) -1, _("Unknown Winsock error ec=%d"),ec);
+         break;
-         return buf;
      }
-     return NULL;
+     return _("Unknown network error");
  }
  /* Set default socket timeout for all reading operations. */
  void
- kserver_set_socket_timeout (int nsec)
+ kserver_set_socket_timeout (size_t nsec)
  {
-     if (nsec < 0)
+     if (nsec < 0 || nsec > 3600)
-         nsec = 0;
+         nsec = 10;
      default_socket_timeout = nsec;
  }
-Line 370 
 kserver_set_socket_timeout (int nsec)
+Line 485 
 kserver_set_socket_timeout (int nsec)
  const char*
  kserver_strerror (void)
  {
-     if (hkp_err)
+     return hkp_has_err? hkp_err_msg : NULL;
-         return hkp_errmsg;
-     return NULL;
  }
-Line 385 
 kserver_get_hostname (int idx, int type,
+Line 498 
 kserver_get_hostname (int idx, int type,
          *port = default_keyserver_port;
          return default_keyserver;
      }
-     else if (!type && idx < DIM (server_list)) {
+     else if (!type && (size_t)idx < DIM (server_list)) {
          *port = HKP_PORT;
          return server_list[idx];
      }
-Line 404 
 kserver_check_inet_connection (void)
+Line 517 
 kserver_check_inet_connection (void)
          closesocket (fd);
          return 0;
      }
+     log_debug ("kserver_check_inet_connection: no inet connection.\r\n");
      return -1;
  }
-Line 415 
 kserver_check_inet_connection (void)
+Line 529 
 kserver_check_inet_connection (void)
  const char*
  kserver_check_keyid (const char *keyid)
  {
-     static char id[21];
+     static char id[64];
      if (strstr (keyid, "@"))
          return keyid; /* email address */
      if (strncmp (keyid, "0x", 2)) {
          memset (&id, 0, sizeof (id));
-         _snprintf (id, sizeof (id)-1, "0x%s", keyid);
+         _snprintf (id, DIM (id)-1, "0x%s", keyid);
          return id;
      }
      return keyid;
-Line 433 
 static void
+Line 547 
 static void
  update_proxy_user (const char *proxy_user, const char *proxy_pass)
  {
      char t[257]; /* user:pass = 127+1+127+1 = 257 */
-     int n = 0;
+     size_t n;
-     n = 4*strlen (proxy_user) / 3 + 32 + strlen (proxy_pass) + 2;
+     n = 4*(strlen (proxy_user) + strlen (proxy_pass))/3 + 32 + 2;
      free_if_alloc (proxy.base64_user);
-     proxy.base64_user = new char[n];
+     proxy.base64_user = safe_alloc (n+1);
-     if (!proxy.base64_user)
+     _snprintf (t, DIM (t)-1, "%s:%s", proxy_user, proxy_pass);
-         BUG (0);
-     _snprintf (t, sizeof (t)-1, "%s:%s", proxy_user, proxy_pass);
      base64_encode (t, proxy.base64_user);
      free_if_alloc (proxy.user);
      free_if_alloc (proxy.pass);
-Line 449 
 update_proxy_user (const char *proxy_use
+Line 561 
 update_proxy_user (const char *proxy_use
  }
- /* Check that the given buffer contains a valid keyserver URL. */
+ /* Set the default keyserver. The position is always one. */
- static int
- check_URL (const char * buf)
- {
-     if (strlen (buf) < 7)
-         return -1;
-     if (!strstr (buf, "ldap://")
-         && !strstr (buf, "http://")
-         && !strstr (buf, "finger://")
-         && !strstr (buf, "hkp://"))
-         return -1;
-     return 0;
- }
- /* Get the port number from the given protocol. */
- static int
- port_from_proto (int proto)
- {
-     switch (proto) {
-     case KSPROTO_LDAP: return 0;
-     case KSPROTO_FINGER: return FINGER_PORT;
-     case KSPROTO_HTTP: return HKP_PORT;
-     }
-     return 0;
- }
- /* Get the port number from the given URL. */
- static int
- proto_from_URL (const char *buf)
- {
-     if (strstr( buf, "ldap"))
-         return KSPROTO_LDAP;
-     else if (strstr( buf, "finger"))
-         return KSPROTO_FINGER;
-     return KSPROTO_HKP;
- }
  void
  keyserver_set_default (const char *hostname, WORD port)
  {
-     if (hostname != NULL) {
+     int pos=0;
-         free_if_alloc (default_keyserver);
-         default_keyserver = m_strdup (hostname);
+     if (port == 0)
-         if (!default_keyserver)
-             BUG (0);
-         default_keyserver_port = port;
-     }
-     if (!port)
          port = HKP_PORT;
-     if (!default_keyserver)
-         default_keyserver = m_strdup (DEF_HKP_KEYSERVER);
+     free_if_alloc (default_keyserver);
-     server[0].name =  m_strdup (default_keyserver);
+     default_keyserver = m_strdup (hostname);
-     server[0].used = 1;
+     default_keyserver_port = port;
-     server[0].port = port;
-     server[0].proto = proto_from_URL (default_keyserver);
+     while (pos < MAX_KEYSERVERS) {
+         if (server[pos].is_default)
+             break;
+         if (server[pos].used) {
+             pos++;
+             continue;
+         }
+         break;
+     }
+     free_if_alloc (server[pos].name);
+     server[pos].name =  m_strdup (default_keyserver);
+     server[pos].used = 1;
+     server[pos].port = port;
+     server[pos].is_default = 1;
  }
- /* Skip all kind of whitespace chars in @str. */
+ /* Skip all kind of whitespace chars in @str.
  static const char*
  skip_whitespace (const char *str)
  {
-Line 525 
 skip_whitespace (const char *str)
+Line 606 
 skip_whitespace (const char *str)
          break;
      }
      return str;
+ }*/
+ /* Return the specified keyserver config setting @key as an integer. */
+ static int
+ get_conf_kserver_int (const char *key)
+ {
+     char *p;
+     int val = 0;
+     p = get_reg_entry_keyserver (key);
+     if (p && *p)
+         val = atoi (p);
+     free_if_alloc (p);
+     return val;
  }
- /* Save the keyserver config file in @conf. */
+ /* Read the proxy configuration and store it into @prox. */
- int
+ static void
- kserver_save_conf (const char *conf)
+ read_proxy_config (keyserver_proxy_t prox)
  {
-     FILE *fp;
+     char *proto;
-     int pos;
-     fp = fopen (conf, "wb");
+     if (!prox)
-     if (!fp) {
+         return;
-         msg_box (NULL, _("Could not save keyserver.conf file"),
-                  _("Keyserver"), MB_ERR);
+     proto = get_reg_entry_keyserver("Proto");
-         return -1;
+     if (proto != NULL && strlen (proto) > 0)
-     }
+         prox->proto = atoi (proto);
+     else
+         prox->proto = PROXY_PROTO_NONE;
+     free_if_alloc (proto);
+     free_if_alloc (prox->host);
+     prox->host = get_reg_entry_keyserver ("Host");
+     free_if_alloc (prox->user);
+     prox->user = get_reg_entry_keyserver ("User");
+     free_if_alloc (prox->pass);
+     prox->pass = get_reg_entry_keyserver ("Pass");
+     prox->port = get_conf_kserver_int ("Port");
+ }
-     fprintf (fp, "# do NOT manually modify this file, it will be "
-                  "generated automatically!!\r\n");
+ static int
-     for (pos = 0; pos < MAX_KEYSERVERS; pos++) {
+ is_keyserver_present (const char *name)
-         if (!server[pos].used)
+ {
-             continue;
+     for (int i=0; i < MAX_KEYSERVERS; i++) {
-         fprintf (fp, "%s:%d\r\n", server[pos].name, server[pos].port);
+         if (server[i].name != NULL &&
+             stricmp (server[i].name, name) == 0)
+             return 1;
      }
-     fclose (fp);
      return 0;
  }
+ /* Load the keyserver configuration. */
- /* Load the keyserver config file @conf. */
  int
- kserver_load_conf (const char *conf)
+ kserver_load_conf (void)
  {
-     FILE *fp;
+     char *str_server, *str_port;
-     char buf[1024], *s, *p;
+     int port, list_pos;
-     char *user = NULL, *pass = NULL;
-     int no_config=0, chk_pos=0;
-     int pos;
-     for (pos = 0; pos < MAX_KEYSERVERS; pos++) {
-         server[pos].used = 0;
-         server[pos].port = HKP_PORT;
-     }
-     fp = fopen (conf, "rb");
+     /* If a preferred keyserver is available, load
-     if (!fp) {
+      * the values and store it at position 0.
-         for (pos = 0; server_list[pos]; pos++) {
+      */
-             server[pos].used = 1;
+     str_server = get_reg_entry_keyserver("Default");
-             server[pos].name = m_strdup (server_list[pos]);
+     if (str_server && *str_server) {
-             server[pos].proto = proto_from_URL (server_list[pos]);
+         port = HKP_PORT;
-         }
+         str_port = get_reg_entry_keyserver("Default_Port");
-         no_config=1;
+         if (str_port && *str_port)
-     }
+             port = atoi (str_port);
-     get_reg_proxy_prefs (&proxy);
+         keyserver_set_default (str_server, port);
-     if (user && pass)
+         free_if_alloc (str_port);
-         update_proxy_user (user, pass);
+     }
-     else if (user && !pass || !user && pass) {
+     free_if_alloc (str_server);
-         msg_box (NULL, _("Invalid proxy configuration."
-                          "You need to set a user and a password"
+     /* Now add the default pool servers after the
-                          "to use proxy authentication!"),
+      * preferred keyserver if present.
-                          _("Proxy Error"), MB_ERR);
+      */
-     }
+     list_pos = 1;
-     /* check if the host has a http:// prefix and skip it */
+     for (int i=0; server_list[i] != NULL; i++) {
-     if (proxy.host && !strncmp (proxy.host, "http://", 7)) {
+         if (is_keyserver_present (server_list[i]))
-         char *host = m_strdup (proxy.host+7);
-         if (!host)
-             BUG (0);
-         free_if_alloc (proxy.host);
-         proxy.host = host;
-     }
-     free_if_alloc (user);
-     free_if_alloc (pass);
-     pos = 0;
-     while (fp && !feof (fp)) {
-         s = fgets (buf, sizeof (buf)-1, fp);
-         if (!s)
-             break;
-         if (strstr (buf, "\r\n"))
-             buf[strlen (buf)-2] = '\0';
-         if (strstr (buf, "\n"))
-             buf[strlen (buf)-1] = '\0';
-         s = (char *)skip_whitespace (buf);
-         if (*s == '#' || strlen (s) < 7)
-             continue;
-         if (check_URL (s)) {
-             msg_box (NULL, _("All entries of this file must have a valid prefix.\n"
-                              "Currently HKP/HTTP, LDAP and FINGER are supported.\n"),
-                              _("Keyserver Error"), MB_ERR);
              continue;
-         }
+         server[list_pos].used = 1;
-         chk_pos = 6;
+         server[list_pos].port = HKP_PORT;
-         if (strstr (s, "finger"))
+         server[list_pos].name = m_strdup (server_list[i]);
-             chk_pos = 10;
+         server[list_pos].is_default = 0;
-         p = strchr (s+chk_pos, ':');
+         list_pos++;
-         server[pos].used = 1;
+         if (list_pos > MAX_KEYSERVERS)
-         server[pos].proto = proto_from_URL (s);
-         server[pos].port = port_from_proto (server[pos].proto);
-         if (!p)
-             server[pos].name = m_strdup (s);
-         else {
-             server[pos].port = atol (p+1);
-             if (server[pos].port < 0 || server[pos].port > 65536)
-                 server[pos].port = HKP_PORT;
-             server[pos].name = new char [(p-s)+2];
-             if (!server[pos].name)
-                 BUG (0);
-             memset (server[pos].name, 0, (p-s)+2);
-             memcpy (server[pos].name, s, (p-s));
-         }
-         pos++;
-         if (pos > MAX_KEYSERVERS) {
-             msg_box (NULL, _("The keyserver limit is exceeded"),
-                      _("Keyserver Warning"), MB_INFO);
              break;
-         }
      }
-     if (fp)
-         fclose (fp);
-     if (!pos) {
-         /* only issue an error if the config file exist but
-            it has no valid entries. */
-         keyserver_set_default (NULL, HKP_PORT);
-         if (!no_config)
-             return WPTERR_CONFIG_FILE;
-     }
      return 0;
  }
-Line 665 
 kserver_connect (const char *hostname, W
+Line 713 
 kserver_connect (const char *hostname, W
      struct sockaddr_in sock;
      char host[128] = {0};
      DWORD iaddr;
+     bool use_proxy = proxy.host != NULL;
      int rc, fd;
-     log_debug ("kserver_connect: %s:%d\r\n", hostname, port);
      if (!port)
          port = HKP_PORT;
      if (conn_fd)
          *conn_fd = 0;
      hostname = skip_type_prefix (hostname);
+     log_debug ("kserver_connect: %s:%d\r\n", hostname, port);
-     if (proxy.host && proxy.proto == PROXY_PROTO_HTTP)
+     if (use_proxy && proxy.proto == PROXY_PROTO_HTTP)
          port = proxy.port;
      memset (&sock, 0, sizeof (sock));
      sock.sin_family = AF_INET;
      sock.sin_port = htons (port);
-     if (proxy.host)
+     strncpy (host, use_proxy? proxy.host : hostname, DIM (host)-1);
-         strncpy (host, proxy.host, 127);
-     else
-         strncpy (host, hostname, 127);
      if ((iaddr = inet_addr (host)) != INADDR_NONE)
          memcpy (&sock.sin_addr, &iaddr, sizeof (iaddr));
-Line 695 
 kserver_connect (const char *hostname, W
+Line 740 
 kserver_connect (const char *hostname, W
          memcpy (&sock.sin_addr, hp->h_addr, hp->h_length);
      }
      else {
-         log_debug ("gethostbyname: failed ec=%d.\r\n", net_errno);
+         log_debug ("gethostbyname(%s): failed ec=%d.\r\n", host, net_errno);
-         return WPTERR_WINSOCK_RESOLVE;
+         return use_proxy? WPTERR_WINSOCK_PROXY : WPTERR_WINSOCK_RESOLVE;
      }
      fd = socket (AF_INET, SOCK_STREAM, 0);
      if (fd == INVALID_SOCKET)
-Line 705 
 kserver_connect (const char *hostname, W
+Line 750 
 kserver_connect (const char *hostname, W
      if (rc == SOCKET_ERROR) {
          log_debug ("connect: failed ec=%d.\r\n", net_errno);
          closesocket (fd);
-         return WPTERR_WINSOCK_CONNECT;
+         return use_proxy? WPTERR_WINSOCK_PROXY : WPTERR_WINSOCK_CONNECT;
-     }
-     if (proxy.proto == PROXY_PROTO_SOCKS5) {
-         rc = socks_handshake (&proxy, fd, hostname, port);
-         if (rc) {
-             closesocket (fd);
-             return WPTERR_GENERAL; /* XXX: use better code. */
-         }
      }
      if (conn_fd)
          *conn_fd = fd;
      WSASetLastError (0);
-Line 723 
 kserver_connect (const char *hostname, W
+Line 760 
 kserver_connect (const char *hostname, W
  }
+ /* Check if the URL needs to be encoded or not.
  static bool
  URL_must_encoded (const char *url)
  {
      if (strchr (url, '.') || strchr (url, '@') || strchr (url, ' '))
          return true;
      return false;
- }
+ }*/
  /* Perform URL encoding of the given data. */
  static char*
- URL_encode (const char *url, size_t ulen, size_t *ret_nlen)
+ URL_encode (const char *url, DWORD ulen, DWORD *ret_nlen)
  {
      gpgme_data_t hd;
-     char numbuf[5], *pp, *p;
+     char numbuf[8], *p;
-     size_t i, n;
+     size_t i, nlen;
-     gpgme_data_new (&hd);
+     if (gpgme_data_new (&hd))
+         BUG (0);
      for (i=0; i < ulen; i++) {
          if (isalnum (url[i]) || url[i] == '-')
              gpg_data_putc (hd, url[i]);
-Line 751 
 URL_encode (const char *url, size_t ulen
+Line 790 
 URL_encode (const char *url, size_t ulen
              gpgme_data_write (hd, numbuf, strlen (numbuf));
          }
      }
-     gpg_data_putc (hd, '\0');
-     /* Copy memory to avoid that we need to use gpgme_free later. */
+     p = data_release_and_get_mem (hd, &nlen);
-     pp = gpgme_data_release_and_get_mem (hd, &n);
-     p = m_strdup (pp);
-     gpgme_free (pp);
      if (ret_nlen)
-         *ret_nlen = n;
+         *ret_nlen = nlen;
      return p;
  }
-Line 766 
 URL_encode (const char *url, size_t ulen
+Line 801 
 URL_encode (const char *url, size_t ulen
  /* Format a request for the given keyid (send). */
  static char*
  kserver_send_request (const char *hostname, WORD port,
-                       const char *pubkey, int octets)
+                       const char *pubkey, DWORD octets)
  {
-     char *request = NULL;
+     const char *fmt;
-     char *enc_pubkey = NULL;
+     char *request;
-     size_t enc_octets;
+     char *enc_pubkey;
+     DWORD enc_octets;
      int reqlen;
      log_debug ("kserver_send_request: %s:%d\r\n", hostname, port);
      if (!port)
          port = HKP_PORT;
-     reqlen = 512 + strlen (hostname) + 2*strlen (pubkey);
-     if (proxy.proto == PROXY_PROTO_HTTP && proxy.base64_user)
-         reqlen += strlen (proxy.base64_user) + 1;
-     request = new char[reqlen];
-     if (!request)
-         BUG (0);
      enc_pubkey = URL_encode (pubkey, octets, &enc_octets);
-     if (!enc_pubkey || !enc_octets) {
+     reqlen = 2*strlen (hostname) + 2*32/*port*/ + enc_octets + 32 /*len*/ + 1;
-         free_if_alloc (request);
-         return NULL;
-     }
      if (proxy.user && proxy.proto == PROXY_PROTO_HTTP) {
-         _snprintf (request, reqlen-1,
+         fmt = "POST http://%s:%d/pks/add HTTP/1.0\r\n"
-                    "POST http://%s:%d/pks/add HTTP/1.0\r\n"
+               "Referer: \r\n"
-                    "Referer: \r\n"
+               "User-Agent: WinPT/W32\r\n"
-                    "User-Agent: WinPT/W32\r\n"
+               "Host: %s:%d\r\n"
-                    "Host: %s:%d\r\n"
+               "Proxy-Authorization: Basic %s\r\n"
-                    "Proxy-Authorization: Basic %s\r\n"
+               "Content-type: application/x-www-form-urlencoded\r\n"
-                    "Content-type: application/x-www-form-urlencoded\r\n"
+               "Content-length: %d\r\n"
-                    "Content-length: %d\r\n"
+               "Connection: close\r\n"
-                    "\r\n"
+               "\r\n"
-                    "keytext=%s"
+               "keytext=%s"
-                    "\r\n",
+               "\r\n";
-                    skip_type_prefix (hostname), port, hostname, port,
+         reqlen += strlen (fmt) + strlen (proxy.base64_user) + 1;
+         request = safe_alloc (reqlen+1);
+         _snprintf (request, reqlen, fmt,
+                    skip_type_prefix (hostname), port, hostname, port,
                     proxy.base64_user, enc_octets+9, enc_pubkey);
      }
      else {
-         _snprintf (request, reqlen-1,
+         fmt = "POST /pks/add HTTP/1.0\r\n"
-                    "POST /pks/add HTTP/1.0\r\n"
+               "Referer: \r\n"
-                    "Referer: \r\n"
+               "User-Agent: WinPT/W32\r\n"
-                    "User-Agent: WinPT/W32\r\n"
+               "Host: %s:%d\r\n"
-                    "Host: %s:%d\r\n"
+               "Content-type: application/x-www-form-urlencoded\r\n"
-                    "Content-type: application/x-www-form-urlencoded\r\n"
+               "Content-length: %d\r\n"
-                    "Content-length: %d\r\n"
+               "Connection: close\r\n"
-                    "\r\n"
+               "\r\n"
-                    "keytext=%s"
+               "keytext=%s"
-                    "\r\n",
+               "\r\n";
-                    skip_type_prefix (hostname), port,
+         reqlen += strlen (fmt)+1;
+         request = safe_alloc (reqlen+1);
+         _snprintf (request, reqlen, fmt,
+                    skip_type_prefix (hostname), port,
                     enc_octets+9, enc_pubkey);
      }
-     free_if_alloc (enc_pubkey);
-     log_debug ("%s\r\n", request);
+     free_if_alloc (enc_pubkey);
+     log_debug ("request:\r\n%s\r\n", request);
      return request;
  }
+ /* Interface for receiving a public key. */
  int
- kserver_recvkey_ext (const char *hostname, WORD port, const char *keyid,
+ kserver_recvkey (const char *hostname, WORD port, const char *keyid,
-                      char **r_key, int *r_keylen)
+                  char **r_key, size_t *r_keylen)
  {
-     char *request = NULL;
+     StringBuffer req;
+     const char *reqbuf;
      int conn_fd;
-     int rc, n;
+     int rc;
      if (!port)
          port = HKP_PORT;
-     hkp_err = 0; /* reset */
+     hkp_has_err = 0; /* reset */
      rc = kserver_connect (hostname, port, &conn_fd);
      if (rc)
          goto leave;
-     request = new char[300+1];
-     if (!request)
-         BUG (0);
      if (proxy.host && proxy.user && proxy.proto == PROXY_PROTO_HTTP) {
-         _snprintf (request, 300,
+         req = req + "GET http://" + skip_type_prefix (hostname) +
-             "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n"
+             ":" + port +
-             "Proxy-Authorization: Basic %s\r\n\r\n",
+             "/pks/lookup?op=get&search=" + keyid + " HTTP/1.0\r\n" +
-             skip_type_prefix (hostname), port, keyid, proxy.base64_user);
+             "Proxy-Authorization: Basic " + proxy.base64_user + "\r\n" +
+             "Host: " + skip_type_prefix (hostname) + ":" + port + "\r\n"+
+             "Connection: close\r\n"+
+             "\r\n";
      }
      else if (proxy.host && proxy.proto == PROXY_PROTO_HTTP) {
-         _snprintf (request, 300,
+         req = req + "GET http://" + skip_type_prefix (hostname) +
-             "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n",
+             ":" + port + "/pks/lookup?op=get&search=" + keyid +
-             skip_type_prefix (hostname), port, keyid);
+             " HTTP/1.0\r\n" +
-     }
+             "Host: " + skip_type_prefix (hostname) + ":" + port + "\r\n"+
-     else {
+             "Connection: close\r\n"+
-         _snprintf (request, 300,
+             "\r\n";
-             "GET /pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n", keyid);
      }
+     else
-     log_debug ("%s\r\n", request);
+         req = req + "GET /pks/lookup?op=get&search=" + keyid +
+             " HTTP/1.0\r\n"+ // FIXME
+             "Host: " + skip_type_prefix (hostname) + ":" + port + "\r\n"+
+             "Connection: close\r\n"+
+             "\r\n";
-     rc = sock_write (conn_fd, request, strlen (request));
+     log_debug ("req:\r\n%s\r\n", req.getBuffer ());
+     reqbuf = req.getBuffer ();
+     rc = sock_write (conn_fd, reqbuf, strlen (reqbuf));
      if (rc == SOCKET_ERROR) {
          rc = WPTERR_WINSOCK_RECVKEY;
          goto leave;
      }
-     rc = sock_read_ext (conn_fd, r_key, &n);
+     rc = sock_read_ext (conn_fd, r_key, r_keylen);
      if (rc == SOCKET_ERROR) {
          rc = WPTERR_WINSOCK_RECVKEY;
          goto leave;
      }
-     if (r_keylen)
+     log_debug ("response:\r\n%s\r\n", *r_key);
-         *r_keylen = n;
-     log_debug ("%s\r\n", *r_key);
      rc = check_hkp_response (*r_key, 1);
      if (rc)
          goto leave;
-Line 885 
 kserver_recvkey_ext (const char *hostnam
+Line 923 
 kserver_recvkey_ext (const char *hostnam
  leave:
      closesocket (conn_fd);
-     free_if_alloc (request);
      return rc;
  }
- /* Interface for receiving a public key. */
- int
- kserver_recvkey (const char *hostname, WORD port, const char *keyid,
-                  char *key, int maxkeylen)
- {
-     char *tmpkey;
-     int rc, nread=0;
-     /* XXX: just a wrapper around the new method, replace it
-             soon as possible. */
-     rc = kserver_recvkey_ext (hostname, port, keyid, &tmpkey, &nread);
-     if (rc)
-         return rc;
-     if (nread > maxkeylen) {
-         free_if_alloc (tmpkey);
-         return WPTERR_GENERAL;
-     }
-     strcpy (key, tmpkey);
-     free_if_alloc (tmpkey);
-     return 0;
- }
  /* Interface to send a public key. */
  int
- kserver_sendkey (const char *hostname, WORD port, const char *pubkey, int len )
+ kserver_sendkey (const char *hostname, WORD port,
+                  const char *pubkey, size_t len)
  {
      char *request = NULL;
      char log[2048] = {0};
      int conn_fd, n;
      int rc;
-     hkp_err = 0; /* reset */
+     hkp_has_err = 0; /* reset */
      rc = kserver_connect (hostname, port, &conn_fd);
      if (rc)
          goto leave;
      request = kserver_send_request (hostname, port, pubkey, len);
-     if (request == NULL) {
-         rc = WPTERR_GENERAL;
-         goto leave;
-     }
      rc = sock_write (conn_fd, request, strlen (request));
      if (rc == SOCKET_ERROR) {
          rc = WPTERR_WINSOCK_SENDKEY;
          goto leave;
      }
-     rc = sock_read (conn_fd, log, sizeof (log)-1, &n);
+     rc = sock_read (conn_fd, log, DIM (log)-1, &n);
      if (rc == SOCKET_ERROR) {
          rc = WPTERR_WINSOCK_SENDKEY;
          goto leave;
-Line 951 
 kserver_sendkey (const char *hostname, W
+Line 961 
 kserver_sendkey (const char *hostname, W
          goto leave;
      WSASetLastError (0);
  leave:
      closesocket (conn_fd);
      free_if_alloc (request);
-Line 967 
 kserver_search_chkresp (int fd)
+Line 977 
 kserver_search_chkresp (int fd)
      int n=0;
      /* parse response 'HTTP/1.0 500 OK' */
-     if (sock_getline (fd, buf, 127, &n))
+     if (sock_getline (fd, buf, DIM (buf)-1, &n))
          return WPTERR_KEYSERVER_NOTFOUND;
      log_debug ("kserver_search_chkpresp: %s\r\n", buf);
-Line 988 
 kserver_search_end (int conn_fd)
+Line 998 
 kserver_search_end (int conn_fd)
  }
- /* Begin keyserver search procedure. */
+ /* Extract the amount of keys from the info record. */
+ static size_t
+ count_keys_in_response (char *buf)
+ {
+     char *p;
+     int recno = 0;
+     size_t n = 0;
+     /* info:1:4 */
+     if (strncmp (buf, "info", 4))
+         return 0;
+     p = strtok (buf, ":");
+     while (p != NULL) {
+         recno++;
+         if (recno == 3)
+             n = atoi (p);
+         p = strtok (NULL, ":");
+     }
+     return n;
+ }
+ /* Start the keyserver search.
+    Connect to host @hostname and port @port.
+    The pattern are given in @pattern.
+    The socket is returned in @conn_fd and @nkeys contains
+    the amount of keys which were found. */
  int
  kserver_search_begin (const char *hostname, WORD port,
-                       const char *pattern, int *conn_fd)
+                       const char *pattern, int *conn_fd, size_t *nkeys)
  {
-     char *request = NULL;
+     StringBuffer req;
+     const char *reqbuf;
      char *enc_patt = NULL;
-     int n;
+     char status[128];
      int rc, sock_fd;
+     int nread;
+     *conn_fd = 0;
      rc = kserver_connect (hostname, port, &sock_fd);
-     if (rc) {
+     if (rc)
-         *conn_fd = 0;
          goto leave;
-     }
      enc_patt = URL_encode (pattern, strlen (pattern), NULL);
-     n = 140 + strlen (enc_patt) + strlen (hostname) + 32 + 2;
-     if (proxy.base64_user)
-         n += strlen (proxy.base64_user) + 1;
-     request = new char[n+1];
-     if (!request)
-         BUG (0);
      if (proxy.host && proxy.user && proxy.proto == PROXY_PROTO_HTTP) {
-         _snprintf (request, n,
+         req = req + "GET http://" + skip_type_prefix (hostname) + ":" + port +
-             "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n"
+             "/pks/lookup?options=mr&op=index&search=" + enc_patt +
-             "Proxy-Authorization: Basic %s\r\n\r\n",
+             " HTTP/1.0\r\n" +
-             skip_type_prefix (hostname), port, enc_patt, proxy.base64_user);
+             "Host: " + skip_type_prefix (hostname)  + ":" + port+ "\r\n"+
+             "Connection: close\r\n" +
+             "Proxy-Authorization: Basic " + proxy.base64_user + "\r\n\r\n";
      }
      else if (proxy.host && proxy.proto == PROXY_PROTO_HTTP) {
-         _snprintf (request, n,
+         req = req + "GET http://" + skip_type_prefix (hostname) + ":" + port +
-             "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n",
+             "/pks/lookup?options=mr&op=index&search=" + enc_patt +
-             skip_type_prefix (hostname), port, enc_patt);
+             " HTTP/1.0\r\n"+
+             "Host: " + skip_type_prefix (hostname)  + ":" + port+ "\r\n"+
+             "Connection: close\r\n"+
+             "\r\n";
      }
      else {
-         _snprintf (request, n,
+         req = req + "GET /pks/lookup?options=mr&op=index&search=" +
-                    "GET /pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n",
+          enc_patt + " HTTP/1.0\r\n" +
-                    enc_patt);
+          "Host: " + skip_type_prefix (hostname)  + ":" + port+ "\r\n"+
+          "Connection: close\r\n"+
+          "\r\n";
      }
-     log_debug ("kserver_search_begin:\r\n%s\r\n", request);
+     log_debug ("kserver_search_begin:\r\n%s\r\n", req.getBuffer ());
+     reqbuf = req.getBuffer ();
-     if (sock_write (sock_fd, request, strlen (request)) == SOCKET_ERROR) {
+     if (sock_write (sock_fd, reqbuf, strlen (reqbuf)) == SOCKET_ERROR) {
          rc = WPTERR_GENERAL;
          goto leave;
      }
-Line 1040 
 kserver_search_begin (const char *hostna
+Line 1079 
 kserver_search_begin (const char *hostna
      if (rc) {
          closesocket (sock_fd);
          sock_fd = 0;
+         goto leave;
+     }
+     /* Skip all lines until we reach the "info:" record. */
+     for (;;) {
+         if (sock_getline (sock_fd, status, DIM (status)-1, &nread)) {
+             log_debug ("kserver_search_begin: retrieving status line failed.\r\n");
+             closesocket (sock_fd);
+             sock_fd = 0;
+             rc = WPTERR_GENERAL;
+             break;
+         }
+         if (!strncmp (status, "info:", 5))
+             break;
      }
+     if (!rc)
+         *nkeys = count_keys_in_response (status);
      *conn_fd = sock_fd;
  leave:
-     free_if_alloc (request);
      free_if_alloc (enc_patt);
      return rc;
  }
+ /* Parse a single pub record returned by the keyserver. */
+ static void
- /* Convert an iso date @iso_date (YYYY-MM-DD) into the locale
+ parse_pub_record (keyserver_key_s *key, char *buf)
-    representation and store it into @loc_date.
-    Return value: 0 on success. */
- static int
- parse_iso_date (const char *iso_date, char *loc_date, size_t loclen)
  {
-     SYSTEMTIME st;
+     enum pub_rec_t {ID=1, KEYID, ALGO, SIZE, CREATE, EXPIRE};
-     char buf[16] = {0}, *p;
+     char *p;
-     int pos=0;
+     int recno = 0;
+     int off = 0;
-     strncpy (buf, iso_date, sizeof (buf)-1);
+     /* pub:{BF3DF9B4, ED4681C9BF3DF9B4, FPR}:17:1024:925411133:: */
-     p = strtok (buf, "-");
+     p = strtok (buf, ":");
      while (p != NULL) {
-         switch (pos) {
+         recno++;
-         case 0: st.wYear  = (WORD)atoi (p); pos++; break;
+         switch (recno) {
-         case 1: st.wMonth = (WORD)atoi (p); pos++; break;
+         case ID:
-         case 2: st.wDay   = (WORD)atoi (p); pos++; break;
+             break;
-         default: break;
+         case KEYID:
+             /* If for any reason the returned record actually contains
+                a fingerprint instead of a key ID, we truncate the fpr. */
+             off = strlen (p) == 40? 32 : 0;
+             free_if_alloc (key->keyid);
+             key->keyid = m_strdup (p+off);
+             break;
+         case ALGO:
+             key->algo = atoi (p);
+             break;
+         case SIZE:
+             key->bits = atoi (p);
+             break;
+         case CREATE:
+             key->creation = strtoul (p, NULL, 10);
+             break;
+         case EXPIRE:
+             key->expires = strtoul (p, NULL, 10);
+             break;
          }
-         p = strtok (NULL, "-");
+         p = strtok (NULL, ":");
      }
-     if (pos != 3)
-         return -1;
-     if (!GetDateFormat (LOCALE_USER_DEFAULT, DATE_SHORTDATE, &st,
-                         NULL, loc_date, loclen))
-         return -1;
-     return 0;
  }
- int
+ /* Parse a single user id returned by the keyserver. */
- kserver_search_next (int fd, keyserver_key *key)
+ static void
+ parse_uid_record (keyserver_key_s *key, char *buf)
  {
-     char buf[1024], *p;
+     enum uid_rec_t {ID=1, UID, CREATE, EXPIRE};
-     int uidlen, nbytes, pos = 0;
+     keyserver_uid_s *u, *n;
+     char *p, *raw;
+     int recno = 0;
+     /* uid:Timo Schulz <[email protected]>:1138440360:: */
+     u = new keyserver_uid_s;
+     memset (u, 0, sizeof *u);
-     log_debug ("keyserver_search_next:\r\n");
+     p = strtok (buf, ":");
+     while (p != NULL) {
-     if (sock_getline (fd, buf, sizeof (buf) - 1, &nbytes))
+         recno++;
-         return WPTERR_GENERAL;
-     /* XXX: use maschine readable option. */
+         switch (recno) {
-     log_debug ("%s\r\n", buf);
+         case ID:
+             break;
-     if (!strncmp (buf, "pub", 3)) {
-         int revoked = strstr (buf, "KEY REVOKED") != NULL? 1 : 0;
-         key->bits = atol (buf+3);
-         p = strchr (buf, '>');
-         if (!p)
-             goto fail;
-         pos = p - buf + 1;
-         memcpy (key->keyid, buf + pos, 8);
-         key->keyid[8] = '\0';
-         p = strstr (buf, "</a>");
-         if (!p)
-             goto fail;
-         pos = p - buf + 5;
-         memcpy (key->date, buf + pos, 10);
-         key->date[10] = '\0';
-         parse_iso_date (key->date, key->date, sizeof (key->date)-1);
-         if (revoked) {
-             strcpy (key->uid, "KEY REVOKED: not checked");
-             return 0;
-         }
-         pos += 10;
-         p = buf + pos + 1;
-         while (p && *p != '>')
-             p++;
-         p++;
-         uidlen = strlen (p) - 10;
-         if (!strstr (p, "&lt;") && !strstr (p, "&gt;")) {
-             pos=0;
-             while (p && *p && pos < sizeof (key->uid)-1) {
-                 if (*p == '<')
-                     break;
-                 key->uid[pos++] = *p++;
-             }
-             key->uid[pos] ='\0';
-             return 0;
-         }
-         if (uidlen > sizeof (key->uid)-1)
+         case UID:
-             uidlen = sizeof (key->uid)-1;
+             unhexify_buffer (p, &raw);
-         memcpy (key->uid, p, uidlen);
+             u->uid = utf8_to_native (raw);
-         key->uid[uidlen] = '\0';
+             free_if_alloc (raw);
-         strcat (key->uid, ">");
+             break;
-         p = strchr (key->uid, '&');
-         if (p) {
-             key->uid[(p-key->uid)] = '<';
-             memmove (key->uid+(p-key->uid)+1, key->uid+(p-key->uid)+4,
-                      strlen (key->uid)-3);
-         }
-         return 0;
-     }
- fail:
+         case CREATE:
-     key->bits = 0;
+             u->creation = strtoul (p, NULL, 10);
-     memset (key, 0, sizeof *key);
+             break;
-     return 0;
- }
+         case EXPIRE:
+             u->expires = strtoul (p, NULL, 10);
+             break;
+         }
- /* Release mbmers in the proxy context @ctx. */
+         p = strtok (NULL, ":");
- void
+     }
- kserver_proxy_release (keyserver_proxy_t ctx)
+     if (!key->uids)
- {
+         key->uids = u;
-     free_if_alloc (ctx->host);
+     else {
-     free_if_alloc (ctx->pass);
+         for (n = key->uids; n->next; n=n->next)
-     free_if_alloc (ctx->user);
+             ;
-     ctx->port = ctx->proto = 0;
+         n->next = u;
+     }
  }
- /* Spawn a process given by @cmdl. */
+ /* Peek the next 3 bytes to check if the next line
+    would be a new "pub" record. In this case, return
+    -1 as an EOF indication, 0 otherwise. */
  static int
- spawn_application (char *cmdl)
+ is_key_eof (int fd)
  {
-     STARTUPINFO si;
+     char buf[64];
-     PROCESS_INFORMATION pi;
+     int n;
-     int rc = 0;
+     n = recv (fd, buf, 3, MSG_PEEK);
-     memset (&si, 0, sizeof (si));
+     if (n < 3 || strncmp (buf, "pub", 3))
-     si.cb = sizeof (si);
+         return 0;
-     si.dwFlags = STARTF_USESHOWWINDOW;
+     return -1;
-     si.wShowWindow = SW_HIDE;
-     memset (&pi, 0, sizeof (pi));
-     if (!CreateProcess (NULL, cmdl, NULL, NULL, FALSE, 0,
-                         NULL, NULL, &si, &pi)) {
-         log_box ("Keyserver Plugin", MB_ERR, "Could not spawn helper process");
-         rc = -1;
-     }
-     CloseHandle (pi.hThread);
-     WaitForSingleObject (pi.hProcess, INFINITE);
-     CloseHandle (pi.hProcess);
-     return rc;
  }
- /* Receive an key via LDAP from host @host with the keyid @keyid.
+ /* Return the next key from the search response. */
-    @key contains the key on success. */
  int
- ldap_recvkey (const char *host, const char *keyid, char *key, int maxkeylen)
+ kserver_search_next (int fd, keyserver_key_s **r_key)
  {
-     FILE *fp;
+     keyserver_uid_s *uid, *u = NULL;
-     const char *s;
+     keyserver_key_s *key;
-     char *ksprg = NULL, *p = NULL, *sep;
+     char buf[512];
-     char inf[256], outf[256], buf[512];
+     int n = 0;
-     DWORD n;
+     long max = 0;
-     int start_key = 0, failed = 0;
-     int rc = 0;
-     p = get_gnupg_prog ();
-     n = strlen (p) + 1 + 128;
-     ksprg = new char[n+1];
-     if (!ksprg)
-         BUG (0);
-     sep = strrchr (p, '\\');
-     if (sep != NULL)
-         p[(sep-p)] = 0;
-     _snprintf (ksprg, n, "%s\\gpgkeys_ldap.exe", p);
-     free_if_alloc (p);
-     if (file_exist_check (ksprg)) {
-         log_box ("LDAP Keyserver Plugin", MB_ERR,
-                  "%s: could not find LDAP keyserver module!", ksprg);
-         rc = -1;
-         goto leave;
-     }
-     get_temp_name (outf, sizeof (outf)-1, keyid);
-     get_temp_name (inf, sizeof (inf)-1, NULL);
-     fp = fopen (inf, "w+b");
-     if (!fp) {
-         log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", inf,
-                  winpt_strerror (WPTERR_FILE_OPEN));
-         rc = -1;
-         goto leave;
-     }
-     fprintf (fp,
-         "VERSION 1\n"
-         "PROGRAM 1.4.3-cvs\n"
-         "SCHEME ldap\n"
-         "HOST %s\n"
-         "COMMAND GET\n"
-         "\n"
-         "%s\n",
-         host? skip_type_prefix (host): "64.94.85.200", keyid);
-     fclose (fp);
-     p = new char[strlen (ksprg) + strlen (inf) + strlen (outf) + 32];
+     log_debug ("keyserver_search_next:\r\n");
-     if (!p)
+     *r_key = NULL;
-         BUG (NULL);
-     sprintf (p, "%s -o %s %s", ksprg, outf, inf);
-     if (spawn_application (p)) {
-         rc = -1;
-         goto leave;
-     }
-     fp = fopen (outf, "rb");
+     key = new keyserver_key_s;
-     if (!fp) {
+     memset (key, 0, sizeof *key);
-         log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", outf,
+     for (;;) {
-                  winpt_strerror (WPTERR_FILE_OPEN));
+         if (sock_getline (fd, buf, DIM (buf)-1, &n))
-         rc = -1;
-         goto leave;
-     }
-     memset (key, 0, maxkeylen);
-     while (!feof (fp)) {
-         s = fgets (buf, sizeof (buf)-1, fp);
-         if (!s)
              break;
-         if (strstr (s, "KEY") && strstr (s, "FAILED")) {
+         /*log_debug ("record: '%s'\r\n", buf); */
-             failed = 1;
+         if (!strncmp (buf, "pub", 3))
+             parse_pub_record (key, buf);
+         else
+             parse_uid_record (key, buf);
+         if (is_key_eof (fd))
              break;
+     }
+     /* the uid with the newest self sig is used as the
+        primary user id. */
+     for (uid = key->uids; uid; uid = uid->next) {
+         if (uid->creation > max) {
+             max = uid->creation;
+             u = uid;
          }
-         if (!start_key && strstr (s, "KEY") && strstr (s, "BEGIN")) {
-             start_key = 1;
-             continue;
-         }
-         if (!start_key)
-             continue;
-         strcat (key, buf);
-         maxkeylen -= strlen (buf);
-         if (maxkeylen < 0 || (strstr (s, "KEY") && strstr (s, "END")))
-             break;
      }
-     fclose (fp);
- leave:
+     key->main_uid = u? u : key->uids;
-     if (failed || !strlen (key))
+     *r_key = key;
-         rc = WPTERR_WINSOCK_RECVKEY;
+     return 0;
-     DeleteFile (inf);
-     DeleteFile (outf);
-     free_if_alloc (p);
-     free_if_alloc (ksprg);
-     return rc;
  }
- /* Receive an key via FINGER from host @host with the user @user.
+ /* Release the keyserver key @key and all its elements. */
-    On success @key contains the key. */
+ void
- int
+ kserver_release_key (keyserver_key_s *key)
- finger_recvkey (const char *host, const char *user, char *key, int maxkeylen)
  {
-     char buf[128];
+     keyserver_uid_s *u;
-     int fd, nread;
-     int start_key = 0;
-     int rc=0;
-     rc = kserver_connect (host, FINGER_PORT, &fd);
+     while (key->uids) {
-     if (rc)
+         u = key->uids->next;
-         return rc;
+         free_if_alloc (key->uids->uid);
+         free_if_alloc (key->uids);
+         key->uids = u;
+     }
+     free_if_alloc (key->keyid);
+     free_if_alloc (key);
+ }
-     sock_write (fd, user, strlen (user));
-     sock_write (fd, "\r\n", 2);
-     memset (key, 0, maxkeylen);
+ /* Release mbmers in the proxy context @ctx. */
-     while (maxkeylen > 0) {
+ void
-         if (sock_getline (fd, buf, sizeof (buf), &nread))
+ kserver_proxy_release (keyserver_proxy_t ctx)
-             break;
+ {
-         strcat (buf, "\n");
+     free_if_alloc (ctx->host);
-         if (strstr (buf, "BEGIN PGP PUBLIC KEY BLOCK")) {
+     free_if_alloc (ctx->pass);
-             strcat (key, buf);
+     free_if_alloc (ctx->user);
-             start_key = 1;
+     ctx->port = ctx->proto = 0;
-             maxkeylen -= nread;
-         }
-         else if (strstr (buf, "END PGP PUBLIC KEY BLOCK" ) && start_key) {
-             strcat (key, buf);
-             start_key--;
-             maxkeylen -= nread;
-             break;
-         }
-         else if (start_key) {
-             strcat (key, buf);
-             maxkeylen -= nread;
-         }
-     }
-     closesocket (fd);
-     if (start_key != 0)
-         rc = WPTERR_WINSOCK_RECVKEY;
-     return rc;
  }
- /* Check if the given name @name is a valid hostname. */
+ /* Check if the given name @name is a valid inernet address
+    which means an dotted IP or a valid DNS name.
+    Return value: 0 on success. */
  int
- check_IP_or_hostname (const char *name)
+ check_inet_address (const char *addr)
  {
      const char *not_allowed = "=!�$%&@#*~\\/}][{<>|,;:'";
-     size_t i, j;
-     for (i=0; i < strlen (name); i++) {
+     for (size_t i=0; i < strlen (addr); i++) {
-         for (j =0; j < strlen (not_allowed); j++) {
+         if (strchr (not_allowed, addr[i]))
-             if (name[i] == not_allowed[j])
+             return -1;
-                 return -1;
+     }
-         }
+     return 0;
+ }
+ /* Split the URL @r_keyserver into the host and the port
+    part if possible. */
+ gpgme_error_t
+ parse_keyserver_url (char **r_keyserver, unsigned short *r_port)
+ {
+     char *p;
+     char *url = *r_keyserver;
+     int off;
+     /* no port is given so use the default port. */
+     p = strrchr (url, ':');
+     if (p == strchr (url, ':')) {
+         *r_port = HKP_PORT;
+         return 0;
      }
+     if (url[(p-url)-1] == '/') /* remove / in .de/:11371 */
+         off = 1;
+     else
+         off = 0;
+     *r_keyserver = substr (url, 0, (p-url)-off);
+     *r_port = atoi (url+(p-url)+1);
+     free_if_alloc (url);
      return 0;
  }

 Legend:



Removed from v.197
 


changed lines


 
Added in v.328
 Legend:



Removed from v.197
 


changed lines


 
Added in v.328
-Removed from v.197
+Added in v.328

[email protected]	ViewVC Help
Powered by ViewVC 1.1.26