/[winpt]/trunk/Src/wptKeyserver.cpp

Diff of /trunk/Src/wptKeyserver.cpp

Parent Directory | Revision Log | View Patch Patch

-revision 5 by twoaday,
Mon Mar  7 13:21:36 2005 UTC
+revision 32 by twoaday,
Mon Oct 24 08:03:48 2005 UTC
 Line 93 
 base64_encode( const char *inputstr, cha
  } /* base64_encode */
+ /* Skip the URL schema and return only the host part of it. */
  static const char *
  skip_type_prefix (const char * hostname)
  {
-Line 108 
 skip_type_prefix (const char * hostname)
+Line 109 
 skip_type_prefix (const char * hostname)
  }
+ /* Check that the keyserver response indicates an OK.
+    Return 0 on success. */
  static int
  check_hkp_response (const char *resp, int recv)
  {
-Line 131 
 check_hkp_response (const char *resp, in
+Line 134 
 check_hkp_response (const char *resp, in
          return ec;
      }
      return 0;
- } /* check_hkp_response */
+ }
+ /* Read a single line (\r\n) from a socket.
+    Return 0 on success. */
  static int
  sock_getline (int fd, char *buf, int buflen, int *nbytes)
  {
-Line 155 
 sock_getline (int fd, char *buf, int buf
+Line 160 
 sock_getline (int fd, char *buf, int buf
      }
      return -1;
- } /* sock_getline */
+ }
+ /* Perform a select() on the given fd to find out
+    is there is data for reading. Wait at least @nsecs seconds. */
  static int
- sock_select (int fd)
+ sock_select (int fd, int nsecs)
  {
      FD_SET rfd;
-     timeval tv = {1, 0};
+     timeval tv = {nsecs, 0};
      FD_ZERO (&rfd);
      FD_SET (fd, &rfd);
-Line 171 
 sock_select (int fd)
+Line 178 
 sock_select (int fd)
      if (FD_ISSET (fd, &rfd))
          return 1;
      return 0;
- } /* sock_select */
+ }
+ /* Read from a socket with a fixed timeout of 10 seconds.
+    Return value: 0 on success. */
  static int
- sock_read( int fd, char *buf, int buflen, int *nbytes )
+ sock_read (int fd, char *buf, int buflen, int *nbytes)
  {
      DWORD nread;
      int nleft = buflen;
-Line 184 
 sock_read( int fd, char *buf, int buflen
+Line 193 
 sock_read( int fd, char *buf, int buflen
      while (nleft > 0) {
          if (n >= 10)
              return WPTERR_WINSOCK_TIMEOUT;
-         if ( (rc = sock_select( fd )) == SOCKET_ERROR )
+         rc = sock_select (fd, 1);
+         if (rc == SOCKET_ERROR)
              return SOCKET_ERROR;
          else if( !rc )
              n++;
          else {
-             nread = recv(fd, buf, nleft, 0);
+             nread = recv (fd, buf, nleft, 0);
              if (nread == SOCKET_ERROR)
                  return SOCKET_ERROR;
              else if (!nread)
-Line 202 
 sock_read( int fd, char *buf, int buflen
+Line 212 
 sock_read( int fd, char *buf, int buflen
          *nbytes = buflen - nleft;
      return 0;
- } /* sock_read */
+ }
+ /* Write @buf to a socket @fd. */
  static int
- sock_write( int fd, const char *buf, int buflen )
+ sock_write (int fd, const char *buf, int buflen)
  {
      DWORD nwritten;
      int nleft = buflen;
-Line 220 
 sock_write( int fd, const char *buf, int
+Line 231 
 sock_write( int fd, const char *buf, int
      }
      return 0;
- } /* sock_write */
+ }
  void
-Line 236 
 set_default_kserver (void)
+Line 247 
 set_default_kserver (void)
      }
      else
          default_keyserver_port = HKP_PORT;
- } /* set_default_kserver */
+ }
- /*
+ /* Initialize the Winsock2 interface.*/
-  * Initialize the Winsock2 interface.
-  */
  int
  wsock_init (void)
  {
-Line 251 
 wsock_init (void)
+Line 260 
 wsock_init (void)
          return WPTERR_WINSOCK_INIT;
      set_default_kserver ();
      return 0;
- } /* wsock_init */
+ }
- /*
+ /* Cleanup the Winsock2 interface. */
-  * Should be called after the keyserver access.
-  */
  void
  wsock_end (void)
  {
-Line 269 
 wsock_end (void)
+Line 276 
 wsock_end (void)
              free_if_alloc (server[i].name);
      }
      WSACleanup ();
- } /* wsock_end */
+ }
+ /* Return a string representation of a winsock error. */
  const char*
- wsock_strerror( void )
+ wsock_strerror (void)
  {
      static char buf[384];
-     int ec = WSAGetLastError( );
+     int ec = WSAGetLastError ();
-     switch ( ec ) {
+     switch (ec) {
-     case WSAENETDOWN: return _("The network subsystem has failed");
+     case WSAENETDOWN:
-     case WSAHOST_NOT_FOUND: return _("Authoritative Answer Host not found");
+         return _("The network subsystem has failed");
-     case WSAETIMEDOUT: return _("The connection has been dropped because of a network failure");
+     case WSAHOST_NOT_FOUND:
-     default: _snprintf( buf, sizeof (buf) -1, _("Unknown Winsock error ec=%d"),ec); return buf;
+         return _("Authoritative Answer Host not found");
+     case WSAETIMEDOUT:
+         return _("The connection has been dropped because of a network failure");
+     default:
+         _snprintf (buf, sizeof (buf) -1, _("Unknown Winsock error ec=%d"),ec);
+         return buf;
      }
      return NULL;
- } /* wsock_strerror */
+ }
+ /* Return the last keyserver error as a string. */
  const char*
- kserver_strerror( void )
+ kserver_strerror (void)
  {
-     if( hkp_err )
+     if (hkp_err)
          return hkp_errmsg;
      return NULL;
- } /* kserver_strerror */
+ }
- const char *
+ /* Read a keyserver from the list at index @idx.
+    Return value: keyserver name at the given position. */
+ const char*
  kserver_get_hostname (int idx, int type, u16 *port)
  {
      if (type == -1) {
-Line 312 
 kserver_get_hostname (int idx, int type,
+Line 328 
 kserver_get_hostname (int idx, int type,
  }
+ /* Check if the computer is connected to the internet.
+    Return 0 on success -1 otherwise. */
  int
  kserver_check_inet_connection (void)
  {
-Line 351 
 static void
+Line 369 
 static void
  kserver_update_proxyuser (const char *proxy_user, const char *proxy_pass)
  {
      char t[257]; /* user:pass = 127+1+127+1 = 257 */
+     int n = 0;
+     n = 4*strlen (proxy_user) / 3 + 32 + strlen (proxy_pass) + 2;
      free_if_alloc (proxy.base64_user);
-     proxy.base64_user = new char[4*strlen( proxy_user ) / 3 + 32];
+     proxy.base64_user = new char[n];
-     if( !proxy.base64_user )
+     if (!proxy.base64_user)
          BUG (0);
      _snprintf (t, sizeof (t)-1, "%s:%s", proxy_user, proxy_pass);
      base64_encode (t, proxy.base64_user, 257);
-Line 365 
 kserver_update_proxyuser (const char *pr
+Line 385 
 kserver_update_proxyuser (const char *pr
  } /* kserver_update_proxyuser */
+ /* Check that the given buffer contains a valid keyserver URL. */
  static int
  check_URL (const char * buf)
  {
      if (strlen (buf) < 7)
          return -1;
-     if( !strstr (buf, "ldap://")
+     if (!strstr (buf, "ldap://")
          && !strstr (buf, "http://")
          && !strstr (buf, "finger://")
          && !strstr (buf, "hkp://"))
          return -1;
      return 0;
- } /* check_URL */
+ }
+ /* Get the port number from the given protocol. */
+ static int
+ port_from_proto (int proto)
+ {
+     switch (proto) {
+     case KSPROTO_LDAP: return 0;
+     case KSPROTO_FINGER: return FINGER_PORT;
+     case KSPROTO_HTTP: return HKP_PORT;
+     }
+     return 0;
+ }
+ /* Get the port number from the given URL. */
  static int
  proto_from_URL (const char * buf)
  {
-Line 386 
 proto_from_URL (const char * buf)
+Line 421 
 proto_from_URL (const char * buf)
          return KSPROTO_LDAP;
      else if (strstr( buf, "finger"))
          return KSPROTO_FINGER;
-     return KSPROTO_HTTP;
+     return KSPROTO_HKP;
- } /* proto_from_URL */
+ }
  void
-Line 400 
 keyserver_set_default (const char * host
+Line 435 
 keyserver_set_default (const char * host
              BUG (0);
          default_keyserver_port = port;
      }
-     server[0].name =  default_keyserver;
+     server[0].name =  m_strdup (default_keyserver);
      server[0].used = 1;
      server[0].port = port;
      server[0].proto = proto_from_URL (default_keyserver);
-Line 434 
 kserver_load_conf (const char * conf)
+Line 469 
 kserver_load_conf (const char * conf)
      char buf[1024], * s, * p;
      char *user = NULL, *pass = NULL;
      int pos, proxy_auth = 0;
-     int no_config=0;
+     int no_config=0, chk_pos=0;
      for (pos = 0; pos < MAX_KEYSERVERS; pos++) {
          server[pos].used = 0;
-Line 443 
 kserver_load_conf (const char * conf)
+Line 478 
 kserver_load_conf (const char * conf)
      fp = fopen (conf, "rb");
      if (!fp) {
-         for( pos = 0; server_list[pos]; pos++ ) {
+         for (pos = 0; server_list[pos]; pos++) {
              server[pos].used = 1;
-             server[pos].name = (char *)server_list[pos];
+             server[pos].name = m_strdup (server_list[pos]);
-             server[pos].proto = proto_from_URL( server_list[pos] );
+             server[pos].proto = proto_from_URL (server_list[pos]);
          }
          no_config=1;
      }
-     get_reg_proxy_prefs( &proxy.host, &proxy.port, &user, &pass );
+     get_reg_proxy_prefs (&proxy.host, &proxy.port, &user, &pass);
-     if( user && pass )
+     if (user && pass)
-         kserver_update_proxyuser( user, pass );
+         kserver_update_proxyuser (user, pass);
-     else if( user && !pass || !user && pass ) {
+     else if (user && !pass || !user && pass) {
          msg_box( NULL, _("Invalid proxy configuration."
                           "You need to set a user and a password"
                           "to use proxy authentication!"), _("Proxy Error"), MB_ERR );
-Line 488 
 kserver_load_conf (const char * conf)
+Line 523 
 kserver_load_conf (const char * conf)
                               _("Keyserver Error"), MB_ERR);
              continue;
          }
-         p = strchr (s+6, ':');
+         chk_pos=6;
+         if (strstr (s, "finger"))
+             chk_pos = 10;
+         p = strchr (s+chk_pos, ':');
          server[pos].used = 1;
          server[pos].proto = proto_from_URL (s);
+         server[pos].port = port_from_proto (server[pos].proto);
          if (!p)
              server[pos].name = m_strdup (s);
          else {
-Line 529 
 kserver_load_conf (const char * conf)
+Line 568 
 kserver_load_conf (const char * conf)
  const char *
  kserver_get_proxy (int * r_port)
  {
-     if (proxy.host)
+     if (proxy.host) {
-     {
          if (r_port)
              *r_port = proxy.port;
          return proxy.host;
-Line 540 
 kserver_get_proxy (int * r_port)
+Line 578 
 kserver_get_proxy (int * r_port)
  const char *
- kserver_get_proxy_info( int id )
+ kserver_get_proxy_info (int id)
  {
-     switch( id ) {
+     switch (id) {
      case PROXY_USER: return proxy.user;
      case PROXY_PASS: return proxy.pass;
      }
-Line 550 
 kserver_get_proxy_info( int id )
+Line 588 
 kserver_get_proxy_info( int id )
  } /* kserver_get_proxy_info */
- /*
+ /* Connect to the keyserver @hostname. */
-  * Connect to the keyserver 'hostname'.
-  * We always use the HKP port.
-  */
  int
  kserver_connect (const char *hostname, u16 port, int *conn_fd)
  {
-Line 563 
 kserver_connect (const char *hostname, u
+Line 598 
 kserver_connect (const char *hostname, u
      struct hostent *hp;
      struct sockaddr_in sock;
-     if (debug)
+     log_debug ("kserver_connect: %s:%d\r\n", hostname, port);
-         log_f ("kserver_connect: %s:%d\r\n", hostname, port);
      if (!port)
          port = HKP_PORT;
      if (conn_fd)
-Line 582 
 kserver_connect (const char *hostname, u
+Line 617 
 kserver_connect (const char *hostname, u
      if ((iaddr = inet_addr (host)) != INADDR_NONE)
          memcpy (&sock.sin_addr, &iaddr, sizeof (iaddr));
      else if ((hp = gethostbyname (host))) {
-         if (hp->h_addrtype != AF_INET)
+         if (hp->h_addrtype != AF_INET || hp->h_length != 4) {
-             return WPTERR_WINSOCK_RESOLVE;
+             log_debug ("gethostbyname: unknown address type.\r\n");
-         else if (hp->h_length != 4)
              return WPTERR_WINSOCK_RESOLVE;
+         }
          memcpy (&sock.sin_addr, hp->h_addr, hp->h_length);
      }
      else {
-         if (debug)
+         log_debug ("gethostbyname: failed.\r\n");
-             log_f ("gethostbyname: failed.\r\n");
          return WPTERR_WINSOCK_RESOLVE;
      }
      fd = socket (AF_INET, SOCK_STREAM, 0);
-Line 598 
 kserver_connect (const char *hostname, u
+Line 632 
 kserver_connect (const char *hostname, u
          return WPTERR_WINSOCK_SOCKET;
      rc = connect (fd, (struct sockaddr *) &sock, sizeof (sock));
      if (rc == SOCKET_ERROR) {
-         if (debug)
+         log_debug ("connect: failed.\r\n");
-             log_f ("connect: failed.\r\n");
+         closesocket (fd);
-         closesocket(fd);
          return WPTERR_WINSOCK_CONNECT;
      }
      if (conn_fd)
          *conn_fd = fd;
-     WSASetLastError(0);
+     WSASetLastError (0);
      return 0;
  } /* kserver_connect */
+ /* Perform URL-encoding on the given pubkey blob. */
  static char*
- kserver_urlencode (const char *pubkey, int octets, int *newlen)
+ kserver_urlencode (const char *pubkey, size_t octets, size_t *newlen)
  {
      char *p, numbuf[5];
      size_t j = 0;
-     int i, size;
+     size_t i, size;
      p = new char [2*octets];
      if (!p)
          BUG (0);
-     for (size=0, i=0; i<octets; i++) {
+     for (size=0, i=0; i < octets; i++) {
          if (isalnum (pubkey[i]) || pubkey[i] == '-') {
              p[size] = pubkey[i];
              size++;
-Line 642 
 kserver_urlencode (const char *pubkey, i
+Line 676 
 kserver_urlencode (const char *pubkey, i
      p[size] = '\0';
      *newlen = size;
      return p;
- } /* kserver_urlencode */
+ }
- /*
+ /* Format a request for the given keyid (send). */
-  * Format a request for the given keyid (send).
-  */
  static char*
  kserver_send_request (const char *hostname, u16 port, const char *pubkey, int octets)
  {
      char *request = NULL, *enc_pubkey = NULL;
-     int reqlen, enc_octets;
+     int reqlen;
+     size_t enc_octets;
-     if (debug)
-         log_f ("kserver_send_request: %s:%d\n", hostname, port);
+     log_debug ("kserver_send_request: %s:%d\n", hostname, port);
      if (!port)
          port = HKP_PORT;
      reqlen = 512 + strlen (hostname) + 2*strlen (pubkey);
-Line 697 
 kserver_send_request (const char *hostna
+Line 730 
 kserver_send_request (const char *hostna
                     skip_type_prefix (hostname), port, enc_octets+9, enc_pubkey);
      }
      free_if_alloc (enc_pubkey);
-     if (debug)
-         log_f("%s\n", request);
+     log_debug ("%s\n", request);
      return request;
  } /* kserver_send_request */
- /*
+ /* Interface receiving a public key. */
-  * Interface receiving a public key.
-  */
  int
  kserver_recvkey (const char *hostname, u16 port, const char *keyid, char *key, int maxkeylen)
  {
-Line 738 
 kserver_recvkey (const char *hostname, u
+Line 769 
 kserver_recvkey (const char *hostname, u
      else {
          _snprintf (request, 300,
              "GET /pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n", keyid);
      }
-     if (debug)
-         log_f ("%s\n", request);
+     log_debug ("%s\r\n", request);
      rc = sock_write (conn_fd, request, strlen (request));
      if (rc == SOCKET_ERROR) {
-Line 753 
 kserver_recvkey (const char *hostname, u
+Line 784 
 kserver_recvkey (const char *hostname, u
          rc = WPTERR_WINSOCK_RECVKEY;
          goto leave;
      }
-     if( debug )
+     log_debug("%s\r\n", key);
-         log_f("%s\n", key);
+     rc = check_hkp_response (key, 1);
+     if (rc)
-     rc = check_hkp_response( key, 1 );
-     if( rc )
          goto leave;
-     WSASetLastError( 0 );
+     WSASetLastError (0);
  leave:
-     closesocket( conn_fd );
+     closesocket (conn_fd);
-     free_if_alloc( request );
+     free_if_alloc (request);
      return rc;
  } /* kserver_recvkey */
- /*
+ /* Interface to send a public key. */
-  * Interface to send a public key.
-  */
  int
  kserver_sendkey (const char *hostname, u16 port, const char *pubkey, int len )
  {
-Line 787 
 kserver_sendkey (const char *hostname, u
+Line 814 
 kserver_sendkey (const char *hostname, u
          goto leave;
      request = kserver_send_request (hostname, port, pubkey, len);
-     if( request == NULL ) {
+     if (request == NULL) {
          rc = WPTERR_GENERAL;
          goto leave;
      }
-Line 803 
 kserver_sendkey (const char *hostname, u
+Line 830 
 kserver_sendkey (const char *hostname, u
          rc = WPTERR_WINSOCK_SENDKEY;
          goto leave;
      }
-     if (debug)
-         log_f("%s\n", log);
+     log_debug ("kserver_sendkey:\r\n%s\r\n", log);
-     rc = check_hkp_response( log, 0 );
+     rc = check_hkp_response (log, 0);
      if( rc )
          goto leave;
-     WSASetLastError( 0 );
+     WSASetLastError (0);
  leave:
-     closesocket( conn_fd );
+     closesocket (conn_fd);
-     free_if_alloc( request );
+     free_if_alloc (request);
      return rc;
  } /* kserver_sendkey */
-Line 823 
 int
+Line 850 
 int
  kserver_search_init (const char * hostname, u16 port, const char * keyid, int * conn_fd)
  {
      int rc, sock_fd;
+     int n=0;
      char * request = NULL;
      rc = kserver_connect (hostname, port, &sock_fd);
-Line 831 
 kserver_search_init (const char * hostna
+Line 859 
 kserver_search_init (const char * hostna
          goto leave;
      }
-     request = new char[300+1];
+     n=300;
+     request = new char[n+1];
      if (!request)
          BUG (0);
      if (proxy.host && proxy.user) {
-         _snprintf (request, 300,
+         _snprintf (request, n,
              "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n"
              "Proxy-Authorization: Basic %s\r\n\r\n",
              skip_type_prefix (hostname), port, keyid, proxy.base64_user);
      }
      else if (proxy.host) {
-         _snprintf (request, 300,
+         _snprintf (request, n,
              "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n",
              skip_type_prefix (hostname), port, keyid);
      }
      else {
-         _snprintf (request, 300,
+         _snprintf (request, n,
                     "GET /pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n", keyid);
      }
-     if (debug)
+     log_debug ("kserver_search_init:\r\n%s\r\n", request);
-         log_f("%s\n", request);
      if (sock_write (sock_fd, request, strlen (request)) == SOCKET_ERROR) {
          rc = WPTERR_GENERAL;
-Line 872 
 kserver_search_chkresp (int fd)
+Line 900 
 kserver_search_chkresp (int fd)
  {
      char buf[128];
      int n=0;
      /* parse response 'HTTP/1.0 500 OK' */
      if (sock_getline (fd, buf, 127, &n))
          return WPTERR_KEYSERVER_NOTFOUND;
+     log_debug ("kserver_search_chkpresp: %s\r\n", buf);
      if (strncmp (buf, "HTTP/1.", 7))
          return WPTERR_KEYSERVER_NOTFOUND;
      if (strncmp (buf+(8+1), "200", 3))
-Line 889 
 kserver_search (int fd, keyserver_key *
+Line 919 
 kserver_search (int fd, keyserver_key *
  {
      char buf[1024], *p;
      int uidlen, nbytes, pos = 0;
-     if (debug)
+     log_debug ("keyserver_search:\n");
-         log_f ("keyserver_search:\n");
      if (sock_getline (fd, buf, sizeof (buf) - 1, &nbytes))
          return WPTERR_GENERAL;
-     if (debug)
+     log_debug ("%s\n", buf);
-         log_f ("%s\n", buf);
      if (!strncmp (buf, "pub", 3)) {
+         int revoked = strstr (buf, "KEY REVOKED") != NULL? 1 : 0;
          key->bits = atol (buf+3);
          p = strchr (buf, '>');
          if (!p)
-Line 913 
 kserver_search (int fd, keyserver_key *
+Line 942 
 kserver_search (int fd, keyserver_key *
          pos = p - buf + 5;
          memcpy (key->date, buf + pos, 10);
          key->date[10] = '\0';
+         if (revoked) {
+             strcpy (key->uid, "KEY REVOKED: not checked");
+             return 0;
+         }
          pos += 10;
          p = buf + pos + 1;
          while (p && *p != '>')
-Line 1235 
 finger_recvkey (const char * host, const
+Line 1268 
 finger_recvkey (const char * host, const
          rc = WPTERR_WINSOCK_RECVKEY;
      return rc;
  }
+ int
+ check_IP_or_hostname (const char *name)
+ {
+     const char *not_allowed = "=!�$%&@#*~\\/}][{<>|,;:'";
+     size_t i, j;
+     for (i=0; i < strlen (name); i++) {
+         for (j =0; j < strlen (not_allowed); j++) {
+             if (name[i] == not_allowed[j])
+                 return -1;
+         }
+     }
+     return 0;
+ }

 Legend:



Removed from v.5
 


changed lines


 
Added in v.32
 Legend:



Removed from v.5
 


changed lines


 
Added in v.32
-Removed from v.5
+Added in v.32

[email protected]	ViewVC Help
Powered by ViewVC 1.1.26