/[winpt]/trunk/Src/wptKeyserver.cpp
ViewVC logotype

Contents of /trunk/Src/wptKeyserver.cpp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 193 - (show annotations)
Sat Apr 1 12:36:35 2006 UTC (18 years, 11 months ago) by twoaday
File size: 32231 byte(s) 
2006-03-31  Timo Schulz  <ts@g10code.de>
 
        * wptCommonDlg.cpp (nls_load_langlist): New.
        (nsl_set_language): New.
        (nls_dlg_proc): New.
        (select_language): New. Allow user to select the language.
        * wptNLS.c (get_gettext_langid): Updated available languages.
        * WinPT.cpp (WinMain): Allow to select the languag on first
        start in non-installer environments.
        * wptVerifyList.cpp (verlist_build): Simplified.
        (verlist_add_sig_log): Likewise.
        * wptListview.cpp (listview_set_column_width,
        listview_get_selected_item): New.
        * wptKeyManager.cpp (gpg_clip_export): Merged into..
        (km_clip_export): ..this function.
1 /* wptKeyserver.cpp - W32 Keyserver Access
2 * Copyright (C) 2000-2005 Timo Schulz
3 * Copyright (C) 2001 Marco Cunha
4 *
5 * This file is part of WinPT.
6 *
7 * WinPT is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
11 *
12 * WinPT is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with WinPT; if not, write to the Free Software Foundation,
19 * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21
22 #ifdef HAVE_CONFIG_H
23 #include <config.h>
24 #endif
25
26 #include <windows.h>
27 #include <shlobj.h>
28 #include <stdio.h>
29 #include <sys/stat.h>
30 #include <ctype.h>
31
32 #include "wptKeyserver.h"
33 #include "wptErrors.h"
34 #include "wptTypes.h"
35 #include "wptNLS.h"
36 #include "wptW32API.h"
37 #include "wptGPG.h"
38 #include "wptRegistry.h"
39
40 /* just map net_errno to a winsock error. */
41 #define net_errno ((int)WSAGetLastError ())
42
43
44 keyserver server[MAX_KEYSERVERS] = {0};
45 keyserver_proxy_s proxy = {0};
46 static const char *server_list[] = {
47 "hkp://gnv.us.ks.cryptnet.net",
48 "hkp://keyserver.kjsl.com",
49 "hkp://sks.keyserver.penguin.de",
50 "hkp://subkeys.pgp.net",
51 "ldap://keyserver.pgp.com",
52 NULL
53 };
54
55
56 static char hkp_errmsg[1024]; /* Holds the error message from the server */
57 static int hkp_err = 0; /* != 0 indicates an error occurred. */
58
59 /* Default keyserver and port. */
60 char *default_keyserver = NULL;
61 WORD default_keyserver_port = 0;
62
63 /* Default socket timeout. */
64 static int default_socket_timeout = 10;
65
66 /* Basic64 encode the input @inbuf to @outbuf. */
67 static void
68 base64_encode (const char *inbuf, char *outbuf)
69 {
70 char base64code[] =
71 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
72 int index = 0, temp = 0, res = 0;
73 int i = 0, inputlen = 0, len = 0;
74
75 inputlen = strlen (inbuf);
76 for (i = 0; i < inputlen; i++) {
77 res = temp;
78 res = (res << 8) | (inbuf[i] & 0xFF);
79 switch (index++) {
80 case 0:
81 outbuf[len++] = base64code[res >> 2 & 0x3F];
82 res &= 0x3;
83 break;
84 case 1:
85 outbuf[len++] = base64code[res >> 4 & 0x3F];
86 res &= 0xF;
87 break;
88 case 2:
89 outbuf[len++] = base64code[res >> 6 & 0x3F];
90 outbuf[len++] = base64code[res & 0x3F];
91 res = index = 0;
92 break;
93 }
94 temp = res;
95 }
96
97 if (index == 2) {
98 outbuf[len++] = base64code[temp << 2 & 0x3F];
99 outbuf[len++] = '=';
100 }
101 else if (index == 1) {
102 outbuf[len++] = base64code[temp << 4 & 0x3F];
103 outbuf[len++] = '=';
104 outbuf[len++] = '=';
105 }
106
107 outbuf[len] = '\0';
108 }
109
110
111 /* Skip the URL schema and return only the host part of it. */
112 static const char*
113 skip_type_prefix (const char *hostname)
114 {
115 if (hostname && !strncmp (hostname, "http://", 7))
116 hostname += 7;
117 else if (hostname && !strncmp (hostname, "hkp://", 6))
118 hostname += 6;
119 else if (hostname && !strncmp (hostname, "finger://", 9))
120 hostname += 9;
121 else if (hostname && !strncmp (hostname, "ldap://", 7))
122 hostname += 7;
123 return hostname;
124 }
125
126
127 /* Check that the keyserver response indicates an OK.
128 Return 0 on success. */
129 static int
130 check_hkp_response (const char *resp, int recv)
131 {
132 char *p, *end;
133 int ec, len;
134
135 ec = recv ? WPTERR_WINSOCK_RECVKEY : WPTERR_WINSOCK_SENDKEY;
136 if (!strstr (resp, "HTTP/1.0 200 OK") &&
137 !strstr (resp, "HTTP/1.1 200 OK")) /* http error */
138 return ec;
139 if (strstr (resp, "Public Key Server -- Error")
140 || strstr (resp, "Public Key Server -- Error")
141 || strstr (resp, "No matching keys in database")) {
142 p = strstr (resp, "<p>");
143 if (p && strlen (p) < sizeof (hkp_errmsg)) {
144 end = strstr (p, "</p>");
145 len = end? (end - p + 1) : strlen (p);
146 memset (hkp_errmsg, 0, sizeof (hkp_errmsg));
147 strncpy (hkp_errmsg, p, len);
148 hkp_err = 1;
149 }
150 return ec;
151 }
152 return 0;
153 }
154
155
156 /* Read a single line (\r\n) from a socket.
157 Return 0 on success. */
158 static int
159 sock_getline (int fd, char *buf, int buflen, int *nbytes)
160 {
161 char ch;
162 int nread = 0;
163
164 if (nbytes)
165 *nbytes = 0;
166 *buf = 0;
167 while (recv (fd, &ch, 1, 0) > 0) {
168 *buf++ = ch;
169 nread++;
170 if (ch == '\r')
171 continue; /* remove this char. */
172 if (ch == '\n' || nread == (buflen - 1)) {
173 *buf = 0;
174 if (nbytes)
175 *nbytes = nread;
176 return 0;
177 }
178 }
179
180 return -1;
181 }
182
183
184 /* Perform a select() on the given fd to find out
185 is there is data for reading. Wait at least @nsecs seconds. */
186 static int
187 sock_select (int fd, int nsecs)
188 {
189 FD_SET rfd;
190 timeval tv = {nsecs, 0};
191
192 FD_ZERO (&rfd);
193 FD_SET (fd, &rfd);
194 if (select (fd + 1, &rfd, NULL, NULL, &tv) == SOCKET_ERROR) {
195 log_debug ("sock_select: select() failed ec=%d.\r\n", net_errno);
196 return SOCKET_ERROR;
197 }
198 if (FD_ISSET (fd, &rfd))
199 return 1;
200 return 0;
201 }
202
203
204 /* Read from a socket @fd to buffer @buf with a fixed timeout
205 of 10 seconds. The amount of bytes which were read are
206 returned in @nbytes.
207 Return value: 0 on success. */
208 static int
209 sock_read (int fd, char *buf, int buflen, int *nbytes)
210 {
211 DWORD nread;
212 int nleft = buflen;
213 int rc, n = 0;
214
215 while (nleft > 0) {
216 if (n >= default_socket_timeout)
217 return WPTERR_WINSOCK_TIMEOUT;
218 rc = sock_select (fd, 1);
219 if (rc == SOCKET_ERROR)
220 return rc;
221 else if (!rc)
222 n++;
223 else {
224 nread = recv (fd, buf, nleft, 0);
225 if (nread == SOCKET_ERROR) {
226 log_debug ("sock_read: recv() failed ec=%d.\r\n", net_errno);
227 return SOCKET_ERROR;
228 }
229 else if (!nread)
230 break;
231 nleft -= nread;
232 buf += nread;
233 }
234 }
235 if (nbytes)
236 *nbytes = buflen - nleft;
237
238 return 0;
239 }
240
241 /* Read much data as possible from the socket @fd and
242 return the data in @buffer. Caller must free data.
243 Return value: 0 on success. */
244 int
245 sock_read_ext (int fd, char **buffer, int *r_bufferlen)
246 {
247 gpgme_data_t dh;
248 char buf[1024], *p;
249 size_t n=0;
250 int nread, rc;
251
252 gpgme_data_new (&dh);
253 while (n < 10) {
254 rc = sock_select (fd, 1);
255 if (rc == SOCKET_ERROR) {
256 gpgme_data_release (dh);
257 return rc;
258 }
259 else if (!rc)
260 n++;
261 else {
262 nread = recv (fd, buf, sizeof (buf), 0);
263 if (nread == SOCKET_ERROR)
264 return SOCKET_ERROR;
265 else if (!nread)
266 break;
267 gpgme_data_write (dh, buf, nread);
268 }
269 }
270 gpg_data_putc (dh, '\0');
271 p = gpgme_data_release_and_get_mem (dh, &n);
272 *buffer = m_strdup (p);
273 if (r_bufferlen)
274 *r_bufferlen = n;
275 gpgme_free (p);
276 return 0;
277 }
278
279
280 /* Write the buffer @buf with the length @buflen to a socket @fd. */
281 static int
282 sock_write (int fd, const char *buf, int buflen)
283 {
284 DWORD nwritten;
285 int nleft = buflen;
286
287 while (nleft > 0) {
288 nwritten = send (fd, buf, nleft, 0);
289 if (nwritten == SOCKET_ERROR) {
290 log_debug ("sock_write: send() failed ec=%d\r\n", net_errno);
291 return SOCKET_ERROR;
292 }
293 nleft -= nwritten;
294 buf += nwritten;
295 }
296
297 return 0;
298 }
299
300
301 /* Initialize the Winsock2 interface.*/
302 int
303 wsock_init (void)
304 {
305 WSADATA wsa;
306
307 if (WSAStartup (0x202, &wsa)) {
308 log_debug ("wsock_init: WSAStartup failed ec=%d\r\n", net_errno);
309 return WPTERR_WINSOCK_INIT;
310 }
311 return 0;
312 }
313
314
315 /* Cleanup the Winsock2 interface. */
316 void
317 wsock_end (void)
318 {
319 char *p;
320 int i;
321
322 p = make_special_filename (CSIDL_APPDATA, "winpt\\keyserver.conf", NULL);
323 kserver_save_conf (p);
324 free_if_alloc (p);
325 free_if_alloc (default_keyserver);
326 for (i=0; i < MAX_KEYSERVERS; i++) {
327 if (server[i].used && server[i].name != NULL)
328 free_if_alloc (server[i].name);
329 }
330 kserver_proxy_release (&proxy);
331 WSACleanup ();
332 }
333
334
335 /* Return a string representation of a winsock error. */
336 const char*
337 wsock_strerror (void)
338 {
339 static char buf[384];
340 int ec = WSAGetLastError ();
341
342 switch (ec) {
343 case WSAENETDOWN:
344 return _("The network subsystem has failed");
345 case WSAHOST_NOT_FOUND:
346 return _("Authoritative Answer Host not found");
347 case WSAETIMEDOUT:
348 return _("The connection has been dropped because of a network failure");
349 default:
350 _snprintf (buf, sizeof (buf) -1, _("Unknown Winsock error ec=%d"),ec);
351 return buf;
352 }
353 return NULL;
354 }
355
356
357 /* Set default socket timeout for all reading operations. */
358 void
359 kserver_set_socket_timeout (int nsec)
360 {
361 if (nsec < 0)
362 nsec = 0;
363 default_socket_timeout = nsec;
364 }
365
366
367 /* Return the last keyserver error as a string. */
368 const char*
369 kserver_strerror (void)
370 {
371 if (hkp_err)
372 return hkp_errmsg;
373 return NULL;
374 }
375
376
377 /* Read a keyserver from the list at index @idx.
378 Return value: keyserver name at the given position. */
379 const char*
380 kserver_get_hostname (int idx, int type, WORD *port)
381 {
382 if (type == -1) {
383 *port = default_keyserver_port;
384 return default_keyserver;
385 }
386 else if (!type && idx < DIM (server_list)) {
387 *port = HKP_PORT;
388 return server_list[idx];
389 }
390 return NULL;
391 }
392
393
394 /* Check if the computer is connected to the internet.
395 Return 0 on success -1 otherwise. */
396 int
397 kserver_check_inet_connection (void)
398 {
399 int fd;
400
401 if (!kserver_connect (default_keyserver, default_keyserver_port, &fd)) {
402 closesocket (fd);
403 return 0;
404 }
405 return -1;
406 }
407
408
409 /* If the request contains the keyid, it have to be
410 always postfix with '0x'+keyid. This code checks
411 if the keyid is a decimal value and if so if it contains
412 the '0x'. If not it is inserted. */
413 const char*
414 kserver_check_keyid (const char *keyid)
415 {
416 static char id[21];
417
418 if (strstr (keyid, "@"))
419 return keyid; /* email address */
420 if (strncmp (keyid, "0x", 2)) {
421 memset (&id, 0, sizeof (id));
422 _snprintf (id, sizeof (id)-1, "0x%s", keyid);
423 return id;
424 }
425 return keyid;
426 }
427
428
429 /* Update the keyserver proxy user. */
430 static void
431 update_proxy_user (const char *proxy_user, const char *proxy_pass)
432 {
433 char t[257]; /* user:pass = 127+1+127+1 = 257 */
434 int n = 0;
435
436 n = 4*strlen (proxy_user) / 3 + 32 + strlen (proxy_pass) + 2;
437 free_if_alloc (proxy.base64_user);
438 proxy.base64_user = new char[n];
439 if (!proxy.base64_user)
440 BUG (0);
441 _snprintf (t, sizeof (t)-1, "%s:%s", proxy_user, proxy_pass);
442 base64_encode (t, proxy.base64_user);
443 free_if_alloc (proxy.user);
444 free_if_alloc (proxy.pass);
445 proxy.user = m_strdup (proxy_user);
446 proxy.pass = m_strdup (proxy_pass);
447 }
448
449
450 /* Check that the given buffer contains a valid keyserver URL. */
451 static int
452 check_URL (const char * buf)
453 {
454 if (strlen (buf) < 7)
455 return -1;
456 if (!strstr (buf, "ldap://")
457 && !strstr (buf, "http://")
458 && !strstr (buf, "finger://")
459 && !strstr (buf, "hkp://"))
460 return -1;
461 return 0;
462 }
463
464
465 /* Get the port number from the given protocol. */
466 static int
467 port_from_proto (int proto)
468 {
469 switch (proto) {
470 case KSPROTO_LDAP: return 0;
471 case KSPROTO_FINGER: return FINGER_PORT;
472 case KSPROTO_HTTP: return HKP_PORT;
473 }
474 return 0;
475 }
476
477
478 /* Get the port number from the given URL. */
479 static int
480 proto_from_URL (const char *buf)
481 {
482 if (strstr( buf, "ldap"))
483 return KSPROTO_LDAP;
484 else if (strstr( buf, "finger"))
485 return KSPROTO_FINGER;
486 return KSPROTO_HKP;
487 }
488
489
490 void
491 keyserver_set_default (const char *hostname, WORD port)
492 {
493 if (hostname != NULL) {
494 free_if_alloc (default_keyserver);
495 default_keyserver = m_strdup (hostname);
496 if (!default_keyserver)
497 BUG (0);
498 default_keyserver_port = port;
499 }
500 if (!port)
501 port = HKP_PORT;
502 if (!default_keyserver)
503 default_keyserver = m_strdup (DEF_HKP_KEYSERVER);
504 server[0].name = m_strdup (default_keyserver);
505 server[0].used = 1;
506 server[0].port = port;
507 server[0].proto = proto_from_URL (default_keyserver);
508 }
509
510
511 /* Skip all kind of whitespace chars in @str. */
512 static const char*
513 skip_whitespace (const char *str)
514 {
515 while (str && *str) {
516 if (*str == ' ' ||
517 *str == '\t' ||
518 *str == '\n' ||
519 *str == '\r') {
520 str++;
521 continue;
522 }
523 break;
524 }
525 return str;
526 }
527
528
529 /* Save the keyserver config file in @conf. */
530 int
531 kserver_save_conf (const char *conf)
532 {
533 FILE *fp;
534 int pos;
535
536 fp = fopen (conf, "wb");
537 if (!fp) {
538 msg_box (NULL, _("Could not save keyserver.conf file"),
539 _("Keyserver"), MB_ERR);
540 return -1;
541 }
542
543 fprintf (fp, "# do NOT manually modify this file, it will be "
544 "generated automatically!!\r\n");
545 for (pos = 0; pos < MAX_KEYSERVERS; pos++) {
546 if (!server[pos].used)
547 continue;
548 fprintf (fp, "%s:%d\r\n", server[pos].name, server[pos].port);
549 }
550 fclose (fp);
551 return 0;
552 }
553
554
555 /* Load the keyserver config file @conf. */
556 int
557 kserver_load_conf (const char *conf)
558 {
559 FILE *fp;
560 char buf[1024], *s, *p;
561 char *user = NULL, *pass = NULL;
562 int no_config=0, chk_pos=0;
563 int pos;
564
565 for (pos = 0; pos < MAX_KEYSERVERS; pos++) {
566 server[pos].used = 0;
567 server[pos].port = HKP_PORT;
568 }
569
570 fp = fopen (conf, "rb");
571 if (!fp) {
572 for (pos = 0; server_list[pos]; pos++) {
573 server[pos].used = 1;
574 server[pos].name = m_strdup (server_list[pos]);
575 server[pos].proto = proto_from_URL (server_list[pos]);
576 }
577 no_config=1;
578 }
579 get_reg_proxy_prefs (&proxy);
580 if (user && pass)
581 update_proxy_user (user, pass);
582 else if (user && !pass || !user && pass) {
583 msg_box (NULL, _("Invalid proxy configuration."
584 "You need to set a user and a password"
585 "to use proxy authentication!"),
586 _("Proxy Error"), MB_ERR);
587 }
588 /* check if the host has a http:// prefix and skip it */
589 if (proxy.host && !strncmp (proxy.host, "http://", 7)) {
590 char *host = m_strdup (proxy.host+7);
591 if (!host)
592 BUG (0);
593 free_if_alloc (proxy.host);
594 proxy.host = host;
595 }
596 free_if_alloc (user);
597 free_if_alloc (pass);
598
599 pos = 0;
600 while (fp && !feof (fp)) {
601 s = fgets (buf, sizeof (buf)-1, fp);
602 if (!s)
603 break;
604 if (strstr (buf, "\r\n"))
605 buf[strlen (buf)-2] = '\0';
606 if (strstr (buf, "\n"))
607 buf[strlen (buf)-1] = '\0';
608 s = (char *)skip_whitespace (buf);
609 if (*s == '#' || strlen (s) < 7)
610 continue;
611 if (check_URL (s)) {
612 msg_box (NULL, _("All entries of this file must have a valid prefix.\n"
613 "Currently HKP/HTTP, LDAP and FINGER are supported.\n"),
614 _("Keyserver Error"), MB_ERR);
615 continue;
616 }
617 chk_pos = 6;
618 if (strstr (s, "finger"))
619 chk_pos = 10;
620 p = strchr (s+chk_pos, ':');
621 server[pos].used = 1;
622 server[pos].proto = proto_from_URL (s);
623 server[pos].port = port_from_proto (server[pos].proto);
624 if (!p)
625 server[pos].name = m_strdup (s);
626 else {
627 server[pos].port = atol (p+1);
628 if (server[pos].port < 0 || server[pos].port > 65536)
629 server[pos].port = HKP_PORT;
630 server[pos].name = new char [(p-s)+2];
631 if (!server[pos].name)
632 BUG (0);
633 memset (server[pos].name, 0, (p-s)+2);
634 memcpy (server[pos].name, s, (p-s));
635 }
636 pos++;
637 if (pos > MAX_KEYSERVERS) {
638 msg_box (NULL, _("The keyserver limit is exceeded"),
639 _("Keyserver Warning"), MB_INFO);
640 break;
641 }
642 }
643 if (fp)
644 fclose (fp);
645 if (!pos) {
646 /* only issue an error if the config file exist but
647 it has no valid entries. */
648 keyserver_set_default (NULL, HKP_PORT);
649 if (!no_config)
650 return WPTERR_CONFIG_FILE;
651 }
652
653 return 0;
654 }
655
656
657 /* Connect to the keyserver @hostname (port @port).
658 Return value: 0 on success */
659 int
660 kserver_connect (const char *hostname, WORD port, int *conn_fd)
661 {
662 int rc, fd;
663 DWORD iaddr;
664 char host[128] = {0};
665 struct hostent *hp;
666 struct sockaddr_in sock;
667
668 log_debug ("kserver_connect: %s:%d\r\n", hostname, port);
669
670 if (!port)
671 port = HKP_PORT;
672 if (conn_fd)
673 *conn_fd = 0;
674 hostname = skip_type_prefix (hostname);
675
676 memset (&sock, 0, sizeof (sock));
677 sock.sin_family = AF_INET;
678 sock.sin_port = proxy.host? htons (proxy.port) : htons (port);
679 if (proxy.host)
680 strncpy (host, proxy.host, 127);
681 else
682 strncpy (host, hostname, 127);
683
684 if ((iaddr = inet_addr (host)) != INADDR_NONE)
685 memcpy (&sock.sin_addr, &iaddr, sizeof (iaddr));
686 else if ((hp = gethostbyname (host))) {
687 if (hp->h_addrtype != AF_INET || hp->h_length != 4) {
688 log_debug ("gethostbyname: unknown address type.\r\n");
689 return WPTERR_WINSOCK_RESOLVE;
690 }
691 memcpy (&sock.sin_addr, hp->h_addr, hp->h_length);
692 }
693 else {
694 log_debug ("gethostbyname: failed ec=%d.\r\n", net_errno);
695 return WPTERR_WINSOCK_RESOLVE;
696 }
697 fd = socket (AF_INET, SOCK_STREAM, 0);
698 if (fd == INVALID_SOCKET)
699 return WPTERR_WINSOCK_SOCKET;
700 rc = connect (fd, (struct sockaddr *) &sock, sizeof (sock));
701 if (rc == SOCKET_ERROR) {
702 log_debug ("connect: failed ec=%d.\r\n", net_errno);
703 closesocket (fd);
704 return WPTERR_WINSOCK_CONNECT;
705 }
706
707 if (proxy.proto == PROXY_PROTO_SOCKS5) {
708 rc = socks_handshake (&proxy, fd, hostname, port);
709 if (rc) {
710 closesocket (fd);
711 return WPTERR_GENERAL; /* XXX: use better code. */
712 }
713 }
714
715 if (conn_fd)
716 *conn_fd = fd;
717 WSASetLastError (0);
718 return 0;
719 }
720
721
722 static bool
723 URL_must_encoded (const char *url)
724 {
725 if (strchr (url, '.') || strchr (url, '@') || strchr (url, ' '))
726 return true;
727 return false;
728 }
729
730
731 /* Perform URL encoding of the given data. */
732 static char*
733 URL_encode (const char *url, size_t ulen, size_t *ret_nlen)
734 {
735 gpgme_data_t hd;
736 char numbuf[5], *pp, *p;
737 size_t i, n;
738
739 gpgme_data_new (&hd);
740 for (i=0; i < ulen; i++) {
741 if (isalnum (url[i]) || url[i] == '-')
742 gpg_data_putc (hd, url[i]);
743 else if (url[i] == ' ')
744 gpg_data_putc (hd, '+');
745 else {
746 sprintf (numbuf, "%%%02X", url[i]);
747 gpgme_data_write (hd, numbuf, strlen (numbuf));
748 }
749 }
750 gpg_data_putc (hd, '\0');
751
752 /* Copy memory to avoid that we need to use gpgme_free later. */
753 pp = gpgme_data_release_and_get_mem (hd, &n);
754 p = m_strdup (pp);
755 gpgme_free (pp);
756 if (ret_nlen)
757 *ret_nlen = n;
758 return p;
759 }
760
761
762 /* Format a request for the given keyid (send). */
763 static char*
764 kserver_send_request (const char *hostname, WORD port,
765 const char *pubkey, int octets)
766 {
767 char *request = NULL;
768 char *enc_pubkey = NULL;
769 size_t enc_octets;
770 int reqlen;
771
772 log_debug ("kserver_send_request: %s:%d\r\n", hostname, port);
773
774 if (!port)
775 port = HKP_PORT;
776 reqlen = 512 + strlen (hostname) + 2*strlen (pubkey);
777 request = new char[reqlen];
778 if (!request)
779 BUG (0);
780 enc_pubkey = URL_encode (pubkey, octets, &enc_octets);
781 if (!enc_pubkey || !enc_octets) {
782 free_if_alloc (request);
783 return NULL;
784 }
785
786 if (proxy.user && proxy.proto == PROXY_PROTO_HTTP) {
787 _snprintf (request, reqlen-1,
788 "POST http://%s:%d/pks/add HTTP/1.0\r\n"
789 "Referer: \r\n"
790 "User-Agent: WinPT/W32\r\n"
791 "Host: %s:%d\r\n"
792 "Proxy-Authorization: Basic %s\r\n"
793 "Content-type: application/x-www-form-urlencoded\r\n"
794 "Content-length: %d\r\n"
795 "\r\n"
796 "keytext=%s"
797 "\n",
798 skip_type_prefix (hostname), port, hostname, port,
799 proxy.base64_user, enc_octets+9, enc_pubkey);
800 }
801 else {
802 _snprintf (request, reqlen-1,
803 "POST /pks/add HTTP/1.0\r\n"
804 "Referer: \r\n"
805 "User-Agent: WinPT/W32\r\n"
806 "Host: %s:%d\r\n"
807 "Content-type: application/x-www-form-urlencoded\r\n"
808 "Content-length: %d\r\n"
809 "\r\n"
810 "keytext=%s"
811 "\n",
812 skip_type_prefix (hostname), port,
813 enc_octets+9, enc_pubkey);
814 }
815 free_if_alloc (enc_pubkey);
816
817 log_debug ("%s\r\n", request);
818 return request;
819 }
820
821
822 int
823 kserver_recvkey_ext (const char *hostname, WORD port, const char *keyid,
824 char **r_key, int *r_keylen)
825 {
826 char *request = NULL;
827 int conn_fd;
828 int rc, n;
829
830 if (!port)
831 port = HKP_PORT;
832 hkp_err = 0; /* reset */
833 rc = kserver_connect (hostname, port, &conn_fd);
834 if (rc)
835 goto leave;
836
837 request = new char[300+1];
838 if (!request)
839 BUG (0);
840
841 if (proxy.host && proxy.user && proxy.proto == PROXY_PROTO_HTTP) {
842 _snprintf (request, 300,
843 "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n"
844 "Proxy-Authorization: Basic %s\r\n\r\n",
845 skip_type_prefix (hostname), port, keyid, proxy.base64_user);
846 }
847 else if (proxy.host && proxy.proto == PROXY_PROTO_HTTP) {
848 _snprintf (request, 300,
849 "GET http://%s:%d/pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n",
850 skip_type_prefix (hostname), port, keyid);
851 }
852 else {
853 _snprintf (request, 300,
854 "GET /pks/lookup?op=get&search=%s HTTP/1.0\r\n\r\n", keyid);
855 }
856
857 log_debug ("%s\r\n", request);
858
859 rc = sock_write (conn_fd, request, strlen (request));
860 if (rc == SOCKET_ERROR) {
861 rc = WPTERR_WINSOCK_RECVKEY;
862 goto leave;
863 }
864
865 rc = sock_read_ext (conn_fd, r_key, &n);
866 if (rc == SOCKET_ERROR) {
867 rc = WPTERR_WINSOCK_RECVKEY;
868 goto leave;
869 }
870
871 if (r_keylen)
872 *r_keylen = n;
873 log_debug ("%s\r\n", *r_key);
874 rc = check_hkp_response (*r_key, 1);
875 if (rc)
876 goto leave;
877
878 WSASetLastError (0);
879
880 leave:
881 closesocket (conn_fd);
882 free_if_alloc (request);
883 return rc;
884 }
885
886 /* Interface for receiving a public key. */
887 int
888 kserver_recvkey (const char *hostname, WORD port, const char *keyid,
889 char *key, int maxkeylen)
890 {
891 char *tmpkey;
892 int rc, nread=0;
893
894 /* XXX: just a wrapper around the new method, replace it
895 soon as possible. */
896 rc = kserver_recvkey_ext (hostname, port, keyid, &tmpkey, &nread);
897 if (rc)
898 return rc;
899
900 if (nread > maxkeylen) {
901 free_if_alloc (tmpkey);
902 return WPTERR_GENERAL;
903 }
904 strcpy (key, tmpkey);
905 free_if_alloc (tmpkey);
906 return 0;
907 }
908
909
910 /* Interface to send a public key. */
911 int
912 kserver_sendkey (const char *hostname, WORD port, const char *pubkey, int len )
913 {
914 char *request = NULL;
915 char log[2048];
916 int conn_fd, n;
917 int rc;
918
919 hkp_err = 0; /* reset */
920 rc = kserver_connect (hostname, port, &conn_fd);
921 if (rc)
922 goto leave;
923
924 request = kserver_send_request (hostname, port, pubkey, len);
925 if (request == NULL) {
926 rc = WPTERR_GENERAL;
927 goto leave;
928 }
929
930 rc = sock_write (conn_fd, request, strlen (request));
931 if (rc == SOCKET_ERROR) {
932 rc = WPTERR_WINSOCK_SENDKEY;
933 goto leave;
934 }
935
936 rc = sock_read (conn_fd, log, sizeof (log)-1, &n);
937 if (rc == SOCKET_ERROR) {
938 rc = WPTERR_WINSOCK_SENDKEY;
939 goto leave;
940 }
941
942 log_debug ("kserver_sendkey:\r\n%s\r\n", log);
943 rc = check_hkp_response (log, 0);
944 if (rc)
945 goto leave;
946
947 WSASetLastError (0);
948
949 leave:
950 closesocket (conn_fd);
951 free_if_alloc (request);
952 return rc;
953 }
954
955
956 /* Check keyserver response. */
957 static int
958 kserver_search_chkresp (int fd)
959 {
960 char buf[128];
961 int n=0;
962
963 /* parse response 'HTTP/1.0 500 OK' */
964 if (sock_getline (fd, buf, 127, &n))
965 return WPTERR_KEYSERVER_NOTFOUND;
966
967 log_debug ("kserver_search_chkpresp: %s\r\n", buf);
968 if (strncmp (buf, "HTTP/1.", 7))
969 return WPTERR_KEYSERVER_NOTFOUND;
970 if (strncmp (buf+(8+1), "200", 3))
971 return WPTERR_KEYSERVER_NOTFOUND;
972 return 0;
973 }
974
975
976 /* End the keyserver search procedure. */
977 void
978 kserver_search_end (int conn_fd)
979 {
980 log_debug ("kserver_search_end: fd=%d\r\n", conn_fd);
981 closesocket (conn_fd);
982 }
983
984
985 /* Begin keyserver search procedure. */
986 int
987 kserver_search_begin (const char *hostname, WORD port,
988 const char *pattern, int *conn_fd)
989 {
990 char *request = NULL;
991 char *enc_patt = NULL;
992 int n;
993 int rc, sock_fd;
994
995 rc = kserver_connect (hostname, port, &sock_fd);
996 if (rc) {
997 *conn_fd = 0;
998 goto leave;
999 }
1000
1001 enc_patt = URL_encode (pattern, strlen (pattern), NULL);
1002 n = 140 + strlen (enc_patt) + strlen (hostname) + 32 + 2;
1003 if (proxy.base64_user)
1004 n += strlen (proxy.base64_user) + 1;
1005 request = new char[n+1];
1006 if (!request)
1007 BUG (0);
1008
1009 if (proxy.host && proxy.user && proxy.proto == PROXY_PROTO_HTTP) {
1010 _snprintf (request, n,
1011 "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n"
1012 "Proxy-Authorization: Basic %s\r\n\r\n",
1013 skip_type_prefix (hostname), port, enc_patt, proxy.base64_user);
1014 }
1015 else if (proxy.host && proxy.proto == PROXY_PROTO_HTTP) {
1016 _snprintf (request, n,
1017 "GET http://%s:%d/pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n",
1018 skip_type_prefix (hostname), port, enc_patt);
1019 }
1020 else {
1021 _snprintf (request, n,
1022 "GET /pks/lookup?op=index&search=%s HTTP/1.0\r\n\r\n",
1023 enc_patt);
1024 }
1025
1026 log_debug ("kserver_search_begin:\r\n%s\r\n", request);
1027
1028 if (sock_write (sock_fd, request, strlen (request)) == SOCKET_ERROR) {
1029 rc = WPTERR_GENERAL;
1030 goto leave;
1031 }
1032
1033 rc = kserver_search_chkresp (sock_fd);
1034 if (rc) {
1035 closesocket (sock_fd);
1036 sock_fd = 0;
1037 }
1038
1039 *conn_fd = sock_fd;
1040
1041 leave:
1042 free_if_alloc (request);
1043 free_if_alloc (enc_patt);
1044 return rc;
1045 }
1046
1047
1048
1049
1050 /* Convert an iso date @iso_date (YYYY-MM-DD) into the locale
1051 representation and store it into @loc_date.
1052 Return value: 0 on success. */
1053 static int
1054 parse_iso_date (const char *iso_date, char *loc_date, size_t loclen)
1055 {
1056 SYSTEMTIME st;
1057 char buf[16] = {0}, *p;
1058 int pos=0;
1059
1060 strncpy (buf, iso_date, sizeof (buf)-1);
1061 p = strtok (buf, "-");
1062 while (p != NULL) {
1063 switch (pos) {
1064 case 0: st.wYear = (WORD)atoi (p); pos++; break;
1065 case 1: st.wMonth = (WORD)atoi (p); pos++; break;
1066 case 2: st.wDay = (WORD)atoi (p); pos++; break;
1067 default: break;
1068 }
1069 p = strtok (NULL, "-");
1070 }
1071 if (pos != 3)
1072 return -1;
1073
1074 if (!GetDateFormat (LOCALE_USER_DEFAULT, DATE_SHORTDATE, &st,
1075 NULL, loc_date, loclen))
1076 return -1;
1077 return 0;
1078 }
1079
1080
1081 int
1082 kserver_search_next (int fd, keyserver_key *key)
1083 {
1084 char buf[1024], *p;
1085 int uidlen, nbytes, pos = 0;
1086
1087 log_debug ("keyserver_search_next:\r\n");
1088
1089 if (sock_getline (fd, buf, sizeof (buf) - 1, &nbytes))
1090 return WPTERR_GENERAL;
1091
1092 /* XXX: use maschine readable option. */
1093 log_debug ("%s\r\n", buf);
1094
1095 if (!strncmp (buf, "pub", 3)) {
1096 int revoked = strstr (buf, "KEY REVOKED") != NULL? 1 : 0;
1097 key->bits = atol (buf+3);
1098 p = strchr (buf, '>');
1099 if (!p)
1100 goto fail;
1101 pos = p - buf + 1;
1102 memcpy (key->keyid, buf + pos, 8);
1103 key->keyid[8] = '\0';
1104 p = strstr (buf, "</a>");
1105 if (!p)
1106 goto fail;
1107 pos = p - buf + 5;
1108 memcpy (key->date, buf + pos, 10);
1109 key->date[10] = '\0';
1110 parse_iso_date (key->date, key->date, sizeof (key->date)-1);
1111 if (revoked) {
1112 strcpy (key->uid, "KEY REVOKED: not checked");
1113 return 0;
1114 }
1115 pos += 10;
1116 p = buf + pos + 1;
1117 while (p && *p != '>')
1118 p++;
1119 p++;
1120 uidlen = strlen (p) - 10;
1121 if (!strstr (p, "&lt;") && !strstr (p, "&gt;")) {
1122 pos=0;
1123 while (p && *p && pos < sizeof (key->uid)-1) {
1124 if (*p == '<')
1125 break;
1126 key->uid[pos++] = *p++;
1127 }
1128 key->uid[pos] ='\0';
1129 return 0;
1130 }
1131
1132 if (uidlen > sizeof (key->uid)-1)
1133 uidlen = sizeof (key->uid)-1;
1134 memcpy (key->uid, p, uidlen);
1135 key->uid[uidlen] = '\0';
1136 strcat (key->uid, ">");
1137 p = strchr (key->uid, '&');
1138 if (p) {
1139 key->uid[(p-key->uid)] = '<';
1140 memmove (key->uid+(p-key->uid)+1, key->uid+(p-key->uid)+4,
1141 strlen (key->uid)-3);
1142 }
1143 return 0;
1144 }
1145
1146 fail:
1147 key->bits = 0;
1148 memset (key, 0, sizeof *key);
1149 return 0;
1150 }
1151
1152
1153 /* Release mbmers in the proxy context @ctx. */
1154 void
1155 kserver_proxy_release (keyserver_proxy_t ctx)
1156 {
1157 free_if_alloc (ctx->host);
1158 free_if_alloc (ctx->pass);
1159 free_if_alloc (ctx->user);
1160 ctx->port = ctx->proto = 0;
1161 }
1162
1163
1164 /* Spawn a process given by @cmdl. */
1165 static int
1166 spawn_application (char *cmdl)
1167 {
1168 STARTUPINFO si;
1169 PROCESS_INFORMATION pi;
1170 int rc = 0;
1171
1172 memset (&si, 0, sizeof (si));
1173 si.cb = sizeof (si);
1174 si.dwFlags = STARTF_USESHOWWINDOW;
1175 si.wShowWindow = SW_HIDE;
1176 memset (&pi, 0, sizeof (pi));
1177
1178 if (!CreateProcess (NULL, cmdl, NULL, NULL, FALSE, 0,
1179 NULL, NULL, &si, &pi)) {
1180 log_box ("Keyserver Plugin", MB_ERR, "Could not spawn helper process");
1181 rc = -1;
1182 }
1183
1184 CloseHandle (pi.hThread);
1185 WaitForSingleObject (pi.hProcess, INFINITE);
1186 CloseHandle (pi.hProcess);
1187 return rc;
1188 }
1189
1190
1191 /* Receive an key via LDAP from host @host with the keyid @keyid.
1192 @key contains the key on success. */
1193 int
1194 ldap_recvkey (const char *host, const char *keyid, char *key, int maxkeylen)
1195 {
1196 FILE *fp;
1197 const char *s;
1198 char *ksprg = NULL, *p = NULL, *sep;
1199 char inf[256], outf[256], buf[512];
1200 DWORD n;
1201 int start_key = 0, failed = 0;
1202 int rc = 0;
1203
1204 p = get_gnupg_prog ();
1205 n = strlen (p) + 1 + 128;
1206 ksprg = new char[n+1];
1207 if (!ksprg)
1208 BUG (0);
1209 sep = strrchr (p, '\\');
1210 if (sep != NULL)
1211 p[(sep-p)] = 0;
1212
1213 _snprintf (ksprg, n, "%s\\gpgkeys_ldap.exe", p);
1214 free_if_alloc (p);
1215 if (file_exist_check (ksprg)) {
1216 log_box ("LDAP Keyserver Plugin", MB_ERR,
1217 "%s: could not find LDAP keyserver module!", ksprg);
1218 rc = -1;
1219 goto leave;
1220 }
1221 get_temp_name (outf, sizeof (outf)-1, keyid);
1222 get_temp_name (inf, sizeof (inf)-1, NULL);
1223 fp = fopen (inf, "w+b");
1224 if (!fp) {
1225 log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", inf,
1226 winpt_strerror (WPTERR_FILE_OPEN));
1227 rc = -1;
1228 goto leave;
1229 }
1230 fprintf (fp,
1231 "VERSION 1\n"
1232 "PROGRAM 1.4.3-cvs\n"
1233 "SCHEME ldap\n"
1234 "HOST %s\n"
1235 "COMMAND GET\n"
1236 "\n"
1237 "%s\n",
1238 host? skip_type_prefix (host): "64.94.85.200", keyid);
1239 fclose (fp);
1240
1241 p = new char[strlen (ksprg) + strlen (inf) + strlen (outf) + 32];
1242 if (!p)
1243 BUG (NULL);
1244 sprintf (p, "%s -o %s %s", ksprg, outf, inf);
1245 if (spawn_application (p)) {
1246 rc = -1;
1247 goto leave;
1248 }
1249
1250 fp = fopen (outf, "rb");
1251 if (!fp) {
1252 log_box ("LDAP Keyserver Plugin", MB_ERR, "%s: %s", outf,
1253 winpt_strerror (WPTERR_FILE_OPEN));
1254 rc = -1;
1255 goto leave;
1256 }
1257 memset (key, 0, maxkeylen);
1258 while (!feof (fp)) {
1259 s = fgets (buf, sizeof (buf)-1, fp);
1260 if (!s)
1261 break;
1262 if (strstr (s, "KEY") && strstr (s, "FAILED")) {
1263 failed = 1;
1264 break;
1265 }
1266 if (!start_key && strstr (s, "KEY") && strstr (s, "BEGIN")) {
1267 start_key = 1;
1268 continue;
1269 }
1270 if (!start_key)
1271 continue;
1272 strcat (key, buf);
1273 maxkeylen -= strlen (buf);
1274 if (maxkeylen < 0 || (strstr (s, "KEY") && strstr (s, "END")))
1275 break;
1276 }
1277 fclose (fp);
1278
1279 leave:
1280 if (failed || !strlen (key))
1281 rc = WPTERR_WINSOCK_RECVKEY;
1282 DeleteFile (inf);
1283 DeleteFile (outf);
1284 free_if_alloc (p);
1285 free_if_alloc (ksprg);
1286 return rc;
1287 }
1288
1289
1290 /* Receive an key via FINGER from host @host with the user @user.
1291 On success @key contains the key. */
1292 int
1293 finger_recvkey (const char *host, const char *user, char *key, int maxkeylen)
1294 {
1295 char buf[128];
1296 int fd, nread;
1297 int start_key = 0;
1298 int rc=0;
1299
1300 rc = kserver_connect (host, FINGER_PORT, &fd);
1301 if (rc)
1302 return rc;
1303
1304 sock_write (fd, user, strlen (user));
1305 sock_write (fd, "\r\n", 2);
1306
1307 memset (key, 0, maxkeylen);
1308 while (maxkeylen > 0) {
1309 if (sock_getline (fd, buf, sizeof (buf), &nread))
1310 break;
1311 strcat (buf, "\n");
1312 if (strstr (buf, "BEGIN PGP PUBLIC KEY BLOCK")) {
1313 strcat (key, buf);
1314 start_key = 1;
1315 maxkeylen -= nread;
1316 }
1317 else if (strstr (buf, "END PGP PUBLIC KEY BLOCK" ) && start_key) {
1318 strcat (key, buf);
1319 start_key--;
1320 maxkeylen -= nread;
1321 break;
1322 }
1323 else if (start_key) {
1324 strcat (key, buf);
1325 maxkeylen -= nread;
1326 }
1327 }
1328 closesocket (fd);
1329 if (start_key != 0)
1330 rc = WPTERR_WINSOCK_RECVKEY;
1331 return rc;
1332 }
1333
1334
1335 /* Check if the given name @name is a valid hostname. */
1336 int
1337 check_IP_or_hostname (const char *name)
1338 {
1339 const char *not_allowed = "=!ยง$%&@#*~\\/}][{<>|,;:'";
1340 size_t i, j;
1341
1342 for (i=0; i < strlen (name); i++) {
1343 for (j =0; j < strlen (not_allowed); j++) {
1344 if (name[i] == not_allowed[j])
1345 return -1;
1346 }
1347 }
1348 return 0;
1349 }

Properties

Name Value
svn:eol-style native
[email protected]
 ViewVC Help
Powered by ViewVC 1.1.26