Changed to GPLv3.
[gnupg.git] / g10 / keyserver.c
1 /* keyserver.c - generic keyserver code
2  * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006,
3  *               2007 Free Software Foundation, Inc.
4  *
5  * This file is part of GnuPG.
6  *
7  * GnuPG is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 3 of the License, or
10  * (at your option) any later version.
11  *
12  * GnuPG is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, see <http://www.gnu.org/licenses/>.
19  */
20
21 #include <config.h>
22 #include <ctype.h>
23 #include <stdio.h>
24 #include <string.h>
25 #include <stdlib.h>
26 #include <assert.h>
27 #include <errno.h>
28
29 #include "gpg.h"
30 #include "iobuf.h"
31 #include "filter.h"
32 #include "keydb.h"
33 #include "status.h"
34 #include "exec.h"
35 #include "main.h"
36 #include "i18n.h"
37 #include "ttyio.h"
38 #include "options.h"
39 #include "packet.h"
40 #include "trustdb.h"
41 #include "keyserver-internal.h"
42 #include "util.h"
43 #include "dns-cert.h"
44 #include "pka.h"
45
46 #ifdef HAVE_W32_SYSTEM
47 /* It seems Vista doesn't grok X_OK and so fails access() tests.
48    Previous versions interpreted X_OK as F_OK anyway, so we'll just
49    use F_OK directly. */
50 #undef X_OK
51 #define X_OK F_OK
52 #endif /* HAVE_W32_SYSTEM */
53
54 struct keyrec
55 {
56   KEYDB_SEARCH_DESC desc;
57   u32 createtime,expiretime;
58   int size,flags;
59   byte type;
60   IOBUF uidbuf;
61   unsigned int lines;
62 };
63
64 enum ks_action {KS_UNKNOWN=0,KS_GET,KS_GETNAME,KS_SEND,KS_SEARCH};
65
66 static struct parse_options keyserver_opts[]=
67   {
68     /* some of these options are not real - just for the help
69        message */
70     {"max-cert-size",0,NULL,NULL},
71     {"include-revoked",0,NULL,N_("include revoked keys in search results")},
72     {"include-subkeys",0,NULL,N_("include subkeys when searching by key ID")},
73     {"use-temp-files",0,NULL,
74      N_("use temporary files to pass data to keyserver helpers")},
75     {"keep-temp-files",KEYSERVER_KEEP_TEMP_FILES,NULL,
76      N_("do not delete temporary files after using them")},
77     {"refresh-add-fake-v3-keyids",KEYSERVER_ADD_FAKE_V3,NULL,
78      NULL},
79     {"auto-key-retrieve",KEYSERVER_AUTO_KEY_RETRIEVE,NULL,
80      N_("automatically retrieve keys when verifying signatures")},
81     {"honor-keyserver-url",KEYSERVER_HONOR_KEYSERVER_URL,NULL,
82      N_("honor the preferred keyserver URL set on the key")},
83     {"honor-pka-record",KEYSERVER_HONOR_PKA_RECORD,NULL,
84      N_("honor the PKA record set on a key when retrieving keys")},
85     {NULL,0,NULL,NULL}
86   };
87
88 static int keyserver_work(enum ks_action action,strlist_t list,
89                           KEYDB_SEARCH_DESC *desc,int count,
90                           unsigned char **fpr,size_t *fpr_len,
91                           struct keyserver_spec *keyserver);
92
93 /* Reasonable guess */
94 #define DEFAULT_MAX_CERT_SIZE 16384
95
96 static size_t max_cert_size=DEFAULT_MAX_CERT_SIZE;
97
98 static void
99 add_canonical_option(char *option,strlist_t *list)
100 {
101   char *arg=argsplit(option);
102
103   if(arg)
104     {
105       char *joined;
106
107       joined=xmalloc(strlen(option)+1+strlen(arg)+1);
108       /* Make a canonical name=value form with no spaces */
109       strcpy(joined,option);
110       strcat(joined,"=");
111       strcat(joined,arg);
112       append_to_strlist(list,joined);
113       xfree(joined);
114     }
115   else
116     append_to_strlist(list,option);
117 }
118
119 int
120 parse_keyserver_options(char *options)
121 {
122   int ret=1;
123   char *tok;
124   char *max_cert=NULL;
125
126   keyserver_opts[0].value=&max_cert;
127
128   while((tok=optsep(&options)))
129     {
130       if(tok[0]=='\0')
131         continue;
132
133       /* For backwards compatibility.  1.2.x used honor-http-proxy and
134          there are a good number of documents published that recommend
135          it. */
136       if(ascii_strcasecmp(tok,"honor-http-proxy")==0)
137         tok="http-proxy";
138       else if(ascii_strcasecmp(tok,"no-honor-http-proxy")==0)
139         tok="no-http-proxy";
140
141       /* We accept quite a few possible options here - some options to
142          handle specially, the keyserver_options list, and import and
143          export options that pertain to keyserver operations.  Note
144          that you must use strncasecmp here as there might be an
145          =argument attached which will foil the use of strcasecmp. */
146
147 #ifdef EXEC_TEMPFILE_ONLY
148       if(ascii_strncasecmp(tok,"use-temp-files",14)==0 ||
149               ascii_strncasecmp(tok,"no-use-temp-files",17)==0)
150         log_info(_("WARNING: keyserver option `%s' is not used"
151                    " on this platform\n"),tok);
152 #else
153       if(ascii_strncasecmp(tok,"use-temp-files",14)==0)
154         opt.keyserver_options.options|=KEYSERVER_USE_TEMP_FILES;
155       else if(ascii_strncasecmp(tok,"no-use-temp-files",17)==0)
156         opt.keyserver_options.options&=~KEYSERVER_USE_TEMP_FILES;
157 #endif
158       else if(!parse_options(tok,&opt.keyserver_options.options,
159                              keyserver_opts,0)
160          && !parse_import_options(tok,
161                                   &opt.keyserver_options.import_options,0)
162          && !parse_export_options(tok,
163                                   &opt.keyserver_options.export_options,0))
164         {
165           /* All of the standard options have failed, so the option is
166              destined for a keyserver plugin. */
167           add_canonical_option(tok,&opt.keyserver_options.other);
168         }
169     }
170
171   if(max_cert)
172     {
173       max_cert_size=strtoul(max_cert,(char **)NULL,10);
174
175       if(max_cert_size==0)
176         max_cert_size=DEFAULT_MAX_CERT_SIZE;
177     }
178
179   return ret;
180 }
181
182 void
183 free_keyserver_spec(struct keyserver_spec *keyserver)
184 {
185   xfree(keyserver->uri);
186   xfree(keyserver->scheme);
187   xfree(keyserver->auth);
188   xfree(keyserver->host);
189   xfree(keyserver->port);
190   xfree(keyserver->path);
191   xfree(keyserver->opaque);
192   free_strlist(keyserver->options);
193   xfree(keyserver);
194 }
195
196 /* Return 0 for match */
197 static int
198 cmp_keyserver_spec(struct keyserver_spec *one,struct keyserver_spec *two)
199 {
200   if(ascii_strcasecmp(one->scheme,two->scheme)==0)
201     {
202       if(one->host && two->host && ascii_strcasecmp(one->host,two->host)==0)
203         {
204           if((one->port && two->port
205               && ascii_strcasecmp(one->port,two->port)==0)
206              || (!one->port && !two->port))
207             return 0;
208         }
209       else if(one->opaque && two->opaque
210               && ascii_strcasecmp(one->opaque,two->opaque)==0)
211         return 0;
212     }
213
214   return 1;
215 }
216
217 /* Try and match one of our keyservers.  If we can, return that.  If
218    we can't, return our input. */
219 struct keyserver_spec *
220 keyserver_match(struct keyserver_spec *spec)
221 {
222   struct keyserver_spec *ks;
223
224   for(ks=opt.keyserver;ks;ks=ks->next)
225     if(cmp_keyserver_spec(spec,ks)==0)
226       return ks;
227
228   return spec;
229 }
230
231 /* TODO: once we cut over to an all-curl world, we don't need this
232    parser any longer so it can be removed, or at least moved to
233    keyserver/ksutil.c for limited use in gpgkeys_ldap or the like. */
234
235 struct keyserver_spec *
236 parse_keyserver_uri(const char *string,int require_scheme,
237                     const char *configname,unsigned int configlineno)
238 {
239   int assume_hkp=0;
240   struct keyserver_spec *keyserver;
241   const char *idx;
242   int count;
243   char *uri,*options;
244
245   assert(string!=NULL);
246
247   keyserver=xmalloc_clear(sizeof(struct keyserver_spec));
248
249   uri=xstrdup(string);
250
251   options=strchr(uri,' ');
252   if(options)
253     {
254       char *tok;
255
256       *options='\0';
257       options++;
258
259       while((tok=optsep(&options)))
260         add_canonical_option(tok,&keyserver->options);
261     }
262
263   /* Get the scheme */
264
265   for(idx=uri,count=0;*idx && *idx!=':';idx++)
266     {
267       count++;
268
269       /* Do we see the start of an RFC-2732 ipv6 address here?  If so,
270          there clearly isn't a scheme so get out early. */
271       if(*idx=='[')
272         {
273           /* Was the '[' the first thing in the string?  If not, we
274              have a mangled scheme with a [ in it so fail. */
275           if(count==1)
276             break;
277           else
278             goto fail;
279         }
280     }
281
282   if(count==0)
283     goto fail;
284
285   if(*idx=='\0' || *idx=='[')
286     {
287       if(require_scheme)
288         return NULL;
289
290       /* Assume HKP if there is no scheme */
291       assume_hkp=1;
292       keyserver->scheme=xstrdup("hkp");
293
294       keyserver->uri=xmalloc(strlen(keyserver->scheme)+3+strlen(uri)+1);
295       strcpy(keyserver->uri,keyserver->scheme);
296       strcat(keyserver->uri,"://");
297       strcat(keyserver->uri,uri);
298     }
299   else
300     {
301       int i;
302
303       keyserver->uri=xstrdup(uri);
304
305       keyserver->scheme=xmalloc(count+1);
306
307       /* Force to lowercase */
308       for(i=0;i<count;i++)
309         keyserver->scheme[i]=ascii_tolower(uri[i]);
310
311       keyserver->scheme[i]='\0';
312
313       /* Skip past the scheme and colon */
314       uri+=count+1;
315     }
316
317   if(ascii_strcasecmp(keyserver->scheme,"x-broken-hkp")==0)
318     {
319       deprecated_warning(configname,configlineno,"x-broken-hkp",
320                          "--keyserver-options ","broken-http-proxy");
321       xfree(keyserver->scheme);
322       keyserver->scheme=xstrdup("hkp");
323       append_to_strlist(&opt.keyserver_options.other,"broken-http-proxy");
324     }
325   else if(ascii_strcasecmp(keyserver->scheme,"x-hkp")==0)
326     {
327       /* Canonicalize this to "hkp" so it works with both the internal
328          and external keyserver interface. */
329       xfree(keyserver->scheme);
330       keyserver->scheme=xstrdup("hkp");
331     }
332
333   if(assume_hkp || (uri[0]=='/' && uri[1]=='/'))
334     {
335       /* Two slashes means network path. */
336
337       /* Skip over the "//", if any */
338       if(!assume_hkp)
339         uri+=2;
340
341       /* Do we have userinfo auth data present? */
342       for(idx=uri,count=0;*idx && *idx!='@' && *idx!='/';idx++)
343         count++;
344
345       /* We found a @ before the slash, so that means everything
346          before the @ is auth data. */
347       if(*idx=='@')
348         {
349           if(count==0)
350             goto fail;
351
352           keyserver->auth=xmalloc(count+1);
353           strncpy(keyserver->auth,uri,count);
354           keyserver->auth[count]='\0';
355           uri+=count+1;
356         }
357
358       /* Is it an RFC-2732 ipv6 [literal address] ? */
359       if(*uri=='[')
360         {
361           for(idx=uri+1,count=1;*idx
362                 && ((isascii (*idx) && isxdigit(*idx))
363                     || *idx==':' || *idx=='.');idx++)
364             count++;
365
366           /* Is the ipv6 literal address terminated? */
367           if(*idx==']')
368             count++;
369           else
370             goto fail;
371         }
372       else
373         for(idx=uri,count=0;*idx && *idx!=':' && *idx!='/';idx++)
374           count++;
375
376       if(count==0)
377         goto fail;
378
379       keyserver->host=xmalloc(count+1);
380       strncpy(keyserver->host,uri,count);
381       keyserver->host[count]='\0';
382
383       /* Skip past the host */
384       uri+=count;
385
386       if(*uri==':')
387         {
388           /* It would seem to be reasonable to limit the range of the
389              ports to values between 1-65535, but RFC 1738 and 1808
390              imply there is no limit.  Of course, the real world has
391              limits. */
392
393           for(idx=uri+1,count=0;*idx && *idx!='/';idx++)
394             {
395               count++;
396
397               /* Ports are digits only */
398               if(!digitp(idx))
399                 goto fail;
400             }
401
402           keyserver->port=xmalloc(count+1);
403           strncpy(keyserver->port,uri+1,count);
404           keyserver->port[count]='\0';
405
406           /* Skip past the colon and port number */
407           uri+=1+count;
408         }
409
410       /* Everything else is the path */
411       if(*uri)
412         keyserver->path=xstrdup(uri);
413       else
414         keyserver->path=xstrdup("/");
415
416       if(keyserver->path[1])
417         keyserver->flags.direct_uri=1;
418     }
419   else if(uri[0]!='/')
420     {
421       /* No slash means opaque.  Just record the opaque blob and get
422          out. */
423       keyserver->opaque=xstrdup(uri);
424     }
425   else
426     {
427       /* One slash means absolute path.  We don't need to support that
428          yet. */
429       goto fail;
430     }
431
432   return keyserver;
433
434  fail:
435   free_keyserver_spec(keyserver);
436
437   return NULL;
438 }
439
440 struct keyserver_spec *
441 parse_preferred_keyserver(PKT_signature *sig)
442 {
443   struct keyserver_spec *spec=NULL;
444   const byte *p;
445   size_t plen;
446
447   p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&plen);
448   if(p && plen)
449     {
450       byte *dupe=xmalloc(plen+1);
451
452       memcpy(dupe,p,plen);
453       dupe[plen]='\0';
454       spec=parse_keyserver_uri(dupe,1,NULL,0);
455       xfree(dupe);
456     }
457
458   return spec;
459 }
460
461 static void
462 print_keyrec(int number,struct keyrec *keyrec)
463 {
464   int i;
465
466   iobuf_writebyte(keyrec->uidbuf,0);
467   iobuf_flush_temp(keyrec->uidbuf);
468   printf("(%d)\t%s  ",number,iobuf_get_temp_buffer(keyrec->uidbuf));
469
470   if(keyrec->size>0)
471     printf("%d bit ",keyrec->size);
472
473   if(keyrec->type)
474     {
475       const char *str = gcry_pk_algo_name (keyrec->type);
476
477       if(str)
478         printf("%s ",str);
479       else
480         printf("unknown ");
481     }
482
483   switch(keyrec->desc.mode)
484     {
485       /* If the keyserver helper gave us a short keyid, we have no
486          choice but to use it.  Do check --keyid-format to add a 0x if
487          needed. */
488     case KEYDB_SEARCH_MODE_SHORT_KID:
489       printf("key %s%08lX",
490              (opt.keyid_format==KF_0xSHORT
491               || opt.keyid_format==KF_0xLONG)?"0x":"",
492              (ulong)keyrec->desc.u.kid[1]);
493       break;
494
495       /* However, if it gave us a long keyid, we can honor
496          --keyid-format */
497     case KEYDB_SEARCH_MODE_LONG_KID:
498       printf("key %s",keystr(keyrec->desc.u.kid));
499       break;
500
501     case KEYDB_SEARCH_MODE_FPR16:
502       printf("key ");
503       for(i=0;i<16;i++)
504         printf("%02X",keyrec->desc.u.fpr[i]);
505       break;
506
507     case KEYDB_SEARCH_MODE_FPR20:
508       printf("key ");
509       for(i=0;i<20;i++)
510         printf("%02X",keyrec->desc.u.fpr[i]);
511       break;
512
513     default:
514       BUG();
515       break;
516     }
517
518   if(keyrec->createtime>0)
519     {
520       printf(", ");
521       printf(_("created: %s"),strtimestamp(keyrec->createtime));
522     }
523
524   if(keyrec->expiretime>0)
525     {
526       printf(", ");
527       printf(_("expires: %s"),strtimestamp(keyrec->expiretime));
528     }
529
530   if(keyrec->flags&1)
531     printf(" (%s)",_("revoked"));
532   if(keyrec->flags&2)
533     printf(" (%s)",_("disabled"));
534   if(keyrec->flags&4)
535     printf(" (%s)",_("expired"));
536
537   printf("\n");
538 }
539
540 /* Returns a keyrec (which must be freed) once a key is complete, and
541    NULL otherwise.  Call with a NULL keystring once key parsing is
542    complete to return any unfinished keys. */
543 static struct keyrec *
544 parse_keyrec(char *keystring)
545 {
546   static struct keyrec *work=NULL;
547   struct keyrec *ret=NULL;
548   char *record;
549   int i;
550
551   if(keystring==NULL)
552     {
553       if(work==NULL)
554         return NULL;
555       else if(work->desc.mode==KEYDB_SEARCH_MODE_NONE)
556         {
557           xfree(work);
558           return NULL;
559         }
560       else
561         {
562           ret=work;
563           work=NULL;
564           return ret;
565         }
566     }
567
568   if(work==NULL)
569     {
570       work=xmalloc_clear(sizeof(struct keyrec));
571       work->uidbuf=iobuf_temp();
572     }
573
574   /* Remove trailing whitespace */
575   for(i=strlen(keystring);i>0;i--)
576     if(ascii_isspace(keystring[i-1]))
577       keystring[i-1]='\0';
578     else
579       break;
580
581   if((record=strsep(&keystring,":"))==NULL)
582     return ret;
583
584   if(ascii_strcasecmp("pub",record)==0)
585     {
586       char *tok;
587
588       if(work->desc.mode)
589         {
590           ret=work;
591           work=xmalloc_clear(sizeof(struct keyrec));
592           work->uidbuf=iobuf_temp();
593         }
594
595       if((tok=strsep(&keystring,":"))==NULL)
596         return ret;
597
598       classify_user_id(tok,&work->desc);
599       if(work->desc.mode!=KEYDB_SEARCH_MODE_SHORT_KID
600          && work->desc.mode!=KEYDB_SEARCH_MODE_LONG_KID
601          && work->desc.mode!=KEYDB_SEARCH_MODE_FPR16
602          && work->desc.mode!=KEYDB_SEARCH_MODE_FPR20)
603         {
604           work->desc.mode=KEYDB_SEARCH_MODE_NONE;
605           return ret;
606         }
607
608       /* Note all items after this are optional.  This allows us to
609          have a pub line as simple as pub:keyid and nothing else. */
610
611       work->lines++;
612
613       if((tok=strsep(&keystring,":"))==NULL)
614         return ret;
615
616       work->type=atoi(tok);
617
618       if((tok=strsep(&keystring,":"))==NULL)
619         return ret;
620
621       work->size=atoi(tok);
622
623       if((tok=strsep(&keystring,":"))==NULL)
624         return ret;
625
626       if(atoi(tok)<=0)
627         work->createtime=0;
628       else
629         work->createtime=atoi(tok);
630
631       if((tok=strsep(&keystring,":"))==NULL)
632         return ret;
633
634       if(atoi(tok)<=0)
635         work->expiretime=0;
636       else
637         {
638           work->expiretime=atoi(tok);
639           /* Force the 'e' flag on if this key is expired. */
640           if(work->expiretime<=make_timestamp())
641             work->flags|=4;
642         }
643
644       if((tok=strsep(&keystring,":"))==NULL)
645         return ret;
646
647       while(*tok)
648         switch(*tok++)
649           {
650           case 'r':
651           case 'R':
652             work->flags|=1;
653             break;
654             
655           case 'd':
656           case 'D':
657             work->flags|=2;
658             break;
659
660           case 'e':
661           case 'E':
662             work->flags|=4;
663             break;
664           }
665     }
666   else if(ascii_strcasecmp("uid",record)==0 && work->desc.mode)
667     {
668       char *userid,*tok,*decoded;
669
670       if((tok=strsep(&keystring,":"))==NULL)
671         return ret;
672
673       if(strlen(tok)==0)
674         return ret;
675
676       userid=tok;
677
678       /* By definition, de-%-encoding is always smaller than the
679          original string so we can decode in place. */
680
681       i=0;
682
683       while(*tok)
684         if(tok[0]=='%' && tok[1] && tok[2])
685           {
686             if((userid[i]=hextobyte(&tok[1]))==-1)
687               userid[i]='?';
688
689             i++;
690             tok+=3;
691           }
692         else
693           userid[i++]=*tok++;
694
695       /* We don't care about the other info provided in the uid: line
696          since no keyserver supports marking userids with timestamps
697          or revoked/expired/disabled yet. */
698
699       /* No need to check for control characters, as utf8_to_native
700          does this for us. */
701
702       decoded=utf8_to_native(userid,i,0);
703       if(strlen(decoded)>opt.screen_columns-10)
704         decoded[opt.screen_columns-10]='\0';
705       iobuf_writestr(work->uidbuf,decoded);
706       xfree(decoded);
707       iobuf_writestr(work->uidbuf,"\n\t");
708       work->lines++;
709     }
710
711   /* Ignore any records other than "pri" and "uid" for easy future
712      growth. */
713
714   return ret;
715 }
716
717 /* TODO: do this as a list sent to keyserver_work rather than calling
718    it once for each key to get the correct counts after the import
719    (cosmetics, really) and to better take advantage of the keyservers
720    that can do multiple fetches in one go (LDAP). */
721 static int
722 show_prompt(KEYDB_SEARCH_DESC *desc,int numdesc,int count,const char *search)
723 {
724   char *answer;
725
726   if(count && opt.command_fd==-1)
727     {
728       static int from=1;
729       tty_printf("Keys %d-%d of %d for \"%s\".  ",from,numdesc,count,search);
730       from=numdesc+1;
731     }
732
733   answer=cpr_get_no_help("keysearch.prompt",
734                          _("Enter number(s), N)ext, or Q)uit > "));
735   /* control-d */
736   if(answer[0]=='\x04')
737     {
738       printf("Q\n");
739       answer[0]='q';
740     }
741
742   if(answer[0]=='q' || answer[0]=='Q')
743     {
744       xfree(answer);
745       return 1;
746     }
747   else if(atoi(answer)>=1 && atoi(answer)<=numdesc)
748     {
749       char *split=answer,*num;
750
751       while((num=strsep(&split," ,"))!=NULL)
752         if(atoi(num)>=1 && atoi(num)<=numdesc)
753           keyserver_work(KS_GET,NULL,&desc[atoi(num)-1],1,
754                          NULL,NULL,opt.keyserver);
755
756       xfree(answer);
757       return 1;
758     }
759
760   return 0;
761 }
762
763 /* Count and searchstr are just for cosmetics.  If the count is too
764    small, it will grow safely.  If negative it disables the "Key x-y
765    of z" messages.  searchstr should be UTF-8 (rather than native). */
766 static void
767 keyserver_search_prompt(IOBUF buffer,const char *searchstr)
768 {
769   int i=0,validcount=0,started=0,header=0,count=1;
770   unsigned int maxlen,buflen,numlines=0;
771   KEYDB_SEARCH_DESC *desc;
772   byte *line=NULL;
773   char *localstr=NULL;
774
775   if(searchstr)
776     localstr=utf8_to_native(searchstr,strlen(searchstr),0);
777
778   desc=xmalloc(count*sizeof(KEYDB_SEARCH_DESC));
779
780   for(;;)
781     {
782       struct keyrec *keyrec;
783       int rl;
784
785       maxlen=1024;
786       rl=iobuf_read_line(buffer,&line,&buflen,&maxlen);
787
788       if(opt.with_colons)
789         {
790           if(!header && ascii_strncasecmp("SEARCH ",line,7)==0
791              && ascii_strncasecmp(" BEGIN",&line[strlen(line)-7],6)==0)
792             {
793               header=1;
794               continue;
795             }
796           else if(ascii_strncasecmp("SEARCH ",line,7)==0
797                   && ascii_strncasecmp(" END",&line[strlen(line)-5],4)==0)
798             continue;
799
800           printf("%s",line);
801         }
802
803       /* Look for an info: line.  The only current info: values
804          defined are the version and key count. */
805       if(!started && rl>0 && ascii_strncasecmp("info:",line,5)==0)
806         {
807           char *tok,*str=&line[5];
808
809           if((tok=strsep(&str,":"))!=NULL)
810             {
811               int version;
812
813               if(sscanf(tok,"%d",&version)!=1)
814                 version=1;
815
816               if(version!=1)
817                 {
818                   log_error(_("invalid keyserver protocol "
819                               "(us %d!=handler %d)\n"),1,version);
820                   break;
821                 }
822             }
823
824           if((tok=strsep(&str,":"))!=NULL && sscanf(tok,"%d",&count)==1)
825             {
826               if(count==0)
827                 goto notfound;
828               else if(count<0)
829                 count=10;
830               else
831                 validcount=1;
832
833               desc=xrealloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
834             }
835
836           started=1;
837           continue;
838         }
839
840       if(rl==0)
841         {
842           keyrec=parse_keyrec(NULL);
843
844           if(keyrec==NULL)
845             {
846               if(i==0)
847                 {
848                   count=0;
849                   break;
850                 }
851
852               if(i!=count)
853                 validcount=0;
854
855               for(;;)
856                 {
857                   if(show_prompt(desc,i,validcount?count:0,localstr))
858                     break;
859                   validcount=0;
860                 }
861
862               break;
863             }
864         }
865       else
866         keyrec=parse_keyrec(line);
867
868       if(i==count)
869         {
870           /* keyserver helper sent more keys than they claimed in the
871              info: line. */
872           count+=10;
873           desc=xrealloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
874           validcount=0;
875         }
876
877       if(keyrec)
878         {
879           desc[i]=keyrec->desc;
880
881           if(!opt.with_colons)
882             {
883               /* screen_lines - 1 for the prompt. */
884               if(numlines+keyrec->lines>opt.screen_lines-1)
885                 {
886                   if(show_prompt(desc,i,validcount?count:0,localstr))
887                     break;
888                   else
889                     numlines=0;
890                 }
891
892               print_keyrec(i+1,keyrec);
893             }
894
895           numlines+=keyrec->lines;
896           iobuf_close(keyrec->uidbuf);
897           xfree(keyrec);
898
899           started=1;
900           i++;
901         }
902     }
903
904  notfound:
905   /* Leave this commented out or now, and perhaps for a very long
906      time.  All HKPish servers return HTML error messages for
907      no-key-found. */
908   /* 
909      if(!started)
910      log_info(_("keyserver does not support searching\n"));
911      else
912   */
913   if(count==0)
914     {
915       if(localstr)
916         log_info(_("key \"%s\" not found on keyserver\n"),localstr);
917       else
918         log_info(_("key not found on keyserver\n"));
919     }
920
921   xfree(localstr);
922   xfree(desc);
923   xfree(line);
924 }
925
926 /* We sometimes want to use a different gpgkeys_xxx for a given
927    protocol (for example, ldaps is handled by gpgkeys_ldap).  Map
928    these here. */
929 static const char *
930 keyserver_typemap(const char *type)
931 {
932   if(strcmp(type,"ldaps")==0)
933     return "ldap";
934   else
935     return type;
936 }
937
938 /* The PGP LDAP and the curl fetch-a-LDAP-object methodologies are
939    sufficiently different that we can't use curl to do LDAP. */
940 static int
941 direct_uri_map(const char *scheme,unsigned int is_direct)
942 {
943   if(is_direct && strcmp(scheme,"ldap")==0)
944     return 1;
945
946   return 0;
947 }
948
949 #if GNUPG_MAJOR_VERSION == 2
950 #define GPGKEYS_PREFIX "gpg2keys_"
951 #else
952 #define GPGKEYS_PREFIX "gpgkeys_"
953 #endif
954 #define GPGKEYS_CURL GPGKEYS_PREFIX "curl" EXEEXT
955 #define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_CURL))
956 #define KEYSERVER_ARGS_KEEP " -o \"%O\" \"%I\""
957 #define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\""
958
959 static int 
960 keyserver_spawn(enum ks_action action,strlist_t list,KEYDB_SEARCH_DESC *desc,
961                 int count,int *prog,unsigned char **fpr,size_t *fpr_len,
962                 struct keyserver_spec *keyserver)
963 {
964   int ret=0,i,gotversion=0,outofband=0;
965   strlist_t temp;
966   unsigned int maxlen,buflen;
967   char *command,*end,*searchstr=NULL;
968   byte *line=NULL;
969   struct exec_info *spawn;
970   const char *scheme;
971   const char *libexecdir = gnupg_libexecdir ();
972
973   assert(keyserver);
974
975 #ifdef EXEC_TEMPFILE_ONLY
976   opt.keyserver_options.options|=KEYSERVER_USE_TEMP_FILES;
977 #endif
978
979   /* Build the filename for the helper to execute */
980   scheme=keyserver_typemap(keyserver->scheme);
981
982 #ifdef DISABLE_KEYSERVER_PATH
983   /* Destroy any path we might have.  This is a little tricky,
984      portability-wise.  It's not correct to delete the PATH
985      environment variable, as that may fall back to a system built-in
986      PATH.  Similarly, it is not correct to set PATH to the null
987      string (PATH="") since this actually deletes the PATH environment
988      variable under MinGW.  The safest thing to do here is to force
989      PATH to be GNUPG_LIBEXECDIR.  All this is not that meaningful on
990      Unix-like systems (since we're going to give a full path to
991      gpgkeys_foo), but on W32 it prevents loading any DLLs from
992      directories in %PATH%.
993
994      After some more thinking about this we came to the conclusion
995      that it is better to load the helpers from the directory where
996      the program of this process lives.  Fortunately Windows provides
997      a way to retrieve this and our gnupg_libexecdir function has been
998      modified to return just this.  Setting the exec-path is not
999      anymore required.  
1000        set_exec_path(libexecdir);
1001  */
1002 #else
1003   if(opt.exec_path_set)
1004     {
1005       /* If exec-path was set, and DISABLE_KEYSERVER_PATH is
1006          undefined, then don't specify a full path to gpgkeys_foo, so
1007          that the PATH can work. */
1008       command=xmalloc(GPGKEYS_PREFIX_LEN+strlen(scheme)+3+strlen(EXEEXT)+1);
1009       command[0]='\0';
1010     }
1011   else
1012 #endif
1013     {
1014       /* Specify a full path to gpgkeys_foo. */
1015       command=xmalloc(strlen(libexecdir)+strlen(DIRSEP_S)+
1016                       GPGKEYS_PREFIX_LEN+strlen(scheme)+3+strlen(EXEEXT)+1);
1017       strcpy(command,libexecdir);
1018       strcat(command,DIRSEP_S);
1019     }
1020
1021   end=command+strlen(command);
1022
1023   /* Build a path for the keyserver helper.  If it is direct_uri
1024      (i.e. an object fetch and not a keyserver), then add "_uri" to
1025      the end to distinguish the keyserver helper from an object
1026      fetcher that can speak that protocol (this is a problem for
1027      LDAP). */
1028
1029   strcat(command,GPGKEYS_PREFIX); 
1030   strcat(command,scheme);
1031
1032   /* This "_uri" thing is in case we need to call a direct handler
1033      instead of the keyserver handler.  This lets us use gpgkeys_curl
1034      or gpgkeys_ldap_uri (we don't provide it, but a user might)
1035      instead of gpgkeys_ldap to fetch things like
1036      ldap://keyserver.pgp.com/o=PGP%20keys?pgpkey?sub?pgpkeyid=99242560 */
1037
1038   if(direct_uri_map(scheme,keyserver->flags.direct_uri))
1039     strcat(command,"_uri");
1040
1041   strcat(command,EXEEXT);
1042
1043   /* Can we execute it?  If not, try curl as our catchall. */
1044   if(path_access(command,X_OK)!=0)
1045     strcpy(end,GPGKEYS_CURL);
1046
1047   if(opt.keyserver_options.options&KEYSERVER_USE_TEMP_FILES)
1048     {
1049       if(opt.keyserver_options.options&KEYSERVER_KEEP_TEMP_FILES)
1050         {
1051           command=xrealloc(command,strlen(command)+
1052                             strlen(KEYSERVER_ARGS_KEEP)+1);
1053           strcat(command,KEYSERVER_ARGS_KEEP);
1054         }
1055       else
1056         {
1057           command=xrealloc(command,strlen(command)+
1058                             strlen(KEYSERVER_ARGS_NOKEEP)+1);
1059           strcat(command,KEYSERVER_ARGS_NOKEEP);  
1060         }
1061
1062       ret=exec_write(&spawn,NULL,command,NULL,0,0);
1063     }
1064   else
1065     ret=exec_write(&spawn,command,NULL,NULL,0,0);
1066
1067   xfree(command);
1068
1069   if(ret)
1070     return ret;
1071
1072   fprintf(spawn->tochild,
1073           "# This is a GnuPG %s keyserver communications file\n",VERSION);
1074   fprintf(spawn->tochild,"VERSION %d\n",KEYSERVER_PROTO_VERSION);
1075   fprintf(spawn->tochild,"PROGRAM %s\n",VERSION);
1076   fprintf(spawn->tochild,"SCHEME %s\n",keyserver->scheme);
1077
1078   if(keyserver->opaque)
1079     fprintf(spawn->tochild,"OPAQUE %s\n",keyserver->opaque);
1080   else
1081     {
1082       if(keyserver->auth)
1083         fprintf(spawn->tochild,"AUTH %s\n",keyserver->auth);
1084
1085       if(keyserver->host)
1086         fprintf(spawn->tochild,"HOST %s\n",keyserver->host);
1087
1088       if(keyserver->port)
1089         fprintf(spawn->tochild,"PORT %s\n",keyserver->port);
1090
1091       if(keyserver->path)
1092         fprintf(spawn->tochild,"PATH %s\n",keyserver->path);
1093     }
1094
1095   /* Write global options */
1096
1097   for(temp=opt.keyserver_options.other;temp;temp=temp->next)
1098     fprintf(spawn->tochild,"OPTION %s\n",temp->d);
1099
1100   /* Write per-keyserver options */
1101
1102   for(temp=keyserver->options;temp;temp=temp->next)
1103     fprintf(spawn->tochild,"OPTION %s\n",temp->d);
1104
1105   switch(action)
1106     {
1107     case KS_GET:
1108       {
1109         fprintf(spawn->tochild,"COMMAND GET\n\n");
1110
1111         /* Which keys do we want? */
1112
1113         for(i=0;i<count;i++)
1114           {
1115             int quiet=0;
1116
1117             if(desc[i].mode==KEYDB_SEARCH_MODE_FPR20)
1118               {
1119                 int f;
1120
1121                 fprintf(spawn->tochild,"0x");
1122
1123                 for(f=0;f<MAX_FINGERPRINT_LEN;f++)
1124                   fprintf(spawn->tochild,"%02X",desc[i].u.fpr[f]);
1125
1126                 fprintf(spawn->tochild,"\n");
1127               }
1128             else if(desc[i].mode==KEYDB_SEARCH_MODE_FPR16)
1129               {
1130                 int f;
1131
1132                 fprintf(spawn->tochild,"0x");
1133
1134                 for(f=0;f<16;f++)
1135                   fprintf(spawn->tochild,"%02X",desc[i].u.fpr[f]);
1136
1137                 fprintf(spawn->tochild,"\n");
1138               }
1139             else if(desc[i].mode==KEYDB_SEARCH_MODE_LONG_KID)
1140               fprintf(spawn->tochild,"0x%08lX%08lX\n",
1141                       (ulong)desc[i].u.kid[0],
1142                       (ulong)desc[i].u.kid[1]);
1143             else if(desc[i].mode==KEYDB_SEARCH_MODE_SHORT_KID)
1144               fprintf(spawn->tochild,"0x%08lX\n",
1145                       (ulong)desc[i].u.kid[1]);
1146             else if(desc[i].mode==KEYDB_SEARCH_MODE_EXACT)
1147               {
1148                 fprintf(spawn->tochild,"0x0000000000000000\n");
1149                 quiet=1;
1150               }
1151             else if(desc[i].mode==KEYDB_SEARCH_MODE_NONE)
1152               continue;
1153             else
1154               BUG();
1155
1156             if(!quiet)
1157               {
1158                 if(keyserver->host)
1159                   log_info(_("requesting key %s from %s server %s\n"),
1160                            keystr_from_desc(&desc[i]),
1161                            keyserver->scheme,keyserver->host);
1162                 else
1163                   log_info(_("requesting key %s from %s\n"),
1164                            keystr_from_desc(&desc[i]),keyserver->uri);
1165               }
1166           }
1167
1168         fprintf(spawn->tochild,"\n");
1169
1170         break;
1171       }
1172
1173     case KS_GETNAME:
1174       {
1175         strlist_t key;
1176
1177         fprintf(spawn->tochild,"COMMAND GETNAME\n\n");
1178
1179         /* Which names do we want? */
1180
1181         for(key=list;key!=NULL;key=key->next)
1182           fprintf(spawn->tochild,"%s\n",key->d);
1183
1184         fprintf(spawn->tochild,"\n");
1185
1186         if(keyserver->host)
1187           log_info(_("searching for names from %s server %s\n"),
1188                    keyserver->scheme,keyserver->host);
1189         else
1190           log_info(_("searching for names from %s\n"),keyserver->uri);
1191
1192         break;
1193       }
1194
1195     case KS_SEND:
1196       {
1197         strlist_t key;
1198
1199         /* Note the extra \n here to send an empty keylist block */
1200         fprintf(spawn->tochild,"COMMAND SEND\n\n\n");
1201
1202         for(key=list;key!=NULL;key=key->next)
1203           {
1204             armor_filter_context_t *afx;
1205             IOBUF buffer = iobuf_temp ();
1206             KBNODE block;
1207
1208             temp=NULL;
1209             add_to_strlist(&temp,key->d);
1210
1211             afx = new_armor_context ();
1212             afx->what = 1;
1213             /* Tell the armor filter to use Unix-style \n line
1214                endings, since we're going to fprintf this to a file
1215                that (on Win32) is open in text mode.  The win32 stdio
1216                will transform the \n to \r\n and we'll end up with the
1217                proper line endings on win32.  This is a no-op on
1218                Unix. */
1219             afx->eol[0] = '\n';
1220             push_armor_filter (afx, buffer);
1221             release_armor_context (afx);
1222
1223             /* TODO: Remove Comment: lines from keys exported this
1224                way? */
1225
1226             if(export_pubkeys_stream(buffer,temp,&block,
1227                                      opt.keyserver_options.export_options)==-1)
1228               iobuf_close(buffer);
1229             else
1230               {
1231                 KBNODE node;
1232
1233                 iobuf_flush_temp(buffer);
1234
1235                 merge_keys_and_selfsig(block);
1236
1237                 fprintf(spawn->tochild,"INFO %08lX%08lX BEGIN\n",
1238                         (ulong)block->pkt->pkt.public_key->keyid[0],
1239                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1240
1241                 for(node=block;node;node=node->next)
1242                   {
1243                     switch(node->pkt->pkttype)
1244                       {
1245                       default:
1246                         continue;
1247
1248                       case PKT_PUBLIC_KEY:
1249                       case PKT_PUBLIC_SUBKEY:
1250                         {
1251                           PKT_public_key *pk=node->pkt->pkt.public_key;
1252
1253                           keyid_from_pk(pk,NULL);
1254
1255                           fprintf(spawn->tochild,"%sb:%08lX%08lX:%u:%u:%u:%u:",
1256                                   node->pkt->pkttype==PKT_PUBLIC_KEY?"pu":"su",
1257                                   (ulong)pk->keyid[0],(ulong)pk->keyid[1],
1258                                   pk->pubkey_algo,
1259                                   nbits_from_pk(pk),
1260                                   pk->timestamp,
1261                                   pk->expiredate);
1262
1263                           if(pk->is_revoked)
1264                             fprintf(spawn->tochild,"r");
1265                           if(pk->has_expired)
1266                             fprintf(spawn->tochild,"e");
1267
1268                           fprintf(spawn->tochild,"\n");
1269                         }
1270                         break;
1271
1272                       case PKT_USER_ID:
1273                         {
1274                           PKT_user_id *uid=node->pkt->pkt.user_id;
1275                           int r;
1276
1277                           if(uid->attrib_data)
1278                             continue;
1279
1280                           fprintf(spawn->tochild,"uid:");
1281
1282                           /* Quote ':', '%', and any 8-bit
1283                              characters */
1284                           for(r=0;r<uid->len;r++)
1285                             {
1286                               if(uid->name[r]==':' || uid->name[r]=='%'
1287                                  || uid->name[r]&0x80)
1288                                 fprintf(spawn->tochild,"%%%02X",
1289                                         (byte)uid->name[r]);
1290                               else
1291                                 fprintf(spawn->tochild,"%c",uid->name[r]);
1292                             }
1293
1294                           fprintf(spawn->tochild,":%u:%u:",
1295                                   uid->created,uid->expiredate);
1296
1297                           if(uid->is_revoked)
1298                             fprintf(spawn->tochild,"r");
1299                           if(uid->is_expired)
1300                             fprintf(spawn->tochild,"e");
1301
1302                           fprintf(spawn->tochild,"\n");
1303                         }
1304                         break;
1305
1306                         /* This bit is really for the benefit of
1307                            people who store their keys in LDAP
1308                            servers.  It makes it easy to do queries
1309                            for things like "all keys signed by
1310                            Isabella". */
1311                       case PKT_SIGNATURE:
1312                         {
1313                           PKT_signature *sig=node->pkt->pkt.signature;
1314
1315                           if(!IS_UID_SIG(sig))
1316                             continue;
1317
1318                           fprintf(spawn->tochild,"sig:%08lX%08lX:%X:%u:%u\n",
1319                                   (ulong)sig->keyid[0],(ulong)sig->keyid[1],
1320                                   sig->sig_class,sig->timestamp,
1321                                   sig->expiredate);
1322                         }
1323                         break;
1324                       }
1325                   }
1326
1327                 fprintf(spawn->tochild,"INFO %08lX%08lX END\n",
1328                         (ulong)block->pkt->pkt.public_key->keyid[0],
1329                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1330
1331                 fprintf(spawn->tochild,"KEY %08lX%08lX BEGIN\n",
1332                         (ulong)block->pkt->pkt.public_key->keyid[0],
1333                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1334                 fwrite(iobuf_get_temp_buffer(buffer),
1335                        iobuf_get_temp_length(buffer),1,spawn->tochild);
1336                 fprintf(spawn->tochild,"KEY %08lX%08lX END\n",
1337                         (ulong)block->pkt->pkt.public_key->keyid[0],
1338                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1339
1340                 iobuf_close(buffer);
1341
1342                 if(keyserver->host)
1343                   log_info(_("sending key %s to %s server %s\n"),
1344                            keystr(block->pkt->pkt.public_key->keyid),
1345                            keyserver->scheme,keyserver->host);
1346                 else
1347                   log_info(_("sending key %s to %s\n"),
1348                            keystr(block->pkt->pkt.public_key->keyid),
1349                            keyserver->uri);
1350
1351                 release_kbnode(block);
1352               }
1353
1354             free_strlist(temp);
1355           }
1356
1357         break;
1358       }
1359
1360     case KS_SEARCH:
1361       {
1362         strlist_t key;
1363
1364         fprintf(spawn->tochild,"COMMAND SEARCH\n\n");
1365
1366         /* Which keys do we want?  Remember that the gpgkeys_ program
1367            is going to lump these together into a search string. */
1368
1369         for(key=list;key!=NULL;key=key->next)
1370           {
1371             fprintf(spawn->tochild,"%s\n",key->d);
1372             if(key!=list)
1373               {
1374                 searchstr=xrealloc(searchstr,
1375                                     strlen(searchstr)+strlen(key->d)+2);
1376                 strcat(searchstr," ");
1377               }
1378             else
1379               {
1380                 searchstr=xmalloc(strlen(key->d)+1);
1381                 searchstr[0]='\0';
1382               }
1383
1384             strcat(searchstr,key->d);
1385           }
1386
1387         fprintf(spawn->tochild,"\n");
1388
1389         if(keyserver->host)
1390           log_info(_("searching for \"%s\" from %s server %s\n"),
1391                    searchstr,keyserver->scheme,keyserver->host);
1392         else
1393           log_info(_("searching for \"%s\" from %s\n"),
1394                    searchstr,keyserver->uri);
1395
1396         break;
1397       }
1398
1399     default:
1400       log_fatal(_("no keyserver action!\n"));
1401       break;
1402     }
1403
1404   /* Done sending, so start reading. */
1405   ret=exec_read(spawn);
1406   if(ret)
1407     goto fail;
1408
1409   /* Now handle the response */
1410
1411   for(;;)
1412     {
1413       int plen;
1414       char *ptr;
1415
1416       maxlen=1024;
1417       if(iobuf_read_line(spawn->fromchild,&line,&buflen,&maxlen)==0)
1418         {
1419           ret = gpg_error_from_syserror ();
1420           goto fail; /* i.e. EOF */
1421         }
1422
1423       ptr=line;
1424
1425       /* remove trailing whitespace */
1426       plen=strlen(ptr);
1427       while(plen>0 && ascii_isspace(ptr[plen-1]))
1428         plen--;
1429       plen[ptr]='\0';
1430
1431       if(*ptr=='\0')
1432         break;
1433
1434       if(ascii_strncasecmp(ptr,"VERSION ",8)==0)
1435         {
1436           gotversion=1;
1437
1438           if(atoi(&ptr[8])!=KEYSERVER_PROTO_VERSION)
1439             {
1440               log_error(_("invalid keyserver protocol (us %d!=handler %d)\n"),
1441                         KEYSERVER_PROTO_VERSION,atoi(&ptr[8]));
1442               goto fail;
1443             }
1444         }
1445       else if(ascii_strncasecmp(ptr,"PROGRAM ",8)==0)
1446         {
1447           if(ascii_strncasecmp(&ptr[8],VERSION,strlen(VERSION))!=0)
1448             log_info(_("WARNING: keyserver handler from a different"
1449                        " version of GnuPG (%s)\n"),&ptr[8]);
1450         }
1451       else if(ascii_strncasecmp(ptr,"OPTION OUTOFBAND",16)==0)
1452         outofband=1; /* Currently the only OPTION */
1453     }
1454
1455   if(!gotversion)
1456     {
1457       log_error(_("keyserver did not send VERSION\n"));
1458       goto fail;
1459     }
1460
1461   if(!outofband)
1462     switch(action)
1463       {
1464       case KS_GET:
1465       case KS_GETNAME:
1466         {
1467           void *stats_handle;
1468
1469           stats_handle=import_new_stats_handle();
1470
1471           /* Slurp up all the key data.  In the future, it might be
1472              nice to look for KEY foo OUTOFBAND and FAILED indicators.
1473              It's harmless to ignore them, but ignoring them does make
1474              gpg complain about "no valid OpenPGP data found".  One
1475              way to do this could be to continue parsing this
1476              line-by-line and make a temp iobuf for each key. */
1477
1478           import_keys_stream(spawn->fromchild,stats_handle,fpr,fpr_len,
1479                              opt.keyserver_options.import_options);
1480
1481           import_print_stats(stats_handle);
1482           import_release_stats_handle(stats_handle);
1483
1484           break;
1485         }
1486
1487         /* Nothing to do here */
1488       case KS_SEND:
1489         break;
1490
1491       case KS_SEARCH:
1492         keyserver_search_prompt(spawn->fromchild,searchstr);
1493         break;
1494
1495       default:
1496         log_fatal(_("no keyserver action!\n"));
1497         break;
1498       }
1499
1500  fail:
1501   xfree(line);
1502   xfree(searchstr);
1503
1504
1505   *prog=exec_finish(spawn);
1506
1507   return ret;
1508 }
1509
1510 static int 
1511 keyserver_work(enum ks_action action,strlist_t list,KEYDB_SEARCH_DESC *desc,
1512                int count,unsigned char **fpr,size_t *fpr_len,
1513                struct keyserver_spec *keyserver)
1514 {
1515   int rc=0,ret=0;
1516
1517   if(!keyserver)
1518     {
1519       log_error(_("no keyserver known (use option --keyserver)\n"));
1520       return G10ERR_BAD_URI;
1521     }
1522
1523 #ifdef DISABLE_KEYSERVER_HELPERS
1524
1525   log_error(_("external keyserver calls are not supported in this build\n"));
1526   return G10ERR_KEYSERVER;
1527
1528 #else
1529   /* Spawn a handler */
1530
1531   rc=keyserver_spawn(action,list,desc,count,&ret,fpr,fpr_len,keyserver);
1532   if(ret)
1533     {
1534       switch(ret)
1535         {
1536         case KEYSERVER_SCHEME_NOT_FOUND:
1537           log_error(_("no handler for keyserver scheme `%s'\n"),
1538                     keyserver->scheme);
1539           break;
1540
1541         case KEYSERVER_NOT_SUPPORTED:
1542           log_error(_("action `%s' not supported with keyserver "
1543                       "scheme `%s'\n"),
1544                     action==KS_GET?"get":action==KS_SEND?"send":
1545                     action==KS_SEARCH?"search":"unknown",
1546                     keyserver->scheme);
1547           break;
1548
1549         case KEYSERVER_VERSION_ERROR:
1550           log_error(_(GPGKEYS_PREFIX "%s does not support"
1551                       " handler version %d\n"),
1552                     keyserver_typemap(keyserver->scheme),
1553                     KEYSERVER_PROTO_VERSION);
1554           break;
1555
1556         case KEYSERVER_TIMEOUT:
1557           log_error(_("keyserver timed out\n"));
1558           break;
1559
1560         case KEYSERVER_INTERNAL_ERROR:
1561         default:
1562           log_error(_("keyserver internal error\n"));
1563           break;
1564         }
1565
1566       return G10ERR_KEYSERVER;
1567     }
1568
1569   if(rc)
1570     {
1571       log_error(_("keyserver communications error: %s\n"),g10_errstr(rc));
1572
1573       return rc;
1574     }
1575
1576   return 0;
1577 #endif /* ! DISABLE_KEYSERVER_HELPERS*/
1578 }
1579
1580 int 
1581 keyserver_export(strlist_t users)
1582 {
1583   strlist_t sl=NULL;
1584   KEYDB_SEARCH_DESC desc;
1585   int rc=0;
1586
1587   /* Weed out descriptors that we don't support sending */
1588   for(;users;users=users->next)
1589     {
1590       classify_user_id (users->d, &desc);
1591       if(desc.mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
1592          desc.mode!=KEYDB_SEARCH_MODE_LONG_KID &&
1593          desc.mode!=KEYDB_SEARCH_MODE_FPR16 &&
1594          desc.mode!=KEYDB_SEARCH_MODE_FPR20)
1595         {
1596           log_error(_("\"%s\" not a key ID: skipping\n"),users->d);
1597           continue;
1598         }
1599       else
1600         append_to_strlist(&sl,users->d);
1601     }
1602
1603   if(sl)
1604     {
1605       rc=keyserver_work(KS_SEND,sl,NULL,0,NULL,NULL,opt.keyserver);
1606       free_strlist(sl);
1607     }
1608
1609   return rc;
1610 }
1611
1612 int 
1613 keyserver_import(strlist_t users)
1614 {
1615   KEYDB_SEARCH_DESC *desc;
1616   int num=100,count=0;
1617   int rc=0;
1618
1619   /* Build a list of key ids */
1620   desc=xmalloc(sizeof(KEYDB_SEARCH_DESC)*num);
1621
1622   for(;users;users=users->next)
1623     {
1624       classify_user_id (users->d, &desc[count]);
1625       if(desc[count].mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
1626          desc[count].mode!=KEYDB_SEARCH_MODE_LONG_KID &&
1627          desc[count].mode!=KEYDB_SEARCH_MODE_FPR16 &&
1628          desc[count].mode!=KEYDB_SEARCH_MODE_FPR20)
1629         {
1630           log_error(_("\"%s\" not a key ID: skipping\n"),users->d);
1631           continue;
1632         }
1633
1634       count++;
1635       if(count==num)
1636         {
1637           num+=100;
1638           desc=xrealloc(desc,sizeof(KEYDB_SEARCH_DESC)*num);
1639         }
1640     }
1641
1642   if(count>0)
1643     rc=keyserver_work(KS_GET,NULL,desc,count,NULL,NULL,opt.keyserver);
1644
1645   xfree(desc);
1646
1647   return rc;
1648 }
1649
1650 int
1651 keyserver_import_fprint(const byte *fprint,size_t fprint_len,
1652                         struct keyserver_spec *keyserver)
1653 {
1654   KEYDB_SEARCH_DESC desc;
1655
1656   memset(&desc,0,sizeof(desc));
1657
1658   if(fprint_len==16)
1659     desc.mode=KEYDB_SEARCH_MODE_FPR16;
1660   else if(fprint_len==20)
1661     desc.mode=KEYDB_SEARCH_MODE_FPR20;
1662   else
1663     return -1;
1664
1665   memcpy(desc.u.fpr,fprint,fprint_len);
1666
1667   /* TODO: Warn here if the fingerprint we got doesn't match the one
1668      we asked for? */
1669   return keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,keyserver);
1670 }
1671
1672 int 
1673 keyserver_import_keyid(u32 *keyid,struct keyserver_spec *keyserver)
1674 {
1675   KEYDB_SEARCH_DESC desc;
1676
1677   memset(&desc,0,sizeof(desc));
1678
1679   desc.mode=KEYDB_SEARCH_MODE_LONG_KID;
1680   desc.u.kid[0]=keyid[0];
1681   desc.u.kid[1]=keyid[1];
1682
1683   return keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,keyserver);
1684 }
1685
1686 /* code mostly stolen from do_export_stream */
1687 static int 
1688 keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
1689 {
1690   int rc=0,ndesc,num=100;
1691   KBNODE keyblock=NULL,node;
1692   KEYDB_HANDLE kdbhd;
1693   KEYDB_SEARCH_DESC *desc;
1694   strlist_t sl;
1695
1696   *count=0;
1697
1698   *klist=xmalloc(sizeof(KEYDB_SEARCH_DESC)*num);
1699
1700   kdbhd=keydb_new(0);
1701
1702   if(!users)
1703     {
1704       ndesc = 1;
1705       desc = xmalloc_clear ( ndesc * sizeof *desc);
1706       desc[0].mode = KEYDB_SEARCH_MODE_FIRST;
1707     }
1708   else
1709     {
1710       for (ndesc=0, sl=users; sl; sl = sl->next, ndesc++) 
1711         ;
1712       desc = xmalloc ( ndesc * sizeof *desc);
1713         
1714       for (ndesc=0, sl=users; sl; sl = sl->next)
1715         {
1716           if(classify_user_id (sl->d, desc+ndesc))
1717             ndesc++;
1718           else
1719             log_error (_("key \"%s\" not found: %s\n"),
1720                        sl->d, g10_errstr (G10ERR_INV_USER_ID));
1721         }
1722     }
1723
1724   while (!(rc = keydb_search (kdbhd, desc, ndesc)))
1725     {
1726       if (!users) 
1727         desc[0].mode = KEYDB_SEARCH_MODE_NEXT;
1728
1729       /* read the keyblock */
1730       rc = keydb_get_keyblock (kdbhd, &keyblock );
1731       if( rc )
1732         {
1733           log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) );
1734           goto leave;
1735         }
1736
1737       if((node=find_kbnode(keyblock,PKT_PUBLIC_KEY)))
1738         {
1739           /* This is to work around a bug in some keyservers (pksd and
1740              OKS) that calculate v4 RSA keyids as if they were v3 RSA.
1741              The answer is to refresh both the correct v4 keyid
1742              (e.g. 99242560) and the fake v3 keyid (e.g. 68FDDBC7).
1743              This only happens for key refresh using the HKP scheme
1744              and if the refresh-add-fake-v3-keyids keyserver option is
1745              set. */
1746           if(fakev3 && is_RSA(node->pkt->pkt.public_key->pubkey_algo) &&
1747              node->pkt->pkt.public_key->version>=4)
1748             {
1749               (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
1750               v3_keyid (node->pkt->pkt.public_key->pkey[0],
1751                         (*klist)[*count].u.kid);
1752               (*count)++;
1753
1754               if(*count==num)
1755                 {
1756                   num+=100;
1757                   *klist=xrealloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
1758                 }
1759             }
1760
1761           /* v4 keys get full fingerprints.  v3 keys get long keyids.
1762              This is because it's easy to calculate any sort of keyid
1763              from a v4 fingerprint, but not a v3 fingerprint. */
1764
1765           if(node->pkt->pkt.public_key->version<4)
1766             {
1767               (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
1768               keyid_from_pk(node->pkt->pkt.public_key,
1769                             (*klist)[*count].u.kid);
1770             }
1771           else
1772             {
1773               size_t dummy;
1774
1775               (*klist)[*count].mode=KEYDB_SEARCH_MODE_FPR20;
1776               fingerprint_from_pk(node->pkt->pkt.public_key,
1777                                   (*klist)[*count].u.fpr,&dummy);
1778             }
1779
1780           /* This is a little hackish, using the skipfncvalue as a
1781              void* pointer to the keyserver spec, but we don't need
1782              the skipfnc here, and it saves having an additional field
1783              for this (which would be wasted space most of the
1784              time). */
1785
1786           (*klist)[*count].skipfncvalue=NULL;
1787
1788           /* Are we honoring preferred keyservers? */
1789           if(opt.keyserver_options.options&KEYSERVER_HONOR_KEYSERVER_URL)
1790             {
1791               PKT_user_id *uid=NULL;
1792               PKT_signature *sig=NULL;
1793
1794               merge_keys_and_selfsig(keyblock);
1795
1796               for(node=node->next;node;node=node->next)
1797                 {
1798                   if(node->pkt->pkttype==PKT_USER_ID
1799                      && node->pkt->pkt.user_id->is_primary)
1800                     uid=node->pkt->pkt.user_id;
1801                   else if(node->pkt->pkttype==PKT_SIGNATURE
1802                           && node->pkt->pkt.signature->
1803                           flags.chosen_selfsig && uid)
1804                     {
1805                       sig=node->pkt->pkt.signature;
1806                       break;
1807                     }
1808                 }
1809
1810               /* Try and parse the keyserver URL.  If it doesn't work,
1811                  then we end up writing NULL which indicates we are
1812                  the same as any other key. */
1813               if(sig)
1814                 (*klist)[*count].skipfncvalue=parse_preferred_keyserver(sig);
1815             }
1816
1817           (*count)++;
1818
1819           if(*count==num)
1820             {
1821               num+=100;
1822               *klist=xrealloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
1823             }
1824         }
1825     }
1826
1827   if(rc==-1)
1828     rc=0;
1829   
1830  leave:
1831   if(rc)
1832     xfree(*klist);
1833   xfree(desc);
1834   keydb_release(kdbhd);
1835   release_kbnode(keyblock);
1836
1837   return rc;
1838 }
1839
1840 /* Note this is different than the original HKP refresh.  It allows
1841    usernames to refresh only part of the keyring. */
1842
1843 int
1844 keyserver_refresh(strlist_t users)
1845 {
1846   int rc,count,numdesc,fakev3=0;
1847   KEYDB_SEARCH_DESC *desc;
1848   unsigned int options=opt.keyserver_options.import_options;
1849
1850   /* We switch merge-only on during a refresh, as 'refresh' should
1851      never import new keys, even if their keyids match. */
1852   opt.keyserver_options.import_options|=IMPORT_MERGE_ONLY;
1853
1854   /* Similarly, we switch on fast-import, since refresh may make
1855      multiple import sets (due to preferred keyserver URLs).  We don't
1856      want each set to rebuild the trustdb.  Instead we do it once at
1857      the end here. */
1858   opt.keyserver_options.import_options|=IMPORT_FAST;
1859
1860   /* If refresh_add_fake_v3_keyids is on and it's a HKP or MAILTO
1861      scheme, then enable fake v3 keyid generation. */
1862   if((opt.keyserver_options.options&KEYSERVER_ADD_FAKE_V3) && opt.keyserver
1863      && (ascii_strcasecmp(opt.keyserver->scheme,"hkp")==0 ||
1864          ascii_strcasecmp(opt.keyserver->scheme,"mailto")==0))
1865     fakev3=1;
1866
1867   rc=keyidlist(users,&desc,&numdesc,fakev3);
1868   if(rc)
1869     return rc;
1870
1871   count=numdesc;
1872   if(count>0)
1873     {
1874       int i;
1875
1876       /* Try to handle preferred keyserver keys first */
1877       for(i=0;i<numdesc;i++)
1878         {
1879           if(desc[i].skipfncvalue)
1880             {
1881               struct keyserver_spec *keyserver=desc[i].skipfncvalue;
1882
1883               /* We use the keyserver structure we parsed out before.
1884                  Note that a preferred keyserver without a scheme://
1885                  will be interpreted as hkp:// */
1886
1887               rc=keyserver_work(KS_GET,NULL,&desc[i],1,NULL,NULL,keyserver);
1888               if(rc)
1889                 log_info(_("WARNING: unable to refresh key %s"
1890                            " via %s: %s\n"),keystr_from_desc(&desc[i]),
1891                          keyserver->uri,g10_errstr(rc));
1892               else
1893                 {
1894                   /* We got it, so mark it as NONE so we don't try and
1895                      get it again from the regular keyserver. */
1896
1897                   desc[i].mode=KEYDB_SEARCH_MODE_NONE;
1898                   count--;
1899                 }
1900
1901               free_keyserver_spec(keyserver);
1902             }
1903         }
1904     }
1905
1906   if(count>0)
1907     {
1908       if(opt.keyserver)
1909         {
1910           if(count==1)
1911             log_info(_("refreshing 1 key from %s\n"),opt.keyserver->uri);
1912           else
1913             log_info(_("refreshing %d keys from %s\n"),
1914                      count,opt.keyserver->uri);
1915         }
1916
1917       rc=keyserver_work(KS_GET,NULL,desc,numdesc,NULL,NULL,opt.keyserver);
1918     }
1919
1920   xfree(desc);
1921
1922   opt.keyserver_options.import_options=options;
1923
1924   /* If the original options didn't have fast import, and the trustdb
1925      is dirty, rebuild. */
1926   if(!(opt.keyserver_options.import_options&IMPORT_FAST))
1927     trustdb_check_or_update();
1928
1929   return rc;
1930 }
1931
1932 int
1933 keyserver_search(strlist_t tokens)
1934 {
1935   if(tokens)
1936     return keyserver_work(KS_SEARCH,tokens,NULL,0,NULL,NULL,opt.keyserver);
1937   else
1938     return 0;
1939 }
1940
1941 int
1942 keyserver_fetch(strlist_t urilist)
1943 {
1944   KEYDB_SEARCH_DESC desc;
1945   strlist_t sl;
1946   unsigned int options=opt.keyserver_options.import_options;
1947
1948   /* Switch on fast-import, since fetch can handle more than one
1949      import and we don't want each set to rebuild the trustdb.
1950      Instead we do it once at the end. */
1951   opt.keyserver_options.import_options|=IMPORT_FAST;
1952
1953   /* A dummy desc since we're not actually fetching a particular key
1954      ID */
1955   memset(&desc,0,sizeof(desc));
1956   desc.mode=KEYDB_SEARCH_MODE_EXACT;
1957
1958   for(sl=urilist;sl;sl=sl->next)
1959     {
1960       struct keyserver_spec *spec;
1961
1962       spec=parse_keyserver_uri(sl->d,1,NULL,0);
1963       if(spec)
1964         {
1965           int rc;
1966
1967           rc=keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,spec);
1968           if(rc)
1969             log_info (_("WARNING: unable to fetch URI %s: %s\n"),
1970                      sl->d,g10_errstr(rc));
1971
1972           free_keyserver_spec(spec);
1973         }
1974       else
1975         log_info (_("WARNING: unable to parse URI %s\n"),sl->d);
1976     }
1977
1978   opt.keyserver_options.import_options=options;
1979
1980   /* If the original options didn't have fast import, and the trustdb
1981      is dirty, rebuild. */
1982   if(!(opt.keyserver_options.import_options&IMPORT_FAST))
1983     trustdb_check_or_update();
1984
1985   return 0;
1986 }
1987
1988 /* Import key in a CERT or pointed to by a CERT */
1989 int
1990 keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len)
1991 {
1992   char *domain,*look,*url;
1993   IOBUF key;
1994   int type,rc=G10ERR_GENERAL;
1995
1996   look=xstrdup(name);
1997
1998   domain=strrchr(look,'@');
1999   if(domain)
2000     *domain='.';
2001
2002   type=get_dns_cert(look,max_cert_size,&key,fpr,fpr_len,&url);
2003   if(type==1)
2004     {
2005       int armor_status=opt.no_armor;
2006
2007       /* CERTs are always in binary format */
2008       opt.no_armor=1;
2009
2010       rc=import_keys_stream(key,NULL,fpr,fpr_len,
2011                             opt.keyserver_options.import_options);
2012
2013       opt.no_armor=armor_status;
2014
2015       iobuf_close(key);
2016     }
2017   else if(type==2 && *fpr)
2018     {
2019       /* We only consider the IPGP type if a fingerprint was provided.
2020          This lets us select the right key regardless of what a URL
2021          points to, or get the key from a keyserver. */
2022       if(url)
2023         {
2024           struct keyserver_spec *spec;
2025
2026           spec=parse_keyserver_uri(url,1,NULL,0);
2027           if(spec)
2028             {
2029               strlist_t list=NULL;
2030
2031               add_to_strlist(&list,url);
2032
2033               rc=keyserver_fetch(list);
2034
2035               free_strlist(list);
2036               free_keyserver_spec(spec);
2037             }
2038         }
2039       else if(opt.keyserver)
2040         {
2041           /* If only a fingerprint is provided, try and fetch it from
2042              our --keyserver */
2043
2044           rc=keyserver_import_fprint(*fpr,*fpr_len,opt.keyserver);
2045         }
2046       else
2047         log_info(_("no keyserver known (use option --keyserver)\n"));
2048
2049       /* Give a better string here? "CERT fingerprint for \"%s\"
2050          found, but no keyserver" " known (use option
2051          --keyserver)\n" ? */
2052
2053       xfree(url);
2054     }
2055
2056   xfree(look);
2057
2058   return rc;
2059 }
2060
2061 /* Import key pointed to by a PKA record. Return the requested
2062    fingerprint in fpr. */
2063 int
2064 keyserver_import_pka(const char *name,unsigned char **fpr,size_t *fpr_len)
2065 {
2066   char *uri;
2067   int rc=-1;
2068
2069   *fpr=xmalloc(20);
2070   *fpr_len=20;
2071
2072   uri = get_pka_info (name, *fpr);
2073   if (uri)
2074     {
2075       struct keyserver_spec *spec;
2076       spec = parse_keyserver_uri (uri, 1, NULL, 0);
2077       if (spec)
2078         {
2079           rc=keyserver_import_fprint (*fpr, 20, spec);
2080           free_keyserver_spec (spec);
2081         }
2082       xfree (uri);
2083     }
2084
2085   if(rc!=0)
2086     xfree(*fpr);
2087
2088   return rc;
2089 }
2090
2091 /* Import all keys that match name */
2092 int
2093 keyserver_import_name(const char *name,unsigned char **fpr,size_t *fpr_len,
2094                       struct keyserver_spec *keyserver)
2095 {
2096   strlist_t list=NULL;
2097   int rc;
2098
2099   append_to_strlist(&list,name);
2100
2101   rc=keyserver_work(KS_GETNAME,list,NULL,0,fpr,fpr_len,keyserver);
2102
2103   free_strlist(list);
2104
2105   return rc;
2106 }
2107
2108 /* Use the PGP Universal trick of asking ldap://keys.(maildomain) for
2109    the key. */
2110 int
2111 keyserver_import_ldap(const char *name,unsigned char **fpr,size_t *fpr_len)
2112 {
2113   char *domain;
2114   struct keyserver_spec *keyserver;
2115   strlist_t list=NULL;
2116   int rc;
2117
2118   append_to_strlist(&list,name);
2119
2120   /* Parse out the domain */
2121   domain=strrchr(name,'@');
2122   if(!domain)
2123     return G10ERR_GENERAL;
2124
2125   domain++;
2126
2127   keyserver=xmalloc_clear(sizeof(struct keyserver_spec));
2128
2129   keyserver->scheme=xstrdup("ldap");
2130   keyserver->host=xmalloc(5+strlen(domain)+1);
2131   strcpy(keyserver->host,"keys.");
2132   strcat(keyserver->host,domain);
2133   keyserver->uri=xmalloc(strlen(keyserver->scheme)+
2134                          3+strlen(keyserver->host)+1);
2135   strcpy(keyserver->uri,keyserver->scheme);
2136   strcat(keyserver->uri,"://");
2137   strcat(keyserver->uri,keyserver->host);
2138     
2139   rc=keyserver_work(KS_GETNAME,list,NULL,0,fpr,fpr_len,keyserver);
2140
2141   free_strlist(list);
2142
2143   free_keyserver_spec(keyserver);
2144
2145   return rc;
2146 }