* gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_ldap.c: Start using
authorDavid Shaw <dshaw@jabberwocky.com>
Thu, 17 Mar 2005 16:42:41 +0000 (16:42 +0000)
committerDavid Shaw <dshaw@jabberwocky.com>
Thu, 17 Mar 2005 16:42:41 +0000 (16:42 +0000)
parse_ks_options and remove a lot of common code.

* ksutil.h, ksutil.c (parse_ks_options): Parse OPAQUE, and default
debug with no arguments to 1.

keyserver/ChangeLog
keyserver/gpgkeys_curl.c
keyserver/gpgkeys_finger.c
keyserver/gpgkeys_ldap.c
keyserver/ksutil.c
keyserver/ksutil.h

index 2b032ac..e95067c 100644 (file)
@@ -1,3 +1,11 @@
+2005-03-17  David Shaw  <dshaw@jabberwocky.com>
+
+       * gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_ldap.c: Start using
+       parse_ks_options and remove a lot of common code.
+
+       * ksutil.h, ksutil.c (parse_ks_options): Parse OPAQUE, and default
+       debug with no arguments to 1.
+
 2005-03-16  David Shaw  <dshaw@jabberwocky.com>
 
        * gpgkeys_ldap.c: Include lber.h if configure determines we need
index c2d51f2..bccfeaf 100644 (file)
 extern char *optarg;
 extern int optind;
 
-static int verbose=0;
-static char scheme[MAX_SCHEME+1];
-static char auth[MAX_AUTH+1];
-static char host[MAX_HOST+1];
-static char port[MAX_PORT+1];
-static char path[URLMAX_PATH+1];
 static char proxy[MAX_PROXY+1];
-static FILE *input, *output, *console;
+static FILE *input,*output,*console;
 static CURL *curl;
-static char request[MAX_URL];
+static struct ks_options *opt;
 
 static int
 curl_err_to_gpg_err(CURLcode error)
@@ -115,14 +109,18 @@ get_key(char *getkey)
 {
   CURLcode res;
   char errorbuffer[CURL_ERROR_SIZE];
+  char request[MAX_URL];
 
   if(strncmp(getkey,"0x",2)==0)
     getkey+=2;
 
   fprintf(output,"KEY 0x%s BEGIN\n",getkey);
 
-  sprintf(request,"%s://%s%s%s%s%s%s%s",scheme,auth[0]?auth:"",auth[0]?"@":"",
-         host,port[0]?":":"",port[0]?port:"",path[0]?"":"/",path);
+  sprintf(request,"%s://%s%s%s%s%s%s",opt->scheme,
+         opt->auth?opt->auth:"",
+         opt->auth?"@":"",opt->host,
+         opt->port?":":"",opt->port?opt->port:"",
+         opt->path?opt->path:"/");
 
   curl_easy_setopt(curl,CURLOPT_URL,request);
   curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,writer);
@@ -132,7 +130,7 @@ get_key(char *getkey)
   res=curl_easy_perform(curl);
   if(res!=0)
     {
-      fprintf(console,"gpgkeys: %s fetch error %d: %s\n",scheme,
+      fprintf(console,"gpgkeys: %s fetch error %d: %s\n",opt->scheme,
              res,errorbuffer);
       fprintf(output,"\nKEY 0x%s FAILED %d\n",getkey,curl_err_to_gpg_err(res));
     }
@@ -153,12 +151,10 @@ show_help (FILE *fp)
 int
 main(int argc,char *argv[])
 {
-  int arg,action=-1,ret=KEYSERVER_INTERNAL_ERROR;
+  int arg,ret=KEYSERVER_INTERNAL_ERROR;
   char line[MAX_LINE];
   char *thekey=NULL;
-  unsigned int timeout=DEFAULT_KEYSERVER_TIMEOUT;
-  long follow_redirects=5,debug=0,check_cert=1;
-  char *ca_cert_file=NULL;
+  long follow_redirects=5;
 
   console=stderr;
 
@@ -215,71 +211,28 @@ main(int argc,char *argv[])
   if(output==NULL)
     output=stdout;
 
+  opt=init_ks_options();
+  if(!opt)
+    return KEYSERVER_NO_MEMORY;
+
   /* Get the command and info block */
 
   while(fgets(line,MAX_LINE,input)!=NULL)
     {
-      int version;
-      char command[MAX_COMMAND+1];
+      int err;
       char option[MAX_OPTION+1];
-      char hash;
 
       if(line[0]=='\n')
        break;
 
-      if(sscanf(line,"%c",&hash)==1 && hash=='#')
-       continue;
-
-      if(sscanf(line,"COMMAND %" MKSTRING(MAX_COMMAND) "s\n",command)==1)
-       {
-         command[MAX_COMMAND]='\0';
-
-         if(strcasecmp(command,"get")==0)
-           action=GET;
-
-         continue;
-       }
-
-      if(sscanf(line,"SCHEME %" MKSTRING(MAX_SCHEME) "s\n",scheme)==1)
-       {
-         scheme[MAX_SCHEME]='\0';
-         continue;
-       }
-
-      if(sscanf(line,"AUTH %" MKSTRING(MAX_AUTH) "s\n",auth)==1)
-       {
-         auth[MAX_AUTH]='\0';
-         continue;
-       }
-
-      if(sscanf(line,"HOST %" MKSTRING(MAX_HOST) "s\n",host)==1)
+      err=parse_ks_options(line,opt);
+      if(err>0)
        {
-         host[MAX_HOST]='\0';
-         continue;
-       }
-
-      if(sscanf(line,"PORT %" MKSTRING(MAX_PORT) "s\n",port)==1)
-       {
-         port[MAX_PORT]='\0';
-         continue;
-       }
-
-      if(sscanf(line,"PATH %" MKSTRING(URLMAX_PATH) "s\n",path)==1)
-       {
-         path[URLMAX_PATH]='\0';
-         continue;
-       }
-
-      if(sscanf(line,"VERSION %d\n",&version)==1)
-       {
-         if(version!=KEYSERVER_PROTO_VERSION)
-           {
-             ret=KEYSERVER_VERSION_ERROR;
-             goto fail;
-           }
-
-         continue;
+         ret=err;
+         goto fail;
        }
+      else if(err==0)
+       continue;
 
       if(sscanf(line,"OPTION %" MKSTRING(MAX_OPTION) "s\n",option)==1)
        {
@@ -294,14 +247,7 @@ main(int argc,char *argv[])
              start=&option[3];
            }
 
-         if(strcasecmp(start,"verbose")==0)
-           {
-             if(no)
-               verbose--;
-             else
-               verbose++;
-           }
-         else if(strncasecmp(start,"http-proxy",10)==0)
+         if(strncasecmp(start,"http-proxy",10)==0)
            {
              if(no)
                proxy[0]='\0';
@@ -311,15 +257,6 @@ main(int argc,char *argv[])
                  proxy[MAX_PROXY]='\0';
                }
            }
-         else if(strncasecmp(start,"timeout",7)==0)
-           {
-             if(no)
-               timeout=0;
-             else if(start[7]=='=')
-               timeout=atoi(&start[8]);
-             else if(start[7]=='\0')
-               timeout=DEFAULT_KEYSERVER_TIMEOUT;
-           }
          else if(strncasecmp(start,"follow-redirects",16)==0)
            {
              if(no)
@@ -329,75 +266,46 @@ main(int argc,char *argv[])
              else if(start[16]=='\0')
                follow_redirects=-1;
            }
-         else if(strncasecmp(start,"debug",5)==0)
-           {
-             if(no)
-               debug=0;
-             else if(start[5]=='=')
-               debug=atoi(&start[6]);
-             else if(start[5]=='\0')
-               debug=1;
-           }
-         else if(strcasecmp(start,"check-cert")==0)
-           {
-             if(no)
-               check_cert=0;
-             else
-               check_cert=1;
-           }
-         else if(strncasecmp(start,"ca-cert-file",12)==0)
-           {
-             if(no)
-               {
-                 free(ca_cert_file);
-                 ca_cert_file=NULL;
-               }
-             else if(start[12]=='=')
-               {
-                 free(ca_cert_file);
-                 ca_cert_file=strdup(&start[13]);
-                 if(!ca_cert_file)
-                   {
-                     fprintf(console,"gpgkeys: out of memory while creating "
-                             "ca_cert_file\n");
-                     ret=KEYSERVER_NO_MEMORY;
-                     goto fail;
-                   }
-               }
-           }
 
          continue;
        }
     }
 
-  if(scheme[0]=='\0')
+  if(!opt->scheme)
     {
       fprintf(console,"gpgkeys: no scheme supplied!\n");
-      return KEYSERVER_SCHEME_NOT_FOUND;
+      ret=KEYSERVER_SCHEME_NOT_FOUND;
+      goto fail;
     }
 #ifdef HTTP_VIA_LIBCURL
-  else if(strcasecmp(scheme,"http")==0)
+  else if(strcasecmp(opt->scheme,"http")==0)
     ;
 #endif /* HTTP_VIA_LIBCURL */
 #ifdef HTTPS_VIA_LIBCURL
-  else if(strcasecmp(scheme,"https")==0)
+  else if(strcasecmp(opt->scheme,"https")==0)
     ;
 #endif /* HTTP_VIA_LIBCURL */
 #ifdef FTP_VIA_LIBCURL
-  else if(strcasecmp(scheme,"ftp")==0)
+  else if(strcasecmp(opt->scheme,"ftp")==0)
     ;
 #endif /* FTP_VIA_LIBCURL */
 #ifdef FTPS_VIA_LIBCURL
-  else if(strcasecmp(scheme,"ftps")==0)
+  else if(strcasecmp(opt->scheme,"ftps")==0)
     ;
 #endif /* FTPS_VIA_LIBCURL */
   else
     {
-      fprintf(console,"gpgkeys: scheme `%s' not supported\n",scheme);
+      fprintf(console,"gpgkeys: scheme `%s' not supported\n",opt->scheme);
       return KEYSERVER_SCHEME_NOT_FOUND;
     }
 
-  if(timeout && register_timeout()==-1)
+  if(!opt->host)
+    {
+      fprintf(console,"gpgkeys: no keyserver host provided\n");
+      goto fail;
+    }
+
+  if(opt->timeout && register_timeout()==-1)
     {
       fprintf(console,"gpgkeys: unable to register timeout handler\n");
       return KEYSERVER_INTERNAL_ERROR;
@@ -419,16 +327,14 @@ main(int argc,char *argv[])
        curl_easy_setopt(curl,CURLOPT_MAXREDIRS,follow_redirects);
     }
 
-  if(debug)
+  if(opt->debug)
     {
       curl_easy_setopt(curl,CURLOPT_STDERR,console);
       curl_easy_setopt(curl,CURLOPT_VERBOSE,1);
     }
 
-  curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,check_cert);
-
-  if(ca_cert_file)
-    curl_easy_setopt(curl,CURLOPT_CAINFO,ca_cert_file);
+  curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,opt->flags.check_cert);
+  curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file);
 
   if(proxy[0])
     curl_easy_setopt(curl,CURLOPT_PROXY,proxy);
@@ -436,7 +342,7 @@ main(int argc,char *argv[])
   /* If it's a GET or a SEARCH, the next thing to come in is the
      keyids.  If it's a SEND, then there are no keyids. */
 
-  if(action==GET)
+  if(opt->action==KS_GET)
     {
       /* Eat the rest of the file */
       for(;;)
@@ -472,7 +378,7 @@ main(int argc,char *argv[])
       goto fail;
     }
 
-  if(!thekey || !host[0])
+  if(!thekey)
     {
       fprintf(console,"gpgkeys: invalid keyserver instructions\n");
       goto fail;
@@ -483,18 +389,18 @@ main(int argc,char *argv[])
   fprintf(output,"VERSION %d\n",KEYSERVER_PROTO_VERSION);
   fprintf(output,"PROGRAM %s\n\n",VERSION);
 
-  if(verbose)
+  if(opt->verbose)
     {
-      fprintf(console,"Scheme:\t\t%s\n",scheme);
-      fprintf(console,"Host:\t\t%s\n",host);
-      if(port[0])
-       fprintf(console,"Port:\t\t%s\n",port);
-      if(path[0])
-       fprintf(console,"Path:\t\t%s\n",path);
+      fprintf(console,"Scheme:\t\t%s\n",opt->scheme);
+      fprintf(console,"Host:\t\t%s\n",opt->host);
+      if(opt->port)
+       fprintf(console,"Port:\t\t%s\n",opt->port);
+      if(opt->path)
+       fprintf(console,"Path:\t\t%s\n",opt->path);
       fprintf(console,"Command:\tGET\n");
     }
 
-  set_timeout(timeout);
+  set_timeout(opt->timeout);
 
   ret=get_key(thekey);
 
@@ -508,6 +414,8 @@ main(int argc,char *argv[])
   if(output!=stdout)
     fclose(output);
 
+  free_ks_options(opt);
+
   if(curl)
     curl_easy_cleanup(curl);
 
index 0ced124..dab88a7 100644 (file)
@@ -55,9 +55,8 @@
 extern char *optarg;
 extern int optind;
 
-static int verbose=0;
-static char path[MAX_OPAQUE+1];
-static FILE *input, *output, *console;
+static FILE *input,*output,*console;
+static struct ks_options *opt;
 
 #ifdef _WIN32
 static void
@@ -300,7 +299,7 @@ get_key (char *getkey)
      indicated the requested key anyway. */
   fprintf(output,"KEY 0x%s BEGIN\n",getkey);
 
-  rc = send_request (path, &sock);
+  rc=send_request(opt->opaque,&sock);
   if(rc)
     {
       fprintf(output,"KEY 0x%s FAILED %d\n",getkey, rc);
@@ -362,10 +361,9 @@ show_help (FILE *fp)
 int
 main(int argc,char *argv[])
 {
-  int arg,action=-1,ret=KEYSERVER_INTERNAL_ERROR;
+  int arg,ret=KEYSERVER_INTERNAL_ERROR;
   char line[MAX_LINE];
   char *thekey=NULL;
-  unsigned int timeout=DEFAULT_KEYSERVER_TIMEOUT;
 
   console=stderr;
 
@@ -422,91 +420,38 @@ main(int argc,char *argv[])
   if(output==NULL)
     output=stdout;
 
+  opt=init_ks_options();
+  if(!opt)
+    return KEYSERVER_NO_MEMORY;
+
   /* Get the command and info block */
 
   while(fgets(line,MAX_LINE,input)!=NULL)
     {
-      int version;
-      char command[MAX_COMMAND+1];
-      char option[MAX_OPTION+1];
-      char hash;
+      int err;
 
       if(line[0]=='\n')
        break;
 
-      if(sscanf(line,"%c",&hash)==1 && hash=='#')
-       continue;
-
-      if(sscanf(line,"COMMAND %" MKSTRING(MAX_COMMAND) "s\n",command)==1)
+      err=parse_ks_options(line,opt);
+      if(err>0)
        {
-         command[MAX_COMMAND]='\0';
-
-         if(strcasecmp(command,"get")==0)
-           action=GET;
-
-         continue;
-       }
-
-      if(strncmp(line,"HOST ",5)==0)
-       {
-         fprintf(console,"gpgkeys: finger://relay/user syntax is not"
-                 " supported.  Use finger:user instead.\n");
-         ret=KEYSERVER_NOT_SUPPORTED;
+         ret=err;
          goto fail;
        }
+      else if(err==0)
+       continue;
+    }
 
-      if(sscanf(line,"OPAQUE %" MKSTRING(MAX_OPAQUE) "s\n",path)==1)
-       {
-         path[MAX_OPAQUE]='\0';
-         continue;
-       }
-
-      if(sscanf(line,"VERSION %d\n",&version)==1)
-       {
-         if(version!=KEYSERVER_PROTO_VERSION)
-           {
-             ret=KEYSERVER_VERSION_ERROR;
-             goto fail;
-           }
-
-         continue;
-       }
-
-      if(sscanf(line,"OPTION %" MKSTRING(MAX_OPTION) "s\n",option)==1)
-       {
-         int no=0;
-         char *start=&option[0];
-
-         option[MAX_OPTION]='\0';
-
-         if(strncasecmp(option,"no-",3)==0)
-           {
-             no=1;
-             start=&option[3];
-           }
-
-         if(strcasecmp(start,"verbose")==0)
-           {
-             if(no)
-               verbose--;
-             else
-               verbose++;
-           }
-         else if(strncasecmp(start,"timeout",7)==0)
-           {
-             if(no)
-               timeout=0;
-             else if(start[7]=='=')
-               timeout=atoi(&start[8]);
-             else if(start[7]=='\0')
-               timeout=DEFAULT_KEYSERVER_TIMEOUT;
-           }
-
-         continue;
-       }
+  if(opt->host)
+    {
+      fprintf(console,"gpgkeys: finger://relay/user syntax is not"
+             " supported.  Use finger:user instead.\n");
+      ret=KEYSERVER_NOT_SUPPORTED;
+      goto fail;
     }
 
-  if(timeout && register_timeout()==-1)
+  if(opt->timeout && register_timeout()==-1)
     {
       fprintf(console,"gpgkeys: unable to register timeout handler\n");
       return KEYSERVER_INTERNAL_ERROR;
@@ -515,7 +460,7 @@ main(int argc,char *argv[])
   /* If it's a GET or a SEARCH, the next thing to come in is the
      keyids.  If it's a SEND, then there are no keyids. */
 
-  if(action==GET)
+  if(opt->action==KS_GET)
     {
       /* Eat the rest of the file */
       for(;;)
@@ -551,7 +496,7 @@ main(int argc,char *argv[])
       goto fail;
     }
 
-  if(!thekey || !*path)
+  if(!thekey || !opt->opaque)
     {
       fprintf(console,"gpgkeys: invalid keyserver instructions\n");
       goto fail;
@@ -562,16 +507,15 @@ main(int argc,char *argv[])
   fprintf(output,"VERSION %d\n",KEYSERVER_PROTO_VERSION);
   fprintf(output,"PROGRAM %s\n\n",VERSION);
 
-  if (verbose>1)
+  if(opt->verbose>1)
     {
-      if(path[0])
-       fprintf(console,"Path:\t\t%s\n",path);
+      fprintf(console,"User:\t\t%s\n",opt->opaque);
       fprintf(console,"Command:\tGET\n");
     }
 
-  set_timeout(timeout);
+  set_timeout(opt->timeout);
 
-  ret = get_key(thekey);
+  ret=get_key(thekey);
 
  fail:
 
@@ -583,5 +527,7 @@ main(int argc,char *argv[])
   if(output!=stdout)
     fclose(output);
 
+  free_ks_options(opt);
+
   return ret;
 }
index d0f57b1..df14496 100644 (file)
 extern char *optarg;
 extern int optind;
 
-static int verbose=0,include_disabled=0,include_revoked=0,include_subkeys=0;
 static int real_ldap=0;
 static char *basekeyspacedn=NULL;
-static char host[MAX_HOST+1]={'\0'};
-static char portstr[MAX_PORT+1]={'\0'};
 static char *pgpkeystr="pgpKey";
 static FILE *input=NULL,*output=NULL,*console=NULL;
 static LDAP *ldap=NULL;
+static struct ks_options *opt;
 
 #ifndef HAVE_TIMEGM
 time_t timegm(struct tm *tm);
@@ -1007,7 +1005,7 @@ get_key(char *getkey)
       /* fingerprint.  Take the last 16 characters and treat it like a
          long key id */
 
-      if(include_subkeys)
+      if(opt->flags.include_subkeys)
        sprintf(search,"(|(pgpcertid=%.16s)(pgpsubkeyid=%.16s))",
                offset,offset);
       else
@@ -1017,7 +1015,7 @@ get_key(char *getkey)
     {
       /* long key id */
 
-      if(include_subkeys)
+      if(opt->flags.include_subkeys)
        sprintf(search,"(|(pgpcertid=%.16s)(pgpsubkeyid=%.16s))",
                getkey,getkey);
       else
@@ -1030,10 +1028,10 @@ get_key(char *getkey)
       sprintf(search,"(pgpkeyid=%.8s)",getkey);
     }
 
-  if(verbose>2)
+  if(opt->verbose>2)
     fprintf(console,"gpgkeys: LDAP fetch for: %s\n",search);
 
-  if(!verbose)
+  if(!opt->verbose)
     attrs[2]=NULL; /* keep only pgpkey(v2) and pgpcertid */
 
   err=ldap_search_s(ldap,basekeyspacedn,
@@ -1163,13 +1161,13 @@ search_key(char *searchkey)
   /* Build the search string */
 
   sprintf(search,"%s(pgpuserid=*%s*)%s%s%s",
-         (!(include_disabled&&include_revoked))?"(&":"",
+         (!(opt->flags.include_disabled&&opt->flags.include_revoked))?"(&":"",
          searchkey,
-         include_disabled?"":"(pgpdisabled=0)",
-         include_revoked?"":"(pgprevoked=0)",
-         !(include_disabled&&include_revoked)?")":"");
+         opt->flags.include_disabled?"":"(pgpdisabled=0)",
+         opt->flags.include_revoked?"":"(pgprevoked=0)",
+         !(opt->flags.include_disabled&&opt->flags.include_revoked)?")":"");
 
-  if(verbose>2)
+  if(opt->verbose>2)
     fprintf(console,"gpgkeys: LDAP search for: %s\n",search);
 
   err=ldap_search_s(ldap,basekeyspacedn,
@@ -1374,12 +1372,12 @@ search_key(char *searchkey)
 }
 
 static void
-fail_all(struct keylist *keylist,int action,int err)
+fail_all(struct keylist *keylist,int err)
 {
   if(!keylist)
     return;
 
-  if(action==SEARCH)
+  if(opt->action==KS_SEARCH)
     {
       fprintf(output,"SEARCH ");
       while(keylist)
@@ -1452,7 +1450,7 @@ find_basekeyspacedn(void)
                  ldap_value_free(vals);
                }
 
-             if(verbose>1)
+             if(opt->verbose>1)
                {
                  vals=ldap_get_values(ldap,si_res,"pgpSoftware");
                  if(vals)
@@ -1503,7 +1501,7 @@ find_basekeyspacedn(void)
          ldap_value_free(vals);
        }
 
-      if(verbose>1)
+      if(opt->verbose>1)
        {
          vals=ldap_get_values(ldap,si_res,"software");
          if(vals)
@@ -1516,7 +1514,7 @@ find_basekeyspacedn(void)
       vals=ldap_get_values(ldap,si_res,"version");
       if(vals)
        {
-         if(verbose>1)
+         if(opt->verbose>1)
            fprintf(console,"Version:\t%s\n",vals[0]);
 
          /* If the version is high enough, use the new pgpKeyV2
@@ -1547,12 +1545,10 @@ show_help (FILE *fp)
 int
 main(int argc,char *argv[])
 {
-  int debug=0,port=0,arg,err,action=-1,ret=KEYSERVER_INTERNAL_ERROR;
+  int port=0,arg,err,ret=KEYSERVER_INTERNAL_ERROR;
   char line[MAX_LINE];
-  int version,failed=0,use_ssl=0,use_tls=0,bound=0,check_cert=1;
+  int failed=0,use_ssl=0,use_tls=0,bound=0;
   struct keylist *keylist=NULL,*keyptr=NULL;
-  unsigned int timeout=DEFAULT_KEYSERVER_TIMEOUT;
-  char *ca_cert_file=NULL;
 
   console=stderr;
 
@@ -1592,7 +1588,6 @@ main(int argc,char *argv[])
        break;
       }
 
-
   if(argc>optind)
     {
       input=fopen(argv[optind],"r");
@@ -1610,69 +1605,27 @@ main(int argc,char *argv[])
   if(output==NULL)
     output=stdout;
 
+  opt=init_ks_options();
+  if(!opt)
+    return KEYSERVER_NO_MEMORY;
+
   /* Get the command and info block */
 
   while(fgets(line,MAX_LINE,input)!=NULL)
     {
-      char command[MAX_COMMAND+1];
       char optionstr[MAX_OPTION+1];
-      char scheme[MAX_SCHEME+1];
-      char hash;
 
       if(line[0]=='\n')
        break;
 
-      if(sscanf(line,"%c",&hash)==1 && hash=='#')
-       continue;
-
-      if(sscanf(line,"COMMAND %" MKSTRING(MAX_COMMAND) "s\n",command)==1)
-       {
-         command[MAX_COMMAND]='\0';
-
-         if(strcasecmp(command,"get")==0)
-           action=GET;
-         else if(strcasecmp(command,"send")==0)
-           action=SEND;
-         else if(strcasecmp(command,"search")==0)
-           action=SEARCH;
-
-         continue;
-       }
-
-      if(sscanf(line,"HOST %" MKSTRING(MAX_HOST) "s\n",host)==1)
-       {
-         host[MAX_HOST]='\0';
-         continue;
-       }
-
-      if(sscanf(line,"PORT %" MKSTRING(MAX_PORT) "s\n",portstr)==1)
-       {
-         portstr[MAX_PORT]='\0';
-         port=atoi(portstr);
-         continue;
-       }
-
-      if(sscanf(line,"SCHEME %" MKSTRING(MAX_SCHEME) "s\n",scheme)==1)
+      err=parse_ks_options(line,opt);
+      if(err>0)
        {
-         scheme[MAX_SCHEME]='\0';
-         if(strcasecmp(scheme,"ldaps")==0)
-           {
-             port=636;
-             use_ssl=1;
-           }
-         continue;
-       }
-
-      if(sscanf(line,"VERSION %d\n",&version)==1)
-       {
-         if(version!=KEYSERVER_PROTO_VERSION)
-           {
-             ret=KEYSERVER_VERSION_ERROR;
-             goto fail;
-           }
-
-         continue;
+         ret=err;
+         goto fail;
        }
+      else if(err==0)
+       continue;
 
       if(sscanf(line,"OPTION %" MKSTRING(MAX_OPTION) "[^\n]\n",optionstr)==1)
        {
@@ -1687,35 +1640,7 @@ main(int argc,char *argv[])
              start=&optionstr[3];
            }
 
-         if(strcasecmp(start,"verbose")==0)
-           {
-             if(no)
-               verbose--;
-             else
-               verbose++;
-           }
-         else if(strcasecmp(start,"include-disabled")==0)
-           {
-             if(no)
-               include_disabled=0;
-             else
-               include_disabled=1;
-           }
-         else if(strcasecmp(start,"include-revoked")==0)
-           {
-             if(no)
-               include_revoked=0;
-             else
-               include_revoked=1;
-           }
-         else if(strcasecmp(start,"include-subkeys")==0)
-           {
-             if(no)
-               include_subkeys=0;
-             else
-               include_subkeys=1;
-           }
-         else if(strncasecmp(start,"tls",3)==0)
+         if(strncasecmp(start,"tls",3)==0)
            {
              if(no)
                use_tls=0;
@@ -1735,20 +1660,6 @@ main(int argc,char *argv[])
              else if(start[3]=='\0')
                use_tls=1;
            }
-         else if(strcasecmp(start,"check-cert")==0)
-           {
-             if(no)
-               check_cert=0;
-             else
-               check_cert=1;
-           }
-         else if(strncasecmp(start,"debug",5)==0)
-           {
-             if(no)
-               debug=0;
-             else if(start[5]=='=')
-               debug=atoi(&start[6]);
-           }
          else if(strncasecmp(start,"basedn",6)==0)
            {
              if(no)
@@ -1771,50 +1682,43 @@ main(int argc,char *argv[])
                  real_ldap=1;
                }
            }
-         else if(strncasecmp(start,"timeout",7)==0)
-           {
-             if(no)
-               timeout=0;
-             else if(start[7]=='=')
-               timeout=atoi(&start[8]);
-             else if(start[7]=='\0')
-               timeout=DEFAULT_KEYSERVER_TIMEOUT;
-           }
-         else if(strncasecmp(start,"ca-cert-file",12)==0)
-           {
-             if(no)
-               {
-                 free(ca_cert_file);
-                 ca_cert_file=NULL;
-               }
-             else if(start[12]=='=')
-               {
-                 free(ca_cert_file);
-                 ca_cert_file=strdup(&start[13]);
-                 if(!ca_cert_file)
-                   {
-                     fprintf(console,"gpgkeys: out of memory while creating "
-                             "ca_cert_file\n");
-                     ret=KEYSERVER_NO_MEMORY;
-                     goto fail;
-                   }
-               }
-           }
 
          continue;
        }
     }
 
-  if(timeout && register_timeout()==-1)
+  if(!opt->scheme)
+    {
+      fprintf(console,"gpgkeys: no scheme supplied!\n");
+      ret=KEYSERVER_SCHEME_NOT_FOUND;
+      goto fail;
+    }
+
+  if(strcasecmp(opt->scheme,"ldaps")==0)
+    {
+      port=636;
+      use_ssl=1;
+    }
+
+  if(opt->port)
+    port=atoi(opt->port);
+
+  if(!opt->host)
+    {
+      fprintf(console,"gpgkeys: no keyserver host provided\n");
+      goto fail;
+    }
+
+  if(opt->timeout && register_timeout()==-1)
     {
       fprintf(console,"gpgkeys: unable to register timeout handler\n");
       return KEYSERVER_INTERNAL_ERROR;
     }
 
 #if defined(HAVE_LDAP_SET_OPTION) && defined(LDAP_OPT_X_TLS_CACERTFILE)
-  if(ca_cert_file)
+  if(opt->ca_cert_file)
     {
-      err=ldap_set_option(NULL,LDAP_OPT_X_TLS_CACERTFILE,ca_cert_file);
+      err=ldap_set_option(NULL,LDAP_OPT_X_TLS_CACERTFILE,opt->ca_cert_file);
       if(err!=LDAP_SUCCESS)
        {
          fprintf(console,"gpgkeys: unable to set ca-cert-file: %s\n",
@@ -1832,9 +1736,9 @@ main(int argc,char *argv[])
   /* If it's a GET or a SEARCH, the next thing to come in is the
      keyids.  If it's a SEND, then there are no keyids. */
 
-  if(action==SEND)
+  if(opt->action==KS_SEND)
     while(fgets(line,MAX_LINE,input)!=NULL && line[0]!='\n');
-  else if(action==GET || action==SEARCH)
+  else if(opt->action==KS_GET || opt->action==KS_SEARCH)
     {
       for(;;)
        {
@@ -1885,24 +1789,23 @@ main(int argc,char *argv[])
   fprintf(output,"VERSION %d\n",KEYSERVER_PROTO_VERSION);
   fprintf(output,"PROGRAM %s\n\n",VERSION);
 
-  if(verbose>1)
+  if(opt->verbose>1)
     {
-      fprintf(console,"Host:\t\t%s\n",host);
+      fprintf(console,"Host:\t\t%s\n",opt->host);
       if(port)
        fprintf(console,"Port:\t\t%d\n",port);
-      fprintf(console,"Command:\t%s\n",action==GET?"GET":
-             action==SEND?"SEND":"SEARCH");
+      fprintf(console,"Command:\t%s\n",ks_action_to_string(opt->action));
     }
 
-  if(debug)
+  if(opt->debug)
     {
 #if defined(LDAP_OPT_DEBUG_LEVEL) && defined(HAVE_LDAP_SET_OPTION)
-      err=ldap_set_option(NULL,LDAP_OPT_DEBUG_LEVEL,&debug);
+      err=ldap_set_option(NULL,LDAP_OPT_DEBUG_LEVEL,&opt->debug);
       if(err!=LDAP_SUCCESS)
        fprintf(console,"gpgkeys: unable to set debug mode: %s\n",
                ldap_err2string(err));
       else
-       fprintf(console,"gpgkeys: debug level %d\n",debug);
+       fprintf(console,"gpgkeys: debug level %d\n",opt->debug);
 #else
       fprintf(console,"gpgkeys: not built with debugging support\n");
 #endif
@@ -1910,16 +1813,16 @@ main(int argc,char *argv[])
 
   /* We have a timeout set for the setup stuff since it could time out
      as well. */
-  set_timeout(timeout);
+  set_timeout(opt->timeout);
 
   /* Note that this tries all A records on a given host (or at least,
      OpenLDAP does). */
-  ldap=ldap_init(host,port);
+  ldap=ldap_init(opt->host,port);
   if(ldap==NULL)
     {
       fprintf(console,"gpgkeys: internal LDAP init error: %s\n",
              strerror(errno));
-      fail_all(keylist,action,KEYSERVER_INTERNAL_ERROR);
+      fail_all(keylist,KEYSERVER_INTERNAL_ERROR);
       goto fail;
     }
 
@@ -1933,11 +1836,11 @@ main(int argc,char *argv[])
        {
          fprintf(console,"gpgkeys: unable to make SSL connection: %s\n",
                  ldap_err2string(err));
-         fail_all(keylist,action,ldap_err_to_gpg_err(err));
+         fail_all(keylist,ldap_err_to_gpg_err(err));
          goto fail;
        }
 
-      if(!check_cert)
+      if(!opt->flags.check_cert)
        ssl=LDAP_OPT_X_TLS_NEVER;
 
       err=ldap_set_option(NULL,LDAP_OPT_X_TLS_REQUIRE_CERT,&ssl);
@@ -1946,7 +1849,7 @@ main(int argc,char *argv[])
          fprintf(console,
                  "gpgkeys: unable to set certificate validation: %s\n",
                  ldap_err2string(err));
-         fail_all(keylist,action,ldap_err_to_gpg_err(err));
+         fail_all(keylist,ldap_err_to_gpg_err(err));
          goto fail;
        }
 #else
@@ -1962,7 +1865,7 @@ main(int argc,char *argv[])
       {
        fprintf(console,"gpgkeys: unable to retrieve LDAP base: %s\n",
                err?ldap_err2string(err):"not found");
-       fail_all(keylist,action,ldap_err_to_gpg_err(err));
+       fail_all(keylist,ldap_err_to_gpg_err(err));
        goto fail;
       }
 
@@ -1977,7 +1880,7 @@ main(int argc,char *argv[])
                    "not supported by the NAI LDAP keyserver");
          if(use_tls==3)
            {
-             fail_all(keylist,action,KEYSERVER_INTERNAL_ERROR);
+             fail_all(keylist,KEYSERVER_INTERNAL_ERROR);
              goto fail;
            }
        }
@@ -1989,7 +1892,7 @@ main(int argc,char *argv[])
          err=ldap_set_option(ldap,LDAP_OPT_PROTOCOL_VERSION,&ver);
          if(err==LDAP_SUCCESS)
            {
-             if(check_cert)
+             if(opt->flags.check_cert)
                ver=LDAP_OPT_X_TLS_HARD;
              else
                ver=LDAP_OPT_X_TLS_NEVER;
@@ -2001,17 +1904,17 @@ main(int argc,char *argv[])
 
          if(err!=LDAP_SUCCESS)
            {
-             if(use_tls>=2 || verbose>2)
+             if(use_tls>=2 || opt->verbose>2)
                fprintf(console,"gpgkeys: unable to start TLS: %s\n",
                        ldap_err2string(err));
              /* Are we forcing it? */
              if(use_tls==3)
                {
-                 fail_all(keylist,action,ldap_err_to_gpg_err(err));
+                 fail_all(keylist,ldap_err_to_gpg_err(err));
                  goto fail;
                }
            }
-         else if(err==LDAP_SUCCESS && verbose>1)
+         else if(err==LDAP_SUCCESS && opt->verbose>1)
            fprintf(console,"gpgkeys: TLS started successfully.\n");
 #else
          if(use_tls>=2)
@@ -2045,94 +1948,89 @@ main(int argc,char *argv[])
     bound=1;
 #endif
 
-  switch(action)
+  if(opt->action==KS_GET)
     {
-    case GET:
       keyptr=keylist;
 
       while(keyptr!=NULL)
        {
-         set_timeout(timeout);
+         set_timeout(opt->timeout);
 
          if(get_key(keyptr->str)!=KEYSERVER_OK)
            failed++;
 
          keyptr=keyptr->next;
        }
-      break;
-
-    case SEND:
-      {
-       int eof=0;
-
-       do
-         {
-           set_timeout(timeout);
-
-           if(real_ldap)
-             {
-               if(send_key(&eof)!=KEYSERVER_OK)
-                 failed++;
-             }
-           else
-             {
-               if(send_key_keyserver(&eof)!=KEYSERVER_OK)
-                 failed++;
-             }
-         }
-       while(!eof);
-      }
-      break;
+    }
+  else if(opt->action==KS_SEND)
+    {
+      int eof=0;
 
-    case SEARCH:
-      {
-       char *searchkey=NULL;
-       int len=0;
+      do
+       {
+         set_timeout(opt->timeout);
 
-       set_timeout(timeout);
+         if(real_ldap)
+           {
+             if(send_key(&eof)!=KEYSERVER_OK)
+               failed++;
+           }
+         else
+           {
+             if(send_key_keyserver(&eof)!=KEYSERVER_OK)
+               failed++;
+           }
+       }
+      while(!eof);
+    }
+  else if(opt->action==KS_SEARCH)
+    {
+      char *searchkey=NULL;
+      int len=0;
 
-       /* To search, we stick a * in between each key to search for.
-          This means that if the user enters words, they'll get
-          "enters*words".  If the user "enters words", they'll get
-          "enters words" */
+      set_timeout(opt->timeout);
 
-       keyptr=keylist;
-       while(keyptr!=NULL)
-         {
-           len+=strlen(keyptr->str)+1;
-           keyptr=keyptr->next;
-         }
+      /* To search, we stick a * in between each key to search for.
+        This means that if the user enters words, they'll get
+        "enters*words".  If the user "enters words", they'll get
+        "enters words" */
 
-       searchkey=malloc(len+1);
-       if(searchkey==NULL)
-         {
-           ret=KEYSERVER_NO_MEMORY;
-           fail_all(keylist,action,KEYSERVER_NO_MEMORY);
-           goto fail;
-         }
+      keyptr=keylist;
+      while(keyptr!=NULL)
+       {
+         len+=strlen(keyptr->str)+1;
+         keyptr=keyptr->next;
+       }
 
-       searchkey[0]='\0';
+      searchkey=malloc(len+1);
+      if(searchkey==NULL)
+       {
+         ret=KEYSERVER_NO_MEMORY;
+         fail_all(keylist,KEYSERVER_NO_MEMORY);
+         goto fail;
+       }
 
-       keyptr=keylist;
-       while(keyptr!=NULL)
-         {
-           strcat(searchkey,keyptr->str);
-           strcat(searchkey,"*");
-           keyptr=keyptr->next;
-         }
+      searchkey[0]='\0';
 
-       /* Nail that last "*" */
-       if(*searchkey)
-         searchkey[strlen(searchkey)-1]='\0';
+      keyptr=keylist;
+      while(keyptr!=NULL)
+       {
+         strcat(searchkey,keyptr->str);
+         strcat(searchkey,"*");
+         keyptr=keyptr->next;
+       }
 
-       if(search_key(searchkey)!=KEYSERVER_OK)
-         failed++;
+      /* Nail that last "*" */
+      if(*searchkey)
+       searchkey[strlen(searchkey)-1]='\0';
 
-       free(searchkey);
-      }
+      if(search_key(searchkey)!=KEYSERVER_OK)
+       failed++;
 
-      break;
+      free(searchkey);
     }
+  else
+    BUG();
 
   if(!failed)
     ret=KEYSERVER_OK;
@@ -2152,6 +2050,8 @@ main(int argc,char *argv[])
   if(output!=stdout)
     fclose(output);
 
+  free_ks_options(opt);
+
   if(ldap!=NULL && bound)
     ldap_unbind_s(ldap);
 
index 223f52e..c0dc5f6 100644 (file)
@@ -110,6 +110,7 @@ parse_ks_options(char *line,struct ks_options *opt)
   char scheme[MAX_SCHEME+1];
   char auth[MAX_AUTH+1];
   char path[URLMAX_PATH+1];
+  char opaque[MAX_OPAQUE+1];
   char option[MAX_OPTION+1];
 
   if(line[0]=='#')
@@ -174,6 +175,15 @@ parse_ks_options(char *line,struct ks_options *opt)
       return 0;
     }
 
+  if(sscanf(line,"OPAQUE %" MKSTRING(MAX_OPAQUE) "s\n",opaque)==1)
+    {
+      opaque[MAX_OPAQUE]='\0';
+      opt->opaque=strdup(opaque);
+      if(!opt->opaque)
+       return KEYSERVER_NO_MEMORY;
+      return 0;
+    }
+
   if(sscanf(line,"VERSION %d\n",&version)==1)
     {
       if(version!=KEYSERVER_PROTO_VERSION)
@@ -236,6 +246,8 @@ parse_ks_options(char *line,struct ks_options *opt)
            opt->debug=0;
          else if(start[5]=='=')
            opt->debug=atoi(&start[6]);
+         else if(start[5]=='\0')
+           opt->debug=1;
        }
       else if(strncasecmp(start,"timeout",7)==0)
        {
index 3ed7b96..400dc17 100644 (file)
@@ -69,6 +69,7 @@ struct ks_options
   char *scheme;
   char *auth;
   char *path;
+  char *opaque;
   struct
   {
     unsigned int include_disabled:1;