Fix preference setting in new keys
[gnupg.git] / g10 / keyserver.c
1 /* keyserver.c - generic keyserver code
2  * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,
3  *               2009 Free Software Foundation, Inc.
4  *
5  * This file is part of GnuPG.
6  *
7  * GnuPG is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 3 of the License, or
10  * (at your option) any later version.
11  *
12  * GnuPG is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, see <http://www.gnu.org/licenses/>.
19  */
20
21 #include <config.h>
22 #include <ctype.h>
23 #include <stdio.h>
24 #include <string.h>
25 #include <stdlib.h>
26 #include <assert.h>
27 #include <errno.h>
28
29 #include "gpg.h"
30 #include "iobuf.h"
31 #include "filter.h"
32 #include "keydb.h"
33 #include "status.h"
34 #include "exec.h"
35 #include "main.h"
36 #include "i18n.h"
37 #include "ttyio.h"
38 #include "options.h"
39 #include "packet.h"
40 #include "trustdb.h"
41 #include "keyserver-internal.h"
42 #include "util.h"
43 #include "dns-cert.h"
44 #include "pka.h"
45 #ifdef USE_DNS_SRV
46 #include "srv.h"
47 #endif
48
49
50 #ifdef HAVE_W32_SYSTEM
51 /* It seems Vista doesn't grok X_OK and so fails access() tests.
52    Previous versions interpreted X_OK as F_OK anyway, so we'll just
53    use F_OK directly. */
54 #undef X_OK
55 #define X_OK F_OK
56 #endif /* HAVE_W32_SYSTEM */
57
58 struct keyrec
59 {
60   KEYDB_SEARCH_DESC desc;
61   u32 createtime,expiretime;
62   int size,flags;
63   byte type;
64   IOBUF uidbuf;
65   unsigned int lines;
66 };
67
68 enum ks_action {KS_UNKNOWN=0,KS_GET,KS_GETNAME,KS_SEND,KS_SEARCH};
69
70 static struct parse_options keyserver_opts[]=
71   {
72     /* some of these options are not real - just for the help
73        message */
74     {"max-cert-size",0,NULL,NULL},
75     {"include-revoked",0,NULL,N_("include revoked keys in search results")},
76     {"include-subkeys",0,NULL,N_("include subkeys when searching by key ID")},
77     {"use-temp-files",0,NULL,
78      N_("use temporary files to pass data to keyserver helpers")},
79     {"keep-temp-files",KEYSERVER_KEEP_TEMP_FILES,NULL,
80      N_("do not delete temporary files after using them")},
81     {"refresh-add-fake-v3-keyids",KEYSERVER_ADD_FAKE_V3,NULL,
82      NULL},
83     {"auto-key-retrieve",KEYSERVER_AUTO_KEY_RETRIEVE,NULL,
84      N_("automatically retrieve keys when verifying signatures")},
85     {"honor-keyserver-url",KEYSERVER_HONOR_KEYSERVER_URL,NULL,
86      N_("honor the preferred keyserver URL set on the key")},
87     {"honor-pka-record",KEYSERVER_HONOR_PKA_RECORD,NULL,
88      N_("honor the PKA record set on a key when retrieving keys")},
89     {NULL,0,NULL,NULL}
90   };
91
92 static int keyserver_work(enum ks_action action,strlist_t list,
93                           KEYDB_SEARCH_DESC *desc,int count,
94                           unsigned char **fpr,size_t *fpr_len,
95                           struct keyserver_spec *keyserver);
96
97 /* Reasonable guess */
98 #define DEFAULT_MAX_CERT_SIZE 16384
99
100 static size_t max_cert_size=DEFAULT_MAX_CERT_SIZE;
101
102 static void
103 add_canonical_option(char *option,strlist_t *list)
104 {
105   char *arg=argsplit(option);
106
107   if(arg)
108     {
109       char *joined;
110
111       joined=xmalloc(strlen(option)+1+strlen(arg)+1);
112       /* Make a canonical name=value form with no spaces */
113       strcpy(joined,option);
114       strcat(joined,"=");
115       strcat(joined,arg);
116       append_to_strlist(list,joined);
117       xfree(joined);
118     }
119   else
120     append_to_strlist(list,option);
121 }
122
123 int
124 parse_keyserver_options(char *options)
125 {
126   int ret=1;
127   char *tok;
128   char *max_cert=NULL;
129
130   keyserver_opts[0].value=&max_cert;
131
132   while((tok=optsep(&options)))
133     {
134       if(tok[0]=='\0')
135         continue;
136
137       /* For backwards compatibility.  1.2.x used honor-http-proxy and
138          there are a good number of documents published that recommend
139          it. */
140       if(ascii_strcasecmp(tok,"honor-http-proxy")==0)
141         tok="http-proxy";
142       else if(ascii_strcasecmp(tok,"no-honor-http-proxy")==0)
143         tok="no-http-proxy";
144
145       /* We accept quite a few possible options here - some options to
146          handle specially, the keyserver_options list, and import and
147          export options that pertain to keyserver operations.  Note
148          that you must use strncasecmp here as there might be an
149          =argument attached which will foil the use of strcasecmp. */
150
151 #ifdef EXEC_TEMPFILE_ONLY
152       if(ascii_strncasecmp(tok,"use-temp-files",14)==0 ||
153               ascii_strncasecmp(tok,"no-use-temp-files",17)==0)
154         log_info(_("WARNING: keyserver option `%s' is not used"
155                    " on this platform\n"),tok);
156 #else
157       if(ascii_strncasecmp(tok,"use-temp-files",14)==0)
158         opt.keyserver_options.options|=KEYSERVER_USE_TEMP_FILES;
159       else if(ascii_strncasecmp(tok,"no-use-temp-files",17)==0)
160         opt.keyserver_options.options&=~KEYSERVER_USE_TEMP_FILES;
161 #endif
162       else if(!parse_options(tok,&opt.keyserver_options.options,
163                              keyserver_opts,0)
164          && !parse_import_options(tok,
165                                   &opt.keyserver_options.import_options,0)
166          && !parse_export_options(tok,
167                                   &opt.keyserver_options.export_options,0))
168         {
169           /* All of the standard options have failed, so the option is
170              destined for a keyserver plugin. */
171           add_canonical_option(tok,&opt.keyserver_options.other);
172         }
173     }
174
175   if(max_cert)
176     {
177       max_cert_size=strtoul(max_cert,(char **)NULL,10);
178
179       if(max_cert_size==0)
180         max_cert_size=DEFAULT_MAX_CERT_SIZE;
181     }
182
183   return ret;
184 }
185
186 void
187 free_keyserver_spec(struct keyserver_spec *keyserver)
188 {
189   xfree(keyserver->uri);
190   xfree(keyserver->scheme);
191   xfree(keyserver->auth);
192   xfree(keyserver->host);
193   xfree(keyserver->port);
194   xfree(keyserver->path);
195   xfree(keyserver->opaque);
196   free_strlist(keyserver->options);
197   xfree(keyserver);
198 }
199
200 /* Return 0 for match */
201 static int
202 cmp_keyserver_spec(struct keyserver_spec *one,struct keyserver_spec *two)
203 {
204   if(ascii_strcasecmp(one->scheme,two->scheme)==0)
205     {
206       if(one->host && two->host && ascii_strcasecmp(one->host,two->host)==0)
207         {
208           if((one->port && two->port
209               && ascii_strcasecmp(one->port,two->port)==0)
210              || (!one->port && !two->port))
211             return 0;
212         }
213       else if(one->opaque && two->opaque
214               && ascii_strcasecmp(one->opaque,two->opaque)==0)
215         return 0;
216     }
217
218   return 1;
219 }
220
221 /* Try and match one of our keyservers.  If we can, return that.  If
222    we can't, return our input. */
223 struct keyserver_spec *
224 keyserver_match(struct keyserver_spec *spec)
225 {
226   struct keyserver_spec *ks;
227
228   for(ks=opt.keyserver;ks;ks=ks->next)
229     if(cmp_keyserver_spec(spec,ks)==0)
230       return ks;
231
232   return spec;
233 }
234
235 /* TODO: once we cut over to an all-curl world, we don't need this
236    parser any longer so it can be removed, or at least moved to
237    keyserver/ksutil.c for limited use in gpgkeys_ldap or the like. */
238
239 struct keyserver_spec *
240 parse_keyserver_uri(const char *string,int require_scheme,
241                     const char *configname,unsigned int configlineno)
242 {
243   int assume_hkp=0;
244   struct keyserver_spec *keyserver;
245   const char *idx;
246   int count;
247   char *uri,*options;
248
249   assert(string!=NULL);
250
251   keyserver=xmalloc_clear(sizeof(struct keyserver_spec));
252
253   uri=xstrdup(string);
254
255   options=strchr(uri,' ');
256   if(options)
257     {
258       char *tok;
259
260       *options='\0';
261       options++;
262
263       while((tok=optsep(&options)))
264         add_canonical_option(tok,&keyserver->options);
265     }
266
267   /* Get the scheme */
268
269   for(idx=uri,count=0;*idx && *idx!=':';idx++)
270     {
271       count++;
272
273       /* Do we see the start of an RFC-2732 ipv6 address here?  If so,
274          there clearly isn't a scheme so get out early. */
275       if(*idx=='[')
276         {
277           /* Was the '[' the first thing in the string?  If not, we
278              have a mangled scheme with a [ in it so fail. */
279           if(count==1)
280             break;
281           else
282             goto fail;
283         }
284     }
285
286   if(count==0)
287     goto fail;
288
289   if(*idx=='\0' || *idx=='[')
290     {
291       if(require_scheme)
292         return NULL;
293
294       /* Assume HKP if there is no scheme */
295       assume_hkp=1;
296       keyserver->scheme=xstrdup("hkp");
297
298       keyserver->uri=xmalloc(strlen(keyserver->scheme)+3+strlen(uri)+1);
299       strcpy(keyserver->uri,keyserver->scheme);
300       strcat(keyserver->uri,"://");
301       strcat(keyserver->uri,uri);
302     }
303   else
304     {
305       int i;
306
307       keyserver->uri=xstrdup(uri);
308
309       keyserver->scheme=xmalloc(count+1);
310
311       /* Force to lowercase */
312       for(i=0;i<count;i++)
313         keyserver->scheme[i]=ascii_tolower(uri[i]);
314
315       keyserver->scheme[i]='\0';
316
317       /* Skip past the scheme and colon */
318       uri+=count+1;
319     }
320
321   if(ascii_strcasecmp(keyserver->scheme,"x-broken-hkp")==0)
322     {
323       deprecated_warning(configname,configlineno,"x-broken-hkp",
324                          "--keyserver-options ","broken-http-proxy");
325       xfree(keyserver->scheme);
326       keyserver->scheme=xstrdup("hkp");
327       append_to_strlist(&opt.keyserver_options.other,"broken-http-proxy");
328     }
329   else if(ascii_strcasecmp(keyserver->scheme,"x-hkp")==0)
330     {
331       /* Canonicalize this to "hkp" so it works with both the internal
332          and external keyserver interface. */
333       xfree(keyserver->scheme);
334       keyserver->scheme=xstrdup("hkp");
335     }
336
337   if (uri[0]=='/' && uri[1]=='/' && uri[2] == '/')
338     {
339       /* Three slashes means network path with a default host name.
340          This is a hack because it does not crok all possible
341          combiantions.  We should better repalce all code bythe parser
342          from http.c.  */
343       keyserver->path = xstrdup (uri+2);
344     }
345   else if(assume_hkp || (uri[0]=='/' && uri[1]=='/'))
346     {
347       /* Two slashes means network path. */
348
349       /* Skip over the "//", if any */
350       if(!assume_hkp)
351         uri+=2;
352
353       /* Do we have userinfo auth data present? */
354       for(idx=uri,count=0;*idx && *idx!='@' && *idx!='/';idx++)
355         count++;
356
357       /* We found a @ before the slash, so that means everything
358          before the @ is auth data. */
359       if(*idx=='@')
360         {
361           if(count==0)
362             goto fail;
363
364           keyserver->auth=xmalloc(count+1);
365           strncpy(keyserver->auth,uri,count);
366           keyserver->auth[count]='\0';
367           uri+=count+1;
368         }
369
370       /* Is it an RFC-2732 ipv6 [literal address] ? */
371       if(*uri=='[')
372         {
373           for(idx=uri+1,count=1;*idx
374                 && ((isascii (*idx) && isxdigit(*idx))
375                     || *idx==':' || *idx=='.');idx++)
376             count++;
377
378           /* Is the ipv6 literal address terminated? */
379           if(*idx==']')
380             count++;
381           else
382             goto fail;
383         }
384       else
385         for(idx=uri,count=0;*idx && *idx!=':' && *idx!='/';idx++)
386           count++;
387
388       if(count==0)
389         goto fail;
390
391       keyserver->host=xmalloc(count+1);
392       strncpy(keyserver->host,uri,count);
393       keyserver->host[count]='\0';
394
395       /* Skip past the host */
396       uri+=count;
397
398       if(*uri==':')
399         {
400           /* It would seem to be reasonable to limit the range of the
401              ports to values between 1-65535, but RFC 1738 and 1808
402              imply there is no limit.  Of course, the real world has
403              limits. */
404
405           for(idx=uri+1,count=0;*idx && *idx!='/';idx++)
406             {
407               count++;
408
409               /* Ports are digits only */
410               if(!digitp(idx))
411                 goto fail;
412             }
413
414           keyserver->port=xmalloc(count+1);
415           strncpy(keyserver->port,uri+1,count);
416           keyserver->port[count]='\0';
417
418           /* Skip past the colon and port number */
419           uri+=1+count;
420         }
421
422       /* Everything else is the path */
423       if(*uri)
424         keyserver->path=xstrdup(uri);
425       else
426         keyserver->path=xstrdup("/");
427
428       if(keyserver->path[1])
429         keyserver->flags.direct_uri=1;
430     }
431   else if(uri[0]!='/')
432     {
433       /* No slash means opaque.  Just record the opaque blob and get
434          out. */
435       keyserver->opaque=xstrdup(uri);
436     }
437   else
438     {
439       /* One slash means absolute path.  We don't need to support that
440          yet. */
441       goto fail;
442     }
443
444   return keyserver;
445
446  fail:
447   free_keyserver_spec(keyserver);
448
449   return NULL;
450 }
451
452 struct keyserver_spec *
453 parse_preferred_keyserver(PKT_signature *sig)
454 {
455   struct keyserver_spec *spec=NULL;
456   const byte *p;
457   size_t plen;
458
459   p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&plen);
460   if(p && plen)
461     {
462       byte *dupe=xmalloc(plen+1);
463
464       memcpy(dupe,p,plen);
465       dupe[plen]='\0';
466       spec=parse_keyserver_uri(dupe,1,NULL,0);
467       xfree(dupe);
468     }
469
470   return spec;
471 }
472
473 static void
474 print_keyrec(int number,struct keyrec *keyrec)
475 {
476   int i;
477
478   iobuf_writebyte(keyrec->uidbuf,0);
479   iobuf_flush_temp(keyrec->uidbuf);
480   printf("(%d)\t%s  ",number,iobuf_get_temp_buffer(keyrec->uidbuf));
481
482   if(keyrec->size>0)
483     printf("%d bit ",keyrec->size);
484
485   if(keyrec->type)
486     {
487       const char *str = gcry_pk_algo_name (keyrec->type);
488
489       if(str)
490         printf("%s ",str);
491       else
492         printf("unknown ");
493     }
494
495   switch(keyrec->desc.mode)
496     {
497       /* If the keyserver helper gave us a short keyid, we have no
498          choice but to use it.  Do check --keyid-format to add a 0x if
499          needed. */
500     case KEYDB_SEARCH_MODE_SHORT_KID:
501       printf("key %s%08lX",
502              (opt.keyid_format==KF_0xSHORT
503               || opt.keyid_format==KF_0xLONG)?"0x":"",
504              (ulong)keyrec->desc.u.kid[1]);
505       break;
506
507       /* However, if it gave us a long keyid, we can honor
508          --keyid-format */
509     case KEYDB_SEARCH_MODE_LONG_KID:
510       printf("key %s",keystr(keyrec->desc.u.kid));
511       break;
512
513     case KEYDB_SEARCH_MODE_FPR16:
514       printf("key ");
515       for(i=0;i<16;i++)
516         printf("%02X",keyrec->desc.u.fpr[i]);
517       break;
518
519     case KEYDB_SEARCH_MODE_FPR20:
520       printf("key ");
521       for(i=0;i<20;i++)
522         printf("%02X",keyrec->desc.u.fpr[i]);
523       break;
524
525     default:
526       BUG();
527       break;
528     }
529
530   if(keyrec->createtime>0)
531     {
532       printf(", ");
533       printf(_("created: %s"),strtimestamp(keyrec->createtime));
534     }
535
536   if(keyrec->expiretime>0)
537     {
538       printf(", ");
539       printf(_("expires: %s"),strtimestamp(keyrec->expiretime));
540     }
541
542   if(keyrec->flags&1)
543     printf(" (%s)",_("revoked"));
544   if(keyrec->flags&2)
545     printf(" (%s)",_("disabled"));
546   if(keyrec->flags&4)
547     printf(" (%s)",_("expired"));
548
549   printf("\n");
550 }
551
552 /* Returns a keyrec (which must be freed) once a key is complete, and
553    NULL otherwise.  Call with a NULL keystring once key parsing is
554    complete to return any unfinished keys. */
555 static struct keyrec *
556 parse_keyrec(char *keystring)
557 {
558   static struct keyrec *work=NULL;
559   struct keyrec *ret=NULL;
560   char *record;
561   int i;
562
563   if(keystring==NULL)
564     {
565       if(work==NULL)
566         return NULL;
567       else if(work->desc.mode==KEYDB_SEARCH_MODE_NONE)
568         {
569           xfree(work);
570           return NULL;
571         }
572       else
573         {
574           ret=work;
575           work=NULL;
576           return ret;
577         }
578     }
579
580   if(work==NULL)
581     {
582       work=xmalloc_clear(sizeof(struct keyrec));
583       work->uidbuf=iobuf_temp();
584     }
585
586   /* Remove trailing whitespace */
587   for(i=strlen(keystring);i>0;i--)
588     if(ascii_isspace(keystring[i-1]))
589       keystring[i-1]='\0';
590     else
591       break;
592
593   if((record=strsep(&keystring,":"))==NULL)
594     return ret;
595
596   if(ascii_strcasecmp("pub",record)==0)
597     {
598       char *tok;
599       gpg_error_t err;
600
601       if(work->desc.mode)
602         {
603           ret=work;
604           work=xmalloc_clear(sizeof(struct keyrec));
605           work->uidbuf=iobuf_temp();
606         }
607
608       if((tok=strsep(&keystring,":"))==NULL)
609         return ret;
610
611       err = classify_user_id (tok, &work->desc);
612       if (err || (work->desc.mode    != KEYDB_SEARCH_MODE_SHORT_KID
613                   && work->desc.mode != KEYDB_SEARCH_MODE_LONG_KID
614                   && work->desc.mode != KEYDB_SEARCH_MODE_FPR16
615                   && work->desc.mode != KEYDB_SEARCH_MODE_FPR20))
616         {
617           work->desc.mode=KEYDB_SEARCH_MODE_NONE;
618           return ret;
619         }
620
621       /* Note all items after this are optional.  This allows us to
622          have a pub line as simple as pub:keyid and nothing else. */
623
624       work->lines++;
625
626       if((tok=strsep(&keystring,":"))==NULL)
627         return ret;
628
629       work->type=atoi(tok);
630
631       if((tok=strsep(&keystring,":"))==NULL)
632         return ret;
633
634       work->size=atoi(tok);
635
636       if((tok=strsep(&keystring,":"))==NULL)
637         return ret;
638
639       if(atoi(tok)<=0)
640         work->createtime=0;
641       else
642         work->createtime=atoi(tok);
643
644       if((tok=strsep(&keystring,":"))==NULL)
645         return ret;
646
647       if(atoi(tok)<=0)
648         work->expiretime=0;
649       else
650         {
651           work->expiretime=atoi(tok);
652           /* Force the 'e' flag on if this key is expired. */
653           if(work->expiretime<=make_timestamp())
654             work->flags|=4;
655         }
656
657       if((tok=strsep(&keystring,":"))==NULL)
658         return ret;
659
660       while(*tok)
661         switch(*tok++)
662           {
663           case 'r':
664           case 'R':
665             work->flags|=1;
666             break;
667             
668           case 'd':
669           case 'D':
670             work->flags|=2;
671             break;
672
673           case 'e':
674           case 'E':
675             work->flags|=4;
676             break;
677           }
678     }
679   else if(ascii_strcasecmp("uid",record)==0 && work->desc.mode)
680     {
681       char *userid,*tok,*decoded;
682
683       if((tok=strsep(&keystring,":"))==NULL)
684         return ret;
685
686       if(strlen(tok)==0)
687         return ret;
688
689       userid=tok;
690
691       /* By definition, de-%-encoding is always smaller than the
692          original string so we can decode in place. */
693
694       i=0;
695
696       while(*tok)
697         if(tok[0]=='%' && tok[1] && tok[2])
698           {
699             int c;
700
701             userid[i] = (c=hextobyte(&tok[1])) == -1 ? '?' : c;
702             i++;
703             tok+=3;
704           }
705         else
706           userid[i++]=*tok++;
707
708       /* We don't care about the other info provided in the uid: line
709          since no keyserver supports marking userids with timestamps
710          or revoked/expired/disabled yet. */
711
712       /* No need to check for control characters, as utf8_to_native
713          does this for us. */
714
715       decoded=utf8_to_native(userid,i,0);
716       if(strlen(decoded)>opt.screen_columns-10)
717         decoded[opt.screen_columns-10]='\0';
718       iobuf_writestr(work->uidbuf,decoded);
719       xfree(decoded);
720       iobuf_writestr(work->uidbuf,"\n\t");
721       work->lines++;
722     }
723
724   /* Ignore any records other than "pri" and "uid" for easy future
725      growth. */
726
727   return ret;
728 }
729
730 /* TODO: do this as a list sent to keyserver_work rather than calling
731    it once for each key to get the correct counts after the import
732    (cosmetics, really) and to better take advantage of the keyservers
733    that can do multiple fetches in one go (LDAP). */
734 static int
735 show_prompt(KEYDB_SEARCH_DESC *desc,int numdesc,int count,const char *search)
736 {
737   char *answer;
738
739   fflush (stdout);
740
741   if(count && opt.command_fd==-1)
742     {
743       static int from=1;
744       tty_printf("Keys %d-%d of %d for \"%s\".  ",from,numdesc,count,search);
745       from=numdesc+1;
746     }
747
748   answer=cpr_get_no_help("keysearch.prompt",
749                          _("Enter number(s), N)ext, or Q)uit > "));
750   /* control-d */
751   if(answer[0]=='\x04')
752     {
753       printf("Q\n");
754       answer[0]='q';
755     }
756
757   if(answer[0]=='q' || answer[0]=='Q')
758     {
759       xfree(answer);
760       return 1;
761     }
762   else if(atoi(answer)>=1 && atoi(answer)<=numdesc)
763     {
764       char *split=answer,*num;
765
766       while((num=strsep(&split," ,"))!=NULL)
767         if(atoi(num)>=1 && atoi(num)<=numdesc)
768           keyserver_work(KS_GET,NULL,&desc[atoi(num)-1],1,
769                          NULL,NULL,opt.keyserver);
770
771       xfree(answer);
772       return 1;
773     }
774
775   return 0;
776 }
777
778 /* Count and searchstr are just for cosmetics.  If the count is too
779    small, it will grow safely.  If negative it disables the "Key x-y
780    of z" messages.  searchstr should be UTF-8 (rather than native). */
781 static void
782 keyserver_search_prompt(IOBUF buffer,const char *searchstr)
783 {
784   int i=0,validcount=0,started=0,header=0,count=1;
785   unsigned int maxlen,buflen,numlines=0;
786   KEYDB_SEARCH_DESC *desc;
787   byte *line=NULL;
788   char *localstr=NULL;
789
790   if(searchstr)
791     localstr=utf8_to_native(searchstr,strlen(searchstr),0);
792
793   desc=xmalloc(count*sizeof(KEYDB_SEARCH_DESC));
794
795   for(;;)
796     {
797       struct keyrec *keyrec;
798       int rl;
799
800       maxlen=1024;
801       rl=iobuf_read_line(buffer,&line,&buflen,&maxlen);
802
803       if(opt.with_colons)
804         {
805           if(!header && ascii_strncasecmp("SEARCH ",line,7)==0
806              && ascii_strncasecmp(" BEGIN",&line[strlen(line)-7],6)==0)
807             {
808               header=1;
809               continue;
810             }
811           else if(ascii_strncasecmp("SEARCH ",line,7)==0
812                   && ascii_strncasecmp(" END",&line[strlen(line)-5],4)==0)
813             continue;
814
815           printf("%s",line);
816         }
817
818       /* Look for an info: line.  The only current info: values
819          defined are the version and key count. */
820       if(!started && rl>0 && ascii_strncasecmp("info:",line,5)==0)
821         {
822           char *tok,*str=&line[5];
823
824           if((tok=strsep(&str,":"))!=NULL)
825             {
826               int version;
827
828               if(sscanf(tok,"%d",&version)!=1)
829                 version=1;
830
831               if(version!=1)
832                 {
833                   log_error(_("invalid keyserver protocol "
834                               "(us %d!=handler %d)\n"),1,version);
835                   break;
836                 }
837             }
838
839           if((tok=strsep(&str,":"))!=NULL && sscanf(tok,"%d",&count)==1)
840             {
841               if(count==0)
842                 goto notfound;
843               else if(count<0)
844                 count=10;
845               else
846                 validcount=1;
847
848               desc=xrealloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
849             }
850
851           started=1;
852           continue;
853         }
854
855       if(rl==0)
856         {
857           keyrec=parse_keyrec(NULL);
858
859           if(keyrec==NULL)
860             {
861               if(i==0)
862                 {
863                   count=0;
864                   break;
865                 }
866
867               if(i!=count)
868                 validcount=0;
869
870               if (opt.with_colons && opt.batch)
871                 break;
872                 
873               for(;;)
874                 {
875                   if(show_prompt(desc,i,validcount?count:0,localstr))
876                     break;
877                   validcount=0;
878                 }
879
880               break;
881             }
882         }
883       else
884         keyrec=parse_keyrec(line);
885
886       if(i==count)
887         {
888           /* keyserver helper sent more keys than they claimed in the
889              info: line. */
890           count+=10;
891           desc=xrealloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
892           validcount=0;
893         }
894
895       if(keyrec)
896         {
897           desc[i]=keyrec->desc;
898
899           if(!opt.with_colons)
900             {
901               /* screen_lines - 1 for the prompt. */
902               if(numlines+keyrec->lines>opt.screen_lines-1)
903                 {
904                   if(show_prompt(desc,i,validcount?count:0,localstr))
905                     break;
906                   else
907                     numlines=0;
908                 }
909
910               print_keyrec(i+1,keyrec);
911             }
912
913           numlines+=keyrec->lines;
914           iobuf_close(keyrec->uidbuf);
915           xfree(keyrec);
916
917           started=1;
918           i++;
919         }
920     }
921
922  notfound:
923   /* Leave this commented out or now, and perhaps for a very long
924      time.  All HKPish servers return HTML error messages for
925      no-key-found. */
926   /* 
927      if(!started)
928      log_info(_("keyserver does not support searching\n"));
929      else
930   */
931   if(count==0)
932     {
933       if(localstr)
934         log_info(_("key \"%s\" not found on keyserver\n"),localstr);
935       else
936         log_info(_("key not found on keyserver\n"));
937     }
938
939   xfree(localstr);
940   xfree(desc);
941   xfree(line);
942 }
943
944 /* We sometimes want to use a different gpgkeys_xxx for a given
945    protocol (for example, ldaps is handled by gpgkeys_ldap).  Map
946    these here. */
947 static const char *
948 keyserver_typemap(const char *type)
949 {
950   if(strcmp(type,"ldaps")==0)
951     return "ldap";
952   else if(strcmp(type,"hkps")==0)
953     return "hkp";
954   else
955     return type;
956 }
957
958 /* The PGP LDAP and the curl fetch-a-LDAP-object methodologies are
959    sufficiently different that we can't use curl to do LDAP. */
960 static int
961 direct_uri_map(const char *scheme,unsigned int is_direct)
962 {
963   if(is_direct && strcmp(scheme,"ldap")==0)
964     return 1;
965
966   return 0;
967 }
968
969 #if GNUPG_MAJOR_VERSION == 2
970 #define GPGKEYS_PREFIX "gpg2keys_"
971 #else
972 #define GPGKEYS_PREFIX "gpgkeys_"
973 #endif
974 #define GPGKEYS_CURL GPGKEYS_PREFIX "curl" EXEEXT
975 #define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_CURL))
976 #define KEYSERVER_ARGS_KEEP " -o \"%O\" \"%I\""
977 #define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\""
978
979 static int 
980 keyserver_spawn(enum ks_action action,strlist_t list,KEYDB_SEARCH_DESC *desc,
981                 int count,int *prog,unsigned char **fpr,size_t *fpr_len,
982                 struct keyserver_spec *keyserver)
983 {
984   int ret=0,i,gotversion=0,outofband=0;
985   strlist_t temp;
986   unsigned int maxlen,buflen;
987   char *command,*end,*searchstr=NULL;
988   byte *line=NULL;
989   struct exec_info *spawn;
990   const char *scheme;
991   const char *libexecdir = gnupg_libexecdir ();
992
993   assert(keyserver);
994
995 #ifdef EXEC_TEMPFILE_ONLY
996   opt.keyserver_options.options|=KEYSERVER_USE_TEMP_FILES;
997 #endif
998
999   /* Build the filename for the helper to execute */
1000   scheme=keyserver_typemap(keyserver->scheme);
1001
1002 #ifdef DISABLE_KEYSERVER_PATH
1003   /* Destroy any path we might have.  This is a little tricky,
1004      portability-wise.  It's not correct to delete the PATH
1005      environment variable, as that may fall back to a system built-in
1006      PATH.  Similarly, it is not correct to set PATH to the null
1007      string (PATH="") since this actually deletes the PATH environment
1008      variable under MinGW.  The safest thing to do here is to force
1009      PATH to be GNUPG_LIBEXECDIR.  All this is not that meaningful on
1010      Unix-like systems (since we're going to give a full path to
1011      gpgkeys_foo), but on W32 it prevents loading any DLLs from
1012      directories in %PATH%.
1013
1014      After some more thinking about this we came to the conclusion
1015      that it is better to load the helpers from the directory where
1016      the program of this process lives.  Fortunately Windows provides
1017      a way to retrieve this and our gnupg_libexecdir function has been
1018      modified to return just this.  Setting the exec-path is not
1019      anymore required.  
1020        set_exec_path(libexecdir);
1021  */
1022 #else
1023   if(opt.exec_path_set)
1024     {
1025       /* If exec-path was set, and DISABLE_KEYSERVER_PATH is
1026          undefined, then don't specify a full path to gpgkeys_foo, so
1027          that the PATH can work. */
1028       command=xmalloc(GPGKEYS_PREFIX_LEN+strlen(scheme)+3+strlen(EXEEXT)+1);
1029       command[0]='\0';
1030     }
1031   else
1032 #endif
1033     {
1034       /* Specify a full path to gpgkeys_foo. */
1035       command=xmalloc(strlen(libexecdir)+strlen(DIRSEP_S)+
1036                       GPGKEYS_PREFIX_LEN+strlen(scheme)+3+strlen(EXEEXT)+1);
1037       strcpy(command,libexecdir);
1038       strcat(command,DIRSEP_S);
1039     }
1040
1041   end=command+strlen(command);
1042
1043   /* Build a path for the keyserver helper.  If it is direct_uri
1044      (i.e. an object fetch and not a keyserver), then add "_uri" to
1045      the end to distinguish the keyserver helper from an object
1046      fetcher that can speak that protocol (this is a problem for
1047      LDAP). */
1048
1049   strcat(command,GPGKEYS_PREFIX); 
1050   strcat(command,scheme);
1051
1052   /* This "_uri" thing is in case we need to call a direct handler
1053      instead of the keyserver handler.  This lets us use gpgkeys_curl
1054      or gpgkeys_ldap_uri (we don't provide it, but a user might)
1055      instead of gpgkeys_ldap to fetch things like
1056      ldap://keyserver.pgp.com/o=PGP%20keys?pgpkey?sub?pgpkeyid=99242560 */
1057
1058   if(direct_uri_map(scheme,keyserver->flags.direct_uri))
1059     strcat(command,"_uri");
1060
1061   strcat(command,EXEEXT);
1062
1063   /* Can we execute it?  If not, try curl as our catchall. */
1064   if(path_access(command,X_OK)!=0)
1065     strcpy(end,GPGKEYS_CURL);
1066
1067   if(opt.keyserver_options.options&KEYSERVER_USE_TEMP_FILES)
1068     {
1069       if(opt.keyserver_options.options&KEYSERVER_KEEP_TEMP_FILES)
1070         {
1071           command=xrealloc(command,strlen(command)+
1072                             strlen(KEYSERVER_ARGS_KEEP)+1);
1073           strcat(command,KEYSERVER_ARGS_KEEP);
1074         }
1075       else
1076         {
1077           command=xrealloc(command,strlen(command)+
1078                             strlen(KEYSERVER_ARGS_NOKEEP)+1);
1079           strcat(command,KEYSERVER_ARGS_NOKEEP);  
1080         }
1081
1082       ret=exec_write(&spawn,NULL,command,NULL,0,0);
1083     }
1084   else
1085     ret=exec_write(&spawn,command,NULL,NULL,0,0);
1086
1087   xfree(command);
1088
1089   if(ret)
1090     return ret;
1091
1092   fprintf(spawn->tochild,
1093           "# This is a GnuPG %s keyserver communications file\n",VERSION);
1094   fprintf(spawn->tochild,"VERSION %d\n",KEYSERVER_PROTO_VERSION);
1095   fprintf(spawn->tochild,"PROGRAM %s\n",VERSION);
1096   fprintf(spawn->tochild,"SCHEME %s\n",keyserver->scheme);
1097
1098   if(keyserver->opaque)
1099     fprintf(spawn->tochild,"OPAQUE %s\n",keyserver->opaque);
1100   else
1101     {
1102       if(keyserver->auth)
1103         fprintf(spawn->tochild,"AUTH %s\n",keyserver->auth);
1104
1105       if(keyserver->host)
1106         fprintf(spawn->tochild,"HOST %s\n",keyserver->host);
1107
1108       if(keyserver->port)
1109         fprintf(spawn->tochild,"PORT %s\n",keyserver->port);
1110
1111       if(keyserver->path)
1112         fprintf(spawn->tochild,"PATH %s\n",keyserver->path);
1113     }
1114
1115   /* Write global options */
1116
1117   for(temp=opt.keyserver_options.other;temp;temp=temp->next)
1118     fprintf(spawn->tochild,"OPTION %s\n",temp->d);
1119
1120   /* Write per-keyserver options */
1121
1122   for(temp=keyserver->options;temp;temp=temp->next)
1123     fprintf(spawn->tochild,"OPTION %s\n",temp->d);
1124
1125   switch(action)
1126     {
1127     case KS_GET:
1128       {
1129         fprintf(spawn->tochild,"COMMAND GET\n\n");
1130
1131         /* Which keys do we want? */
1132
1133         for(i=0;i<count;i++)
1134           {
1135             int quiet=0;
1136
1137             if(desc[i].mode==KEYDB_SEARCH_MODE_FPR20)
1138               {
1139                 int f;
1140
1141                 fprintf(spawn->tochild,"0x");
1142
1143                 for(f=0;f<MAX_FINGERPRINT_LEN;f++)
1144                   fprintf(spawn->tochild,"%02X",desc[i].u.fpr[f]);
1145
1146                 fprintf(spawn->tochild,"\n");
1147               }
1148             else if(desc[i].mode==KEYDB_SEARCH_MODE_FPR16)
1149               {
1150                 int f;
1151
1152                 fprintf(spawn->tochild,"0x");
1153
1154                 for(f=0;f<16;f++)
1155                   fprintf(spawn->tochild,"%02X",desc[i].u.fpr[f]);
1156
1157                 fprintf(spawn->tochild,"\n");
1158               }
1159             else if(desc[i].mode==KEYDB_SEARCH_MODE_LONG_KID)
1160               fprintf(spawn->tochild,"0x%08lX%08lX\n",
1161                       (ulong)desc[i].u.kid[0],
1162                       (ulong)desc[i].u.kid[1]);
1163             else if(desc[i].mode==KEYDB_SEARCH_MODE_SHORT_KID)
1164               fprintf(spawn->tochild,"0x%08lX\n",
1165                       (ulong)desc[i].u.kid[1]);
1166             else if(desc[i].mode==KEYDB_SEARCH_MODE_EXACT)
1167               {
1168                 fprintf(spawn->tochild,"0x0000000000000000\n");
1169                 quiet=1;
1170               }
1171             else if(desc[i].mode==KEYDB_SEARCH_MODE_NONE)
1172               continue;
1173             else
1174               BUG();
1175
1176             if(!quiet)
1177               {
1178                 if(keyserver->host)
1179                   log_info(_("requesting key %s from %s server %s\n"),
1180                            keystr_from_desc(&desc[i]),
1181                            keyserver->scheme,keyserver->host);
1182                 else
1183                   log_info(_("requesting key %s from %s\n"),
1184                            keystr_from_desc(&desc[i]),keyserver->uri);
1185               }
1186           }
1187
1188         fprintf(spawn->tochild,"\n");
1189
1190         break;
1191       }
1192
1193     case KS_GETNAME:
1194       {
1195         strlist_t key;
1196
1197         fprintf(spawn->tochild,"COMMAND GETNAME\n\n");
1198
1199         /* Which names do we want? */
1200
1201         for(key=list;key!=NULL;key=key->next)
1202           fprintf(spawn->tochild,"%s\n",key->d);
1203
1204         fprintf(spawn->tochild,"\n");
1205
1206         if(keyserver->host)
1207           log_info(_("searching for names from %s server %s\n"),
1208                    keyserver->scheme,keyserver->host);
1209         else
1210           log_info(_("searching for names from %s\n"),keyserver->uri);
1211
1212         break;
1213       }
1214
1215     case KS_SEND:
1216       {
1217         strlist_t key;
1218
1219         /* Note the extra \n here to send an empty keylist block */
1220         fprintf(spawn->tochild,"COMMAND SEND\n\n\n");
1221
1222         for(key=list;key!=NULL;key=key->next)
1223           {
1224             armor_filter_context_t *afx;
1225             IOBUF buffer = iobuf_temp ();
1226             KBNODE block;
1227
1228             temp=NULL;
1229             add_to_strlist(&temp,key->d);
1230
1231             afx = new_armor_context ();
1232             afx->what = 1;
1233             /* Tell the armor filter to use Unix-style \n line
1234                endings, since we're going to fprintf this to a file
1235                that (on Win32) is open in text mode.  The win32 stdio
1236                will transform the \n to \r\n and we'll end up with the
1237                proper line endings on win32.  This is a no-op on
1238                Unix. */
1239             afx->eol[0] = '\n';
1240             push_armor_filter (afx, buffer);
1241             release_armor_context (afx);
1242
1243             /* TODO: Remove Comment: lines from keys exported this
1244                way? */
1245
1246             if(export_pubkeys_stream(buffer,temp,&block,
1247                                      opt.keyserver_options.export_options)==-1)
1248               iobuf_close(buffer);
1249             else
1250               {
1251                 KBNODE node;
1252
1253                 iobuf_flush_temp(buffer);
1254
1255                 merge_keys_and_selfsig(block);
1256
1257                 fprintf(spawn->tochild,"INFO %08lX%08lX BEGIN\n",
1258                         (ulong)block->pkt->pkt.public_key->keyid[0],
1259                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1260
1261                 for(node=block;node;node=node->next)
1262                   {
1263                     switch(node->pkt->pkttype)
1264                       {
1265                       default:
1266                         continue;
1267
1268                       case PKT_PUBLIC_KEY:
1269                       case PKT_PUBLIC_SUBKEY:
1270                         {
1271                           PKT_public_key *pk=node->pkt->pkt.public_key;
1272
1273                           keyid_from_pk(pk,NULL);
1274
1275                           fprintf(spawn->tochild,"%sb:%08lX%08lX:%u:%u:%u:%u:",
1276                                   node->pkt->pkttype==PKT_PUBLIC_KEY?"pu":"su",
1277                                   (ulong)pk->keyid[0],(ulong)pk->keyid[1],
1278                                   pk->pubkey_algo,
1279                                   nbits_from_pk(pk),
1280                                   pk->timestamp,
1281                                   pk->expiredate);
1282
1283                           if(pk->is_revoked)
1284                             fprintf(spawn->tochild,"r");
1285                           if(pk->has_expired)
1286                             fprintf(spawn->tochild,"e");
1287
1288                           fprintf(spawn->tochild,"\n");
1289                         }
1290                         break;
1291
1292                       case PKT_USER_ID:
1293                         {
1294                           PKT_user_id *uid=node->pkt->pkt.user_id;
1295                           int r;
1296
1297                           if(uid->attrib_data)
1298                             continue;
1299
1300                           fprintf(spawn->tochild,"uid:");
1301
1302                           /* Quote ':', '%', and any 8-bit
1303                              characters */
1304                           for(r=0;r<uid->len;r++)
1305                             {
1306                               if(uid->name[r]==':' || uid->name[r]=='%'
1307                                  || uid->name[r]&0x80)
1308                                 fprintf(spawn->tochild,"%%%02X",
1309                                         (byte)uid->name[r]);
1310                               else
1311                                 fprintf(spawn->tochild,"%c",uid->name[r]);
1312                             }
1313
1314                           fprintf(spawn->tochild,":%u:%u:",
1315                                   uid->created,uid->expiredate);
1316
1317                           if(uid->is_revoked)
1318                             fprintf(spawn->tochild,"r");
1319                           if(uid->is_expired)
1320                             fprintf(spawn->tochild,"e");
1321
1322                           fprintf(spawn->tochild,"\n");
1323                         }
1324                         break;
1325
1326                         /* This bit is really for the benefit of
1327                            people who store their keys in LDAP
1328                            servers.  It makes it easy to do queries
1329                            for things like "all keys signed by
1330                            Isabella". */
1331                       case PKT_SIGNATURE:
1332                         {
1333                           PKT_signature *sig=node->pkt->pkt.signature;
1334
1335                           if(!IS_UID_SIG(sig))
1336                             continue;
1337
1338                           fprintf(spawn->tochild,"sig:%08lX%08lX:%X:%u:%u\n",
1339                                   (ulong)sig->keyid[0],(ulong)sig->keyid[1],
1340                                   sig->sig_class,sig->timestamp,
1341                                   sig->expiredate);
1342                         }
1343                         break;
1344                       }
1345                   }
1346
1347                 fprintf(spawn->tochild,"INFO %08lX%08lX END\n",
1348                         (ulong)block->pkt->pkt.public_key->keyid[0],
1349                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1350
1351                 fprintf(spawn->tochild,"KEY %08lX%08lX BEGIN\n",
1352                         (ulong)block->pkt->pkt.public_key->keyid[0],
1353                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1354                 fwrite(iobuf_get_temp_buffer(buffer),
1355                        iobuf_get_temp_length(buffer),1,spawn->tochild);
1356                 fprintf(spawn->tochild,"KEY %08lX%08lX END\n",
1357                         (ulong)block->pkt->pkt.public_key->keyid[0],
1358                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1359
1360                 iobuf_close(buffer);
1361
1362                 if(keyserver->host)
1363                   log_info(_("sending key %s to %s server %s\n"),
1364                            keystr(block->pkt->pkt.public_key->keyid),
1365                            keyserver->scheme,keyserver->host);
1366                 else
1367                   log_info(_("sending key %s to %s\n"),
1368                            keystr(block->pkt->pkt.public_key->keyid),
1369                            keyserver->uri);
1370
1371                 release_kbnode(block);
1372               }
1373
1374             free_strlist(temp);
1375           }
1376
1377         break;
1378       }
1379
1380     case KS_SEARCH:
1381       {
1382         strlist_t key;
1383
1384         fprintf(spawn->tochild,"COMMAND SEARCH\n\n");
1385
1386         /* Which keys do we want?  Remember that the gpgkeys_ program
1387            is going to lump these together into a search string. */
1388
1389         for(key=list;key!=NULL;key=key->next)
1390           {
1391             fprintf(spawn->tochild,"%s\n",key->d);
1392             if(key!=list)
1393               {
1394                 searchstr=xrealloc(searchstr,
1395                                     strlen(searchstr)+strlen(key->d)+2);
1396                 strcat(searchstr," ");
1397               }
1398             else
1399               {
1400                 searchstr=xmalloc(strlen(key->d)+1);
1401                 searchstr[0]='\0';
1402               }
1403
1404             strcat(searchstr,key->d);
1405           }
1406
1407         fprintf(spawn->tochild,"\n");
1408
1409         if(keyserver->host)
1410           log_info(_("searching for \"%s\" from %s server %s\n"),
1411                    searchstr,keyserver->scheme,keyserver->host);
1412         else
1413           log_info(_("searching for \"%s\" from %s\n"),
1414                    searchstr,keyserver->uri);
1415
1416         break;
1417       }
1418
1419     default:
1420       log_fatal(_("no keyserver action!\n"));
1421       break;
1422     }
1423
1424   /* Done sending, so start reading. */
1425   ret=exec_read(spawn);
1426   if(ret)
1427     goto fail;
1428
1429   /* Now handle the response */
1430
1431   for(;;)
1432     {
1433       int plen;
1434       char *ptr;
1435
1436       maxlen=1024;
1437       if(iobuf_read_line(spawn->fromchild,&line,&buflen,&maxlen)==0)
1438         {
1439           ret = gpg_error_from_syserror ();
1440           goto fail; /* i.e. EOF */
1441         }
1442
1443       ptr=line;
1444
1445       /* remove trailing whitespace */
1446       plen=strlen(ptr);
1447       while(plen>0 && ascii_isspace(ptr[plen-1]))
1448         plen--;
1449       plen[ptr]='\0';
1450
1451       if(*ptr=='\0')
1452         break;
1453
1454       if(ascii_strncasecmp(ptr,"VERSION ",8)==0)
1455         {
1456           gotversion=1;
1457
1458           if(atoi(&ptr[8])!=KEYSERVER_PROTO_VERSION)
1459             {
1460               log_error(_("invalid keyserver protocol (us %d!=handler %d)\n"),
1461                         KEYSERVER_PROTO_VERSION,atoi(&ptr[8]));
1462               goto fail;
1463             }
1464         }
1465       else if(ascii_strncasecmp(ptr,"PROGRAM ",8)==0)
1466         {
1467           if(ascii_strncasecmp(&ptr[8],VERSION,strlen(VERSION))!=0)
1468             log_info(_("WARNING: keyserver handler from a different"
1469                        " version of GnuPG (%s)\n"),&ptr[8]);
1470         }
1471       else if(ascii_strncasecmp(ptr,"OPTION OUTOFBAND",16)==0)
1472         outofband=1; /* Currently the only OPTION */
1473     }
1474
1475   if(!gotversion)
1476     {
1477       log_error(_("keyserver did not send VERSION\n"));
1478       goto fail;
1479     }
1480
1481   if(!outofband)
1482     switch(action)
1483       {
1484       case KS_GET:
1485       case KS_GETNAME:
1486         {
1487           void *stats_handle;
1488
1489           stats_handle=import_new_stats_handle();
1490
1491           /* Slurp up all the key data.  In the future, it might be
1492              nice to look for KEY foo OUTOFBAND and FAILED indicators.
1493              It's harmless to ignore them, but ignoring them does make
1494              gpg complain about "no valid OpenPGP data found".  One
1495              way to do this could be to continue parsing this
1496              line-by-line and make a temp iobuf for each key. */
1497
1498           import_keys_stream(spawn->fromchild,stats_handle,fpr,fpr_len,
1499                              opt.keyserver_options.import_options);
1500
1501           import_print_stats(stats_handle);
1502           import_release_stats_handle(stats_handle);
1503
1504           break;
1505         }
1506
1507         /* Nothing to do here */
1508       case KS_SEND:
1509         break;
1510
1511       case KS_SEARCH:
1512         keyserver_search_prompt(spawn->fromchild,searchstr);
1513         break;
1514
1515       default:
1516         log_fatal(_("no keyserver action!\n"));
1517         break;
1518       }
1519
1520  fail:
1521   xfree(line);
1522   xfree(searchstr);
1523
1524
1525   *prog=exec_finish(spawn);
1526
1527   return ret;
1528 }
1529
1530 static int 
1531 keyserver_work(enum ks_action action,strlist_t list,KEYDB_SEARCH_DESC *desc,
1532                int count,unsigned char **fpr,size_t *fpr_len,
1533                struct keyserver_spec *keyserver)
1534 {
1535   int rc=0,ret=0;
1536
1537   if(!keyserver)
1538     {
1539       log_error(_("no keyserver known (use option --keyserver)\n"));
1540       return G10ERR_BAD_URI;
1541     }
1542
1543 #ifdef DISABLE_KEYSERVER_HELPERS
1544
1545   log_error(_("external keyserver calls are not supported in this build\n"));
1546   return G10ERR_KEYSERVER;
1547
1548 #else
1549   /* Spawn a handler */
1550
1551   rc=keyserver_spawn(action,list,desc,count,&ret,fpr,fpr_len,keyserver);
1552   if(ret)
1553     {
1554       switch(ret)
1555         {
1556         case KEYSERVER_SCHEME_NOT_FOUND:
1557           log_error(_("no handler for keyserver scheme `%s'\n"),
1558                     keyserver->scheme);
1559           break;
1560
1561         case KEYSERVER_NOT_SUPPORTED:
1562           log_error(_("action `%s' not supported with keyserver "
1563                       "scheme `%s'\n"),
1564                     action==KS_GET?"get":action==KS_SEND?"send":
1565                     action==KS_SEARCH?"search":"unknown",
1566                     keyserver->scheme);
1567           break;
1568
1569         case KEYSERVER_VERSION_ERROR:
1570           log_error(_(GPGKEYS_PREFIX "%s does not support"
1571                       " handler version %d\n"),
1572                     keyserver_typemap(keyserver->scheme),
1573                     KEYSERVER_PROTO_VERSION);
1574           break;
1575
1576         case KEYSERVER_TIMEOUT:
1577           log_error(_("keyserver timed out\n"));
1578           break;
1579
1580         case KEYSERVER_INTERNAL_ERROR:
1581         default:
1582           log_error(_("keyserver internal error\n"));
1583           break;
1584         }
1585
1586       return G10ERR_KEYSERVER;
1587     }
1588
1589   if(rc)
1590     {
1591       log_error(_("keyserver communications error: %s\n"),g10_errstr(rc));
1592
1593       return rc;
1594     }
1595
1596   return 0;
1597 #endif /* ! DISABLE_KEYSERVER_HELPERS*/
1598 }
1599
1600 int 
1601 keyserver_export(strlist_t users)
1602 {
1603   gpg_error_t err;
1604   strlist_t sl=NULL;
1605   KEYDB_SEARCH_DESC desc;
1606   int rc=0;
1607
1608   /* Weed out descriptors that we don't support sending */
1609   for(;users;users=users->next)
1610     {
1611       err = classify_user_id (users->d, &desc);
1612       if (err || (desc.mode    != KEYDB_SEARCH_MODE_SHORT_KID
1613                   && desc.mode != KEYDB_SEARCH_MODE_LONG_KID
1614                   && desc.mode != KEYDB_SEARCH_MODE_FPR16
1615                   && desc.mode != KEYDB_SEARCH_MODE_FPR20))
1616         {
1617           log_error(_("\"%s\" not a key ID: skipping\n"),users->d);
1618           continue;
1619         }
1620       else
1621         append_to_strlist(&sl,users->d);
1622     }
1623
1624   if(sl)
1625     {
1626       rc=keyserver_work(KS_SEND,sl,NULL,0,NULL,NULL,opt.keyserver);
1627       free_strlist(sl);
1628     }
1629
1630   return rc;
1631 }
1632
1633 int 
1634 keyserver_import(strlist_t users)
1635 {
1636   gpg_error_t err;
1637   KEYDB_SEARCH_DESC *desc;
1638   int num=100,count=0;
1639   int rc=0;
1640
1641   /* Build a list of key ids */
1642   desc=xmalloc(sizeof(KEYDB_SEARCH_DESC)*num);
1643
1644   for(;users;users=users->next)
1645     {
1646       err = classify_user_id (users->d, &desc[count]);
1647       if (err || (desc[count].mode    != KEYDB_SEARCH_MODE_SHORT_KID
1648                   && desc[count].mode != KEYDB_SEARCH_MODE_LONG_KID
1649                   && desc[count].mode != KEYDB_SEARCH_MODE_FPR16
1650                   && desc[count].mode != KEYDB_SEARCH_MODE_FPR20))
1651         {
1652           log_error (_("\"%s\" not a key ID: skipping\n"), users->d);
1653           continue;
1654         }
1655
1656       count++;
1657       if(count==num)
1658         {
1659           num+=100;
1660           desc=xrealloc(desc,sizeof(KEYDB_SEARCH_DESC)*num);
1661         }
1662     }
1663
1664   if(count>0)
1665     rc=keyserver_work(KS_GET,NULL,desc,count,NULL,NULL,opt.keyserver);
1666
1667   xfree(desc);
1668
1669   return rc;
1670 }
1671
1672 int
1673 keyserver_import_fprint(const byte *fprint,size_t fprint_len,
1674                         struct keyserver_spec *keyserver)
1675 {
1676   KEYDB_SEARCH_DESC desc;
1677
1678   memset(&desc,0,sizeof(desc));
1679
1680   if(fprint_len==16)
1681     desc.mode=KEYDB_SEARCH_MODE_FPR16;
1682   else if(fprint_len==20)
1683     desc.mode=KEYDB_SEARCH_MODE_FPR20;
1684   else
1685     return -1;
1686
1687   memcpy(desc.u.fpr,fprint,fprint_len);
1688
1689   /* TODO: Warn here if the fingerprint we got doesn't match the one
1690      we asked for? */
1691   return keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,keyserver);
1692 }
1693
1694 int 
1695 keyserver_import_keyid(u32 *keyid,struct keyserver_spec *keyserver)
1696 {
1697   KEYDB_SEARCH_DESC desc;
1698
1699   memset(&desc,0,sizeof(desc));
1700
1701   desc.mode=KEYDB_SEARCH_MODE_LONG_KID;
1702   desc.u.kid[0]=keyid[0];
1703   desc.u.kid[1]=keyid[1];
1704
1705   return keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,keyserver);
1706 }
1707
1708 /* code mostly stolen from do_export_stream */
1709 static int 
1710 keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
1711 {
1712   int rc=0,ndesc,num=100;
1713   KBNODE keyblock=NULL,node;
1714   KEYDB_HANDLE kdbhd;
1715   KEYDB_SEARCH_DESC *desc;
1716   strlist_t sl;
1717
1718   *count=0;
1719
1720   *klist=xmalloc(sizeof(KEYDB_SEARCH_DESC)*num);
1721
1722   kdbhd=keydb_new ();
1723
1724   if(!users)
1725     {
1726       ndesc = 1;
1727       desc = xmalloc_clear ( ndesc * sizeof *desc);
1728       desc[0].mode = KEYDB_SEARCH_MODE_FIRST;
1729     }
1730   else
1731     {
1732       for (ndesc=0, sl=users; sl; sl = sl->next, ndesc++) 
1733         ;
1734       desc = xmalloc ( ndesc * sizeof *desc);
1735         
1736       for (ndesc=0, sl=users; sl; sl = sl->next)
1737         {
1738           gpg_error_t err; 
1739           if (!(err = classify_user_id (sl->d, desc+ndesc)))
1740             ndesc++;
1741           else
1742             log_error (_("key \"%s\" not found: %s\n"),
1743                        sl->d, gpg_strerror (err));
1744         }
1745     }
1746
1747   while (!(rc = keydb_search (kdbhd, desc, ndesc)))
1748     {
1749       if (!users) 
1750         desc[0].mode = KEYDB_SEARCH_MODE_NEXT;
1751
1752       /* read the keyblock */
1753       rc = keydb_get_keyblock (kdbhd, &keyblock );
1754       if( rc )
1755         {
1756           log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) );
1757           goto leave;
1758         }
1759
1760       if((node=find_kbnode(keyblock,PKT_PUBLIC_KEY)))
1761         {
1762           /* This is to work around a bug in some keyservers (pksd and
1763              OKS) that calculate v4 RSA keyids as if they were v3 RSA.
1764              The answer is to refresh both the correct v4 keyid
1765              (e.g. 99242560) and the fake v3 keyid (e.g. 68FDDBC7).
1766              This only happens for key refresh using the HKP scheme
1767              and if the refresh-add-fake-v3-keyids keyserver option is
1768              set. */
1769           if(fakev3 && is_RSA(node->pkt->pkt.public_key->pubkey_algo) &&
1770              node->pkt->pkt.public_key->version>=4)
1771             {
1772               (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
1773               v3_keyid (node->pkt->pkt.public_key->pkey[0],
1774                         (*klist)[*count].u.kid);
1775               (*count)++;
1776
1777               if(*count==num)
1778                 {
1779                   num+=100;
1780                   *klist=xrealloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
1781                 }
1782             }
1783
1784           /* v4 keys get full fingerprints.  v3 keys get long keyids.
1785              This is because it's easy to calculate any sort of keyid
1786              from a v4 fingerprint, but not a v3 fingerprint. */
1787
1788           if(node->pkt->pkt.public_key->version<4)
1789             {
1790               (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
1791               keyid_from_pk(node->pkt->pkt.public_key,
1792                             (*klist)[*count].u.kid);
1793             }
1794           else
1795             {
1796               size_t dummy;
1797
1798               (*klist)[*count].mode=KEYDB_SEARCH_MODE_FPR20;
1799               fingerprint_from_pk(node->pkt->pkt.public_key,
1800                                   (*klist)[*count].u.fpr,&dummy);
1801             }
1802
1803           /* This is a little hackish, using the skipfncvalue as a
1804              void* pointer to the keyserver spec, but we don't need
1805              the skipfnc here, and it saves having an additional field
1806              for this (which would be wasted space most of the
1807              time). */
1808
1809           (*klist)[*count].skipfncvalue=NULL;
1810
1811           /* Are we honoring preferred keyservers? */
1812           if(opt.keyserver_options.options&KEYSERVER_HONOR_KEYSERVER_URL)
1813             {
1814               PKT_user_id *uid=NULL;
1815               PKT_signature *sig=NULL;
1816
1817               merge_keys_and_selfsig(keyblock);
1818
1819               for(node=node->next;node;node=node->next)
1820                 {
1821                   if(node->pkt->pkttype==PKT_USER_ID
1822                      && node->pkt->pkt.user_id->is_primary)
1823                     uid=node->pkt->pkt.user_id;
1824                   else if(node->pkt->pkttype==PKT_SIGNATURE
1825                           && node->pkt->pkt.signature->
1826                           flags.chosen_selfsig && uid)
1827                     {
1828                       sig=node->pkt->pkt.signature;
1829                       break;
1830                     }
1831                 }
1832
1833               /* Try and parse the keyserver URL.  If it doesn't work,
1834                  then we end up writing NULL which indicates we are
1835                  the same as any other key. */
1836               if(sig)
1837                 (*klist)[*count].skipfncvalue=parse_preferred_keyserver(sig);
1838             }
1839
1840           (*count)++;
1841
1842           if(*count==num)
1843             {
1844               num+=100;
1845               *klist=xrealloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
1846             }
1847         }
1848     }
1849
1850   if(rc==-1)
1851     rc=0;
1852   
1853  leave:
1854   if(rc)
1855     xfree(*klist);
1856   xfree(desc);
1857   keydb_release(kdbhd);
1858   release_kbnode(keyblock);
1859
1860   return rc;
1861 }
1862
1863 /* Note this is different than the original HKP refresh.  It allows
1864    usernames to refresh only part of the keyring. */
1865
1866 int
1867 keyserver_refresh(strlist_t users)
1868 {
1869   int rc,count,numdesc,fakev3=0;
1870   KEYDB_SEARCH_DESC *desc;
1871   unsigned int options=opt.keyserver_options.import_options;
1872
1873   /* We switch merge-only on during a refresh, as 'refresh' should
1874      never import new keys, even if their keyids match. */
1875   opt.keyserver_options.import_options|=IMPORT_MERGE_ONLY;
1876
1877   /* Similarly, we switch on fast-import, since refresh may make
1878      multiple import sets (due to preferred keyserver URLs).  We don't
1879      want each set to rebuild the trustdb.  Instead we do it once at
1880      the end here. */
1881   opt.keyserver_options.import_options|=IMPORT_FAST;
1882
1883   /* If refresh_add_fake_v3_keyids is on and it's a HKP or MAILTO
1884      scheme, then enable fake v3 keyid generation. */
1885   if((opt.keyserver_options.options&KEYSERVER_ADD_FAKE_V3) && opt.keyserver
1886      && (ascii_strcasecmp(opt.keyserver->scheme,"hkp")==0 ||
1887          ascii_strcasecmp(opt.keyserver->scheme,"mailto")==0))
1888     fakev3=1;
1889
1890   rc=keyidlist(users,&desc,&numdesc,fakev3);
1891   if(rc)
1892     return rc;
1893
1894   count=numdesc;
1895   if(count>0)
1896     {
1897       int i;
1898
1899       /* Try to handle preferred keyserver keys first */
1900       for(i=0;i<numdesc;i++)
1901         {
1902           if(desc[i].skipfncvalue)
1903             {
1904               struct keyserver_spec *keyserver=desc[i].skipfncvalue;
1905
1906               /* We use the keyserver structure we parsed out before.
1907                  Note that a preferred keyserver without a scheme://
1908                  will be interpreted as hkp:// */
1909
1910               rc=keyserver_work(KS_GET,NULL,&desc[i],1,NULL,NULL,keyserver);
1911               if(rc)
1912                 log_info(_("WARNING: unable to refresh key %s"
1913                            " via %s: %s\n"),keystr_from_desc(&desc[i]),
1914                          keyserver->uri,g10_errstr(rc));
1915               else
1916                 {
1917                   /* We got it, so mark it as NONE so we don't try and
1918                      get it again from the regular keyserver. */
1919
1920                   desc[i].mode=KEYDB_SEARCH_MODE_NONE;
1921                   count--;
1922                 }
1923
1924               free_keyserver_spec(keyserver);
1925             }
1926         }
1927     }
1928
1929   if(count>0)
1930     {
1931       if(opt.keyserver)
1932         {
1933           if(count==1)
1934             log_info(_("refreshing 1 key from %s\n"),opt.keyserver->uri);
1935           else
1936             log_info(_("refreshing %d keys from %s\n"),
1937                      count,opt.keyserver->uri);
1938         }
1939
1940       rc=keyserver_work(KS_GET,NULL,desc,numdesc,NULL,NULL,opt.keyserver);
1941     }
1942
1943   xfree(desc);
1944
1945   opt.keyserver_options.import_options=options;
1946
1947   /* If the original options didn't have fast import, and the trustdb
1948      is dirty, rebuild. */
1949   if(!(opt.keyserver_options.import_options&IMPORT_FAST))
1950     trustdb_check_or_update();
1951
1952   return rc;
1953 }
1954
1955 int
1956 keyserver_search(strlist_t tokens)
1957 {
1958   if(tokens)
1959     return keyserver_work(KS_SEARCH,tokens,NULL,0,NULL,NULL,opt.keyserver);
1960   else
1961     return 0;
1962 }
1963
1964 int
1965 keyserver_fetch(strlist_t urilist)
1966 {
1967   KEYDB_SEARCH_DESC desc;
1968   strlist_t sl;
1969   unsigned int options=opt.keyserver_options.import_options;
1970
1971   /* Switch on fast-import, since fetch can handle more than one
1972      import and we don't want each set to rebuild the trustdb.
1973      Instead we do it once at the end. */
1974   opt.keyserver_options.import_options|=IMPORT_FAST;
1975
1976   /* A dummy desc since we're not actually fetching a particular key
1977      ID */
1978   memset(&desc,0,sizeof(desc));
1979   desc.mode=KEYDB_SEARCH_MODE_EXACT;
1980
1981   for(sl=urilist;sl;sl=sl->next)
1982     {
1983       struct keyserver_spec *spec;
1984
1985       spec=parse_keyserver_uri(sl->d,1,NULL,0);
1986       if(spec)
1987         {
1988           int rc;
1989
1990           rc=keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,spec);
1991           if(rc)
1992             log_info (_("WARNING: unable to fetch URI %s: %s\n"),
1993                      sl->d,g10_errstr(rc));
1994
1995           free_keyserver_spec(spec);
1996         }
1997       else
1998         log_info (_("WARNING: unable to parse URI %s\n"),sl->d);
1999     }
2000
2001   opt.keyserver_options.import_options=options;
2002
2003   /* If the original options didn't have fast import, and the trustdb
2004      is dirty, rebuild. */
2005   if(!(opt.keyserver_options.import_options&IMPORT_FAST))
2006     trustdb_check_or_update();
2007
2008   return 0;
2009 }
2010
2011 /* Import key in a CERT or pointed to by a CERT */
2012 int
2013 keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len)
2014 {
2015   char *domain,*look,*url;
2016   IOBUF key;
2017   int type,rc=G10ERR_GENERAL;
2018
2019   look=xstrdup(name);
2020
2021   domain=strrchr(look,'@');
2022   if(domain)
2023     *domain='.';
2024
2025   type=get_dns_cert(look,max_cert_size,&key,fpr,fpr_len,&url);
2026   if (!type || type == -1)
2027     {
2028       /* There might be an error in res_query which leads to an error
2029          return (-1) in the case that nothing was found.  Thus we take
2030          all errors as key not found.  */
2031       rc = G10ERR_NO_PUBKEY;
2032     }
2033   else if (type==1)
2034     {
2035       int armor_status=opt.no_armor;
2036
2037       /* CERTs are always in binary format */
2038       opt.no_armor=1;
2039
2040       rc=import_keys_stream(key,NULL,fpr,fpr_len,
2041                             opt.keyserver_options.import_options);
2042
2043       opt.no_armor=armor_status;
2044
2045       iobuf_close(key);
2046     }
2047   else if(type==2 && *fpr)
2048     {
2049       /* We only consider the IPGP type if a fingerprint was provided.
2050          This lets us select the right key regardless of what a URL
2051          points to, or get the key from a keyserver. */
2052       if(url)
2053         {
2054           struct keyserver_spec *spec;
2055
2056           spec=parse_keyserver_uri(url,1,NULL,0);
2057           if(spec)
2058             {
2059               rc=keyserver_import_fprint(*fpr,*fpr_len,spec);
2060               free_keyserver_spec(spec);
2061             }
2062         }
2063       else if(opt.keyserver)
2064         {
2065           /* If only a fingerprint is provided, try and fetch it from
2066              our --keyserver */
2067
2068           rc=keyserver_import_fprint(*fpr,*fpr_len,opt.keyserver);
2069         }
2070       else
2071         log_info(_("no keyserver known (use option --keyserver)\n"));
2072
2073       /* Give a better string here? "CERT fingerprint for \"%s\"
2074          found, but no keyserver" " known (use option
2075          --keyserver)\n" ? */
2076
2077       xfree(url);
2078     }
2079
2080   xfree(look);
2081
2082   return rc;
2083 }
2084
2085 /* Import key pointed to by a PKA record. Return the requested
2086    fingerprint in fpr. */
2087 int
2088 keyserver_import_pka(const char *name,unsigned char **fpr,size_t *fpr_len)
2089 {
2090   char *uri;
2091   int rc = G10ERR_NO_PUBKEY;
2092
2093   *fpr = xmalloc (20);
2094   *fpr_len = 20;
2095
2096   uri = get_pka_info (name, *fpr);
2097   if (uri && *uri)
2098     {
2099       /* An URI is available.  Lookup the key. */
2100       struct keyserver_spec *spec;
2101       spec = parse_keyserver_uri (uri, 1, NULL, 0);
2102       if (spec)
2103         {
2104           rc = keyserver_import_fprint (*fpr, 20, spec);
2105           free_keyserver_spec (spec);
2106         }
2107       xfree (uri);
2108     }
2109
2110   if (rc)
2111     {
2112       xfree(*fpr);
2113       *fpr = NULL;
2114     }
2115
2116   return rc;
2117 }
2118
2119 /* Import all keys that match name */
2120 int
2121 keyserver_import_name(const char *name,unsigned char **fpr,size_t *fpr_len,
2122                       struct keyserver_spec *keyserver)
2123 {
2124   strlist_t list=NULL;
2125   int rc;
2126
2127   append_to_strlist(&list,name);
2128
2129   rc=keyserver_work(KS_GETNAME,list,NULL,0,fpr,fpr_len,keyserver);
2130
2131   free_strlist(list);
2132
2133   return rc;
2134 }
2135
2136 /* Import a key by name using LDAP */
2137 int
2138 keyserver_import_ldap(const char *name,unsigned char **fpr,size_t *fpr_len)
2139 {
2140   char *domain;
2141   struct keyserver_spec *keyserver;
2142   strlist_t list=NULL;
2143   int rc,hostlen=1;
2144 #ifdef USE_DNS_SRV
2145   struct srventry *srvlist=NULL;
2146   int srvcount,i;
2147   char srvname[MAXDNAME];
2148 #endif
2149
2150   /* Parse out the domain */
2151   domain=strrchr(name,'@');
2152   if(!domain)
2153     return G10ERR_GENERAL;
2154
2155   domain++;
2156
2157   keyserver=xmalloc_clear(sizeof(struct keyserver_spec));
2158   keyserver->scheme=xstrdup("ldap");
2159   keyserver->host=xmalloc(1);
2160   keyserver->host[0]='\0';
2161
2162 #ifdef USE_DNS_SRV
2163   snprintf(srvname,MAXDNAME,"_pgpkey-ldap._tcp.%s",domain);
2164
2165   srvcount=getsrv(srvname,&srvlist);
2166
2167   for(i=0;i<srvcount;i++)
2168     {
2169       hostlen+=strlen(srvlist[i].target)+1;
2170       keyserver->host=xrealloc(keyserver->host,hostlen);
2171
2172       strcat(keyserver->host,srvlist[i].target);
2173
2174       if(srvlist[i].port!=389)
2175         {
2176           char port[7];
2177
2178           hostlen+=6; /* a colon, plus 5 digits (unsigned 16-bit value) */
2179           keyserver->host=xrealloc(keyserver->host,hostlen);
2180
2181           snprintf(port,7,":%u",srvlist[i].port);
2182           strcat(keyserver->host,port);
2183         }
2184         
2185       strcat(keyserver->host," ");
2186     }
2187
2188   free(srvlist);
2189 #endif
2190
2191   /* If all else fails, do the PGP Universal trick of
2192      ldap://keys.(domain) */
2193
2194   hostlen+=5+strlen(domain);
2195   keyserver->host=xrealloc(keyserver->host,hostlen);
2196   strcat(keyserver->host,"keys.");
2197   strcat(keyserver->host,domain);
2198
2199   append_to_strlist(&list,name);
2200     
2201   rc=keyserver_work(KS_GETNAME,list,NULL,0,fpr,fpr_len,keyserver);
2202
2203   free_strlist(list);
2204
2205   free_keyserver_spec(keyserver);
2206
2207   return rc;
2208 }