4fd90d08b30306cd1788e6e9bfff850d7db0b154
[gnupg.git] / g10 / keyserver.c
1 /* keyserver.c - generic keyserver code
2  * Copyright (C) 2001, 2002, 2003, 2004, 2005,
3  *               2006 Free Software Foundation, Inc.
4  *
5  * This file is part of GnuPG.
6  *
7  * GnuPG is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 2 of the License, or
10  * (at your option) any later version.
11  *
12  * GnuPG is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
20  * USA.
21  */
22
23 #include <config.h>
24 #include <ctype.h>
25 #include <stdio.h>
26 #include <string.h>
27 #include <stdlib.h>
28 #include <assert.h>
29 #ifdef HAVE_LIBCURL
30 #include <curl/curl.h>
31 #endif
32
33 #include "gpg.h"
34 #include "filter.h"
35 #include "keydb.h"
36 #include "status.h"
37 #include "exec.h"
38 #include "main.h"
39 #include "i18n.h"
40 #include "iobuf.h"
41 #include "ttyio.h"
42 #include "options.h"
43 #include "packet.h"
44 #include "trustdb.h"
45 #include "keyserver-internal.h"
46 #include "util.h"
47
48 #define GPGKEYS_PREFIX "gpgkeys_"
49
50 #if defined(HAVE_LIBCURL) || defined(FAKE_CURL)
51 #define GPGKEYS_CURL "gpgkeys_curl"
52 #endif
53
54 #ifdef GPGKEYS_CURL
55 #define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_PREFIX)+strlen(GPGKEYS_CURL))
56 #else
57 #define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_PREFIX))
58 #endif
59
60 struct keyrec
61 {
62   KEYDB_SEARCH_DESC desc;
63   u32 createtime,expiretime;
64   int size,flags;
65   byte type;
66   IOBUF uidbuf;
67   unsigned int lines;
68 };
69
70 enum ks_action {KS_UNKNOWN=0,KS_GET,KS_GETNAME,KS_SEND,KS_SEARCH};
71
72 static struct parse_options keyserver_opts[]=
73   {
74     /* some of these options are not real - just for the help
75        message */
76     {"max-cert-size",0,NULL,NULL},
77     {"include-revoked",0,NULL,N_("include revoked keys in search results")},
78     {"include-subkeys",0,NULL,N_("include subkeys when searching by key ID")},
79     {"use-temp-files",0,NULL,
80      N_("use temporary files to pass data to keyserver helpers")},
81     {"keep-temp-files",KEYSERVER_KEEP_TEMP_FILES,NULL,
82      N_("do not delete temporary files after using them")},
83     {"refresh-add-fake-v3-keyids",KEYSERVER_ADD_FAKE_V3,NULL,
84      NULL},
85     {"auto-key-retrieve",KEYSERVER_AUTO_KEY_RETRIEVE,NULL,
86      N_("automatically retrieve keys when verifying signatures")},
87     {"honor-keyserver-url",KEYSERVER_HONOR_KEYSERVER_URL,NULL,
88      N_("honor the preferred keyserver URL set on the key")},
89     {"honor-pka-record",KEYSERVER_HONOR_PKA_RECORD,NULL,
90      N_("honor the PKA record set on a key when retrieving keys")},
91     {NULL,0,NULL,NULL}
92   };
93
94 static int keyserver_work(enum ks_action action,STRLIST list,
95                           KEYDB_SEARCH_DESC *desc,int count,
96                           unsigned char **fpr,size_t *fpr_len,
97                           struct keyserver_spec *keyserver);
98
99 /* Reasonable guess */
100 #define DEFAULT_MAX_CERT_SIZE 16384
101
102 static size_t max_cert_size=DEFAULT_MAX_CERT_SIZE;
103
104 static void
105 add_canonical_option(char *option,STRLIST *list)
106 {
107   char *arg=argsplit(option);
108
109   if(arg)
110     {
111       char *joined;
112
113       joined=xmalloc(strlen(option)+1+strlen(arg)+1);
114       /* Make a canonical name=value form with no spaces */
115       strcpy(joined,option);
116       strcat(joined,"=");
117       strcat(joined,arg);
118       append_to_strlist(list,joined);
119       xfree(joined);
120     }
121   else
122     append_to_strlist(list,option);
123 }
124
125 int
126 parse_keyserver_options(char *options)
127 {
128   int ret=1;
129   char *tok;
130   char *max_cert=NULL;
131
132   keyserver_opts[0].value=&max_cert;
133
134   while((tok=optsep(&options)))
135     {
136       if(tok[0]=='\0')
137         continue;
138
139       /* For backwards compatibility.  1.2.x used honor-http-proxy and
140          there are a good number of documents published that recommend
141          it. */
142       if(ascii_strcasecmp(tok,"honor-http-proxy")==0)
143         tok="http-proxy";
144       else if(ascii_strcasecmp(tok,"no-honor-http-proxy")==0)
145         tok="no-http-proxy";
146
147       /* We accept quite a few possible options here - some options to
148          handle specially, the keyserver_options list, and import and
149          export options that pertain to keyserver operations.  Note
150          that you must use strncasecmp here as there might be an
151          =argument attached which will foil the use of strcasecmp. */
152
153 #ifdef EXEC_TEMPFILE_ONLY
154       if(ascii_strncasecmp(tok,"use-temp-files",14)==0 ||
155               ascii_strncasecmp(tok,"no-use-temp-files",17)==0)
156         log_info(_("WARNING: keyserver option `%s' is not used"
157                    " on this platform\n"),tok);
158 #else
159       if(ascii_strncasecmp(tok,"use-temp-files",14)==0)
160         opt.keyserver_options.options|=KEYSERVER_USE_TEMP_FILES;
161       else if(ascii_strncasecmp(tok,"no-use-temp-files",17)==0)
162         opt.keyserver_options.options&=~KEYSERVER_USE_TEMP_FILES;
163 #endif
164       else if(!parse_options(tok,&opt.keyserver_options.options,
165                              keyserver_opts,0)
166          && !parse_import_options(tok,
167                                   &opt.keyserver_options.import_options,0)
168          && !parse_export_options(tok,
169                                   &opt.keyserver_options.export_options,0))
170         {
171           /* All of the standard options have failed, so the option is
172              destined for a keyserver plugin. */
173           add_canonical_option(tok,&opt.keyserver_options.other);
174         }
175     }
176
177   if(max_cert)
178     {
179       max_cert_size=strtoul(max_cert,(char **)NULL,10);
180
181       if(max_cert_size==0)
182         max_cert_size=DEFAULT_MAX_CERT_SIZE;
183     }
184
185   return ret;
186 }
187
188 void
189 free_keyserver_spec(struct keyserver_spec *keyserver)
190 {
191   xfree(keyserver->uri);
192   xfree(keyserver->scheme);
193   xfree(keyserver->auth);
194   xfree(keyserver->host);
195   xfree(keyserver->port);
196   xfree(keyserver->path);
197   xfree(keyserver->opaque);
198   free_strlist(keyserver->options);
199   xfree(keyserver);
200 }
201
202 /* Return 0 for match */
203 static int
204 cmp_keyserver_spec(struct keyserver_spec *one,struct keyserver_spec *two)
205 {
206   if(ascii_strcasecmp(one->scheme,two->scheme)==0)
207     {
208       if(one->host && two->host && ascii_strcasecmp(one->host,two->host)==0)
209         {
210           if((one->port && two->port
211               && ascii_strcasecmp(one->port,two->port)==0)
212              || (!one->port && !two->port))
213             return 0;
214         }
215       else if(one->opaque && two->opaque
216               && ascii_strcasecmp(one->opaque,two->opaque)==0)
217         return 0;
218     }
219
220   return 1;
221 }
222
223 /* Try and match one of our keyservers.  If we can, return that.  If
224    we can't, return our input. */
225 struct keyserver_spec *
226 keyserver_match(struct keyserver_spec *spec)
227 {
228   struct keyserver_spec *ks;
229
230   for(ks=opt.keyserver;ks;ks=ks->next)
231     if(cmp_keyserver_spec(spec,ks)==0)
232       return ks;
233
234   return spec;
235 }
236
237 /* TODO: once we cut over to an all-curl world, we don't need this
238    parser any longer so it can be removed, or at least moved to
239    keyserver/ksutil.c for limited use in gpgkeys_ldap or the like. */
240
241 struct keyserver_spec *
242 parse_keyserver_uri(const char *string,int require_scheme,
243                     const char *configname,unsigned int configlineno)
244 {
245   int assume_hkp=0;
246   struct keyserver_spec *keyserver;
247   const char *idx;
248   int count;
249   char *uri,*options;
250
251   assert(string!=NULL);
252
253   keyserver=xmalloc_clear(sizeof(struct keyserver_spec));
254
255   uri=xstrdup(string);
256
257   options=strchr(uri,' ');
258   if(options)
259     {
260       char *tok;
261
262       *options='\0';
263       options++;
264
265       while((tok=optsep(&options)))
266         add_canonical_option(tok,&keyserver->options);
267     }
268
269   /* Get the scheme */
270
271   for(idx=uri,count=0;*idx && *idx!=':';idx++)
272     {
273       count++;
274
275       /* Do we see the start of an RFC-2732 ipv6 address here?  If so,
276          there clearly isn't a scheme so get out early. */
277       if(*idx=='[')
278         {
279           /* Was the '[' the first thing in the string?  If not, we
280              have a mangled scheme with a [ in it so fail. */
281           if(count==1)
282             break;
283           else
284             goto fail;
285         }
286     }
287
288   if(count==0)
289     goto fail;
290
291   if(*idx=='\0' || *idx=='[')
292     {
293       if(require_scheme)
294         return NULL;
295
296       /* Assume HKP if there is no scheme */
297       assume_hkp=1;
298       keyserver->scheme=xstrdup("hkp");
299
300       keyserver->uri=xmalloc(strlen(keyserver->scheme)+3+strlen(uri)+1);
301       strcpy(keyserver->uri,keyserver->scheme);
302       strcat(keyserver->uri,"://");
303       strcat(keyserver->uri,uri);
304     }
305   else
306     {
307       int i;
308
309       keyserver->uri=xstrdup(uri);
310
311       keyserver->scheme=xmalloc(count+1);
312
313       /* Force to lowercase */
314       for(i=0;i<count;i++)
315         keyserver->scheme[i]=ascii_tolower(uri[i]);
316
317       keyserver->scheme[i]='\0';
318
319       /* Skip past the scheme and colon */
320       uri+=count+1;
321     }
322
323   if(ascii_strcasecmp(keyserver->scheme,"x-broken-hkp")==0)
324     {
325       deprecated_warning(configname,configlineno,"x-broken-hkp",
326                          "--keyserver-options ","broken-http-proxy");
327       xfree(keyserver->scheme);
328       keyserver->scheme=xstrdup("hkp");
329       append_to_strlist(&opt.keyserver_options.other,"broken-http-proxy");
330     }
331   else if(ascii_strcasecmp(keyserver->scheme,"x-hkp")==0)
332     {
333       /* Canonicalize this to "hkp" so it works with both the internal
334          and external keyserver interface. */
335       xfree(keyserver->scheme);
336       keyserver->scheme=xstrdup("hkp");
337     }
338
339   if(assume_hkp || (uri[0]=='/' && uri[1]=='/'))
340     {
341       /* Two slashes means network path. */
342
343       /* Skip over the "//", if any */
344       if(!assume_hkp)
345         uri+=2;
346
347       /* Do we have userinfo auth data present? */
348       for(idx=uri,count=0;*idx && *idx!='@' && *idx!='/';idx++)
349         count++;
350
351       /* We found a @ before the slash, so that means everything
352          before the @ is auth data. */
353       if(*idx=='@')
354         {
355           if(count==0)
356             goto fail;
357
358           keyserver->auth=xmalloc(count+1);
359           strncpy(keyserver->auth,uri,count);
360           keyserver->auth[count]='\0';
361           uri+=count+1;
362         }
363
364       /* Is it an RFC-2732 ipv6 [literal address] ? */
365       if(*uri=='[')
366         {
367           for(idx=uri+1,count=1;*idx
368                 && ((isascii (*idx) && isxdigit(*idx))
369                     || *idx==':' || *idx=='.');idx++)
370             count++;
371
372           /* Is the ipv6 literal address terminated? */
373           if(*idx==']')
374             count++;
375           else
376             goto fail;
377         }
378       else
379         for(idx=uri,count=0;*idx && *idx!=':' && *idx!='/';idx++)
380           count++;
381
382       if(count==0)
383         goto fail;
384
385       keyserver->host=xmalloc(count+1);
386       strncpy(keyserver->host,uri,count);
387       keyserver->host[count]='\0';
388
389       /* Skip past the host */
390       uri+=count;
391
392       if(*uri==':')
393         {
394           /* It would seem to be reasonable to limit the range of the
395              ports to values between 1-65535, but RFC 1738 and 1808
396              imply there is no limit.  Of course, the real world has
397              limits. */
398
399           for(idx=uri+1,count=0;*idx && *idx!='/';idx++)
400             {
401               count++;
402
403               /* Ports are digits only */
404               if(!digitp(idx))
405                 goto fail;
406             }
407
408           keyserver->port=xmalloc(count+1);
409           strncpy(keyserver->port,uri+1,count);
410           keyserver->port[count]='\0';
411
412           /* Skip past the colon and port number */
413           uri+=1+count;
414         }
415
416       /* Everything else is the path */
417       if(*uri)
418         keyserver->path=xstrdup(uri);
419       else
420         keyserver->path=xstrdup("/");
421
422       if(keyserver->path[1]!='\0')
423         keyserver->flags.direct_uri=1;
424     }
425   else if(uri[0]!='/')
426     {
427       /* No slash means opaque.  Just record the opaque blob and get
428          out. */
429       keyserver->opaque=xstrdup(uri);
430     }
431   else
432     {
433       /* One slash means absolute path.  We don't need to support that
434          yet. */
435       goto fail;
436     }
437
438   return keyserver;
439
440  fail:
441   free_keyserver_spec(keyserver);
442
443   return NULL;
444 }
445
446 struct keyserver_spec *
447 parse_preferred_keyserver(PKT_signature *sig)
448 {
449   struct keyserver_spec *spec=NULL;
450   const byte *p;
451   size_t plen;
452
453   p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&plen);
454   if(p && plen)
455     {
456       byte *dupe=xmalloc(plen+1);
457
458       memcpy(dupe,p,plen);
459       dupe[plen]='\0';
460       spec=parse_keyserver_uri(dupe,1,NULL,0);
461       xfree(dupe);
462     }
463
464   return spec;
465 }
466
467 static void
468 print_keyrec(int number,struct keyrec *keyrec)
469 {
470   int i;
471
472   iobuf_writebyte(keyrec->uidbuf,0);
473   iobuf_flush_temp(keyrec->uidbuf);
474   printf("(%d)\t%s  ",number,iobuf_get_temp_buffer(keyrec->uidbuf));
475
476   if(keyrec->size>0)
477     printf("%d bit ",keyrec->size);
478
479   if(keyrec->type)
480     {
481       const char *str = gcry_pk_algo_name (keyrec->type);
482
483       if(str)
484         printf("%s ",str);
485       else
486         printf("unknown ");
487     }
488
489   switch(keyrec->desc.mode)
490     {
491       /* If the keyserver helper gave us a short keyid, we have no
492          choice but to use it.  Do check --keyid-format to add a 0x if
493          needed. */
494     case KEYDB_SEARCH_MODE_SHORT_KID:
495       printf("key %s%08lX",
496              (opt.keyid_format==KF_0xSHORT
497               || opt.keyid_format==KF_0xLONG)?"0x":"",
498              (ulong)keyrec->desc.u.kid[1]);
499       break;
500
501       /* However, if it gave us a long keyid, we can honor
502          --keyid-format */
503     case KEYDB_SEARCH_MODE_LONG_KID:
504       printf("key %s",keystr(keyrec->desc.u.kid));
505       break;
506
507     case KEYDB_SEARCH_MODE_FPR16:
508       printf("key ");
509       for(i=0;i<16;i++)
510         printf("%02X",keyrec->desc.u.fpr[i]);
511       break;
512
513     case KEYDB_SEARCH_MODE_FPR20:
514       printf("key ");
515       for(i=0;i<20;i++)
516         printf("%02X",keyrec->desc.u.fpr[i]);
517       break;
518
519     default:
520       BUG();
521       break;
522     }
523
524   if(keyrec->createtime>0)
525     {
526       printf(", ");
527       printf(_("created: %s"),strtimestamp(keyrec->createtime));
528     }
529
530   if(keyrec->expiretime>0)
531     {
532       printf(", ");
533       printf(_("expires: %s"),strtimestamp(keyrec->expiretime));
534     }
535
536   if(keyrec->flags&1)
537     printf(" (%s)",_("revoked"));
538   if(keyrec->flags&2)
539     printf(" (%s)",_("disabled"));
540   if(keyrec->flags&4)
541     printf(" (%s)",_("expired"));
542
543   printf("\n");
544 }
545
546 /* Returns a keyrec (which must be freed) once a key is complete, and
547    NULL otherwise.  Call with a NULL keystring once key parsing is
548    complete to return any unfinished keys. */
549 static struct keyrec *
550 parse_keyrec(char *keystring)
551 {
552   static struct keyrec *work=NULL;
553   struct keyrec *ret=NULL;
554   char *record;
555   int i;
556
557   if(keystring==NULL)
558     {
559       if(work==NULL)
560         return NULL;
561       else if(work->desc.mode==KEYDB_SEARCH_MODE_NONE)
562         {
563           xfree(work);
564           return NULL;
565         }
566       else
567         {
568           ret=work;
569           work=NULL;
570           return ret;
571         }
572     }
573
574   if(work==NULL)
575     {
576       work=xmalloc_clear(sizeof(struct keyrec));
577       work->uidbuf=iobuf_temp();
578     }
579
580   /* Remove trailing whitespace */
581   for(i=strlen(keystring);i>0;i--)
582     if(ascii_isspace(keystring[i-1]))
583       keystring[i-1]='\0';
584     else
585       break;
586
587   if((record=strsep(&keystring,":"))==NULL)
588     return ret;
589
590   if(ascii_strcasecmp("pub",record)==0)
591     {
592       char *tok;
593
594       if(work->desc.mode)
595         {
596           ret=work;
597           work=xmalloc_clear(sizeof(struct keyrec));
598           work->uidbuf=iobuf_temp();
599         }
600
601       if((tok=strsep(&keystring,":"))==NULL)
602         return ret;
603
604       classify_user_id(tok,&work->desc);
605       if(work->desc.mode!=KEYDB_SEARCH_MODE_SHORT_KID
606          && work->desc.mode!=KEYDB_SEARCH_MODE_LONG_KID
607          && work->desc.mode!=KEYDB_SEARCH_MODE_FPR16
608          && work->desc.mode!=KEYDB_SEARCH_MODE_FPR20)
609         {
610           work->desc.mode=KEYDB_SEARCH_MODE_NONE;
611           return ret;
612         }
613
614       /* Note all items after this are optional.  This allows us to
615          have a pub line as simple as pub:keyid and nothing else. */
616
617       work->lines++;
618
619       if((tok=strsep(&keystring,":"))==NULL)
620         return ret;
621
622       work->type=atoi(tok);
623
624       if((tok=strsep(&keystring,":"))==NULL)
625         return ret;
626
627       work->size=atoi(tok);
628
629       if((tok=strsep(&keystring,":"))==NULL)
630         return ret;
631
632       if(atoi(tok)<=0)
633         work->createtime=0;
634       else
635         work->createtime=atoi(tok);
636
637       if((tok=strsep(&keystring,":"))==NULL)
638         return ret;
639
640       if(atoi(tok)<=0)
641         work->expiretime=0;
642       else
643         {
644           work->expiretime=atoi(tok);
645           /* Force the 'e' flag on if this key is expired. */
646           if(work->expiretime<=make_timestamp())
647             work->flags|=4;
648         }
649
650       if((tok=strsep(&keystring,":"))==NULL)
651         return ret;
652
653       while(*tok)
654         switch(*tok++)
655           {
656           case 'r':
657           case 'R':
658             work->flags|=1;
659             break;
660             
661           case 'd':
662           case 'D':
663             work->flags|=2;
664             break;
665
666           case 'e':
667           case 'E':
668             work->flags|=4;
669             break;
670           }
671     }
672   else if(ascii_strcasecmp("uid",record)==0 && work->desc.mode)
673     {
674       char *userid,*tok,*decoded;
675
676       if((tok=strsep(&keystring,":"))==NULL)
677         return ret;
678
679       if(strlen(tok)==0)
680         return ret;
681
682       userid=tok;
683
684       /* By definition, de-%-encoding is always smaller than the
685          original string so we can decode in place. */
686
687       i=0;
688
689       while(*tok)
690         if(tok[0]=='%' && tok[1] && tok[2])
691           {
692             if((userid[i]=hextobyte(&tok[1]))==-1)
693               userid[i]='?';
694
695             i++;
696             tok+=3;
697           }
698         else
699           userid[i++]=*tok++;
700
701       /* We don't care about the other info provided in the uid: line
702          since no keyserver supports marking userids with timestamps
703          or revoked/expired/disabled yet. */
704
705       /* No need to check for control characters, as utf8_to_native
706          does this for us. */
707
708       decoded=utf8_to_native(userid,i,0);
709       if(strlen(decoded)>opt.screen_columns-10)
710         decoded[opt.screen_columns-10]='\0';
711       iobuf_writestr(work->uidbuf,decoded);
712       xfree(decoded);
713       iobuf_writestr(work->uidbuf,"\n\t");
714       work->lines++;
715     }
716
717   /* Ignore any records other than "pri" and "uid" for easy future
718      growth. */
719
720   return ret;
721 }
722
723 /* TODO: do this as a list sent to keyserver_work rather than calling
724    it once for each key to get the correct counts after the import
725    (cosmetics, really) and to better take advantage of the keyservers
726    that can do multiple fetches in one go (LDAP). */
727 static int
728 show_prompt(KEYDB_SEARCH_DESC *desc,int numdesc,int count,const char *search)
729 {
730   char *answer;
731
732   if(count && opt.command_fd==-1)
733     {
734       static int from=1;
735       tty_printf("Keys %d-%d of %d for \"%s\".  ",from,numdesc,count,search);
736       from=numdesc+1;
737     }
738
739   answer=cpr_get_no_help("keysearch.prompt",
740                          _("Enter number(s), N)ext, or Q)uit > "));
741   /* control-d */
742   if(answer[0]=='\x04')
743     {
744       printf("Q\n");
745       answer[0]='q';
746     }
747
748   if(answer[0]=='q' || answer[0]=='Q')
749     {
750       xfree(answer);
751       return 1;
752     }
753   else if(atoi(answer)>=1 && atoi(answer)<=numdesc)
754     {
755       char *split=answer,*num;
756
757       while((num=strsep(&split," ,"))!=NULL)
758         if(atoi(num)>=1 && atoi(num)<=numdesc)
759           keyserver_work(KS_GET,NULL,&desc[atoi(num)-1],1,
760                          NULL,NULL,opt.keyserver);
761
762       xfree(answer);
763       return 1;
764     }
765
766   return 0;
767 }
768
769 /* Count and searchstr are just for cosmetics.  If the count is too
770    small, it will grow safely.  If negative it disables the "Key x-y
771    of z" messages.  searchstr should be UTF-8 (rather than native). */
772 static void
773 keyserver_search_prompt(IOBUF buffer,const char *searchstr)
774 {
775   int i=0,validcount=0,started=0,header=0,count=1;
776   unsigned int maxlen,buflen,numlines=0;
777   KEYDB_SEARCH_DESC *desc;
778   byte *line=NULL;
779   char *localstr=NULL;
780
781   if(searchstr)
782     localstr=utf8_to_native(searchstr,strlen(searchstr),0);
783
784   desc=xmalloc(count*sizeof(KEYDB_SEARCH_DESC));
785
786   for(;;)
787     {
788       struct keyrec *keyrec;
789       int rl;
790
791       maxlen=1024;
792       rl=iobuf_read_line(buffer,&line,&buflen,&maxlen);
793
794       if(opt.with_colons)
795         {
796           if(!header && ascii_strncasecmp("SEARCH ",line,7)==0
797              && ascii_strncasecmp(" BEGIN",&line[strlen(line)-7],6)==0)
798             {
799               header=1;
800               continue;
801             }
802           else if(ascii_strncasecmp("SEARCH ",line,7)==0
803                   && ascii_strncasecmp(" END",&line[strlen(line)-5],4)==0)
804             continue;
805
806           printf("%s",line);
807         }
808
809       /* Look for an info: line.  The only current info: values
810          defined are the version and key count. */
811       if(!started && rl>0 && ascii_strncasecmp("info:",line,5)==0)
812         {
813           char *tok,*str=&line[5];
814
815           if((tok=strsep(&str,":"))!=NULL)
816             {
817               int version;
818
819               if(sscanf(tok,"%d",&version)!=1)
820                 version=1;
821
822               if(version!=1)
823                 {
824                   log_error(_("invalid keyserver protocol "
825                               "(us %d!=handler %d)\n"),1,version);
826                   break;
827                 }
828             }
829
830           if((tok=strsep(&str,":"))!=NULL && sscanf(tok,"%d",&count)==1)
831             {
832               if(count==0)
833                 goto notfound;
834               else if(count<0)
835                 count=10;
836               else
837                 validcount=1;
838
839               desc=xrealloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
840             }
841
842           started=1;
843           continue;
844         }
845
846       if(rl==0)
847         {
848           keyrec=parse_keyrec(NULL);
849
850           if(keyrec==NULL)
851             {
852               if(i==0)
853                 {
854                   count=0;
855                   break;
856                 }
857
858               if(i!=count)
859                 validcount=0;
860
861               for(;;)
862                 {
863                   if(show_prompt(desc,i,validcount?count:0,localstr))
864                     break;
865                   validcount=0;
866                 }
867
868               break;
869             }
870         }
871       else
872         keyrec=parse_keyrec(line);
873
874       if(i==count)
875         {
876           /* keyserver helper sent more keys than they claimed in the
877              info: line. */
878           count+=10;
879           desc=xrealloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
880           validcount=0;
881         }
882
883       if(keyrec)
884         {
885           desc[i]=keyrec->desc;
886
887           if(!opt.with_colons)
888             {
889               /* screen_lines - 1 for the prompt. */
890               if(numlines+keyrec->lines>opt.screen_lines-1)
891                 {
892                   if(show_prompt(desc,i,validcount?count:0,localstr))
893                     break;
894                   else
895                     numlines=0;
896                 }
897
898               print_keyrec(i+1,keyrec);
899             }
900
901           numlines+=keyrec->lines;
902           iobuf_close(keyrec->uidbuf);
903           xfree(keyrec);
904
905           started=1;
906           i++;
907         }
908     }
909
910  notfound:
911   /* Leave this commented out or now, and perhaps for a very long
912      time.  All HKPish servers return HTML error messages for
913      no-key-found. */
914   /* 
915      if(!started)
916      log_info(_("keyserver does not support searching\n"));
917      else
918   */
919   if(count==0)
920     {
921       if(localstr)
922         log_info(_("key \"%s\" not found on keyserver\n"),localstr);
923       else
924         log_info(_("key not found on keyserver\n"));
925     }
926
927   xfree(localstr);
928   xfree(desc);
929   xfree(line);
930 }
931
932 /* We sometimes want to use a different gpgkeys_xxx for a given
933    protocol (for example, ldaps is handled by gpgkeys_ldap).  Map
934    these here. */
935 static const char *
936 keyserver_typemap(const char *type)
937 {
938   if(strcmp(type,"ldaps")==0)
939     return "ldap";
940   else
941     return type;
942 }
943
944 #ifdef GPGKEYS_CURL
945 /* The PGP LDAP and the curl fetch-a-LDAP-object methodologies are
946    sufficiently different that we can't use curl to do LDAP. */
947 static int
948 curl_cant_handle(const char *scheme,unsigned int direct_uri)
949 {
950   if(!direct_uri && (strcmp(scheme,"ldap")==0 || strcmp(scheme,"ldaps")==0))
951     return 1;
952
953   return 0;
954 }
955 #endif
956
957 #define KEYSERVER_ARGS_KEEP " -o \"%O\" \"%I\""
958 #define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\""
959
960 static int 
961 keyserver_spawn(enum ks_action action,STRLIST list,KEYDB_SEARCH_DESC *desc,
962                 int count,int *prog,unsigned char **fpr,size_t *fpr_len,
963                 struct keyserver_spec *keyserver)
964 {
965   int ret=0,i,gotversion=0,outofband=0;
966   STRLIST temp;
967   unsigned int maxlen,buflen;
968   char *command,*end,*searchstr=NULL;
969   byte *line=NULL;
970   struct exec_info *spawn;
971   const char *scheme;
972   const char *libexecdir = get_libexecdir ();
973
974   assert(keyserver);
975
976 #ifdef EXEC_TEMPFILE_ONLY
977   opt.keyserver_options.options|=KEYSERVER_USE_TEMP_FILES;
978 #endif
979
980   /* Build the filename for the helper to execute */
981   scheme=keyserver_typemap(keyserver->scheme);
982
983 #ifdef DISABLE_KEYSERVER_PATH
984   /* Destroy any path we might have.  This is a little tricky,
985      portability-wise.  It's not correct to delete the PATH
986      environment variable, as that may fall back to a system built-in
987      PATH.  Similarly, it is not correct to set PATH to the null
988      string (PATH="") since this actually deletes the PATH environment
989      variable under MinGW.  The safest thing to do here is to force
990      PATH to be GNUPG_LIBEXECDIR.  All this is not that meaningful on
991      Unix-like systems (since we're going to give a full path to
992      gpgkeys_foo), but on W32 it prevents loading any DLLs from
993      directories in %PATH%.
994
995      After some more thinking about this we came to the conclusion
996      that it is better to load the helpers from the directory where
997      the program of this process lives.  Fortunately Windows provides
998      a way to retrieve this and our get_libexecdir function has been
999      modified to return just this.  Setting the exec-path is not
1000      anymore required.  
1001        set_exec_path(libexecdir);
1002  */
1003 #else
1004   if(opt.exec_path_set)
1005     {
1006       /* If exec-path was set, and DISABLE_KEYSERVER_PATH is
1007          undefined, then don't specify a full path to gpgkeys_foo, so
1008          that the PATH can work. */
1009       command=xmalloc(GPGKEYS_PREFIX_LEN+strlen(scheme)+3+strlen(EXEEXT)+1);
1010       command[0]='\0';
1011     }
1012   else
1013 #endif
1014     {
1015       /* Specify a full path to gpgkeys_foo. */
1016       command=xmalloc(strlen(libexecdir)+strlen(DIRSEP_S)+
1017                       GPGKEYS_PREFIX_LEN+strlen(scheme)+3+strlen(EXEEXT)+1);
1018       strcpy(command,libexecdir);
1019       strcat(command,DIRSEP_S);
1020     }
1021
1022   end=command+strlen(command);
1023
1024   strcat(command,GPGKEYS_PREFIX); 
1025   strcat(command,scheme);
1026
1027   if(keyserver->flags.direct_uri)
1028     strcat(command,"uri");
1029
1030   strcat(command,EXEEXT);
1031
1032 #ifdef GPGKEYS_CURL
1033   if(!curl_cant_handle(scheme,keyserver->flags.direct_uri)
1034      && path_access(command,X_OK)!=0)
1035     strcpy(end,GPGKEYS_CURL);
1036 #endif
1037
1038   if(opt.keyserver_options.options&KEYSERVER_USE_TEMP_FILES)
1039     {
1040       if(opt.keyserver_options.options&KEYSERVER_KEEP_TEMP_FILES)
1041         {
1042           command=xrealloc(command,strlen(command)+
1043                             strlen(KEYSERVER_ARGS_KEEP)+1);
1044           strcat(command,KEYSERVER_ARGS_KEEP);
1045         }
1046       else
1047         {
1048           command=xrealloc(command,strlen(command)+
1049                             strlen(KEYSERVER_ARGS_NOKEEP)+1);
1050           strcat(command,KEYSERVER_ARGS_NOKEEP);  
1051         }
1052
1053       ret=exec_write(&spawn,NULL,command,NULL,0,0);
1054     }
1055   else
1056     ret=exec_write(&spawn,command,NULL,NULL,0,0);
1057
1058   xfree(command);
1059
1060   if(ret)
1061     return ret;
1062
1063   fprintf(spawn->tochild,
1064           "# This is a GnuPG %s keyserver communications file\n",VERSION);
1065   fprintf(spawn->tochild,"VERSION %d\n",KEYSERVER_PROTO_VERSION);
1066   fprintf(spawn->tochild,"PROGRAM %s\n",VERSION);
1067   fprintf(spawn->tochild,"SCHEME %s\n",keyserver->scheme);
1068
1069   if(keyserver->opaque)
1070     fprintf(spawn->tochild,"OPAQUE %s\n",keyserver->opaque);
1071   else
1072     {
1073       if(keyserver->auth)
1074         fprintf(spawn->tochild,"AUTH %s\n",keyserver->auth);
1075
1076       if(keyserver->host)
1077         fprintf(spawn->tochild,"HOST %s\n",keyserver->host);
1078
1079       if(keyserver->port)
1080         fprintf(spawn->tochild,"PORT %s\n",keyserver->port);
1081
1082       if(keyserver->path)
1083         fprintf(spawn->tochild,"PATH %s\n",keyserver->path);
1084     }
1085
1086   /* Write global options */
1087
1088   for(temp=opt.keyserver_options.other;temp;temp=temp->next)
1089     fprintf(spawn->tochild,"OPTION %s\n",temp->d);
1090
1091   /* Write per-keyserver options */
1092
1093   for(temp=keyserver->options;temp;temp=temp->next)
1094     fprintf(spawn->tochild,"OPTION %s\n",temp->d);
1095
1096   switch(action)
1097     {
1098     case KS_GET:
1099       {
1100         fprintf(spawn->tochild,"COMMAND GET\n\n");
1101
1102         /* Which keys do we want? */
1103
1104         for(i=0;i<count;i++)
1105           {
1106             int quiet=0;
1107
1108             if(desc[i].mode==KEYDB_SEARCH_MODE_FPR20)
1109               {
1110                 int f;
1111
1112                 fprintf(spawn->tochild,"0x");
1113
1114                 for(f=0;f<MAX_FINGERPRINT_LEN;f++)
1115                   fprintf(spawn->tochild,"%02X",desc[i].u.fpr[f]);
1116
1117                 fprintf(spawn->tochild,"\n");
1118               }
1119             else if(desc[i].mode==KEYDB_SEARCH_MODE_FPR16)
1120               {
1121                 int f;
1122
1123                 fprintf(spawn->tochild,"0x");
1124
1125                 for(f=0;f<16;f++)
1126                   fprintf(spawn->tochild,"%02X",desc[i].u.fpr[f]);
1127
1128                 fprintf(spawn->tochild,"\n");
1129               }
1130             else if(desc[i].mode==KEYDB_SEARCH_MODE_LONG_KID)
1131               fprintf(spawn->tochild,"0x%08lX%08lX\n",
1132                       (ulong)desc[i].u.kid[0],
1133                       (ulong)desc[i].u.kid[1]);
1134             else if(desc[i].mode==KEYDB_SEARCH_MODE_SHORT_KID)
1135               fprintf(spawn->tochild,"0x%08lX\n",
1136                       (ulong)desc[i].u.kid[1]);
1137             else if(desc[i].mode==KEYDB_SEARCH_MODE_EXACT)
1138               {
1139                 fprintf(spawn->tochild,"0x0000000000000000\n");
1140                 quiet=1;
1141               }
1142             else if(desc[i].mode==KEYDB_SEARCH_MODE_NONE)
1143               continue;
1144             else
1145               BUG();
1146
1147             if(!quiet)
1148               {
1149                 if(keyserver->host)
1150                   log_info(_("requesting key %s from %s server %s\n"),
1151                            keystr_from_desc(&desc[i]),
1152                            keyserver->scheme,keyserver->host);
1153                 else
1154                   log_info(_("requesting key %s from %s\n"),
1155                            keystr_from_desc(&desc[i]),keyserver->uri);
1156               }
1157           }
1158
1159         fprintf(spawn->tochild,"\n");
1160
1161         break;
1162       }
1163
1164     case KS_GETNAME:
1165       {
1166         STRLIST key;
1167
1168         fprintf(spawn->tochild,"COMMAND GETNAME\n\n");
1169
1170         /* Which names do we want? */
1171
1172         for(key=list;key!=NULL;key=key->next)
1173           fprintf(spawn->tochild,"%s\n",key->d);
1174
1175         fprintf(spawn->tochild,"\n");
1176
1177         if(keyserver->host)
1178           log_info(_("searching for names from %s server %s\n"),
1179                    keyserver->scheme,keyserver->host);
1180         else
1181           log_info(_("searching for names from %s\n"),keyserver->uri);
1182
1183         break;
1184       }
1185
1186     case KS_SEND:
1187       {
1188         STRLIST key;
1189
1190         /* Note the extra \n here to send an empty keylist block */
1191         fprintf(spawn->tochild,"COMMAND SEND\n\n\n");
1192
1193         for(key=list;key!=NULL;key=key->next)
1194           {
1195             armor_filter_context_t afx;
1196             IOBUF buffer=iobuf_temp();
1197             KBNODE block;
1198
1199             temp=NULL;
1200             add_to_strlist(&temp,key->d);
1201
1202             memset(&afx,0,sizeof(afx));
1203             afx.what=1;
1204             /* Tell the armor filter to use Unix-style \n line
1205                endings, since we're going to fprintf this to a file
1206                that (on Win32) is open in text mode.  The win32 stdio
1207                will transform the \n to \r\n and we'll end up with the
1208                proper line endings on win32.  This is a no-op on
1209                Unix. */
1210             afx.eol[0]='\n';
1211             iobuf_push_filter(buffer,armor_filter,&afx);
1212
1213             /* TODO: Remove Comment: lines from keys exported this
1214                way? */
1215
1216             if(export_pubkeys_stream(buffer,temp,&block,
1217                                      opt.keyserver_options.export_options)==-1)
1218               iobuf_close(buffer);
1219             else
1220               {
1221                 KBNODE node;
1222
1223                 iobuf_flush_temp(buffer);
1224
1225                 merge_keys_and_selfsig(block);
1226
1227                 fprintf(spawn->tochild,"INFO %08lX%08lX BEGIN\n",
1228                         (ulong)block->pkt->pkt.public_key->keyid[0],
1229                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1230
1231                 for(node=block;node;node=node->next)
1232                   {
1233                     switch(node->pkt->pkttype)
1234                       {
1235                       default:
1236                         continue;
1237
1238                       case PKT_PUBLIC_KEY:
1239                       case PKT_PUBLIC_SUBKEY:
1240                         {
1241                           PKT_public_key *pk=node->pkt->pkt.public_key;
1242
1243                           keyid_from_pk(pk,NULL);
1244
1245                           fprintf(spawn->tochild,"%sb:%08lX%08lX:%u:%u:%u:%u:",
1246                                   node->pkt->pkttype==PKT_PUBLIC_KEY?"pu":"su",
1247                                   (ulong)pk->keyid[0],(ulong)pk->keyid[1],
1248                                   pk->pubkey_algo,
1249                                   nbits_from_pk(pk),
1250                                   pk->timestamp,
1251                                   pk->expiredate);
1252
1253                           if(pk->is_revoked)
1254                             fprintf(spawn->tochild,"r");
1255                           if(pk->has_expired)
1256                             fprintf(spawn->tochild,"e");
1257
1258                           fprintf(spawn->tochild,"\n");
1259                         }
1260                         break;
1261
1262                       case PKT_USER_ID:
1263                         {
1264                           PKT_user_id *uid=node->pkt->pkt.user_id;
1265                           int r;
1266
1267                           if(uid->attrib_data)
1268                             continue;
1269
1270                           fprintf(spawn->tochild,"uid:");
1271
1272                           /* Quote ':', '%', and any 8-bit
1273                              characters */
1274                           for(r=0;r<uid->len;r++)
1275                             {
1276                               if(uid->name[r]==':' || uid->name[r]=='%'
1277                                  || uid->name[r]&0x80)
1278                                 fprintf(spawn->tochild,"%%%02X",
1279                                         (byte)uid->name[r]);
1280                               else
1281                                 fprintf(spawn->tochild,"%c",uid->name[r]);
1282                             }
1283
1284                           fprintf(spawn->tochild,":%u:%u:",
1285                                   uid->created,uid->expiredate);
1286
1287                           if(uid->is_revoked)
1288                             fprintf(spawn->tochild,"r");
1289                           if(uid->is_expired)
1290                             fprintf(spawn->tochild,"e");
1291
1292                           fprintf(spawn->tochild,"\n");
1293                         }
1294                         break;
1295
1296                         /* This bit is really for the benefit of
1297                            people who store their keys in LDAP
1298                            servers.  It makes it easy to do queries
1299                            for things like "all keys signed by
1300                            Isabella". */
1301                       case PKT_SIGNATURE:
1302                         {
1303                           PKT_signature *sig=node->pkt->pkt.signature;
1304
1305                           if(!IS_UID_SIG(sig))
1306                             continue;
1307
1308                           fprintf(spawn->tochild,"sig:%08lX%08lX:%X:%u:%u\n",
1309                                   (ulong)sig->keyid[0],(ulong)sig->keyid[1],
1310                                   sig->sig_class,sig->timestamp,
1311                                   sig->expiredate);
1312                         }
1313                         break;
1314                       }
1315                   }
1316
1317                 fprintf(spawn->tochild,"INFO %08lX%08lX END\n",
1318                         (ulong)block->pkt->pkt.public_key->keyid[0],
1319                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1320
1321                 fprintf(spawn->tochild,"KEY %s BEGIN\n",key->d);
1322                 fwrite(iobuf_get_temp_buffer(buffer),
1323                        iobuf_get_temp_length(buffer),1,spawn->tochild);
1324                 fprintf(spawn->tochild,"KEY %s END\n",key->d);
1325
1326                 iobuf_close(buffer);
1327
1328                 if(keyserver->host)
1329                   log_info(_("sending key %s to %s server %s\n"),
1330                            keystr(block->pkt->pkt.public_key->keyid),
1331                            keyserver->scheme,keyserver->host);
1332                 else
1333                   log_info(_("sending key %s to %s\n"),
1334                            keystr(block->pkt->pkt.public_key->keyid),
1335                            keyserver->uri);
1336
1337                 release_kbnode(block);
1338               }
1339
1340             free_strlist(temp);
1341           }
1342
1343         break;
1344       }
1345
1346     case KS_SEARCH:
1347       {
1348         STRLIST key;
1349
1350         fprintf(spawn->tochild,"COMMAND SEARCH\n\n");
1351
1352         /* Which keys do we want?  Remember that the gpgkeys_ program
1353            is going to lump these together into a search string. */
1354
1355         for(key=list;key!=NULL;key=key->next)
1356           {
1357             fprintf(spawn->tochild,"%s\n",key->d);
1358             if(key!=list)
1359               {
1360                 searchstr=xrealloc(searchstr,
1361                                     strlen(searchstr)+strlen(key->d)+2);
1362                 strcat(searchstr," ");
1363               }
1364             else
1365               {
1366                 searchstr=xmalloc(strlen(key->d)+1);
1367                 searchstr[0]='\0';
1368               }
1369
1370             strcat(searchstr,key->d);
1371           }
1372
1373         fprintf(spawn->tochild,"\n");
1374
1375         if(keyserver->host)
1376           log_info(_("searching for \"%s\" from %s server %s\n"),
1377                    searchstr,keyserver->scheme,keyserver->host);
1378         else
1379           log_info(_("searching for \"%s\" from %s\n"),
1380                    searchstr,keyserver->uri);
1381
1382         break;
1383       }
1384
1385     default:
1386       log_fatal(_("no keyserver action!\n"));
1387       break;
1388     }
1389
1390   /* Done sending, so start reading. */
1391   ret=exec_read(spawn);
1392   if(ret)
1393     goto fail;
1394
1395   /* Now handle the response */
1396
1397   for(;;)
1398     {
1399       int plen;
1400       char *ptr;
1401
1402       maxlen=1024;
1403       if(iobuf_read_line(spawn->fromchild,&line,&buflen,&maxlen)==0)
1404         {
1405           ret = gpg_error_from_errno (errno);
1406           goto fail; /* i.e. EOF */
1407         }
1408
1409       ptr=line;
1410
1411       /* remove trailing whitespace */
1412       plen=strlen(ptr);
1413       while(plen>0 && ascii_isspace(ptr[plen-1]))
1414         plen--;
1415       plen[ptr]='\0';
1416
1417       if(*ptr=='\0')
1418         break;
1419
1420       if(ascii_strncasecmp(ptr,"VERSION ",8)==0)
1421         {
1422           gotversion=1;
1423
1424           if(atoi(&ptr[8])!=KEYSERVER_PROTO_VERSION)
1425             {
1426               log_error(_("invalid keyserver protocol (us %d!=handler %d)\n"),
1427                         KEYSERVER_PROTO_VERSION,atoi(&ptr[8]));
1428               goto fail;
1429             }
1430         }
1431       else if(ascii_strncasecmp(ptr,"PROGRAM ",8)==0)
1432         {
1433           if(ascii_strncasecmp(&ptr[8],VERSION,strlen(VERSION))!=0)
1434             log_info(_("WARNING: keyserver handler from a different"
1435                        " version of GnuPG (%s)\n"),&ptr[8]);
1436         }
1437       else if(ascii_strncasecmp(ptr,"OPTION OUTOFBAND",16)==0)
1438         outofband=1; /* Currently the only OPTION */
1439     }
1440
1441   if(!gotversion)
1442     {
1443       log_error(_("keyserver did not send VERSION\n"));
1444       goto fail;
1445     }
1446
1447   if(!outofband)
1448     switch(action)
1449       {
1450       case KS_GET:
1451       case KS_GETNAME:
1452         {
1453           void *stats_handle;
1454
1455           stats_handle=import_new_stats_handle();
1456
1457           /* Slurp up all the key data.  In the future, it might be
1458              nice to look for KEY foo OUTOFBAND and FAILED indicators.
1459              It's harmless to ignore them, but ignoring them does make
1460              gpg complain about "no valid OpenPGP data found".  One
1461              way to do this could be to continue parsing this
1462              line-by-line and make a temp iobuf for each key. */
1463
1464           import_keys_stream(spawn->fromchild,stats_handle,fpr,fpr_len,
1465                              opt.keyserver_options.import_options);
1466
1467           import_print_stats(stats_handle);
1468           import_release_stats_handle(stats_handle);
1469
1470           break;
1471         }
1472
1473         /* Nothing to do here */
1474       case KS_SEND:
1475         break;
1476
1477       case KS_SEARCH:
1478         keyserver_search_prompt(spawn->fromchild,searchstr);
1479         break;
1480
1481       default:
1482         log_fatal(_("no keyserver action!\n"));
1483         break;
1484       }
1485
1486  fail:
1487   xfree(line);
1488   xfree(searchstr);
1489
1490
1491   *prog=exec_finish(spawn);
1492
1493   return ret;
1494 }
1495
1496 static int 
1497 keyserver_work(enum ks_action action,STRLIST list,KEYDB_SEARCH_DESC *desc,
1498                int count,unsigned char **fpr,size_t *fpr_len,
1499                struct keyserver_spec *keyserver)
1500 {
1501   int rc=0,ret=0;
1502
1503   if(!keyserver)
1504     {
1505       log_error(_("no keyserver known (use option --keyserver)\n"));
1506       return G10ERR_BAD_URI;
1507     }
1508
1509 #ifdef DISABLE_KEYSERVER_HELPERS
1510
1511   log_error(_("external keyserver calls are not supported in this build\n"));
1512   return G10ERR_KEYSERVER;
1513
1514 #else
1515   /* Spawn a handler */
1516
1517   rc=keyserver_spawn(action,list,desc,count,&ret,fpr,fpr_len,keyserver);
1518   if(ret)
1519     {
1520       switch(ret)
1521         {
1522         case KEYSERVER_SCHEME_NOT_FOUND:
1523           log_error(_("no handler for keyserver scheme `%s'\n"),
1524                     keyserver->scheme);
1525           break;
1526
1527         case KEYSERVER_NOT_SUPPORTED:
1528           log_error(_("action `%s' not supported with keyserver "
1529                       "scheme `%s'\n"),
1530                     action==KS_GET?"get":action==KS_SEND?"send":
1531                     action==KS_SEARCH?"search":"unknown",
1532                     keyserver->scheme);
1533           break;
1534
1535         case KEYSERVER_VERSION_ERROR:
1536           log_error(_(GPGKEYS_PREFIX "%s does not support"
1537                       " handler version %d\n"),
1538                     keyserver_typemap(keyserver->scheme),
1539                     KEYSERVER_PROTO_VERSION);
1540           break;
1541
1542         case KEYSERVER_TIMEOUT:
1543           log_error(_("keyserver timed out\n"));
1544           break;
1545
1546         case KEYSERVER_INTERNAL_ERROR:
1547         default:
1548           log_error(_("keyserver internal error\n"));
1549           break;
1550         }
1551
1552       return G10ERR_KEYSERVER;
1553     }
1554
1555   if(rc)
1556     {
1557       log_error(_("keyserver communications error: %s\n"),g10_errstr(rc));
1558
1559       return rc;
1560     }
1561
1562   return 0;
1563 #endif /* ! DISABLE_KEYSERVER_HELPERS*/
1564 }
1565
1566 int 
1567 keyserver_export(STRLIST users)
1568 {
1569   STRLIST sl=NULL;
1570   KEYDB_SEARCH_DESC desc;
1571   int rc=0;
1572
1573   /* Weed out descriptors that we don't support sending */
1574   for(;users;users=users->next)
1575     {
1576       classify_user_id (users->d, &desc);
1577       if(desc.mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
1578          desc.mode!=KEYDB_SEARCH_MODE_LONG_KID &&
1579          desc.mode!=KEYDB_SEARCH_MODE_FPR16 &&
1580          desc.mode!=KEYDB_SEARCH_MODE_FPR20)
1581         {
1582           log_error(_("\"%s\" not a key ID: skipping\n"),users->d);
1583           continue;
1584         }
1585       else
1586         append_to_strlist(&sl,users->d);
1587     }
1588
1589   if(sl)
1590     {
1591       rc=keyserver_work(KS_SEND,sl,NULL,0,NULL,NULL,opt.keyserver);
1592       free_strlist(sl);
1593     }
1594
1595   return rc;
1596 }
1597
1598 int 
1599 keyserver_import(STRLIST users)
1600 {
1601   KEYDB_SEARCH_DESC *desc;
1602   int num=100,count=0;
1603   int rc=0;
1604
1605   /* Build a list of key ids */
1606   desc=xmalloc(sizeof(KEYDB_SEARCH_DESC)*num);
1607
1608   for(;users;users=users->next)
1609     {
1610       classify_user_id (users->d, &desc[count]);
1611       if(desc[count].mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
1612          desc[count].mode!=KEYDB_SEARCH_MODE_LONG_KID &&
1613          desc[count].mode!=KEYDB_SEARCH_MODE_FPR16 &&
1614          desc[count].mode!=KEYDB_SEARCH_MODE_FPR20)
1615         {
1616           log_error(_("\"%s\" not a key ID: skipping\n"),users->d);
1617           continue;
1618         }
1619
1620       count++;
1621       if(count==num)
1622         {
1623           num+=100;
1624           desc=xrealloc(desc,sizeof(KEYDB_SEARCH_DESC)*num);
1625         }
1626     }
1627
1628   if(count>0)
1629     rc=keyserver_work(KS_GET,NULL,desc,count,NULL,NULL,opt.keyserver);
1630
1631   xfree(desc);
1632
1633   return rc;
1634 }
1635
1636 int
1637 keyserver_import_fprint(const byte *fprint,size_t fprint_len,
1638                         struct keyserver_spec *keyserver)
1639 {
1640   KEYDB_SEARCH_DESC desc;
1641
1642   memset(&desc,0,sizeof(desc));
1643
1644   if(fprint_len==16)
1645     desc.mode=KEYDB_SEARCH_MODE_FPR16;
1646   else if(fprint_len==20)
1647     desc.mode=KEYDB_SEARCH_MODE_FPR20;
1648   else
1649     return -1;
1650
1651   memcpy(desc.u.fpr,fprint,fprint_len);
1652
1653   /* TODO: Warn here if the fingerprint we got doesn't match the one
1654      we asked for? */
1655   return keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,keyserver);
1656 }
1657
1658 int 
1659 keyserver_import_keyid(u32 *keyid,struct keyserver_spec *keyserver)
1660 {
1661   KEYDB_SEARCH_DESC desc;
1662
1663   memset(&desc,0,sizeof(desc));
1664
1665   desc.mode=KEYDB_SEARCH_MODE_LONG_KID;
1666   desc.u.kid[0]=keyid[0];
1667   desc.u.kid[1]=keyid[1];
1668
1669   return keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,keyserver);
1670 }
1671
1672 /* code mostly stolen from do_export_stream */
1673 static int 
1674 keyidlist(STRLIST users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
1675 {
1676   int rc=0,ndesc,num=100;
1677   KBNODE keyblock=NULL,node;
1678   KEYDB_HANDLE kdbhd;
1679   KEYDB_SEARCH_DESC *desc;
1680   STRLIST sl;
1681
1682   *count=0;
1683
1684   *klist=xmalloc(sizeof(KEYDB_SEARCH_DESC)*num);
1685
1686   kdbhd=keydb_new(0);
1687
1688   if(!users)
1689     {
1690       ndesc = 1;
1691       desc = xmalloc_clear ( ndesc * sizeof *desc);
1692       desc[0].mode = KEYDB_SEARCH_MODE_FIRST;
1693     }
1694   else
1695     {
1696       for (ndesc=0, sl=users; sl; sl = sl->next, ndesc++) 
1697         ;
1698       desc = xmalloc ( ndesc * sizeof *desc);
1699         
1700       for (ndesc=0, sl=users; sl; sl = sl->next)
1701         {
1702           if(classify_user_id (sl->d, desc+ndesc))
1703             ndesc++;
1704           else
1705             log_error (_("key \"%s\" not found: %s\n"),
1706                        sl->d, g10_errstr (G10ERR_INV_USER_ID));
1707         }
1708     }
1709
1710   while (!(rc = keydb_search (kdbhd, desc, ndesc)))
1711     {
1712       if (!users) 
1713         desc[0].mode = KEYDB_SEARCH_MODE_NEXT;
1714
1715       /* read the keyblock */
1716       rc = keydb_get_keyblock (kdbhd, &keyblock );
1717       if( rc )
1718         {
1719           log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) );
1720           goto leave;
1721         }
1722
1723       if((node=find_kbnode(keyblock,PKT_PUBLIC_KEY)))
1724         {
1725           /* This is to work around a bug in some keyservers (pksd and
1726              OKS) that calculate v4 RSA keyids as if they were v3 RSA.
1727              The answer is to refresh both the correct v4 keyid
1728              (e.g. 99242560) and the fake v3 keyid (e.g. 68FDDBC7).
1729              This only happens for key refresh using the HKP scheme
1730              and if the refresh-add-fake-v3-keyids keyserver option is
1731              set. */
1732           if(fakev3 && is_RSA(node->pkt->pkt.public_key->pubkey_algo) &&
1733              node->pkt->pkt.public_key->version>=4)
1734             {
1735               (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
1736               mpi_get_keyid(node->pkt->pkt.public_key->pkey[0],
1737                             (*klist)[*count].u.kid);
1738               (*count)++;
1739
1740               if(*count==num)
1741                 {
1742                   num+=100;
1743                   *klist=xrealloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
1744                 }
1745             }
1746
1747           /* v4 keys get full fingerprints.  v3 keys get long keyids.
1748              This is because it's easy to calculate any sort of keyid
1749              from a v4 fingerprint, but not a v3 fingerprint. */
1750
1751           if(node->pkt->pkt.public_key->version<4)
1752             {
1753               (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
1754               keyid_from_pk(node->pkt->pkt.public_key,
1755                             (*klist)[*count].u.kid);
1756             }
1757           else
1758             {
1759               size_t dummy;
1760
1761               (*klist)[*count].mode=KEYDB_SEARCH_MODE_FPR20;
1762               fingerprint_from_pk(node->pkt->pkt.public_key,
1763                                   (*klist)[*count].u.fpr,&dummy);
1764             }
1765
1766           /* This is a little hackish, using the skipfncvalue as a
1767              void* pointer to the keyserver spec, but we don't need
1768              the skipfnc here, and it saves having an additional field
1769              for this (which would be wasted space most of the
1770              time). */
1771
1772           (*klist)[*count].skipfncvalue=NULL;
1773
1774           /* Are we honoring preferred keyservers? */
1775           if(opt.keyserver_options.options&KEYSERVER_HONOR_KEYSERVER_URL)
1776             {
1777               PKT_user_id *uid=NULL;
1778               PKT_signature *sig=NULL;
1779
1780               merge_keys_and_selfsig(keyblock);
1781
1782               for(node=node->next;node;node=node->next)
1783                 {
1784                   if(node->pkt->pkttype==PKT_USER_ID
1785                      && node->pkt->pkt.user_id->is_primary)
1786                     uid=node->pkt->pkt.user_id;
1787                   else if(node->pkt->pkttype==PKT_SIGNATURE
1788                           && node->pkt->pkt.signature->
1789                           flags.chosen_selfsig && uid)
1790                     {
1791                       sig=node->pkt->pkt.signature;
1792                       break;
1793                     }
1794                 }
1795
1796               /* Try and parse the keyserver URL.  If it doesn't work,
1797                  then we end up writing NULL which indicates we are
1798                  the same as any other key. */
1799               if(sig)
1800                 (*klist)[*count].skipfncvalue=parse_preferred_keyserver(sig);
1801             }
1802
1803           (*count)++;
1804
1805           if(*count==num)
1806             {
1807               num+=100;
1808               *klist=xrealloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
1809             }
1810         }
1811     }
1812
1813   if(rc==-1)
1814     rc=0;
1815   
1816  leave:
1817   if(rc)
1818     xfree(*klist);
1819   xfree(desc);
1820   keydb_release(kdbhd);
1821   release_kbnode(keyblock);
1822
1823   return rc;
1824 }
1825
1826 /* Note this is different than the original HKP refresh.  It allows
1827    usernames to refresh only part of the keyring. */
1828
1829 int
1830 keyserver_refresh(STRLIST users)
1831 {
1832   int rc,count,numdesc,fakev3=0;
1833   KEYDB_SEARCH_DESC *desc;
1834   unsigned int options=opt.keyserver_options.import_options;
1835
1836   /* We switch merge-only on during a refresh, as 'refresh' should
1837      never import new keys, even if their keyids match. */
1838   opt.keyserver_options.import_options|=IMPORT_MERGE_ONLY;
1839
1840   /* Similarly, we switch on fast-import, since refresh may make
1841      multiple import sets (due to preferred keyserver URLs).  We don't
1842      want each set to rebuild the trustdb.  Instead we do it once at
1843      the end here. */
1844   opt.keyserver_options.import_options|=IMPORT_FAST;
1845
1846   /* If refresh_add_fake_v3_keyids is on and it's a HKP or MAILTO
1847      scheme, then enable fake v3 keyid generation. */
1848   if((opt.keyserver_options.options&KEYSERVER_ADD_FAKE_V3) && opt.keyserver
1849      && (ascii_strcasecmp(opt.keyserver->scheme,"hkp")==0 ||
1850          ascii_strcasecmp(opt.keyserver->scheme,"mailto")==0))
1851     fakev3=1;
1852
1853   rc=keyidlist(users,&desc,&numdesc,fakev3);
1854   if(rc)
1855     return rc;
1856
1857   count=numdesc;
1858   if(count>0)
1859     {
1860       int i;
1861
1862       /* Try to handle preferred keyserver keys first */
1863       for(i=0;i<numdesc;i++)
1864         {
1865           if(desc[i].skipfncvalue)
1866             {
1867               struct keyserver_spec *keyserver=desc[i].skipfncvalue;
1868
1869               /* We use the keyserver structure we parsed out before.
1870                  Note that a preferred keyserver without a scheme://
1871                  will be interpreted as hkp:// */
1872
1873               rc=keyserver_work(KS_GET,NULL,&desc[i],1,NULL,NULL,keyserver);
1874               if(rc)
1875                 log_info(_("WARNING: unable to refresh key %s"
1876                            " via %s: %s\n"),keystr_from_desc(&desc[i]),
1877                          keyserver->uri,g10_errstr(rc));
1878               else
1879                 {
1880                   /* We got it, so mark it as NONE so we don't try and
1881                      get it again from the regular keyserver. */
1882
1883                   desc[i].mode=KEYDB_SEARCH_MODE_NONE;
1884                   count--;
1885                 }
1886
1887               free_keyserver_spec(keyserver);
1888             }
1889         }
1890     }
1891
1892   if(count>0)
1893     {
1894       if(opt.keyserver)
1895         {
1896           if(count==1)
1897             log_info(_("refreshing 1 key from %s\n"),opt.keyserver->uri);
1898           else
1899             log_info(_("refreshing %d keys from %s\n"),
1900                      count,opt.keyserver->uri);
1901         }
1902
1903       rc=keyserver_work(KS_GET,NULL,desc,numdesc,NULL,NULL,opt.keyserver);
1904     }
1905
1906   xfree(desc);
1907
1908   opt.keyserver_options.import_options=options;
1909
1910   /* If the original options didn't have fast import, and the trustdb
1911      is dirty, rebuild. */
1912   if(!(opt.keyserver_options.import_options&IMPORT_FAST))
1913     trustdb_check_or_update();
1914
1915   return rc;
1916 }
1917
1918 int
1919 keyserver_search(STRLIST tokens)
1920 {
1921   if(tokens)
1922     return keyserver_work(KS_SEARCH,tokens,NULL,0,NULL,NULL,opt.keyserver);
1923   else
1924     return 0;
1925 }
1926
1927 int
1928 keyserver_fetch(STRLIST urilist)
1929 {
1930   KEYDB_SEARCH_DESC desc;
1931   STRLIST sl;
1932   unsigned int options=opt.keyserver_options.import_options;
1933
1934   /* Switch on fast-import, since fetch can handle more than one
1935      import and we don't want each set to rebuild the trustdb.
1936      Instead we do it once at the end. */
1937   opt.keyserver_options.import_options|=IMPORT_FAST;
1938
1939   /* A dummy desc since we're not actually fetching a particular key
1940      ID */
1941   memset(&desc,0,sizeof(desc));
1942   desc.mode=KEYDB_SEARCH_MODE_EXACT;
1943
1944   for(sl=urilist;sl;sl=sl->next)
1945     {
1946       struct keyserver_spec *spec;
1947
1948       spec=parse_keyserver_uri(sl->d,1,NULL,0);
1949       if(spec)
1950         {
1951           int rc;
1952
1953           /*
1954             Set the direct_uri flag so we know later to call a direct
1955             handler instead of the keyserver style.  This lets us use
1956             gpgkeys_curl or gpgkeys_ldapuri instead of gpgkeys_ldap to
1957             fetch things like
1958             ldap://keyserver.pgp.com/o=PGP%20keys?pgpkey?sub?pgpkeyid=99242560
1959           */
1960           spec->flags.direct_uri=1;
1961
1962           rc=keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,spec);
1963           if(rc)
1964             log_info (_("WARNING: unable to fetch URI %s: %s\n"),
1965                      sl->d,g10_errstr(rc));
1966
1967           free_keyserver_spec(spec);
1968         }
1969       else
1970         log_info (_("WARNING: unable to parse URI %s\n"),sl->d);
1971     }
1972
1973   opt.keyserver_options.import_options=options;
1974
1975   /* If the original options didn't have fast import, and the trustdb
1976      is dirty, rebuild. */
1977   if(!(opt.keyserver_options.import_options&IMPORT_FAST))
1978     trustdb_check_or_update();
1979
1980   return 0;
1981 }
1982
1983 /* Import key in a CERT or pointed to by a CERT */
1984 int
1985 keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len)
1986 {
1987   char *domain,*look,*url;
1988   IOBUF key;
1989   int type,rc=G10ERR_GENERAL;
1990
1991   look=xstrdup(name);
1992
1993   domain=strrchr(look,'@');
1994   if(domain)
1995     *domain='.';
1996
1997   type=get_cert(look,max_cert_size,&key,fpr,fpr_len,&url);
1998   if(type==1)
1999     {
2000       int armor_status=opt.no_armor;
2001
2002       /* CERTs are always in binary format */
2003       opt.no_armor=1;
2004
2005       rc=import_keys_stream(key,NULL,fpr,fpr_len,
2006                             opt.keyserver_options.import_options);
2007
2008       opt.no_armor=armor_status;
2009
2010       iobuf_close(key);
2011     }
2012   else if(type==2 && *fpr)
2013     {
2014       /* We only consider the IPGP type if a fingerprint was provided.
2015          This lets us select the right key regardless of what a URL
2016          points to, or get the key from a keyserver. */
2017       if(url)
2018         {
2019           struct keyserver_spec *spec;
2020
2021           spec=parse_keyserver_uri(url,1,NULL,0);
2022           if(spec)
2023             {
2024               STRLIST list=NULL;
2025
2026               add_to_strlist(&list,url);
2027
2028               rc=keyserver_fetch(list);
2029
2030               free_strlist(list);
2031               free_keyserver_spec(spec);
2032             }
2033         }
2034       else if(opt.keyserver)
2035         {
2036           /* If only a fingerprint is provided, try and fetch it from
2037              our --keyserver */
2038
2039           rc=keyserver_import_fprint(*fpr,*fpr_len,opt.keyserver);
2040         }
2041
2042       xfree(url);
2043     }
2044
2045   xfree(look);
2046
2047   return rc;
2048 }
2049
2050 /* Import key pointed to by a PKA record. Return the requested
2051    fingerprint in fpr. */
2052 int
2053 keyserver_import_pka(const char *name,unsigned char **fpr,size_t *fpr_len)
2054 {
2055   char *uri;
2056   int rc=-1;
2057
2058   *fpr=xmalloc(20);
2059   *fpr_len=20;
2060
2061   uri = get_pka_info (name, *fpr);
2062   if (uri)
2063     {
2064       struct keyserver_spec *spec;
2065       spec = parse_keyserver_uri (uri, 1, NULL, 0);
2066       if (spec)
2067         {
2068           rc=keyserver_import_fprint (*fpr, 20, spec);
2069           free_keyserver_spec (spec);
2070         }
2071       xfree (uri);
2072     }
2073
2074   if(rc!=0)
2075     xfree(*fpr);
2076
2077   return rc;
2078 }
2079
2080 /* Import all keys that match name */
2081 int
2082 keyserver_import_name(const char *name,unsigned char **fpr,size_t *fpr_len,
2083                       struct keyserver_spec *keyserver)
2084 {
2085   STRLIST list=NULL;
2086   int rc;
2087
2088   append_to_strlist(&list,name);
2089
2090   rc=keyserver_work(KS_GETNAME,list,NULL,0,fpr,fpr_len,keyserver);
2091
2092   free_strlist(list);
2093
2094   return rc;
2095 }
2096
2097 /* Use the PGP Universal trick of asking ldap://keys.(maildomain) for
2098    the key. */
2099 int
2100 keyserver_import_ldap(const char *name,unsigned char **fpr,size_t *fpr_len)
2101 {
2102   char *domain;
2103   struct keyserver_spec *keyserver;
2104   STRLIST list=NULL;
2105   int rc;
2106
2107   append_to_strlist(&list,name);
2108
2109   /* Parse out the domain */
2110   domain=strrchr(name,'@');
2111   if(!domain)
2112     return G10ERR_GENERAL;
2113
2114   domain++;
2115
2116   keyserver=xmalloc_clear(sizeof(struct keyserver_spec));
2117
2118   keyserver->scheme=xstrdup("ldap");
2119   keyserver->host=xmalloc(5+strlen(domain)+1);
2120   strcpy(keyserver->host,"keys.");
2121   strcat(keyserver->host,domain);
2122   keyserver->uri=xmalloc(strlen(keyserver->scheme)+
2123                          3+strlen(keyserver->host)+1);
2124   strcpy(keyserver->uri,keyserver->scheme);
2125   strcat(keyserver->uri,"://");
2126   strcat(keyserver->uri,keyserver->host);
2127     
2128   rc=keyserver_work(KS_GETNAME,list,NULL,0,fpr,fpr_len,keyserver);
2129
2130   free_strlist(list);
2131
2132   free_keyserver_spec(keyserver);
2133
2134   return rc;
2135 }