* keyserver.c (keyserver_spawn): Write the 16-digit keyid rather than
[gnupg.git] / g10 / keyserver.c
1 /* keyserver.c - generic keyserver code
2  * Copyright (C) 2001, 2002, 2003, 2004, 2005,
3  *               2006 Free Software Foundation, Inc.
4  *
5  * This file is part of GnuPG.
6  *
7  * GnuPG is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 2 of the License, or
10  * (at your option) any later version.
11  *
12  * GnuPG is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
20  * USA.
21  */
22
23 #include <config.h>
24 #include <ctype.h>
25 #include <stdio.h>
26 #include <string.h>
27 #include <stdlib.h>
28 #include <assert.h>
29 #include "filter.h"
30 #include "keydb.h"
31 #include "status.h"
32 #include "exec.h"
33 #include "main.h"
34 #include "i18n.h"
35 #include "iobuf.h"
36 #include "memory.h"
37 #include "ttyio.h"
38 #include "options.h"
39 #include "packet.h"
40 #include "trustdb.h"
41 #include "keyserver-internal.h"
42 #include "util.h"
43
44 struct keyrec
45 {
46   KEYDB_SEARCH_DESC desc;
47   u32 createtime,expiretime;
48   int size,flags;
49   byte type;
50   IOBUF uidbuf;
51   unsigned int lines;
52 };
53
54 enum ks_action {KS_UNKNOWN=0,KS_GET,KS_GETNAME,KS_SEND,KS_SEARCH};
55
56 static struct parse_options keyserver_opts[]=
57   {
58     /* some of these options are not real - just for the help
59        message */
60     {"max-cert-size",0,NULL,NULL},
61     {"include-revoked",0,NULL,N_("include revoked keys in search results")},
62     {"include-subkeys",0,NULL,N_("include subkeys when searching by key ID")},
63     {"use-temp-files",0,NULL,
64      N_("use temporary files to pass data to keyserver helpers")},
65     {"keep-temp-files",KEYSERVER_KEEP_TEMP_FILES,NULL,
66      N_("do not delete temporary files after using them")},
67     {"refresh-add-fake-v3-keyids",KEYSERVER_ADD_FAKE_V3,NULL,
68      NULL},
69     {"auto-key-retrieve",KEYSERVER_AUTO_KEY_RETRIEVE,NULL,
70      N_("automatically retrieve keys when verifying signatures")},
71     {"honor-keyserver-url",KEYSERVER_HONOR_KEYSERVER_URL,NULL,
72      N_("honor the preferred keyserver URL set on the key")},
73     {"honor-pka-record",KEYSERVER_HONOR_PKA_RECORD,NULL,
74      N_("honor the PKA record set on a key when retrieving keys")},
75     {NULL,0,NULL,NULL}
76   };
77
78 static int keyserver_work(enum ks_action action,STRLIST list,
79                           KEYDB_SEARCH_DESC *desc,int count,
80                           unsigned char **fpr,size_t *fpr_len,
81                           struct keyserver_spec *keyserver);
82
83 /* Reasonable guess */
84 #define DEFAULT_MAX_CERT_SIZE 16384
85
86 static size_t max_cert_size=DEFAULT_MAX_CERT_SIZE;
87
88 static void
89 add_canonical_option(char *option,STRLIST *list)
90 {
91   char *arg=argsplit(option);
92
93   if(arg)
94     {
95       char *joined;
96
97       joined=xmalloc(strlen(option)+1+strlen(arg)+1);
98       /* Make a canonical name=value form with no spaces */
99       strcpy(joined,option);
100       strcat(joined,"=");
101       strcat(joined,arg);
102       append_to_strlist(list,joined);
103       xfree(joined);
104     }
105   else
106     append_to_strlist(list,option);
107 }
108
109 int
110 parse_keyserver_options(char *options)
111 {
112   int ret=1;
113   char *tok;
114   char *max_cert=NULL;
115
116   keyserver_opts[0].value=&max_cert;
117
118   while((tok=optsep(&options)))
119     {
120       if(tok[0]=='\0')
121         continue;
122
123       /* For backwards compatibility.  1.2.x used honor-http-proxy and
124          there are a good number of documents published that recommend
125          it. */
126       if(ascii_strcasecmp(tok,"honor-http-proxy")==0)
127         tok="http-proxy";
128       else if(ascii_strcasecmp(tok,"no-honor-http-proxy")==0)
129         tok="no-http-proxy";
130
131       /* We accept quite a few possible options here - some options to
132          handle specially, the keyserver_options list, and import and
133          export options that pertain to keyserver operations.  Note
134          that you must use strncasecmp here as there might be an
135          =argument attached which will foil the use of strcasecmp. */
136
137 #ifdef EXEC_TEMPFILE_ONLY
138       if(ascii_strncasecmp(tok,"use-temp-files",14)==0 ||
139               ascii_strncasecmp(tok,"no-use-temp-files",17)==0)
140         log_info(_("WARNING: keyserver option `%s' is not used"
141                    " on this platform\n"),tok);
142 #else
143       if(ascii_strncasecmp(tok,"use-temp-files",14)==0)
144         opt.keyserver_options.options|=KEYSERVER_USE_TEMP_FILES;
145       else if(ascii_strncasecmp(tok,"no-use-temp-files",17)==0)
146         opt.keyserver_options.options&=~KEYSERVER_USE_TEMP_FILES;
147 #endif
148       else if(!parse_options(tok,&opt.keyserver_options.options,
149                              keyserver_opts,0)
150          && !parse_import_options(tok,
151                                   &opt.keyserver_options.import_options,0)
152          && !parse_export_options(tok,
153                                   &opt.keyserver_options.export_options,0))
154         {
155           /* All of the standard options have failed, so the option is
156              destined for a keyserver plugin. */
157           add_canonical_option(tok,&opt.keyserver_options.other);
158         }
159     }
160
161   if(max_cert)
162     {
163       max_cert_size=strtoul(max_cert,(char **)NULL,10);
164
165       if(max_cert_size==0)
166         max_cert_size=DEFAULT_MAX_CERT_SIZE;
167     }
168
169   return ret;
170 }
171
172 void
173 free_keyserver_spec(struct keyserver_spec *keyserver)
174 {
175   xfree(keyserver->uri);
176   xfree(keyserver->scheme);
177   xfree(keyserver->auth);
178   xfree(keyserver->host);
179   xfree(keyserver->port);
180   xfree(keyserver->path);
181   xfree(keyserver->opaque);
182   free_strlist(keyserver->options);
183   xfree(keyserver);
184 }
185
186 /* Return 0 for match */
187 static int
188 cmp_keyserver_spec(struct keyserver_spec *one,struct keyserver_spec *two)
189 {
190   if(ascii_strcasecmp(one->scheme,two->scheme)==0)
191     {
192       if(one->host && two->host && ascii_strcasecmp(one->host,two->host)==0)
193         {
194           if((one->port && two->port
195               && ascii_strcasecmp(one->port,two->port)==0)
196              || (!one->port && !two->port))
197             return 0;
198         }
199       else if(one->opaque && two->opaque
200               && ascii_strcasecmp(one->opaque,two->opaque)==0)
201         return 0;
202     }
203
204   return 1;
205 }
206
207 /* Try and match one of our keyservers.  If we can, return that.  If
208    we can't, return our input. */
209 struct keyserver_spec *
210 keyserver_match(struct keyserver_spec *spec)
211 {
212   struct keyserver_spec *ks;
213
214   for(ks=opt.keyserver;ks;ks=ks->next)
215     if(cmp_keyserver_spec(spec,ks)==0)
216       return ks;
217
218   return spec;
219 }
220
221 /* TODO: once we cut over to an all-curl world, we don't need this
222    parser any longer so it can be removed, or at least moved to
223    keyserver/ksutil.c for limited use in gpgkeys_ldap or the like. */
224
225 struct keyserver_spec *
226 parse_keyserver_uri(const char *string,int require_scheme,
227                     const char *configname,unsigned int configlineno)
228 {
229   int assume_hkp=0;
230   struct keyserver_spec *keyserver;
231   const char *idx;
232   int count;
233   char *uri,*options;
234
235   assert(string!=NULL);
236
237   keyserver=xmalloc_clear(sizeof(struct keyserver_spec));
238
239   uri=xstrdup(string);
240
241   options=strchr(uri,' ');
242   if(options)
243     {
244       char *tok;
245
246       *options='\0';
247       options++;
248
249       while((tok=optsep(&options)))
250         add_canonical_option(tok,&keyserver->options);
251     }
252
253   /* Get the scheme */
254
255   for(idx=uri,count=0;*idx && *idx!=':';idx++)
256     {
257       count++;
258
259       /* Do we see the start of an RFC-2732 ipv6 address here?  If so,
260          there clearly isn't a scheme so get out early. */
261       if(*idx=='[')
262         {
263           /* Was the '[' the first thing in the string?  If not, we
264              have a mangled scheme with a [ in it so fail. */
265           if(count==1)
266             break;
267           else
268             goto fail;
269         }
270     }
271
272   if(count==0)
273     goto fail;
274
275   if(*idx=='\0' || *idx=='[')
276     {
277       if(require_scheme)
278         return NULL;
279
280       /* Assume HKP if there is no scheme */
281       assume_hkp=1;
282       keyserver->scheme=xstrdup("hkp");
283
284       keyserver->uri=xmalloc(strlen(keyserver->scheme)+3+strlen(uri)+1);
285       strcpy(keyserver->uri,keyserver->scheme);
286       strcat(keyserver->uri,"://");
287       strcat(keyserver->uri,uri);
288     }
289   else
290     {
291       int i;
292
293       keyserver->uri=xstrdup(uri);
294
295       keyserver->scheme=xmalloc(count+1);
296
297       /* Force to lowercase */
298       for(i=0;i<count;i++)
299         keyserver->scheme[i]=ascii_tolower(uri[i]);
300
301       keyserver->scheme[i]='\0';
302
303       /* Skip past the scheme and colon */
304       uri+=count+1;
305     }
306
307   if(ascii_strcasecmp(keyserver->scheme,"x-broken-hkp")==0)
308     {
309       deprecated_warning(configname,configlineno,"x-broken-hkp",
310                          "--keyserver-options ","broken-http-proxy");
311       xfree(keyserver->scheme);
312       keyserver->scheme=xstrdup("hkp");
313       append_to_strlist(&opt.keyserver_options.other,"broken-http-proxy");
314     }
315   else if(ascii_strcasecmp(keyserver->scheme,"x-hkp")==0)
316     {
317       /* Canonicalize this to "hkp" so it works with both the internal
318          and external keyserver interface. */
319       xfree(keyserver->scheme);
320       keyserver->scheme=xstrdup("hkp");
321     }
322
323   if(assume_hkp || (uri[0]=='/' && uri[1]=='/'))
324     {
325       /* Two slashes means network path. */
326
327       /* Skip over the "//", if any */
328       if(!assume_hkp)
329         uri+=2;
330
331       /* Do we have userinfo auth data present? */
332       for(idx=uri,count=0;*idx && *idx!='@' && *idx!='/';idx++)
333         count++;
334
335       /* We found a @ before the slash, so that means everything
336          before the @ is auth data. */
337       if(*idx=='@')
338         {
339           if(count==0)
340             goto fail;
341
342           keyserver->auth=xmalloc(count+1);
343           strncpy(keyserver->auth,uri,count);
344           keyserver->auth[count]='\0';
345           uri+=count+1;
346         }
347
348       /* Is it an RFC-2732 ipv6 [literal address] ? */
349       if(*uri=='[')
350         {
351           for(idx=uri+1,count=1;*idx
352                 && ((isascii (*idx) && isxdigit(*idx))
353                     || *idx==':' || *idx=='.');idx++)
354             count++;
355
356           /* Is the ipv6 literal address terminated? */
357           if(*idx==']')
358             count++;
359           else
360             goto fail;
361         }
362       else
363         for(idx=uri,count=0;*idx && *idx!=':' && *idx!='/';idx++)
364           count++;
365
366       if(count==0)
367         goto fail;
368
369       keyserver->host=xmalloc(count+1);
370       strncpy(keyserver->host,uri,count);
371       keyserver->host[count]='\0';
372
373       /* Skip past the host */
374       uri+=count;
375
376       if(*uri==':')
377         {
378           /* It would seem to be reasonable to limit the range of the
379              ports to values between 1-65535, but RFC 1738 and 1808
380              imply there is no limit.  Of course, the real world has
381              limits. */
382
383           for(idx=uri+1,count=0;*idx && *idx!='/';idx++)
384             {
385               count++;
386
387               /* Ports are digits only */
388               if(!digitp(idx))
389                 goto fail;
390             }
391
392           keyserver->port=xmalloc(count+1);
393           strncpy(keyserver->port,uri+1,count);
394           keyserver->port[count]='\0';
395
396           /* Skip past the colon and port number */
397           uri+=1+count;
398         }
399
400       /* Everything else is the path */
401       if(*uri)
402         keyserver->path=xstrdup(uri);
403       else
404         keyserver->path=xstrdup("/");
405
406       if(keyserver->path[1])
407         keyserver->flags.direct_uri=1;
408     }
409   else if(uri[0]!='/')
410     {
411       /* No slash means opaque.  Just record the opaque blob and get
412          out. */
413       keyserver->opaque=xstrdup(uri);
414     }
415   else
416     {
417       /* One slash means absolute path.  We don't need to support that
418          yet. */
419       goto fail;
420     }
421
422   return keyserver;
423
424  fail:
425   free_keyserver_spec(keyserver);
426
427   return NULL;
428 }
429
430 struct keyserver_spec *
431 parse_preferred_keyserver(PKT_signature *sig)
432 {
433   struct keyserver_spec *spec=NULL;
434   const byte *p;
435   size_t plen;
436
437   p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&plen);
438   if(p && plen)
439     {
440       byte *dupe=xmalloc(plen+1);
441
442       memcpy(dupe,p,plen);
443       dupe[plen]='\0';
444       spec=parse_keyserver_uri(dupe,1,NULL,0);
445       xfree(dupe);
446     }
447
448   return spec;
449 }
450
451 static void
452 print_keyrec(int number,struct keyrec *keyrec)
453 {
454   int i;
455
456   iobuf_writebyte(keyrec->uidbuf,0);
457   iobuf_flush_temp(keyrec->uidbuf);
458   printf("(%d)\t%s  ",number,iobuf_get_temp_buffer(keyrec->uidbuf));
459
460   if(keyrec->size>0)
461     printf("%d bit ",keyrec->size);
462
463   if(keyrec->type)
464     {
465       const char *str=pubkey_algo_to_string(keyrec->type);
466
467       if(str)
468         printf("%s ",str);
469       else
470         printf("unknown ");
471     }
472
473   switch(keyrec->desc.mode)
474     {
475       /* If the keyserver helper gave us a short keyid, we have no
476          choice but to use it.  Do check --keyid-format to add a 0x if
477          needed. */
478     case KEYDB_SEARCH_MODE_SHORT_KID:
479       printf("key %s%08lX",
480              (opt.keyid_format==KF_0xSHORT
481               || opt.keyid_format==KF_0xLONG)?"0x":"",
482              (ulong)keyrec->desc.u.kid[1]);
483       break;
484
485       /* However, if it gave us a long keyid, we can honor
486          --keyid-format */
487     case KEYDB_SEARCH_MODE_LONG_KID:
488       printf("key %s",keystr(keyrec->desc.u.kid));
489       break;
490
491     case KEYDB_SEARCH_MODE_FPR16:
492       printf("key ");
493       for(i=0;i<16;i++)
494         printf("%02X",keyrec->desc.u.fpr[i]);
495       break;
496
497     case KEYDB_SEARCH_MODE_FPR20:
498       printf("key ");
499       for(i=0;i<20;i++)
500         printf("%02X",keyrec->desc.u.fpr[i]);
501       break;
502
503     default:
504       BUG();
505       break;
506     }
507
508   if(keyrec->createtime>0)
509     {
510       printf(", ");
511       printf(_("created: %s"),strtimestamp(keyrec->createtime));
512     }
513
514   if(keyrec->expiretime>0)
515     {
516       printf(", ");
517       printf(_("expires: %s"),strtimestamp(keyrec->expiretime));
518     }
519
520   if(keyrec->flags&1)
521     printf(" (%s)",_("revoked"));
522   if(keyrec->flags&2)
523     printf(" (%s)",_("disabled"));
524   if(keyrec->flags&4)
525     printf(" (%s)",_("expired"));
526
527   printf("\n");
528 }
529
530 /* Returns a keyrec (which must be freed) once a key is complete, and
531    NULL otherwise.  Call with a NULL keystring once key parsing is
532    complete to return any unfinished keys. */
533 static struct keyrec *
534 parse_keyrec(char *keystring)
535 {
536   static struct keyrec *work=NULL;
537   struct keyrec *ret=NULL;
538   char *record;
539   int i;
540
541   if(keystring==NULL)
542     {
543       if(work==NULL)
544         return NULL;
545       else if(work->desc.mode==KEYDB_SEARCH_MODE_NONE)
546         {
547           xfree(work);
548           return NULL;
549         }
550       else
551         {
552           ret=work;
553           work=NULL;
554           return ret;
555         }
556     }
557
558   if(work==NULL)
559     {
560       work=xmalloc_clear(sizeof(struct keyrec));
561       work->uidbuf=iobuf_temp();
562     }
563
564   /* Remove trailing whitespace */
565   for(i=strlen(keystring);i>0;i--)
566     if(ascii_isspace(keystring[i-1]))
567       keystring[i-1]='\0';
568     else
569       break;
570
571   if((record=strsep(&keystring,":"))==NULL)
572     return ret;
573
574   if(ascii_strcasecmp("pub",record)==0)
575     {
576       char *tok;
577
578       if(work->desc.mode)
579         {
580           ret=work;
581           work=xmalloc_clear(sizeof(struct keyrec));
582           work->uidbuf=iobuf_temp();
583         }
584
585       if((tok=strsep(&keystring,":"))==NULL)
586         return ret;
587
588       classify_user_id(tok,&work->desc);
589       if(work->desc.mode!=KEYDB_SEARCH_MODE_SHORT_KID
590          && work->desc.mode!=KEYDB_SEARCH_MODE_LONG_KID
591          && work->desc.mode!=KEYDB_SEARCH_MODE_FPR16
592          && work->desc.mode!=KEYDB_SEARCH_MODE_FPR20)
593         {
594           work->desc.mode=KEYDB_SEARCH_MODE_NONE;
595           return ret;
596         }
597
598       /* Note all items after this are optional.  This allows us to
599          have a pub line as simple as pub:keyid and nothing else. */
600
601       work->lines++;
602
603       if((tok=strsep(&keystring,":"))==NULL)
604         return ret;
605
606       work->type=atoi(tok);
607
608       if((tok=strsep(&keystring,":"))==NULL)
609         return ret;
610
611       work->size=atoi(tok);
612
613       if((tok=strsep(&keystring,":"))==NULL)
614         return ret;
615
616       if(atoi(tok)<=0)
617         work->createtime=0;
618       else
619         work->createtime=atoi(tok);
620
621       if((tok=strsep(&keystring,":"))==NULL)
622         return ret;
623
624       if(atoi(tok)<=0)
625         work->expiretime=0;
626       else
627         {
628           work->expiretime=atoi(tok);
629           /* Force the 'e' flag on if this key is expired. */
630           if(work->expiretime<=make_timestamp())
631             work->flags|=4;
632         }
633
634       if((tok=strsep(&keystring,":"))==NULL)
635         return ret;
636
637       while(*tok)
638         switch(*tok++)
639           {
640           case 'r':
641           case 'R':
642             work->flags|=1;
643             break;
644             
645           case 'd':
646           case 'D':
647             work->flags|=2;
648             break;
649
650           case 'e':
651           case 'E':
652             work->flags|=4;
653             break;
654           }
655     }
656   else if(ascii_strcasecmp("uid",record)==0 && work->desc.mode)
657     {
658       char *userid,*tok,*decoded;
659
660       if((tok=strsep(&keystring,":"))==NULL)
661         return ret;
662
663       if(strlen(tok)==0)
664         return ret;
665
666       userid=tok;
667
668       /* By definition, de-%-encoding is always smaller than the
669          original string so we can decode in place. */
670
671       i=0;
672
673       while(*tok)
674         if(tok[0]=='%' && tok[1] && tok[2])
675           {
676             if((userid[i]=hextobyte(&tok[1]))==-1)
677               userid[i]='?';
678
679             i++;
680             tok+=3;
681           }
682         else
683           userid[i++]=*tok++;
684
685       /* We don't care about the other info provided in the uid: line
686          since no keyserver supports marking userids with timestamps
687          or revoked/expired/disabled yet. */
688
689       /* No need to check for control characters, as utf8_to_native
690          does this for us. */
691
692       decoded=utf8_to_native(userid,i,0);
693       if(strlen(decoded)>opt.screen_columns-10)
694         decoded[opt.screen_columns-10]='\0';
695       iobuf_writestr(work->uidbuf,decoded);
696       xfree(decoded);
697       iobuf_writestr(work->uidbuf,"\n\t");
698       work->lines++;
699     }
700
701   /* Ignore any records other than "pri" and "uid" for easy future
702      growth. */
703
704   return ret;
705 }
706
707 /* TODO: do this as a list sent to keyserver_work rather than calling
708    it once for each key to get the correct counts after the import
709    (cosmetics, really) and to better take advantage of the keyservers
710    that can do multiple fetches in one go (LDAP). */
711 static int
712 show_prompt(KEYDB_SEARCH_DESC *desc,int numdesc,int count,const char *search)
713 {
714   char *answer;
715
716   if(count && opt.command_fd==-1)
717     {
718       static int from=1;
719       tty_printf("Keys %d-%d of %d for \"%s\".  ",from,numdesc,count,search);
720       from=numdesc+1;
721     }
722
723   answer=cpr_get_no_help("keysearch.prompt",
724                          _("Enter number(s), N)ext, or Q)uit > "));
725   /* control-d */
726   if(answer[0]=='\x04')
727     {
728       printf("Q\n");
729       answer[0]='q';
730     }
731
732   if(answer[0]=='q' || answer[0]=='Q')
733     {
734       xfree(answer);
735       return 1;
736     }
737   else if(atoi(answer)>=1 && atoi(answer)<=numdesc)
738     {
739       char *split=answer,*num;
740
741       while((num=strsep(&split," ,"))!=NULL)
742         if(atoi(num)>=1 && atoi(num)<=numdesc)
743           keyserver_work(KS_GET,NULL,&desc[atoi(num)-1],1,
744                          NULL,NULL,opt.keyserver);
745
746       xfree(answer);
747       return 1;
748     }
749
750   return 0;
751 }
752
753 /* Count and searchstr are just for cosmetics.  If the count is too
754    small, it will grow safely.  If negative it disables the "Key x-y
755    of z" messages.  searchstr should be UTF-8 (rather than native). */
756 static void
757 keyserver_search_prompt(IOBUF buffer,const char *searchstr)
758 {
759   int i=0,validcount=0,started=0,header=0,count=1;
760   unsigned int maxlen,buflen,numlines=0;
761   KEYDB_SEARCH_DESC *desc;
762   byte *line=NULL;
763   char *localstr=NULL;
764
765   if(searchstr)
766     localstr=utf8_to_native(searchstr,strlen(searchstr),0);
767
768   desc=xmalloc(count*sizeof(KEYDB_SEARCH_DESC));
769
770   for(;;)
771     {
772       struct keyrec *keyrec;
773       int rl;
774
775       maxlen=1024;
776       rl=iobuf_read_line(buffer,&line,&buflen,&maxlen);
777
778       if(opt.with_colons)
779         {
780           if(!header && ascii_strncasecmp("SEARCH ",line,7)==0
781              && ascii_strncasecmp(" BEGIN",&line[strlen(line)-7],6)==0)
782             {
783               header=1;
784               continue;
785             }
786           else if(ascii_strncasecmp("SEARCH ",line,7)==0
787                   && ascii_strncasecmp(" END",&line[strlen(line)-5],4)==0)
788             continue;
789
790           printf("%s",line);
791         }
792
793       /* Look for an info: line.  The only current info: values
794          defined are the version and key count. */
795       if(!started && rl>0 && ascii_strncasecmp("info:",line,5)==0)
796         {
797           char *tok,*str=&line[5];
798
799           if((tok=strsep(&str,":"))!=NULL)
800             {
801               int version;
802
803               if(sscanf(tok,"%d",&version)!=1)
804                 version=1;
805
806               if(version!=1)
807                 {
808                   log_error(_("invalid keyserver protocol "
809                               "(us %d!=handler %d)\n"),1,version);
810                   break;
811                 }
812             }
813
814           if((tok=strsep(&str,":"))!=NULL && sscanf(tok,"%d",&count)==1)
815             {
816               if(count==0)
817                 goto notfound;
818               else if(count<0)
819                 count=10;
820               else
821                 validcount=1;
822
823               desc=xrealloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
824             }
825
826           started=1;
827           continue;
828         }
829
830       if(rl==0)
831         {
832           keyrec=parse_keyrec(NULL);
833
834           if(keyrec==NULL)
835             {
836               if(i==0)
837                 {
838                   count=0;
839                   break;
840                 }
841
842               if(i!=count)
843                 validcount=0;
844
845               for(;;)
846                 {
847                   if(show_prompt(desc,i,validcount?count:0,localstr))
848                     break;
849                   validcount=0;
850                 }
851
852               break;
853             }
854         }
855       else
856         keyrec=parse_keyrec(line);
857
858       if(i==count)
859         {
860           /* keyserver helper sent more keys than they claimed in the
861              info: line. */
862           count+=10;
863           desc=xrealloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
864           validcount=0;
865         }
866
867       if(keyrec)
868         {
869           desc[i]=keyrec->desc;
870
871           if(!opt.with_colons)
872             {
873               /* screen_lines - 1 for the prompt. */
874               if(numlines+keyrec->lines>opt.screen_lines-1)
875                 {
876                   if(show_prompt(desc,i,validcount?count:0,localstr))
877                     break;
878                   else
879                     numlines=0;
880                 }
881
882               print_keyrec(i+1,keyrec);
883             }
884
885           numlines+=keyrec->lines;
886           iobuf_close(keyrec->uidbuf);
887           xfree(keyrec);
888
889           started=1;
890           i++;
891         }
892     }
893
894  notfound:
895   /* Leave this commented out or now, and perhaps for a very long
896      time.  All HKPish servers return HTML error messages for
897      no-key-found. */
898   /* 
899      if(!started)
900      log_info(_("keyserver does not support searching\n"));
901      else
902   */
903   if(count==0)
904     {
905       if(localstr)
906         log_info(_("key \"%s\" not found on keyserver\n"),localstr);
907       else
908         log_info(_("key not found on keyserver\n"));
909     }
910
911   xfree(localstr);
912   xfree(desc);
913   xfree(line);
914 }
915
916 /* We sometimes want to use a different gpgkeys_xxx for a given
917    protocol (for example, ldaps is handled by gpgkeys_ldap).  Map
918    these here. */
919 static const char *
920 keyserver_typemap(const char *type)
921 {
922   if(strcmp(type,"ldaps")==0)
923     return "ldap";
924   else
925     return type;
926 }
927
928 /* The PGP LDAP and the curl fetch-a-LDAP-object methodologies are
929    sufficiently different that we can't use curl to do LDAP. */
930 static int
931 direct_uri_map(const char *scheme,unsigned int is_direct)
932 {
933   if(is_direct && strcmp(scheme,"ldap")==0)
934     return 1;
935
936   return 0;
937 }
938
939 #define GPGKEYS_PREFIX "gpgkeys_"
940 #define GPGKEYS_CURL GPGKEYS_PREFIX "curl" EXEEXT
941 #define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_CURL))
942 #define KEYSERVER_ARGS_KEEP " -o \"%O\" \"%I\""
943 #define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\""
944
945 static int 
946 keyserver_spawn(enum ks_action action,STRLIST list,KEYDB_SEARCH_DESC *desc,
947                 int count,int *prog,unsigned char **fpr,size_t *fpr_len,
948                 struct keyserver_spec *keyserver)
949 {
950   int ret=0,i,gotversion=0,outofband=0;
951   STRLIST temp;
952   unsigned int maxlen,buflen;
953   char *command,*end,*searchstr=NULL;
954   byte *line=NULL;
955   struct exec_info *spawn;
956   const char *scheme;
957   const char *libexecdir = get_libexecdir ();
958
959   assert(keyserver);
960
961 #ifdef EXEC_TEMPFILE_ONLY
962   opt.keyserver_options.options|=KEYSERVER_USE_TEMP_FILES;
963 #endif
964
965   /* Build the filename for the helper to execute */
966   scheme=keyserver_typemap(keyserver->scheme);
967
968 #ifdef DISABLE_KEYSERVER_PATH
969   /* Destroy any path we might have.  This is a little tricky,
970      portability-wise.  It's not correct to delete the PATH
971      environment variable, as that may fall back to a system built-in
972      PATH.  Similarly, it is not correct to set PATH to the null
973      string (PATH="") since this actually deletes the PATH environment
974      variable under MinGW.  The safest thing to do here is to force
975      PATH to be GNUPG_LIBEXECDIR.  All this is not that meaningful on
976      Unix-like systems (since we're going to give a full path to
977      gpgkeys_foo), but on W32 it prevents loading any DLLs from
978      directories in %PATH%.
979
980      After some more thinking about this we came to the conclusion
981      that it is better to load the helpers from the directory where
982      the program of this process lives.  Fortunately Windows provides
983      a way to retrieve this and our get_libexecdir function has been
984      modified to return just this.  Setting the exec-path is not
985      anymore required.  
986        set_exec_path(libexecdir);
987  */
988 #else
989   if(opt.exec_path_set)
990     {
991       /* If exec-path was set, and DISABLE_KEYSERVER_PATH is
992          undefined, then don't specify a full path to gpgkeys_foo, so
993          that the PATH can work. */
994       command=xmalloc(GPGKEYS_PREFIX_LEN+strlen(scheme)+3+strlen(EXEEXT)+1);
995       command[0]='\0';
996     }
997   else
998 #endif
999     {
1000       /* Specify a full path to gpgkeys_foo. */
1001       command=xmalloc(strlen(libexecdir)+strlen(DIRSEP_S)+
1002                       GPGKEYS_PREFIX_LEN+strlen(scheme)+3+strlen(EXEEXT)+1);
1003       strcpy(command,libexecdir);
1004       strcat(command,DIRSEP_S);
1005     }
1006
1007   end=command+strlen(command);
1008
1009   /* Build a path for the keyserver helper.  If it is direct_uri
1010      (i.e. an object fetch and not a keyserver), then add "_uri" to
1011      the end to distinguish the keyserver helper from an object
1012      fetcher that can speak that protocol (this is a problem for
1013      LDAP). */
1014
1015   strcat(command,GPGKEYS_PREFIX); 
1016   strcat(command,scheme);
1017
1018   /* This "_uri" thing is in case we need to call a direct handler
1019      instead of the keyserver handler.  This lets us use gpgkeys_curl
1020      or gpgkeys_ldap_uri (we don't provide it, but a user might)
1021      instead of gpgkeys_ldap to fetch things like
1022      ldap://keyserver.pgp.com/o=PGP%20keys?pgpkey?sub?pgpkeyid=99242560 */
1023
1024   if(direct_uri_map(scheme,keyserver->flags.direct_uri))
1025     strcat(command,"_uri");
1026
1027   strcat(command,EXEEXT);
1028
1029   /* Can we execute it?  If not, try curl as our catchall. */
1030   if(path_access(command,X_OK)!=0)
1031     strcpy(end,GPGKEYS_CURL);
1032
1033   if(opt.keyserver_options.options&KEYSERVER_USE_TEMP_FILES)
1034     {
1035       if(opt.keyserver_options.options&KEYSERVER_KEEP_TEMP_FILES)
1036         {
1037           command=xrealloc(command,strlen(command)+
1038                             strlen(KEYSERVER_ARGS_KEEP)+1);
1039           strcat(command,KEYSERVER_ARGS_KEEP);
1040         }
1041       else
1042         {
1043           command=xrealloc(command,strlen(command)+
1044                             strlen(KEYSERVER_ARGS_NOKEEP)+1);
1045           strcat(command,KEYSERVER_ARGS_NOKEEP);  
1046         }
1047
1048       ret=exec_write(&spawn,NULL,command,NULL,0,0);
1049     }
1050   else
1051     ret=exec_write(&spawn,command,NULL,NULL,0,0);
1052
1053   xfree(command);
1054
1055   if(ret)
1056     return ret;
1057
1058   fprintf(spawn->tochild,
1059           "# This is a GnuPG %s keyserver communications file\n",VERSION);
1060   fprintf(spawn->tochild,"VERSION %d\n",KEYSERVER_PROTO_VERSION);
1061   fprintf(spawn->tochild,"PROGRAM %s\n",VERSION);
1062   fprintf(spawn->tochild,"SCHEME %s\n",keyserver->scheme);
1063
1064   if(keyserver->opaque)
1065     fprintf(spawn->tochild,"OPAQUE %s\n",keyserver->opaque);
1066   else
1067     {
1068       if(keyserver->auth)
1069         fprintf(spawn->tochild,"AUTH %s\n",keyserver->auth);
1070
1071       if(keyserver->host)
1072         fprintf(spawn->tochild,"HOST %s\n",keyserver->host);
1073
1074       if(keyserver->port)
1075         fprintf(spawn->tochild,"PORT %s\n",keyserver->port);
1076
1077       if(keyserver->path)
1078         fprintf(spawn->tochild,"PATH %s\n",keyserver->path);
1079     }
1080
1081   /* Write global options */
1082
1083   for(temp=opt.keyserver_options.other;temp;temp=temp->next)
1084     fprintf(spawn->tochild,"OPTION %s\n",temp->d);
1085
1086   /* Write per-keyserver options */
1087
1088   for(temp=keyserver->options;temp;temp=temp->next)
1089     fprintf(spawn->tochild,"OPTION %s\n",temp->d);
1090
1091   switch(action)
1092     {
1093     case KS_GET:
1094       {
1095         fprintf(spawn->tochild,"COMMAND GET\n\n");
1096
1097         /* Which keys do we want? */
1098
1099         for(i=0;i<count;i++)
1100           {
1101             int quiet=0;
1102
1103             if(desc[i].mode==KEYDB_SEARCH_MODE_FPR20)
1104               {
1105                 int f;
1106
1107                 fprintf(spawn->tochild,"0x");
1108
1109                 for(f=0;f<MAX_FINGERPRINT_LEN;f++)
1110                   fprintf(spawn->tochild,"%02X",desc[i].u.fpr[f]);
1111
1112                 fprintf(spawn->tochild,"\n");
1113               }
1114             else if(desc[i].mode==KEYDB_SEARCH_MODE_FPR16)
1115               {
1116                 int f;
1117
1118                 fprintf(spawn->tochild,"0x");
1119
1120                 for(f=0;f<16;f++)
1121                   fprintf(spawn->tochild,"%02X",desc[i].u.fpr[f]);
1122
1123                 fprintf(spawn->tochild,"\n");
1124               }
1125             else if(desc[i].mode==KEYDB_SEARCH_MODE_LONG_KID)
1126               fprintf(spawn->tochild,"0x%08lX%08lX\n",
1127                       (ulong)desc[i].u.kid[0],
1128                       (ulong)desc[i].u.kid[1]);
1129             else if(desc[i].mode==KEYDB_SEARCH_MODE_SHORT_KID)
1130               fprintf(spawn->tochild,"0x%08lX\n",
1131                       (ulong)desc[i].u.kid[1]);
1132             else if(desc[i].mode==KEYDB_SEARCH_MODE_EXACT)
1133               {
1134                 fprintf(spawn->tochild,"0x0000000000000000\n");
1135                 quiet=1;
1136               }
1137             else if(desc[i].mode==KEYDB_SEARCH_MODE_NONE)
1138               continue;
1139             else
1140               BUG();
1141
1142             if(!quiet)
1143               {
1144                 if(keyserver->host)
1145                   log_info(_("requesting key %s from %s server %s\n"),
1146                            keystr_from_desc(&desc[i]),
1147                            keyserver->scheme,keyserver->host);
1148                 else
1149                   log_info(_("requesting key %s from %s\n"),
1150                            keystr_from_desc(&desc[i]),keyserver->uri);
1151               }
1152           }
1153
1154         fprintf(spawn->tochild,"\n");
1155
1156         break;
1157       }
1158
1159     case KS_GETNAME:
1160       {
1161         STRLIST key;
1162
1163         fprintf(spawn->tochild,"COMMAND GETNAME\n\n");
1164
1165         /* Which names do we want? */
1166
1167         for(key=list;key!=NULL;key=key->next)
1168           fprintf(spawn->tochild,"%s\n",key->d);
1169
1170         fprintf(spawn->tochild,"\n");
1171
1172         if(keyserver->host)
1173           log_info(_("searching for names from %s server %s\n"),
1174                    keyserver->scheme,keyserver->host);
1175         else
1176           log_info(_("searching for names from %s\n"),keyserver->uri);
1177
1178         break;
1179       }
1180
1181     case KS_SEND:
1182       {
1183         STRLIST key;
1184
1185         /* Note the extra \n here to send an empty keylist block */
1186         fprintf(spawn->tochild,"COMMAND SEND\n\n\n");
1187
1188         for(key=list;key!=NULL;key=key->next)
1189           {
1190             armor_filter_context_t afx;
1191             IOBUF buffer=iobuf_temp();
1192             KBNODE block;
1193
1194             temp=NULL;
1195             add_to_strlist(&temp,key->d);
1196
1197             memset(&afx,0,sizeof(afx));
1198             afx.what=1;
1199             /* Tell the armor filter to use Unix-style \n line
1200                endings, since we're going to fprintf this to a file
1201                that (on Win32) is open in text mode.  The win32 stdio
1202                will transform the \n to \r\n and we'll end up with the
1203                proper line endings on win32.  This is a no-op on
1204                Unix. */
1205             afx.eol[0]='\n';
1206             iobuf_push_filter(buffer,armor_filter,&afx);
1207
1208             /* TODO: Remove Comment: lines from keys exported this
1209                way? */
1210
1211             if(export_pubkeys_stream(buffer,temp,&block,
1212                                      opt.keyserver_options.export_options)==-1)
1213               iobuf_close(buffer);
1214             else
1215               {
1216                 KBNODE node;
1217
1218                 iobuf_flush_temp(buffer);
1219
1220                 merge_keys_and_selfsig(block);
1221
1222                 fprintf(spawn->tochild,"INFO %08lX%08lX BEGIN\n",
1223                         (ulong)block->pkt->pkt.public_key->keyid[0],
1224                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1225
1226                 for(node=block;node;node=node->next)
1227                   {
1228                     switch(node->pkt->pkttype)
1229                       {
1230                       default:
1231                         continue;
1232
1233                       case PKT_PUBLIC_KEY:
1234                       case PKT_PUBLIC_SUBKEY:
1235                         {
1236                           PKT_public_key *pk=node->pkt->pkt.public_key;
1237
1238                           keyid_from_pk(pk,NULL);
1239
1240                           fprintf(spawn->tochild,"%sb:%08lX%08lX:%u:%u:%u:%u:",
1241                                   node->pkt->pkttype==PKT_PUBLIC_KEY?"pu":"su",
1242                                   (ulong)pk->keyid[0],(ulong)pk->keyid[1],
1243                                   pk->pubkey_algo,
1244                                   nbits_from_pk(pk),
1245                                   pk->timestamp,
1246                                   pk->expiredate);
1247
1248                           if(pk->is_revoked)
1249                             fprintf(spawn->tochild,"r");
1250                           if(pk->has_expired)
1251                             fprintf(spawn->tochild,"e");
1252
1253                           fprintf(spawn->tochild,"\n");
1254                         }
1255                         break;
1256
1257                       case PKT_USER_ID:
1258                         {
1259                           PKT_user_id *uid=node->pkt->pkt.user_id;
1260                           int r;
1261
1262                           if(uid->attrib_data)
1263                             continue;
1264
1265                           fprintf(spawn->tochild,"uid:");
1266
1267                           /* Quote ':', '%', and any 8-bit
1268                              characters */
1269                           for(r=0;r<uid->len;r++)
1270                             {
1271                               if(uid->name[r]==':' || uid->name[r]=='%'
1272                                  || uid->name[r]&0x80)
1273                                 fprintf(spawn->tochild,"%%%02X",
1274                                         (byte)uid->name[r]);
1275                               else
1276                                 fprintf(spawn->tochild,"%c",uid->name[r]);
1277                             }
1278
1279                           fprintf(spawn->tochild,":%u:%u:",
1280                                   uid->created,uid->expiredate);
1281
1282                           if(uid->is_revoked)
1283                             fprintf(spawn->tochild,"r");
1284                           if(uid->is_expired)
1285                             fprintf(spawn->tochild,"e");
1286
1287                           fprintf(spawn->tochild,"\n");
1288                         }
1289                         break;
1290
1291                         /* This bit is really for the benefit of
1292                            people who store their keys in LDAP
1293                            servers.  It makes it easy to do queries
1294                            for things like "all keys signed by
1295                            Isabella". */
1296                       case PKT_SIGNATURE:
1297                         {
1298                           PKT_signature *sig=node->pkt->pkt.signature;
1299
1300                           if(!IS_UID_SIG(sig))
1301                             continue;
1302
1303                           fprintf(spawn->tochild,"sig:%08lX%08lX:%X:%u:%u\n",
1304                                   (ulong)sig->keyid[0],(ulong)sig->keyid[1],
1305                                   sig->sig_class,sig->timestamp,
1306                                   sig->expiredate);
1307                         }
1308                         break;
1309                       }
1310                   }
1311
1312                 fprintf(spawn->tochild,"INFO %08lX%08lX END\n",
1313                         (ulong)block->pkt->pkt.public_key->keyid[0],
1314                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1315
1316                 fprintf(spawn->tochild,"KEY %08lX%08lX BEGIN\n",
1317                         (ulong)block->pkt->pkt.public_key->keyid[0],
1318                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1319                 fwrite(iobuf_get_temp_buffer(buffer),
1320                        iobuf_get_temp_length(buffer),1,spawn->tochild);
1321                 fprintf(spawn->tochild,"KEY %08lX%08lX END\n",
1322                         (ulong)block->pkt->pkt.public_key->keyid[0],
1323                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1324
1325                 iobuf_close(buffer);
1326
1327                 if(keyserver->host)
1328                   log_info(_("sending key %s to %s server %s\n"),
1329                            keystr(block->pkt->pkt.public_key->keyid),
1330                            keyserver->scheme,keyserver->host);
1331                 else
1332                   log_info(_("sending key %s to %s\n"),
1333                            keystr(block->pkt->pkt.public_key->keyid),
1334                            keyserver->uri);
1335
1336                 release_kbnode(block);
1337               }
1338
1339             free_strlist(temp);
1340           }
1341
1342         break;
1343       }
1344
1345     case KS_SEARCH:
1346       {
1347         STRLIST key;
1348
1349         fprintf(spawn->tochild,"COMMAND SEARCH\n\n");
1350
1351         /* Which keys do we want?  Remember that the gpgkeys_ program
1352            is going to lump these together into a search string. */
1353
1354         for(key=list;key!=NULL;key=key->next)
1355           {
1356             fprintf(spawn->tochild,"%s\n",key->d);
1357             if(key!=list)
1358               {
1359                 searchstr=xrealloc(searchstr,
1360                                     strlen(searchstr)+strlen(key->d)+2);
1361                 strcat(searchstr," ");
1362               }
1363             else
1364               {
1365                 searchstr=xmalloc(strlen(key->d)+1);
1366                 searchstr[0]='\0';
1367               }
1368
1369             strcat(searchstr,key->d);
1370           }
1371
1372         fprintf(spawn->tochild,"\n");
1373
1374         if(keyserver->host)
1375           log_info(_("searching for \"%s\" from %s server %s\n"),
1376                    searchstr,keyserver->scheme,keyserver->host);
1377         else
1378           log_info(_("searching for \"%s\" from %s\n"),
1379                    searchstr,keyserver->uri);
1380
1381         break;
1382       }
1383
1384     default:
1385       log_fatal(_("no keyserver action!\n"));
1386       break;
1387     }
1388
1389   /* Done sending, so start reading. */
1390   ret=exec_read(spawn);
1391   if(ret)
1392     goto fail;
1393
1394   /* Now handle the response */
1395
1396   for(;;)
1397     {
1398       int plen;
1399       char *ptr;
1400
1401       maxlen=1024;
1402       if(iobuf_read_line(spawn->fromchild,&line,&buflen,&maxlen)==0)
1403         {
1404           ret=G10ERR_READ_FILE;
1405           goto fail; /* i.e. EOF */
1406         }
1407
1408       ptr=line;
1409
1410       /* remove trailing whitespace */
1411       plen=strlen(ptr);
1412       while(plen>0 && ascii_isspace(ptr[plen-1]))
1413         plen--;
1414       plen[ptr]='\0';
1415
1416       if(*ptr=='\0')
1417         break;
1418
1419       if(ascii_strncasecmp(ptr,"VERSION ",8)==0)
1420         {
1421           gotversion=1;
1422
1423           if(atoi(&ptr[8])!=KEYSERVER_PROTO_VERSION)
1424             {
1425               log_error(_("invalid keyserver protocol (us %d!=handler %d)\n"),
1426                         KEYSERVER_PROTO_VERSION,atoi(&ptr[8]));
1427               goto fail;
1428             }
1429         }
1430       else if(ascii_strncasecmp(ptr,"PROGRAM ",8)==0)
1431         {
1432           if(ascii_strncasecmp(&ptr[8],VERSION,strlen(VERSION))!=0)
1433             log_info(_("WARNING: keyserver handler from a different"
1434                        " version of GnuPG (%s)\n"),&ptr[8]);
1435         }
1436       else if(ascii_strncasecmp(ptr,"OPTION OUTOFBAND",16)==0)
1437         outofband=1; /* Currently the only OPTION */
1438     }
1439
1440   if(!gotversion)
1441     {
1442       log_error(_("keyserver did not send VERSION\n"));
1443       goto fail;
1444     }
1445
1446   if(!outofband)
1447     switch(action)
1448       {
1449       case KS_GET:
1450       case KS_GETNAME:
1451         {
1452           void *stats_handle;
1453
1454           stats_handle=import_new_stats_handle();
1455
1456           /* Slurp up all the key data.  In the future, it might be
1457              nice to look for KEY foo OUTOFBAND and FAILED indicators.
1458              It's harmless to ignore them, but ignoring them does make
1459              gpg complain about "no valid OpenPGP data found".  One
1460              way to do this could be to continue parsing this
1461              line-by-line and make a temp iobuf for each key. */
1462
1463           import_keys_stream(spawn->fromchild,stats_handle,fpr,fpr_len,
1464                              opt.keyserver_options.import_options);
1465
1466           import_print_stats(stats_handle);
1467           import_release_stats_handle(stats_handle);
1468
1469           break;
1470         }
1471
1472         /* Nothing to do here */
1473       case KS_SEND:
1474         break;
1475
1476       case KS_SEARCH:
1477         keyserver_search_prompt(spawn->fromchild,searchstr);
1478         break;
1479
1480       default:
1481         log_fatal(_("no keyserver action!\n"));
1482         break;
1483       }
1484
1485  fail:
1486   xfree(line);
1487   xfree(searchstr);
1488
1489
1490   *prog=exec_finish(spawn);
1491
1492   return ret;
1493 }
1494
1495 static int 
1496 keyserver_work(enum ks_action action,STRLIST list,KEYDB_SEARCH_DESC *desc,
1497                int count,unsigned char **fpr,size_t *fpr_len,
1498                struct keyserver_spec *keyserver)
1499 {
1500   int rc=0,ret=0;
1501
1502   if(!keyserver)
1503     {
1504       log_error(_("no keyserver known (use option --keyserver)\n"));
1505       return G10ERR_BAD_URI;
1506     }
1507
1508 #ifdef DISABLE_KEYSERVER_HELPERS
1509
1510   log_error(_("external keyserver calls are not supported in this build\n"));
1511   return G10ERR_KEYSERVER;
1512
1513 #else
1514   /* Spawn a handler */
1515
1516   rc=keyserver_spawn(action,list,desc,count,&ret,fpr,fpr_len,keyserver);
1517   if(ret)
1518     {
1519       switch(ret)
1520         {
1521         case KEYSERVER_SCHEME_NOT_FOUND:
1522           log_error(_("no handler for keyserver scheme `%s'\n"),
1523                     keyserver->scheme);
1524           break;
1525
1526         case KEYSERVER_NOT_SUPPORTED:
1527           log_error(_("action `%s' not supported with keyserver "
1528                       "scheme `%s'\n"),
1529                     action==KS_GET?"get":action==KS_SEND?"send":
1530                     action==KS_SEARCH?"search":"unknown",
1531                     keyserver->scheme);
1532           break;
1533
1534         case KEYSERVER_VERSION_ERROR:
1535           log_error(_(GPGKEYS_PREFIX "%s does not support"
1536                       " handler version %d\n"),
1537                     keyserver_typemap(keyserver->scheme),
1538                     KEYSERVER_PROTO_VERSION);
1539           break;
1540
1541         case KEYSERVER_TIMEOUT:
1542           log_error(_("keyserver timed out\n"));
1543           break;
1544
1545         case KEYSERVER_INTERNAL_ERROR:
1546         default:
1547           log_error(_("keyserver internal error\n"));
1548           break;
1549         }
1550
1551       return G10ERR_KEYSERVER;
1552     }
1553
1554   if(rc)
1555     {
1556       log_error(_("keyserver communications error: %s\n"),g10_errstr(rc));
1557
1558       return rc;
1559     }
1560
1561   return 0;
1562 #endif /* ! DISABLE_KEYSERVER_HELPERS*/
1563 }
1564
1565 int 
1566 keyserver_export(STRLIST users)
1567 {
1568   STRLIST sl=NULL;
1569   KEYDB_SEARCH_DESC desc;
1570   int rc=0;
1571
1572   /* Weed out descriptors that we don't support sending */
1573   for(;users;users=users->next)
1574     {
1575       classify_user_id (users->d, &desc);
1576       if(desc.mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
1577          desc.mode!=KEYDB_SEARCH_MODE_LONG_KID &&
1578          desc.mode!=KEYDB_SEARCH_MODE_FPR16 &&
1579          desc.mode!=KEYDB_SEARCH_MODE_FPR20)
1580         {
1581           log_error(_("\"%s\" not a key ID: skipping\n"),users->d);
1582           continue;
1583         }
1584       else
1585         append_to_strlist(&sl,users->d);
1586     }
1587
1588   if(sl)
1589     {
1590       rc=keyserver_work(KS_SEND,sl,NULL,0,NULL,NULL,opt.keyserver);
1591       free_strlist(sl);
1592     }
1593
1594   return rc;
1595 }
1596
1597 int 
1598 keyserver_import(STRLIST users)
1599 {
1600   KEYDB_SEARCH_DESC *desc;
1601   int num=100,count=0;
1602   int rc=0;
1603
1604   /* Build a list of key ids */
1605   desc=xmalloc(sizeof(KEYDB_SEARCH_DESC)*num);
1606
1607   for(;users;users=users->next)
1608     {
1609       classify_user_id (users->d, &desc[count]);
1610       if(desc[count].mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
1611          desc[count].mode!=KEYDB_SEARCH_MODE_LONG_KID &&
1612          desc[count].mode!=KEYDB_SEARCH_MODE_FPR16 &&
1613          desc[count].mode!=KEYDB_SEARCH_MODE_FPR20)
1614         {
1615           log_error(_("\"%s\" not a key ID: skipping\n"),users->d);
1616           continue;
1617         }
1618
1619       count++;
1620       if(count==num)
1621         {
1622           num+=100;
1623           desc=xrealloc(desc,sizeof(KEYDB_SEARCH_DESC)*num);
1624         }
1625     }
1626
1627   if(count>0)
1628     rc=keyserver_work(KS_GET,NULL,desc,count,NULL,NULL,opt.keyserver);
1629
1630   xfree(desc);
1631
1632   return rc;
1633 }
1634
1635 int
1636 keyserver_import_fprint(const byte *fprint,size_t fprint_len,
1637                         struct keyserver_spec *keyserver)
1638 {
1639   KEYDB_SEARCH_DESC desc;
1640
1641   memset(&desc,0,sizeof(desc));
1642
1643   if(fprint_len==16)
1644     desc.mode=KEYDB_SEARCH_MODE_FPR16;
1645   else if(fprint_len==20)
1646     desc.mode=KEYDB_SEARCH_MODE_FPR20;
1647   else
1648     return -1;
1649
1650   memcpy(desc.u.fpr,fprint,fprint_len);
1651
1652   /* TODO: Warn here if the fingerprint we got doesn't match the one
1653      we asked for? */
1654   return keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,keyserver);
1655 }
1656
1657 int 
1658 keyserver_import_keyid(u32 *keyid,struct keyserver_spec *keyserver)
1659 {
1660   KEYDB_SEARCH_DESC desc;
1661
1662   memset(&desc,0,sizeof(desc));
1663
1664   desc.mode=KEYDB_SEARCH_MODE_LONG_KID;
1665   desc.u.kid[0]=keyid[0];
1666   desc.u.kid[1]=keyid[1];
1667
1668   return keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,keyserver);
1669 }
1670
1671 /* code mostly stolen from do_export_stream */
1672 static int 
1673 keyidlist(STRLIST users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
1674 {
1675   int rc=0,ndesc,num=100;
1676   KBNODE keyblock=NULL,node;
1677   KEYDB_HANDLE kdbhd;
1678   KEYDB_SEARCH_DESC *desc;
1679   STRLIST sl;
1680
1681   *count=0;
1682
1683   *klist=xmalloc(sizeof(KEYDB_SEARCH_DESC)*num);
1684
1685   kdbhd=keydb_new(0);
1686
1687   if(!users)
1688     {
1689       ndesc = 1;
1690       desc = xmalloc_clear ( ndesc * sizeof *desc);
1691       desc[0].mode = KEYDB_SEARCH_MODE_FIRST;
1692     }
1693   else
1694     {
1695       for (ndesc=0, sl=users; sl; sl = sl->next, ndesc++) 
1696         ;
1697       desc = xmalloc ( ndesc * sizeof *desc);
1698         
1699       for (ndesc=0, sl=users; sl; sl = sl->next)
1700         {
1701           if(classify_user_id (sl->d, desc+ndesc))
1702             ndesc++;
1703           else
1704             log_error (_("key \"%s\" not found: %s\n"),
1705                        sl->d, g10_errstr (G10ERR_INV_USER_ID));
1706         }
1707     }
1708
1709   while (!(rc = keydb_search (kdbhd, desc, ndesc)))
1710     {
1711       if (!users) 
1712         desc[0].mode = KEYDB_SEARCH_MODE_NEXT;
1713
1714       /* read the keyblock */
1715       rc = keydb_get_keyblock (kdbhd, &keyblock );
1716       if( rc )
1717         {
1718           log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) );
1719           goto leave;
1720         }
1721
1722       if((node=find_kbnode(keyblock,PKT_PUBLIC_KEY)))
1723         {
1724           /* This is to work around a bug in some keyservers (pksd and
1725              OKS) that calculate v4 RSA keyids as if they were v3 RSA.
1726              The answer is to refresh both the correct v4 keyid
1727              (e.g. 99242560) and the fake v3 keyid (e.g. 68FDDBC7).
1728              This only happens for key refresh using the HKP scheme
1729              and if the refresh-add-fake-v3-keyids keyserver option is
1730              set. */
1731           if(fakev3 && is_RSA(node->pkt->pkt.public_key->pubkey_algo) &&
1732              node->pkt->pkt.public_key->version>=4)
1733             {
1734               (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
1735               mpi_get_keyid(node->pkt->pkt.public_key->pkey[0],
1736                             (*klist)[*count].u.kid);
1737               (*count)++;
1738
1739               if(*count==num)
1740                 {
1741                   num+=100;
1742                   *klist=xrealloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
1743                 }
1744             }
1745
1746           /* v4 keys get full fingerprints.  v3 keys get long keyids.
1747              This is because it's easy to calculate any sort of keyid
1748              from a v4 fingerprint, but not a v3 fingerprint. */
1749
1750           if(node->pkt->pkt.public_key->version<4)
1751             {
1752               (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
1753               keyid_from_pk(node->pkt->pkt.public_key,
1754                             (*klist)[*count].u.kid);
1755             }
1756           else
1757             {
1758               size_t dummy;
1759
1760               (*klist)[*count].mode=KEYDB_SEARCH_MODE_FPR20;
1761               fingerprint_from_pk(node->pkt->pkt.public_key,
1762                                   (*klist)[*count].u.fpr,&dummy);
1763             }
1764
1765           /* This is a little hackish, using the skipfncvalue as a
1766              void* pointer to the keyserver spec, but we don't need
1767              the skipfnc here, and it saves having an additional field
1768              for this (which would be wasted space most of the
1769              time). */
1770
1771           (*klist)[*count].skipfncvalue=NULL;
1772
1773           /* Are we honoring preferred keyservers? */
1774           if(opt.keyserver_options.options&KEYSERVER_HONOR_KEYSERVER_URL)
1775             {
1776               PKT_user_id *uid=NULL;
1777               PKT_signature *sig=NULL;
1778
1779               merge_keys_and_selfsig(keyblock);
1780
1781               for(node=node->next;node;node=node->next)
1782                 {
1783                   if(node->pkt->pkttype==PKT_USER_ID
1784                      && node->pkt->pkt.user_id->is_primary)
1785                     uid=node->pkt->pkt.user_id;
1786                   else if(node->pkt->pkttype==PKT_SIGNATURE
1787                           && node->pkt->pkt.signature->
1788                           flags.chosen_selfsig && uid)
1789                     {
1790                       sig=node->pkt->pkt.signature;
1791                       break;
1792                     }
1793                 }
1794
1795               /* Try and parse the keyserver URL.  If it doesn't work,
1796                  then we end up writing NULL which indicates we are
1797                  the same as any other key. */
1798               if(sig)
1799                 (*klist)[*count].skipfncvalue=parse_preferred_keyserver(sig);
1800             }
1801
1802           (*count)++;
1803
1804           if(*count==num)
1805             {
1806               num+=100;
1807               *klist=xrealloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
1808             }
1809         }
1810     }
1811
1812   if(rc==-1)
1813     rc=0;
1814   
1815  leave:
1816   if(rc)
1817     xfree(*klist);
1818   xfree(desc);
1819   keydb_release(kdbhd);
1820   release_kbnode(keyblock);
1821
1822   return rc;
1823 }
1824
1825 /* Note this is different than the original HKP refresh.  It allows
1826    usernames to refresh only part of the keyring. */
1827
1828 int
1829 keyserver_refresh(STRLIST users)
1830 {
1831   int rc,count,numdesc,fakev3=0;
1832   KEYDB_SEARCH_DESC *desc;
1833   unsigned int options=opt.keyserver_options.import_options;
1834
1835   /* We switch merge-only on during a refresh, as 'refresh' should
1836      never import new keys, even if their keyids match. */
1837   opt.keyserver_options.import_options|=IMPORT_MERGE_ONLY;
1838
1839   /* Similarly, we switch on fast-import, since refresh may make
1840      multiple import sets (due to preferred keyserver URLs).  We don't
1841      want each set to rebuild the trustdb.  Instead we do it once at
1842      the end here. */
1843   opt.keyserver_options.import_options|=IMPORT_FAST;
1844
1845   /* If refresh_add_fake_v3_keyids is on and it's a HKP or MAILTO
1846      scheme, then enable fake v3 keyid generation. */
1847   if((opt.keyserver_options.options&KEYSERVER_ADD_FAKE_V3) && opt.keyserver
1848      && (ascii_strcasecmp(opt.keyserver->scheme,"hkp")==0 ||
1849          ascii_strcasecmp(opt.keyserver->scheme,"mailto")==0))
1850     fakev3=1;
1851
1852   rc=keyidlist(users,&desc,&numdesc,fakev3);
1853   if(rc)
1854     return rc;
1855
1856   count=numdesc;
1857   if(count>0)
1858     {
1859       int i;
1860
1861       /* Try to handle preferred keyserver keys first */
1862       for(i=0;i<numdesc;i++)
1863         {
1864           if(desc[i].skipfncvalue)
1865             {
1866               struct keyserver_spec *keyserver=desc[i].skipfncvalue;
1867
1868               /* We use the keyserver structure we parsed out before.
1869                  Note that a preferred keyserver without a scheme://
1870                  will be interpreted as hkp:// */
1871
1872               rc=keyserver_work(KS_GET,NULL,&desc[i],1,NULL,NULL,keyserver);
1873               if(rc)
1874                 log_info(_("WARNING: unable to refresh key %s"
1875                            " via %s: %s\n"),keystr_from_desc(&desc[i]),
1876                          keyserver->uri,g10_errstr(rc));
1877               else
1878                 {
1879                   /* We got it, so mark it as NONE so we don't try and
1880                      get it again from the regular keyserver. */
1881
1882                   desc[i].mode=KEYDB_SEARCH_MODE_NONE;
1883                   count--;
1884                 }
1885
1886               free_keyserver_spec(keyserver);
1887             }
1888         }
1889     }
1890
1891   if(count>0)
1892     {
1893       if(opt.keyserver)
1894         {
1895           if(count==1)
1896             log_info(_("refreshing 1 key from %s\n"),opt.keyserver->uri);
1897           else
1898             log_info(_("refreshing %d keys from %s\n"),
1899                      count,opt.keyserver->uri);
1900         }
1901
1902       rc=keyserver_work(KS_GET,NULL,desc,numdesc,NULL,NULL,opt.keyserver);
1903     }
1904
1905   xfree(desc);
1906
1907   opt.keyserver_options.import_options=options;
1908
1909   /* If the original options didn't have fast import, and the trustdb
1910      is dirty, rebuild. */
1911   if(!(opt.keyserver_options.import_options&IMPORT_FAST))
1912     trustdb_check_or_update();
1913
1914   return rc;
1915 }
1916
1917 int
1918 keyserver_search(STRLIST tokens)
1919 {
1920   if(tokens)
1921     return keyserver_work(KS_SEARCH,tokens,NULL,0,NULL,NULL,opt.keyserver);
1922   else
1923     return 0;
1924 }
1925
1926 int
1927 keyserver_fetch(STRLIST urilist)
1928 {
1929   KEYDB_SEARCH_DESC desc;
1930   STRLIST sl;
1931   unsigned int options=opt.keyserver_options.import_options;
1932
1933   /* Switch on fast-import, since fetch can handle more than one
1934      import and we don't want each set to rebuild the trustdb.
1935      Instead we do it once at the end. */
1936   opt.keyserver_options.import_options|=IMPORT_FAST;
1937
1938   /* A dummy desc since we're not actually fetching a particular key
1939      ID */
1940   memset(&desc,0,sizeof(desc));
1941   desc.mode=KEYDB_SEARCH_MODE_EXACT;
1942
1943   for(sl=urilist;sl;sl=sl->next)
1944     {
1945       struct keyserver_spec *spec;
1946
1947       spec=parse_keyserver_uri(sl->d,1,NULL,0);
1948       if(spec)
1949         {
1950           int rc;
1951
1952           rc=keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,spec);
1953           if(rc)
1954             log_info (_("WARNING: unable to fetch URI %s: %s\n"),
1955                      sl->d,g10_errstr(rc));
1956
1957           free_keyserver_spec(spec);
1958         }
1959       else
1960         log_info (_("WARNING: unable to parse URI %s\n"),sl->d);
1961     }
1962
1963   opt.keyserver_options.import_options=options;
1964
1965   /* If the original options didn't have fast import, and the trustdb
1966      is dirty, rebuild. */
1967   if(!(opt.keyserver_options.import_options&IMPORT_FAST))
1968     trustdb_check_or_update();
1969
1970   return 0;
1971 }
1972
1973 /* Import key in a CERT or pointed to by a CERT */
1974 int
1975 keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len)
1976 {
1977   char *domain,*look,*url;
1978   IOBUF key;
1979   int type,rc=G10ERR_GENERAL;
1980
1981   look=xstrdup(name);
1982
1983   domain=strrchr(look,'@');
1984   if(domain)
1985     *domain='.';
1986
1987   type=get_cert(look,max_cert_size,&key,fpr,fpr_len,&url);
1988   if(type==1)
1989     {
1990       int armor_status=opt.no_armor;
1991
1992       /* CERTs are always in binary format */
1993       opt.no_armor=1;
1994
1995       rc=import_keys_stream(key,NULL,fpr,fpr_len,
1996                             opt.keyserver_options.import_options);
1997
1998       opt.no_armor=armor_status;
1999
2000       iobuf_close(key);
2001     }
2002   else if(type==2 && *fpr)
2003     {
2004       /* We only consider the IPGP type if a fingerprint was provided.
2005          This lets us select the right key regardless of what a URL
2006          points to, or get the key from a keyserver. */
2007       if(url)
2008         {
2009           struct keyserver_spec *spec;
2010
2011           spec=parse_keyserver_uri(url,1,NULL,0);
2012           if(spec)
2013             {
2014               STRLIST list=NULL;
2015
2016               add_to_strlist(&list,url);
2017
2018               rc=keyserver_fetch(list);
2019
2020               free_strlist(list);
2021               free_keyserver_spec(spec);
2022             }
2023         }
2024       else if(opt.keyserver)
2025         {
2026           /* If only a fingerprint is provided, try and fetch it from
2027              our --keyserver */
2028
2029           rc=keyserver_import_fprint(*fpr,*fpr_len,opt.keyserver);
2030         }
2031       else
2032         log_info(_("no keyserver known (use option --keyserver)\n"));
2033
2034       /* Give a better string here? "CERT fingerprint for \"%s\"
2035          found, but no keyserver" " known (use option
2036          --keyserver)\n" ? */
2037
2038       xfree(url);
2039     }
2040
2041   xfree(look);
2042
2043   return rc;
2044 }
2045
2046 /* Import key pointed to by a PKA record. Return the requested
2047    fingerprint in fpr. */
2048 int
2049 keyserver_import_pka(const char *name,unsigned char **fpr,size_t *fpr_len)
2050 {
2051   char *uri;
2052   int rc=-1;
2053
2054   *fpr=xmalloc(20);
2055   *fpr_len=20;
2056
2057   uri = get_pka_info (name, *fpr);
2058   if (uri)
2059     {
2060       struct keyserver_spec *spec;
2061       spec = parse_keyserver_uri (uri, 1, NULL, 0);
2062       if (spec)
2063         {
2064           rc=keyserver_import_fprint (*fpr, 20, spec);
2065           free_keyserver_spec (spec);
2066         }
2067       xfree (uri);
2068     }
2069
2070   if(rc!=0)
2071     xfree(*fpr);
2072
2073   return rc;
2074 }
2075
2076 /* Import all keys that match name */
2077 int
2078 keyserver_import_name(const char *name,unsigned char **fpr,size_t *fpr_len,
2079                       struct keyserver_spec *keyserver)
2080 {
2081   STRLIST list=NULL;
2082   int rc;
2083
2084   append_to_strlist(&list,name);
2085
2086   rc=keyserver_work(KS_GETNAME,list,NULL,0,fpr,fpr_len,keyserver);
2087
2088   free_strlist(list);
2089
2090   return rc;
2091 }
2092
2093 /* Use the PGP Universal trick of asking ldap://keys.(maildomain) for
2094    the key. */
2095 int
2096 keyserver_import_ldap(const char *name,unsigned char **fpr,size_t *fpr_len)
2097 {
2098   char *domain;
2099   struct keyserver_spec *keyserver;
2100   STRLIST list=NULL;
2101   int rc;
2102
2103   append_to_strlist(&list,name);
2104
2105   /* Parse out the domain */
2106   domain=strrchr(name,'@');
2107   if(!domain)
2108     return G10ERR_GENERAL;
2109
2110   domain++;
2111
2112   keyserver=xmalloc_clear(sizeof(struct keyserver_spec));
2113
2114   keyserver->scheme=xstrdup("ldap");
2115   keyserver->host=xmalloc(5+strlen(domain)+1);
2116   strcpy(keyserver->host,"keys.");
2117   strcat(keyserver->host,domain);
2118   keyserver->uri=xmalloc(strlen(keyserver->scheme)+
2119                          3+strlen(keyserver->host)+1);
2120   strcpy(keyserver->uri,keyserver->scheme);
2121   strcat(keyserver->uri,"://");
2122   strcat(keyserver->uri,keyserver->host);
2123     
2124   rc=keyserver_work(KS_GETNAME,list,NULL,0,fpr,fpr_len,keyserver);
2125
2126   free_strlist(list);
2127
2128   free_keyserver_spec(keyserver);
2129
2130   return rc;
2131 }