a0893f1ef24ac3e590c6d87bfc37523e5c3f0187
[gnupg.git] / g10 / keyserver.c
1 /* keyserver.c - generic keyserver code
2  * Copyright (C) 2001, 2002, 2003, 2004, 2005,
3  *               2006 Free Software Foundation, Inc.
4  *
5  * This file is part of GnuPG.
6  *
7  * GnuPG is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 2 of the License, or
10  * (at your option) any later version.
11  *
12  * GnuPG is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
20  * USA.
21  */
22
23 #include <config.h>
24 #include <ctype.h>
25 #include <stdio.h>
26 #include <string.h>
27 #include <stdlib.h>
28 #include <assert.h>
29 #include "filter.h"
30 #include "keydb.h"
31 #include "status.h"
32 #include "exec.h"
33 #include "main.h"
34 #include "i18n.h"
35 #include "iobuf.h"
36 #include "memory.h"
37 #include "ttyio.h"
38 #include "options.h"
39 #include "packet.h"
40 #include "trustdb.h"
41 #include "keyserver-internal.h"
42 #include "util.h"
43
44 struct keyrec
45 {
46   KEYDB_SEARCH_DESC desc;
47   u32 createtime,expiretime;
48   int size,flags;
49   byte type;
50   IOBUF uidbuf;
51   unsigned int lines;
52 };
53
54 enum ks_action {KS_UNKNOWN=0,KS_GET,KS_GETNAME,KS_SEND,KS_SEARCH};
55
56 static struct parse_options keyserver_opts[]=
57   {
58     /* some of these options are not real - just for the help
59        message */
60     {"max-cert-size",0,NULL,NULL},
61     {"include-revoked",0,NULL,N_("include revoked keys in search results")},
62     {"include-subkeys",0,NULL,N_("include subkeys when searching by key ID")},
63     {"use-temp-files",0,NULL,
64      N_("use temporary files to pass data to keyserver helpers")},
65     {"keep-temp-files",KEYSERVER_KEEP_TEMP_FILES,NULL,
66      N_("do not delete temporary files after using them")},
67     {"refresh-add-fake-v3-keyids",KEYSERVER_ADD_FAKE_V3,NULL,
68      NULL},
69     {"auto-key-retrieve",KEYSERVER_AUTO_KEY_RETRIEVE,NULL,
70      N_("automatically retrieve keys when verifying signatures")},
71     {"honor-keyserver-url",KEYSERVER_HONOR_KEYSERVER_URL,NULL,
72      N_("honor the preferred keyserver URL set on the key")},
73     {"honor-pka-record",KEYSERVER_HONOR_PKA_RECORD,NULL,
74      N_("honor the PKA record set on a key when retrieving keys")},
75     {NULL,0,NULL,NULL}
76   };
77
78 static int keyserver_work(enum ks_action action,STRLIST list,
79                           KEYDB_SEARCH_DESC *desc,int count,
80                           unsigned char **fpr,size_t *fpr_len,
81                           struct keyserver_spec *keyserver);
82
83 /* Reasonable guess */
84 #define DEFAULT_MAX_CERT_SIZE 16384
85
86 static size_t max_cert_size=DEFAULT_MAX_CERT_SIZE;
87
88 static void
89 add_canonical_option(char *option,STRLIST *list)
90 {
91   char *arg=argsplit(option);
92
93   if(arg)
94     {
95       char *joined;
96
97       joined=xmalloc(strlen(option)+1+strlen(arg)+1);
98       /* Make a canonical name=value form with no spaces */
99       strcpy(joined,option);
100       strcat(joined,"=");
101       strcat(joined,arg);
102       append_to_strlist(list,joined);
103       xfree(joined);
104     }
105   else
106     append_to_strlist(list,option);
107 }
108
109 int
110 parse_keyserver_options(char *options)
111 {
112   int ret=1;
113   char *tok;
114   char *max_cert=NULL;
115
116   keyserver_opts[0].value=&max_cert;
117
118   while((tok=optsep(&options)))
119     {
120       if(tok[0]=='\0')
121         continue;
122
123       /* For backwards compatibility.  1.2.x used honor-http-proxy and
124          there are a good number of documents published that recommend
125          it. */
126       if(ascii_strcasecmp(tok,"honor-http-proxy")==0)
127         tok="http-proxy";
128       else if(ascii_strcasecmp(tok,"no-honor-http-proxy")==0)
129         tok="no-http-proxy";
130
131       /* We accept quite a few possible options here - some options to
132          handle specially, the keyserver_options list, and import and
133          export options that pertain to keyserver operations.  Note
134          that you must use strncasecmp here as there might be an
135          =argument attached which will foil the use of strcasecmp. */
136
137 #ifdef EXEC_TEMPFILE_ONLY
138       if(ascii_strncasecmp(tok,"use-temp-files",14)==0 ||
139               ascii_strncasecmp(tok,"no-use-temp-files",17)==0)
140         log_info(_("WARNING: keyserver option `%s' is not used"
141                    " on this platform\n"),tok);
142 #else
143       if(ascii_strncasecmp(tok,"use-temp-files",14)==0)
144         opt.keyserver_options.options|=KEYSERVER_USE_TEMP_FILES;
145       else if(ascii_strncasecmp(tok,"no-use-temp-files",17)==0)
146         opt.keyserver_options.options&=~KEYSERVER_USE_TEMP_FILES;
147 #endif
148       else if(!parse_options(tok,&opt.keyserver_options.options,
149                              keyserver_opts,0)
150          && !parse_import_options(tok,
151                                   &opt.keyserver_options.import_options,0)
152          && !parse_export_options(tok,
153                                   &opt.keyserver_options.export_options,0))
154         {
155           /* All of the standard options have failed, so the option is
156              destined for a keyserver plugin. */
157           add_canonical_option(tok,&opt.keyserver_options.other);
158         }
159     }
160
161   if(max_cert)
162     {
163       max_cert_size=strtoul(max_cert,(char **)NULL,10);
164
165       if(max_cert_size==0)
166         max_cert_size=DEFAULT_MAX_CERT_SIZE;
167     }
168
169   return ret;
170 }
171
172 void
173 free_keyserver_spec(struct keyserver_spec *keyserver)
174 {
175   xfree(keyserver->uri);
176   xfree(keyserver->scheme);
177   xfree(keyserver->auth);
178   xfree(keyserver->host);
179   xfree(keyserver->port);
180   xfree(keyserver->path);
181   xfree(keyserver->opaque);
182   free_strlist(keyserver->options);
183   xfree(keyserver);
184 }
185
186 /* Return 0 for match */
187 static int
188 cmp_keyserver_spec(struct keyserver_spec *one,struct keyserver_spec *two)
189 {
190   if(ascii_strcasecmp(one->scheme,two->scheme)==0)
191     {
192       if(one->host && two->host && ascii_strcasecmp(one->host,two->host)==0)
193         {
194           if((one->port && two->port
195               && ascii_strcasecmp(one->port,two->port)==0)
196              || (!one->port && !two->port))
197             return 0;
198         }
199       else if(one->opaque && two->opaque
200               && ascii_strcasecmp(one->opaque,two->opaque)==0)
201         return 0;
202     }
203
204   return 1;
205 }
206
207 /* Try and match one of our keyservers.  If we can, return that.  If
208    we can't, return our input. */
209 struct keyserver_spec *
210 keyserver_match(struct keyserver_spec *spec)
211 {
212   struct keyserver_spec *ks;
213
214   for(ks=opt.keyserver;ks;ks=ks->next)
215     if(cmp_keyserver_spec(spec,ks)==0)
216       return ks;
217
218   return spec;
219 }
220
221 /* TODO: once we cut over to an all-curl world, we don't need this
222    parser any longer so it can be removed, or at least moved to
223    keyserver/ksutil.c for limited use in gpgkeys_ldap or the like. */
224
225 struct keyserver_spec *
226 parse_keyserver_uri(const char *string,int require_scheme,
227                     const char *configname,unsigned int configlineno)
228 {
229   int assume_hkp=0;
230   struct keyserver_spec *keyserver;
231   const char *idx;
232   int count;
233   char *uri,*options;
234
235   assert(string!=NULL);
236
237   keyserver=xmalloc_clear(sizeof(struct keyserver_spec));
238
239   uri=xstrdup(string);
240
241   options=strchr(uri,' ');
242   if(options)
243     {
244       char *tok;
245
246       *options='\0';
247       options++;
248
249       while((tok=optsep(&options)))
250         add_canonical_option(tok,&keyserver->options);
251     }
252
253   /* Get the scheme */
254
255   for(idx=uri,count=0;*idx && *idx!=':';idx++)
256     {
257       count++;
258
259       /* Do we see the start of an RFC-2732 ipv6 address here?  If so,
260          there clearly isn't a scheme so get out early. */
261       if(*idx=='[')
262         {
263           /* Was the '[' the first thing in the string?  If not, we
264              have a mangled scheme with a [ in it so fail. */
265           if(count==1)
266             break;
267           else
268             goto fail;
269         }
270     }
271
272   if(count==0)
273     goto fail;
274
275   if(*idx=='\0' || *idx=='[')
276     {
277       if(require_scheme)
278         return NULL;
279
280       /* Assume HKP if there is no scheme */
281       assume_hkp=1;
282       keyserver->scheme=xstrdup("hkp");
283
284       keyserver->uri=xmalloc(strlen(keyserver->scheme)+3+strlen(uri)+1);
285       strcpy(keyserver->uri,keyserver->scheme);
286       strcat(keyserver->uri,"://");
287       strcat(keyserver->uri,uri);
288     }
289   else
290     {
291       int i;
292
293       keyserver->uri=xstrdup(uri);
294
295       keyserver->scheme=xmalloc(count+1);
296
297       /* Force to lowercase */
298       for(i=0;i<count;i++)
299         keyserver->scheme[i]=ascii_tolower(uri[i]);
300
301       keyserver->scheme[i]='\0';
302
303       /* Skip past the scheme and colon */
304       uri+=count+1;
305     }
306
307   if(ascii_strcasecmp(keyserver->scheme,"x-broken-hkp")==0)
308     {
309       deprecated_warning(configname,configlineno,"x-broken-hkp",
310                          "--keyserver-options ","broken-http-proxy");
311       xfree(keyserver->scheme);
312       keyserver->scheme=xstrdup("hkp");
313       append_to_strlist(&opt.keyserver_options.other,"broken-http-proxy");
314     }
315   else if(ascii_strcasecmp(keyserver->scheme,"x-hkp")==0)
316     {
317       /* Canonicalize this to "hkp" so it works with both the internal
318          and external keyserver interface. */
319       xfree(keyserver->scheme);
320       keyserver->scheme=xstrdup("hkp");
321     }
322
323   if(assume_hkp || (uri[0]=='/' && uri[1]=='/'))
324     {
325       /* Two slashes means network path. */
326
327       /* Skip over the "//", if any */
328       if(!assume_hkp)
329         uri+=2;
330
331       /* Do we have userinfo auth data present? */
332       for(idx=uri,count=0;*idx && *idx!='@' && *idx!='/';idx++)
333         count++;
334
335       /* We found a @ before the slash, so that means everything
336          before the @ is auth data. */
337       if(*idx=='@')
338         {
339           if(count==0)
340             goto fail;
341
342           keyserver->auth=xmalloc(count+1);
343           strncpy(keyserver->auth,uri,count);
344           keyserver->auth[count]='\0';
345           uri+=count+1;
346         }
347
348       /* Is it an RFC-2732 ipv6 [literal address] ? */
349       if(*uri=='[')
350         {
351           for(idx=uri+1,count=1;*idx
352                 && ((isascii (*idx) && isxdigit(*idx))
353                     || *idx==':' || *idx=='.');idx++)
354             count++;
355
356           /* Is the ipv6 literal address terminated? */
357           if(*idx==']')
358             count++;
359           else
360             goto fail;
361         }
362       else
363         for(idx=uri,count=0;*idx && *idx!=':' && *idx!='/';idx++)
364           count++;
365
366       if(count==0)
367         goto fail;
368
369       keyserver->host=xmalloc(count+1);
370       strncpy(keyserver->host,uri,count);
371       keyserver->host[count]='\0';
372
373       /* Skip past the host */
374       uri+=count;
375
376       if(*uri==':')
377         {
378           /* It would seem to be reasonable to limit the range of the
379              ports to values between 1-65535, but RFC 1738 and 1808
380              imply there is no limit.  Of course, the real world has
381              limits. */
382
383           for(idx=uri+1,count=0;*idx && *idx!='/';idx++)
384             {
385               count++;
386
387               /* Ports are digits only */
388               if(!digitp(idx))
389                 goto fail;
390             }
391
392           keyserver->port=xmalloc(count+1);
393           strncpy(keyserver->port,uri+1,count);
394           keyserver->port[count]='\0';
395
396           /* Skip past the colon and port number */
397           uri+=1+count;
398         }
399
400       /* Everything else is the path */
401       if(*uri)
402         keyserver->path=xstrdup(uri);
403       else
404         keyserver->path=xstrdup("/");
405
406       if(keyserver->path[1])
407         keyserver->flags.direct_uri=1;
408     }
409   else if(uri[0]!='/')
410     {
411       /* No slash means opaque.  Just record the opaque blob and get
412          out. */
413       keyserver->opaque=xstrdup(uri);
414     }
415   else
416     {
417       /* One slash means absolute path.  We don't need to support that
418          yet. */
419       goto fail;
420     }
421
422   return keyserver;
423
424  fail:
425   free_keyserver_spec(keyserver);
426
427   return NULL;
428 }
429
430 struct keyserver_spec *
431 parse_preferred_keyserver(PKT_signature *sig)
432 {
433   struct keyserver_spec *spec=NULL;
434   const byte *p;
435   size_t plen;
436
437   p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&plen);
438   if(p && plen)
439     {
440       byte *dupe=xmalloc(plen+1);
441
442       memcpy(dupe,p,plen);
443       dupe[plen]='\0';
444       spec=parse_keyserver_uri(dupe,1,NULL,0);
445       xfree(dupe);
446     }
447
448   return spec;
449 }
450
451 static void
452 print_keyrec(int number,struct keyrec *keyrec)
453 {
454   int i;
455
456   iobuf_writebyte(keyrec->uidbuf,0);
457   iobuf_flush_temp(keyrec->uidbuf);
458   printf("(%d)\t%s  ",number,iobuf_get_temp_buffer(keyrec->uidbuf));
459
460   if(keyrec->size>0)
461     printf("%d bit ",keyrec->size);
462
463   if(keyrec->type)
464     {
465       const char *str=pubkey_algo_to_string(keyrec->type);
466
467       if(str)
468         printf("%s ",str);
469       else
470         printf("unknown ");
471     }
472
473   switch(keyrec->desc.mode)
474     {
475       /* If the keyserver helper gave us a short keyid, we have no
476          choice but to use it.  Do check --keyid-format to add a 0x if
477          needed. */
478     case KEYDB_SEARCH_MODE_SHORT_KID:
479       printf("key %s%08lX",
480              (opt.keyid_format==KF_0xSHORT
481               || opt.keyid_format==KF_0xLONG)?"0x":"",
482              (ulong)keyrec->desc.u.kid[1]);
483       break;
484
485       /* However, if it gave us a long keyid, we can honor
486          --keyid-format */
487     case KEYDB_SEARCH_MODE_LONG_KID:
488       printf("key %s",keystr(keyrec->desc.u.kid));
489       break;
490
491     case KEYDB_SEARCH_MODE_FPR16:
492       printf("key ");
493       for(i=0;i<16;i++)
494         printf("%02X",keyrec->desc.u.fpr[i]);
495       break;
496
497     case KEYDB_SEARCH_MODE_FPR20:
498       printf("key ");
499       for(i=0;i<20;i++)
500         printf("%02X",keyrec->desc.u.fpr[i]);
501       break;
502
503     default:
504       BUG();
505       break;
506     }
507
508   if(keyrec->createtime>0)
509     {
510       printf(", ");
511       printf(_("created: %s"),strtimestamp(keyrec->createtime));
512     }
513
514   if(keyrec->expiretime>0)
515     {
516       printf(", ");
517       printf(_("expires: %s"),strtimestamp(keyrec->expiretime));
518     }
519
520   if(keyrec->flags&1)
521     printf(" (%s)",_("revoked"));
522   if(keyrec->flags&2)
523     printf(" (%s)",_("disabled"));
524   if(keyrec->flags&4)
525     printf(" (%s)",_("expired"));
526
527   printf("\n");
528 }
529
530 /* Returns a keyrec (which must be freed) once a key is complete, and
531    NULL otherwise.  Call with a NULL keystring once key parsing is
532    complete to return any unfinished keys. */
533 static struct keyrec *
534 parse_keyrec(char *keystring)
535 {
536   static struct keyrec *work=NULL;
537   struct keyrec *ret=NULL;
538   char *record;
539   int i;
540
541   if(keystring==NULL)
542     {
543       if(work==NULL)
544         return NULL;
545       else if(work->desc.mode==KEYDB_SEARCH_MODE_NONE)
546         {
547           xfree(work);
548           return NULL;
549         }
550       else
551         {
552           ret=work;
553           work=NULL;
554           return ret;
555         }
556     }
557
558   if(work==NULL)
559     {
560       work=xmalloc_clear(sizeof(struct keyrec));
561       work->uidbuf=iobuf_temp();
562     }
563
564   /* Remove trailing whitespace */
565   for(i=strlen(keystring);i>0;i--)
566     if(ascii_isspace(keystring[i-1]))
567       keystring[i-1]='\0';
568     else
569       break;
570
571   if((record=strsep(&keystring,":"))==NULL)
572     return ret;
573
574   if(ascii_strcasecmp("pub",record)==0)
575     {
576       char *tok;
577
578       if(work->desc.mode)
579         {
580           ret=work;
581           work=xmalloc_clear(sizeof(struct keyrec));
582           work->uidbuf=iobuf_temp();
583         }
584
585       if((tok=strsep(&keystring,":"))==NULL)
586         return ret;
587
588       classify_user_id(tok,&work->desc);
589       if(work->desc.mode!=KEYDB_SEARCH_MODE_SHORT_KID
590          && work->desc.mode!=KEYDB_SEARCH_MODE_LONG_KID
591          && work->desc.mode!=KEYDB_SEARCH_MODE_FPR16
592          && work->desc.mode!=KEYDB_SEARCH_MODE_FPR20)
593         {
594           work->desc.mode=KEYDB_SEARCH_MODE_NONE;
595           return ret;
596         }
597
598       /* Note all items after this are optional.  This allows us to
599          have a pub line as simple as pub:keyid and nothing else. */
600
601       work->lines++;
602
603       if((tok=strsep(&keystring,":"))==NULL)
604         return ret;
605
606       work->type=atoi(tok);
607
608       if((tok=strsep(&keystring,":"))==NULL)
609         return ret;
610
611       work->size=atoi(tok);
612
613       if((tok=strsep(&keystring,":"))==NULL)
614         return ret;
615
616       if(atoi(tok)<=0)
617         work->createtime=0;
618       else
619         work->createtime=atoi(tok);
620
621       if((tok=strsep(&keystring,":"))==NULL)
622         return ret;
623
624       if(atoi(tok)<=0)
625         work->expiretime=0;
626       else
627         {
628           work->expiretime=atoi(tok);
629           /* Force the 'e' flag on if this key is expired. */
630           if(work->expiretime<=make_timestamp())
631             work->flags|=4;
632         }
633
634       if((tok=strsep(&keystring,":"))==NULL)
635         return ret;
636
637       while(*tok)
638         switch(*tok++)
639           {
640           case 'r':
641           case 'R':
642             work->flags|=1;
643             break;
644             
645           case 'd':
646           case 'D':
647             work->flags|=2;
648             break;
649
650           case 'e':
651           case 'E':
652             work->flags|=4;
653             break;
654           }
655     }
656   else if(ascii_strcasecmp("uid",record)==0 && work->desc.mode)
657     {
658       char *userid,*tok,*decoded;
659
660       if((tok=strsep(&keystring,":"))==NULL)
661         return ret;
662
663       if(strlen(tok)==0)
664         return ret;
665
666       userid=tok;
667
668       /* By definition, de-%-encoding is always smaller than the
669          original string so we can decode in place. */
670
671       i=0;
672
673       while(*tok)
674         if(tok[0]=='%' && tok[1] && tok[2])
675           {
676             if((userid[i]=hextobyte(&tok[1]))==-1)
677               userid[i]='?';
678
679             i++;
680             tok+=3;
681           }
682         else
683           userid[i++]=*tok++;
684
685       /* We don't care about the other info provided in the uid: line
686          since no keyserver supports marking userids with timestamps
687          or revoked/expired/disabled yet. */
688
689       /* No need to check for control characters, as utf8_to_native
690          does this for us. */
691
692       decoded=utf8_to_native(userid,i,0);
693       if(strlen(decoded)>opt.screen_columns-10)
694         decoded[opt.screen_columns-10]='\0';
695       iobuf_writestr(work->uidbuf,decoded);
696       xfree(decoded);
697       iobuf_writestr(work->uidbuf,"\n\t");
698       work->lines++;
699     }
700
701   /* Ignore any records other than "pri" and "uid" for easy future
702      growth. */
703
704   return ret;
705 }
706
707 /* TODO: do this as a list sent to keyserver_work rather than calling
708    it once for each key to get the correct counts after the import
709    (cosmetics, really) and to better take advantage of the keyservers
710    that can do multiple fetches in one go (LDAP). */
711 static int
712 show_prompt(KEYDB_SEARCH_DESC *desc,int numdesc,int count,const char *search)
713 {
714   char *answer;
715
716   if(count && opt.command_fd==-1)
717     {
718       static int from=1;
719       tty_printf("Keys %d-%d of %d for \"%s\".  ",from,numdesc,count,search);
720       from=numdesc+1;
721     }
722
723   answer=cpr_get_no_help("keysearch.prompt",
724                          _("Enter number(s), N)ext, or Q)uit > "));
725   /* control-d */
726   if(answer[0]=='\x04')
727     {
728       printf("Q\n");
729       answer[0]='q';
730     }
731
732   if(answer[0]=='q' || answer[0]=='Q')
733     {
734       xfree(answer);
735       return 1;
736     }
737   else if(atoi(answer)>=1 && atoi(answer)<=numdesc)
738     {
739       char *split=answer,*num;
740
741       while((num=strsep(&split," ,"))!=NULL)
742         if(atoi(num)>=1 && atoi(num)<=numdesc)
743           keyserver_work(KS_GET,NULL,&desc[atoi(num)-1],1,
744                          NULL,NULL,opt.keyserver);
745
746       xfree(answer);
747       return 1;
748     }
749
750   return 0;
751 }
752
753 /* Count and searchstr are just for cosmetics.  If the count is too
754    small, it will grow safely.  If negative it disables the "Key x-y
755    of z" messages.  searchstr should be UTF-8 (rather than native). */
756 static void
757 keyserver_search_prompt(IOBUF buffer,const char *searchstr)
758 {
759   int i=0,validcount=0,started=0,header=0,count=1;
760   unsigned int maxlen,buflen,numlines=0;
761   KEYDB_SEARCH_DESC *desc;
762   byte *line=NULL;
763   char *localstr=NULL;
764
765   if(searchstr)
766     localstr=utf8_to_native(searchstr,strlen(searchstr),0);
767
768   desc=xmalloc(count*sizeof(KEYDB_SEARCH_DESC));
769
770   for(;;)
771     {
772       struct keyrec *keyrec;
773       int rl;
774
775       maxlen=1024;
776       rl=iobuf_read_line(buffer,&line,&buflen,&maxlen);
777
778       if(opt.with_colons)
779         {
780           if(!header && ascii_strncasecmp("SEARCH ",line,7)==0
781              && ascii_strncasecmp(" BEGIN",&line[strlen(line)-7],6)==0)
782             {
783               header=1;
784               continue;
785             }
786           else if(ascii_strncasecmp("SEARCH ",line,7)==0
787                   && ascii_strncasecmp(" END",&line[strlen(line)-5],4)==0)
788             continue;
789
790           printf("%s",line);
791         }
792
793       /* Look for an info: line.  The only current info: values
794          defined are the version and key count. */
795       if(!started && rl>0 && ascii_strncasecmp("info:",line,5)==0)
796         {
797           char *tok,*str=&line[5];
798
799           if((tok=strsep(&str,":"))!=NULL)
800             {
801               int version;
802
803               if(sscanf(tok,"%d",&version)!=1)
804                 version=1;
805
806               if(version!=1)
807                 {
808                   log_error(_("invalid keyserver protocol "
809                               "(us %d!=handler %d)\n"),1,version);
810                   break;
811                 }
812             }
813
814           if((tok=strsep(&str,":"))!=NULL && sscanf(tok,"%d",&count)==1)
815             {
816               if(count==0)
817                 goto notfound;
818               else if(count<0)
819                 count=10;
820               else
821                 validcount=1;
822
823               desc=xrealloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
824             }
825
826           started=1;
827           continue;
828         }
829
830       if(rl==0)
831         {
832           keyrec=parse_keyrec(NULL);
833
834           if(keyrec==NULL)
835             {
836               if(i==0)
837                 {
838                   count=0;
839                   break;
840                 }
841
842               if(i!=count)
843                 validcount=0;
844
845               for(;;)
846                 {
847                   if(show_prompt(desc,i,validcount?count:0,localstr))
848                     break;
849                   validcount=0;
850                 }
851
852               break;
853             }
854         }
855       else
856         keyrec=parse_keyrec(line);
857
858       if(i==count)
859         {
860           /* keyserver helper sent more keys than they claimed in the
861              info: line. */
862           count+=10;
863           desc=xrealloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
864           validcount=0;
865         }
866
867       if(keyrec)
868         {
869           desc[i]=keyrec->desc;
870
871           if(!opt.with_colons)
872             {
873               /* screen_lines - 1 for the prompt. */
874               if(numlines+keyrec->lines>opt.screen_lines-1)
875                 {
876                   if(show_prompt(desc,i,validcount?count:0,localstr))
877                     break;
878                   else
879                     numlines=0;
880                 }
881
882               print_keyrec(i+1,keyrec);
883             }
884
885           numlines+=keyrec->lines;
886           iobuf_close(keyrec->uidbuf);
887           xfree(keyrec);
888
889           started=1;
890           i++;
891         }
892     }
893
894  notfound:
895   /* Leave this commented out or now, and perhaps for a very long
896      time.  All HKPish servers return HTML error messages for
897      no-key-found. */
898   /* 
899      if(!started)
900      log_info(_("keyserver does not support searching\n"));
901      else
902   */
903   if(count==0)
904     {
905       if(localstr)
906         log_info(_("key \"%s\" not found on keyserver\n"),localstr);
907       else
908         log_info(_("key not found on keyserver\n"));
909     }
910
911   xfree(localstr);
912   xfree(desc);
913   xfree(line);
914 }
915
916 /* We sometimes want to use a different gpgkeys_xxx for a given
917    protocol (for example, ldaps is handled by gpgkeys_ldap).  Map
918    these here. */
919 static const char *
920 keyserver_typemap(const char *type)
921 {
922   if(strcmp(type,"ldaps")==0)
923     return "ldap";
924   else
925     return type;
926 }
927
928 /* The PGP LDAP and the curl fetch-a-LDAP-object methodologies are
929    sufficiently different that we can't use curl to do LDAP. */
930 static int
931 direct_uri_map(const char *scheme,unsigned int is_direct)
932 {
933   if(is_direct && strcmp(scheme,"ldap")==0)
934     return 1;
935
936   return 0;
937 }
938
939 #define GPGKEYS_PREFIX "gpgkeys_"
940 #define GPGKEYS_CURL GPGKEYS_PREFIX "curl" EXEEXT
941 #define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_CURL))
942 #define KEYSERVER_ARGS_KEEP " -o \"%O\" \"%I\""
943 #define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\""
944
945 static int 
946 keyserver_spawn(enum ks_action action,STRLIST list,KEYDB_SEARCH_DESC *desc,
947                 int count,int *prog,unsigned char **fpr,size_t *fpr_len,
948                 struct keyserver_spec *keyserver)
949 {
950   int ret=0,i,gotversion=0,outofband=0;
951   STRLIST temp;
952   unsigned int maxlen,buflen;
953   char *command,*end,*searchstr=NULL;
954   byte *line=NULL;
955   struct exec_info *spawn;
956   const char *scheme;
957   const char *libexecdir = get_libexecdir ();
958
959   assert(keyserver);
960
961 #ifdef EXEC_TEMPFILE_ONLY
962   opt.keyserver_options.options|=KEYSERVER_USE_TEMP_FILES;
963 #endif
964
965   /* Build the filename for the helper to execute */
966   scheme=keyserver_typemap(keyserver->scheme);
967
968 #ifdef DISABLE_KEYSERVER_PATH
969   /* Destroy any path we might have.  This is a little tricky,
970      portability-wise.  It's not correct to delete the PATH
971      environment variable, as that may fall back to a system built-in
972      PATH.  Similarly, it is not correct to set PATH to the null
973      string (PATH="") since this actually deletes the PATH environment
974      variable under MinGW.  The safest thing to do here is to force
975      PATH to be GNUPG_LIBEXECDIR.  All this is not that meaningful on
976      Unix-like systems (since we're going to give a full path to
977      gpgkeys_foo), but on W32 it prevents loading any DLLs from
978      directories in %PATH%.
979
980      After some more thinking about this we came to the conclusion
981      that it is better to load the helpers from the directory where
982      the program of this process lives.  Fortunately Windows provides
983      a way to retrieve this and our get_libexecdir function has been
984      modified to return just this.  Setting the exec-path is not
985      anymore required.  
986        set_exec_path(libexecdir);
987  */
988 #else
989   if(opt.exec_path_set)
990     {
991       /* If exec-path was set, and DISABLE_KEYSERVER_PATH is
992          undefined, then don't specify a full path to gpgkeys_foo, so
993          that the PATH can work. */
994       command=xmalloc(GPGKEYS_PREFIX_LEN+strlen(scheme)+3+strlen(EXEEXT)+1);
995       command[0]='\0';
996     }
997   else
998 #endif
999     {
1000       /* Specify a full path to gpgkeys_foo. */
1001       command=xmalloc(strlen(libexecdir)+strlen(DIRSEP_S)+
1002                       GPGKEYS_PREFIX_LEN+strlen(scheme)+3+strlen(EXEEXT)+1);
1003       strcpy(command,libexecdir);
1004       strcat(command,DIRSEP_S);
1005     }
1006
1007   end=command+strlen(command);
1008
1009   /* Build a path for the keyserver helper.  If it is direct_uri
1010      (i.e. an object fetch and not a keyserver), then add "_uri" to
1011      the end to distinguish the keyserver helper from an object
1012      fetcher that can speak that protocol (this is a problem for
1013      LDAP). */
1014
1015   strcat(command,GPGKEYS_PREFIX); 
1016   strcat(command,scheme);
1017
1018   /* This "_uri" thing is in case we need to call a direct handler
1019      instead of the keyserver handler.  This lets us use gpgkeys_curl
1020      or gpgkeys_ldap_uri (we don't provide it, but a user might)
1021      instead of gpgkeys_ldap to fetch things like
1022      ldap://keyserver.pgp.com/o=PGP%20keys?pgpkey?sub?pgpkeyid=99242560 */
1023
1024   if(direct_uri_map(scheme,keyserver->flags.direct_uri))
1025     strcat(command,"_uri");
1026
1027   strcat(command,EXEEXT);
1028
1029   /* Can we execute it?  If not, try curl as our catchall. */
1030   if(path_access(command,X_OK)!=0)
1031     strcpy(end,GPGKEYS_CURL);
1032
1033   if(opt.keyserver_options.options&KEYSERVER_USE_TEMP_FILES)
1034     {
1035       if(opt.keyserver_options.options&KEYSERVER_KEEP_TEMP_FILES)
1036         {
1037           command=xrealloc(command,strlen(command)+
1038                             strlen(KEYSERVER_ARGS_KEEP)+1);
1039           strcat(command,KEYSERVER_ARGS_KEEP);
1040         }
1041       else
1042         {
1043           command=xrealloc(command,strlen(command)+
1044                             strlen(KEYSERVER_ARGS_NOKEEP)+1);
1045           strcat(command,KEYSERVER_ARGS_NOKEEP);  
1046         }
1047
1048       ret=exec_write(&spawn,NULL,command,NULL,0,0);
1049     }
1050   else
1051     ret=exec_write(&spawn,command,NULL,NULL,0,0);
1052
1053   xfree(command);
1054
1055   if(ret)
1056     return ret;
1057
1058   fprintf(spawn->tochild,
1059           "# This is a GnuPG %s keyserver communications file\n",VERSION);
1060   fprintf(spawn->tochild,"VERSION %d\n",KEYSERVER_PROTO_VERSION);
1061   fprintf(spawn->tochild,"PROGRAM %s\n",VERSION);
1062   fprintf(spawn->tochild,"SCHEME %s\n",keyserver->scheme);
1063
1064   if(keyserver->opaque)
1065     fprintf(spawn->tochild,"OPAQUE %s\n",keyserver->opaque);
1066   else
1067     {
1068       if(keyserver->auth)
1069         fprintf(spawn->tochild,"AUTH %s\n",keyserver->auth);
1070
1071       if(keyserver->host)
1072         fprintf(spawn->tochild,"HOST %s\n",keyserver->host);
1073
1074       if(keyserver->port)
1075         fprintf(spawn->tochild,"PORT %s\n",keyserver->port);
1076
1077       if(keyserver->path)
1078         fprintf(spawn->tochild,"PATH %s\n",keyserver->path);
1079     }
1080
1081   /* Write global options */
1082
1083   for(temp=opt.keyserver_options.other;temp;temp=temp->next)
1084     fprintf(spawn->tochild,"OPTION %s\n",temp->d);
1085
1086   /* Write per-keyserver options */
1087
1088   for(temp=keyserver->options;temp;temp=temp->next)
1089     fprintf(spawn->tochild,"OPTION %s\n",temp->d);
1090
1091   switch(action)
1092     {
1093     case KS_GET:
1094       {
1095         fprintf(spawn->tochild,"COMMAND GET\n\n");
1096
1097         /* Which keys do we want? */
1098
1099         for(i=0;i<count;i++)
1100           {
1101             int quiet=0;
1102
1103             if(desc[i].mode==KEYDB_SEARCH_MODE_FPR20)
1104               {
1105                 int f;
1106
1107                 fprintf(spawn->tochild,"0x");
1108
1109                 for(f=0;f<MAX_FINGERPRINT_LEN;f++)
1110                   fprintf(spawn->tochild,"%02X",desc[i].u.fpr[f]);
1111
1112                 fprintf(spawn->tochild,"\n");
1113               }
1114             else if(desc[i].mode==KEYDB_SEARCH_MODE_FPR16)
1115               {
1116                 int f;
1117
1118                 fprintf(spawn->tochild,"0x");
1119
1120                 for(f=0;f<16;f++)
1121                   fprintf(spawn->tochild,"%02X",desc[i].u.fpr[f]);
1122
1123                 fprintf(spawn->tochild,"\n");
1124               }
1125             else if(desc[i].mode==KEYDB_SEARCH_MODE_LONG_KID)
1126               fprintf(spawn->tochild,"0x%08lX%08lX\n",
1127                       (ulong)desc[i].u.kid[0],
1128                       (ulong)desc[i].u.kid[1]);
1129             else if(desc[i].mode==KEYDB_SEARCH_MODE_SHORT_KID)
1130               fprintf(spawn->tochild,"0x%08lX\n",
1131                       (ulong)desc[i].u.kid[1]);
1132             else if(desc[i].mode==KEYDB_SEARCH_MODE_EXACT)
1133               {
1134                 fprintf(spawn->tochild,"0x0000000000000000\n");
1135                 quiet=1;
1136               }
1137             else if(desc[i].mode==KEYDB_SEARCH_MODE_NONE)
1138               continue;
1139             else
1140               BUG();
1141
1142             if(!quiet)
1143               {
1144                 if(keyserver->host)
1145                   log_info(_("requesting key %s from %s server %s\n"),
1146                            keystr_from_desc(&desc[i]),
1147                            keyserver->scheme,keyserver->host);
1148                 else
1149                   log_info(_("requesting key %s from %s\n"),
1150                            keystr_from_desc(&desc[i]),keyserver->uri);
1151               }
1152           }
1153
1154         fprintf(spawn->tochild,"\n");
1155
1156         break;
1157       }
1158
1159     case KS_GETNAME:
1160       {
1161         STRLIST key;
1162
1163         fprintf(spawn->tochild,"COMMAND GETNAME\n\n");
1164
1165         /* Which names do we want? */
1166
1167         for(key=list;key!=NULL;key=key->next)
1168           fprintf(spawn->tochild,"%s\n",key->d);
1169
1170         fprintf(spawn->tochild,"\n");
1171
1172         if(keyserver->host)
1173           log_info(_("searching for names from %s server %s\n"),
1174                    keyserver->scheme,keyserver->host);
1175         else
1176           log_info(_("searching for names from %s\n"),keyserver->uri);
1177
1178         break;
1179       }
1180
1181     case KS_SEND:
1182       {
1183         STRLIST key;
1184
1185         /* Note the extra \n here to send an empty keylist block */
1186         fprintf(spawn->tochild,"COMMAND SEND\n\n\n");
1187
1188         for(key=list;key!=NULL;key=key->next)
1189           {
1190             armor_filter_context_t afx;
1191             IOBUF buffer=iobuf_temp();
1192             KBNODE block;
1193
1194             temp=NULL;
1195             add_to_strlist(&temp,key->d);
1196
1197             memset(&afx,0,sizeof(afx));
1198             afx.what=1;
1199             /* Tell the armor filter to use Unix-style \n line
1200                endings, since we're going to fprintf this to a file
1201                that (on Win32) is open in text mode.  The win32 stdio
1202                will transform the \n to \r\n and we'll end up with the
1203                proper line endings on win32.  This is a no-op on
1204                Unix. */
1205             afx.eol[0]='\n';
1206             iobuf_push_filter(buffer,armor_filter,&afx);
1207
1208             /* TODO: Remove Comment: lines from keys exported this
1209                way? */
1210
1211             if(export_pubkeys_stream(buffer,temp,&block,
1212                                      opt.keyserver_options.export_options)==-1)
1213               iobuf_close(buffer);
1214             else
1215               {
1216                 KBNODE node;
1217
1218                 iobuf_flush_temp(buffer);
1219
1220                 merge_keys_and_selfsig(block);
1221
1222                 fprintf(spawn->tochild,"INFO %08lX%08lX BEGIN\n",
1223                         (ulong)block->pkt->pkt.public_key->keyid[0],
1224                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1225
1226                 for(node=block;node;node=node->next)
1227                   {
1228                     switch(node->pkt->pkttype)
1229                       {
1230                       default:
1231                         continue;
1232
1233                       case PKT_PUBLIC_KEY:
1234                       case PKT_PUBLIC_SUBKEY:
1235                         {
1236                           PKT_public_key *pk=node->pkt->pkt.public_key;
1237
1238                           keyid_from_pk(pk,NULL);
1239
1240                           fprintf(spawn->tochild,"%sb:%08lX%08lX:%u:%u:%u:%u:",
1241                                   node->pkt->pkttype==PKT_PUBLIC_KEY?"pu":"su",
1242                                   (ulong)pk->keyid[0],(ulong)pk->keyid[1],
1243                                   pk->pubkey_algo,
1244                                   nbits_from_pk(pk),
1245                                   pk->timestamp,
1246                                   pk->expiredate);
1247
1248                           if(pk->is_revoked)
1249                             fprintf(spawn->tochild,"r");
1250                           if(pk->has_expired)
1251                             fprintf(spawn->tochild,"e");
1252
1253                           fprintf(spawn->tochild,"\n");
1254                         }
1255                         break;
1256
1257                       case PKT_USER_ID:
1258                         {
1259                           PKT_user_id *uid=node->pkt->pkt.user_id;
1260                           int r;
1261
1262                           if(uid->attrib_data)
1263                             continue;
1264
1265                           fprintf(spawn->tochild,"uid:");
1266
1267                           /* Quote ':', '%', and any 8-bit
1268                              characters */
1269                           for(r=0;r<uid->len;r++)
1270                             {
1271                               if(uid->name[r]==':' || uid->name[r]=='%'
1272                                  || uid->name[r]&0x80)
1273                                 fprintf(spawn->tochild,"%%%02X",
1274                                         (byte)uid->name[r]);
1275                               else
1276                                 fprintf(spawn->tochild,"%c",uid->name[r]);
1277                             }
1278
1279                           fprintf(spawn->tochild,":%u:%u:",
1280                                   uid->created,uid->expiredate);
1281
1282                           if(uid->is_revoked)
1283                             fprintf(spawn->tochild,"r");
1284                           if(uid->is_expired)
1285                             fprintf(spawn->tochild,"e");
1286
1287                           fprintf(spawn->tochild,"\n");
1288                         }
1289                         break;
1290
1291                         /* This bit is really for the benefit of
1292                            people who store their keys in LDAP
1293                            servers.  It makes it easy to do queries
1294                            for things like "all keys signed by
1295                            Isabella". */
1296                       case PKT_SIGNATURE:
1297                         {
1298                           PKT_signature *sig=node->pkt->pkt.signature;
1299
1300                           if(!IS_UID_SIG(sig))
1301                             continue;
1302
1303                           fprintf(spawn->tochild,"sig:%08lX%08lX:%X:%u:%u\n",
1304                                   (ulong)sig->keyid[0],(ulong)sig->keyid[1],
1305                                   sig->sig_class,sig->timestamp,
1306                                   sig->expiredate);
1307                         }
1308                         break;
1309                       }
1310                   }
1311
1312                 fprintf(spawn->tochild,"INFO %08lX%08lX END\n",
1313                         (ulong)block->pkt->pkt.public_key->keyid[0],
1314                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1315
1316                 fprintf(spawn->tochild,"KEY %s BEGIN\n",key->d);
1317                 fwrite(iobuf_get_temp_buffer(buffer),
1318                        iobuf_get_temp_length(buffer),1,spawn->tochild);
1319                 fprintf(spawn->tochild,"KEY %s END\n",key->d);
1320
1321                 iobuf_close(buffer);
1322
1323                 if(keyserver->host)
1324                   log_info(_("sending key %s to %s server %s\n"),
1325                            keystr(block->pkt->pkt.public_key->keyid),
1326                            keyserver->scheme,keyserver->host);
1327                 else
1328                   log_info(_("sending key %s to %s\n"),
1329                            keystr(block->pkt->pkt.public_key->keyid),
1330                            keyserver->uri);
1331
1332                 release_kbnode(block);
1333               }
1334
1335             free_strlist(temp);
1336           }
1337
1338         break;
1339       }
1340
1341     case KS_SEARCH:
1342       {
1343         STRLIST key;
1344
1345         fprintf(spawn->tochild,"COMMAND SEARCH\n\n");
1346
1347         /* Which keys do we want?  Remember that the gpgkeys_ program
1348            is going to lump these together into a search string. */
1349
1350         for(key=list;key!=NULL;key=key->next)
1351           {
1352             fprintf(spawn->tochild,"%s\n",key->d);
1353             if(key!=list)
1354               {
1355                 searchstr=xrealloc(searchstr,
1356                                     strlen(searchstr)+strlen(key->d)+2);
1357                 strcat(searchstr," ");
1358               }
1359             else
1360               {
1361                 searchstr=xmalloc(strlen(key->d)+1);
1362                 searchstr[0]='\0';
1363               }
1364
1365             strcat(searchstr,key->d);
1366           }
1367
1368         fprintf(spawn->tochild,"\n");
1369
1370         if(keyserver->host)
1371           log_info(_("searching for \"%s\" from %s server %s\n"),
1372                    searchstr,keyserver->scheme,keyserver->host);
1373         else
1374           log_info(_("searching for \"%s\" from %s\n"),
1375                    searchstr,keyserver->uri);
1376
1377         break;
1378       }
1379
1380     default:
1381       log_fatal(_("no keyserver action!\n"));
1382       break;
1383     }
1384
1385   /* Done sending, so start reading. */
1386   ret=exec_read(spawn);
1387   if(ret)
1388     goto fail;
1389
1390   /* Now handle the response */
1391
1392   for(;;)
1393     {
1394       int plen;
1395       char *ptr;
1396
1397       maxlen=1024;
1398       if(iobuf_read_line(spawn->fromchild,&line,&buflen,&maxlen)==0)
1399         {
1400           ret=G10ERR_READ_FILE;
1401           goto fail; /* i.e. EOF */
1402         }
1403
1404       ptr=line;
1405
1406       /* remove trailing whitespace */
1407       plen=strlen(ptr);
1408       while(plen>0 && ascii_isspace(ptr[plen-1]))
1409         plen--;
1410       plen[ptr]='\0';
1411
1412       if(*ptr=='\0')
1413         break;
1414
1415       if(ascii_strncasecmp(ptr,"VERSION ",8)==0)
1416         {
1417           gotversion=1;
1418
1419           if(atoi(&ptr[8])!=KEYSERVER_PROTO_VERSION)
1420             {
1421               log_error(_("invalid keyserver protocol (us %d!=handler %d)\n"),
1422                         KEYSERVER_PROTO_VERSION,atoi(&ptr[8]));
1423               goto fail;
1424             }
1425         }
1426       else if(ascii_strncasecmp(ptr,"PROGRAM ",8)==0)
1427         {
1428           if(ascii_strncasecmp(&ptr[8],VERSION,strlen(VERSION))!=0)
1429             log_info(_("WARNING: keyserver handler from a different"
1430                        " version of GnuPG (%s)\n"),&ptr[8]);
1431         }
1432       else if(ascii_strncasecmp(ptr,"OPTION OUTOFBAND",16)==0)
1433         outofband=1; /* Currently the only OPTION */
1434     }
1435
1436   if(!gotversion)
1437     {
1438       log_error(_("keyserver did not send VERSION\n"));
1439       goto fail;
1440     }
1441
1442   if(!outofband)
1443     switch(action)
1444       {
1445       case KS_GET:
1446       case KS_GETNAME:
1447         {
1448           void *stats_handle;
1449
1450           stats_handle=import_new_stats_handle();
1451
1452           /* Slurp up all the key data.  In the future, it might be
1453              nice to look for KEY foo OUTOFBAND and FAILED indicators.
1454              It's harmless to ignore them, but ignoring them does make
1455              gpg complain about "no valid OpenPGP data found".  One
1456              way to do this could be to continue parsing this
1457              line-by-line and make a temp iobuf for each key. */
1458
1459           import_keys_stream(spawn->fromchild,stats_handle,fpr,fpr_len,
1460                              opt.keyserver_options.import_options);
1461
1462           import_print_stats(stats_handle);
1463           import_release_stats_handle(stats_handle);
1464
1465           break;
1466         }
1467
1468         /* Nothing to do here */
1469       case KS_SEND:
1470         break;
1471
1472       case KS_SEARCH:
1473         keyserver_search_prompt(spawn->fromchild,searchstr);
1474         break;
1475
1476       default:
1477         log_fatal(_("no keyserver action!\n"));
1478         break;
1479       }
1480
1481  fail:
1482   xfree(line);
1483   xfree(searchstr);
1484
1485
1486   *prog=exec_finish(spawn);
1487
1488   return ret;
1489 }
1490
1491 static int 
1492 keyserver_work(enum ks_action action,STRLIST list,KEYDB_SEARCH_DESC *desc,
1493                int count,unsigned char **fpr,size_t *fpr_len,
1494                struct keyserver_spec *keyserver)
1495 {
1496   int rc=0,ret=0;
1497
1498   if(!keyserver)
1499     {
1500       log_error(_("no keyserver known (use option --keyserver)\n"));
1501       return G10ERR_BAD_URI;
1502     }
1503
1504 #ifdef DISABLE_KEYSERVER_HELPERS
1505
1506   log_error(_("external keyserver calls are not supported in this build\n"));
1507   return G10ERR_KEYSERVER;
1508
1509 #else
1510   /* Spawn a handler */
1511
1512   rc=keyserver_spawn(action,list,desc,count,&ret,fpr,fpr_len,keyserver);
1513   if(ret)
1514     {
1515       switch(ret)
1516         {
1517         case KEYSERVER_SCHEME_NOT_FOUND:
1518           log_error(_("no handler for keyserver scheme `%s'\n"),
1519                     keyserver->scheme);
1520           break;
1521
1522         case KEYSERVER_NOT_SUPPORTED:
1523           log_error(_("action `%s' not supported with keyserver "
1524                       "scheme `%s'\n"),
1525                     action==KS_GET?"get":action==KS_SEND?"send":
1526                     action==KS_SEARCH?"search":"unknown",
1527                     keyserver->scheme);
1528           break;
1529
1530         case KEYSERVER_VERSION_ERROR:
1531           log_error(_(GPGKEYS_PREFIX "%s does not support"
1532                       " handler version %d\n"),
1533                     keyserver_typemap(keyserver->scheme),
1534                     KEYSERVER_PROTO_VERSION);
1535           break;
1536
1537         case KEYSERVER_TIMEOUT:
1538           log_error(_("keyserver timed out\n"));
1539           break;
1540
1541         case KEYSERVER_INTERNAL_ERROR:
1542         default:
1543           log_error(_("keyserver internal error\n"));
1544           break;
1545         }
1546
1547       return G10ERR_KEYSERVER;
1548     }
1549
1550   if(rc)
1551     {
1552       log_error(_("keyserver communications error: %s\n"),g10_errstr(rc));
1553
1554       return rc;
1555     }
1556
1557   return 0;
1558 #endif /* ! DISABLE_KEYSERVER_HELPERS*/
1559 }
1560
1561 int 
1562 keyserver_export(STRLIST users)
1563 {
1564   STRLIST sl=NULL;
1565   KEYDB_SEARCH_DESC desc;
1566   int rc=0;
1567
1568   /* Weed out descriptors that we don't support sending */
1569   for(;users;users=users->next)
1570     {
1571       classify_user_id (users->d, &desc);
1572       if(desc.mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
1573          desc.mode!=KEYDB_SEARCH_MODE_LONG_KID &&
1574          desc.mode!=KEYDB_SEARCH_MODE_FPR16 &&
1575          desc.mode!=KEYDB_SEARCH_MODE_FPR20)
1576         {
1577           log_error(_("\"%s\" not a key ID: skipping\n"),users->d);
1578           continue;
1579         }
1580       else
1581         append_to_strlist(&sl,users->d);
1582     }
1583
1584   if(sl)
1585     {
1586       rc=keyserver_work(KS_SEND,sl,NULL,0,NULL,NULL,opt.keyserver);
1587       free_strlist(sl);
1588     }
1589
1590   return rc;
1591 }
1592
1593 int 
1594 keyserver_import(STRLIST users)
1595 {
1596   KEYDB_SEARCH_DESC *desc;
1597   int num=100,count=0;
1598   int rc=0;
1599
1600   /* Build a list of key ids */
1601   desc=xmalloc(sizeof(KEYDB_SEARCH_DESC)*num);
1602
1603   for(;users;users=users->next)
1604     {
1605       classify_user_id (users->d, &desc[count]);
1606       if(desc[count].mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
1607          desc[count].mode!=KEYDB_SEARCH_MODE_LONG_KID &&
1608          desc[count].mode!=KEYDB_SEARCH_MODE_FPR16 &&
1609          desc[count].mode!=KEYDB_SEARCH_MODE_FPR20)
1610         {
1611           log_error(_("\"%s\" not a key ID: skipping\n"),users->d);
1612           continue;
1613         }
1614
1615       count++;
1616       if(count==num)
1617         {
1618           num+=100;
1619           desc=xrealloc(desc,sizeof(KEYDB_SEARCH_DESC)*num);
1620         }
1621     }
1622
1623   if(count>0)
1624     rc=keyserver_work(KS_GET,NULL,desc,count,NULL,NULL,opt.keyserver);
1625
1626   xfree(desc);
1627
1628   return rc;
1629 }
1630
1631 int
1632 keyserver_import_fprint(const byte *fprint,size_t fprint_len,
1633                         struct keyserver_spec *keyserver)
1634 {
1635   KEYDB_SEARCH_DESC desc;
1636
1637   memset(&desc,0,sizeof(desc));
1638
1639   if(fprint_len==16)
1640     desc.mode=KEYDB_SEARCH_MODE_FPR16;
1641   else if(fprint_len==20)
1642     desc.mode=KEYDB_SEARCH_MODE_FPR20;
1643   else
1644     return -1;
1645
1646   memcpy(desc.u.fpr,fprint,fprint_len);
1647
1648   /* TODO: Warn here if the fingerprint we got doesn't match the one
1649      we asked for? */
1650   return keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,keyserver);
1651 }
1652
1653 int 
1654 keyserver_import_keyid(u32 *keyid,struct keyserver_spec *keyserver)
1655 {
1656   KEYDB_SEARCH_DESC desc;
1657
1658   memset(&desc,0,sizeof(desc));
1659
1660   desc.mode=KEYDB_SEARCH_MODE_LONG_KID;
1661   desc.u.kid[0]=keyid[0];
1662   desc.u.kid[1]=keyid[1];
1663
1664   return keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,keyserver);
1665 }
1666
1667 /* code mostly stolen from do_export_stream */
1668 static int 
1669 keyidlist(STRLIST users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
1670 {
1671   int rc=0,ndesc,num=100;
1672   KBNODE keyblock=NULL,node;
1673   KEYDB_HANDLE kdbhd;
1674   KEYDB_SEARCH_DESC *desc;
1675   STRLIST sl;
1676
1677   *count=0;
1678
1679   *klist=xmalloc(sizeof(KEYDB_SEARCH_DESC)*num);
1680
1681   kdbhd=keydb_new(0);
1682
1683   if(!users)
1684     {
1685       ndesc = 1;
1686       desc = xmalloc_clear ( ndesc * sizeof *desc);
1687       desc[0].mode = KEYDB_SEARCH_MODE_FIRST;
1688     }
1689   else
1690     {
1691       for (ndesc=0, sl=users; sl; sl = sl->next, ndesc++) 
1692         ;
1693       desc = xmalloc ( ndesc * sizeof *desc);
1694         
1695       for (ndesc=0, sl=users; sl; sl = sl->next)
1696         {
1697           if(classify_user_id (sl->d, desc+ndesc))
1698             ndesc++;
1699           else
1700             log_error (_("key \"%s\" not found: %s\n"),
1701                        sl->d, g10_errstr (G10ERR_INV_USER_ID));
1702         }
1703     }
1704
1705   while (!(rc = keydb_search (kdbhd, desc, ndesc)))
1706     {
1707       if (!users) 
1708         desc[0].mode = KEYDB_SEARCH_MODE_NEXT;
1709
1710       /* read the keyblock */
1711       rc = keydb_get_keyblock (kdbhd, &keyblock );
1712       if( rc )
1713         {
1714           log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) );
1715           goto leave;
1716         }
1717
1718       if((node=find_kbnode(keyblock,PKT_PUBLIC_KEY)))
1719         {
1720           /* This is to work around a bug in some keyservers (pksd and
1721              OKS) that calculate v4 RSA keyids as if they were v3 RSA.
1722              The answer is to refresh both the correct v4 keyid
1723              (e.g. 99242560) and the fake v3 keyid (e.g. 68FDDBC7).
1724              This only happens for key refresh using the HKP scheme
1725              and if the refresh-add-fake-v3-keyids keyserver option is
1726              set. */
1727           if(fakev3 && is_RSA(node->pkt->pkt.public_key->pubkey_algo) &&
1728              node->pkt->pkt.public_key->version>=4)
1729             {
1730               (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
1731               mpi_get_keyid(node->pkt->pkt.public_key->pkey[0],
1732                             (*klist)[*count].u.kid);
1733               (*count)++;
1734
1735               if(*count==num)
1736                 {
1737                   num+=100;
1738                   *klist=xrealloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
1739                 }
1740             }
1741
1742           /* v4 keys get full fingerprints.  v3 keys get long keyids.
1743              This is because it's easy to calculate any sort of keyid
1744              from a v4 fingerprint, but not a v3 fingerprint. */
1745
1746           if(node->pkt->pkt.public_key->version<4)
1747             {
1748               (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
1749               keyid_from_pk(node->pkt->pkt.public_key,
1750                             (*klist)[*count].u.kid);
1751             }
1752           else
1753             {
1754               size_t dummy;
1755
1756               (*klist)[*count].mode=KEYDB_SEARCH_MODE_FPR20;
1757               fingerprint_from_pk(node->pkt->pkt.public_key,
1758                                   (*klist)[*count].u.fpr,&dummy);
1759             }
1760
1761           /* This is a little hackish, using the skipfncvalue as a
1762              void* pointer to the keyserver spec, but we don't need
1763              the skipfnc here, and it saves having an additional field
1764              for this (which would be wasted space most of the
1765              time). */
1766
1767           (*klist)[*count].skipfncvalue=NULL;
1768
1769           /* Are we honoring preferred keyservers? */
1770           if(opt.keyserver_options.options&KEYSERVER_HONOR_KEYSERVER_URL)
1771             {
1772               PKT_user_id *uid=NULL;
1773               PKT_signature *sig=NULL;
1774
1775               merge_keys_and_selfsig(keyblock);
1776
1777               for(node=node->next;node;node=node->next)
1778                 {
1779                   if(node->pkt->pkttype==PKT_USER_ID
1780                      && node->pkt->pkt.user_id->is_primary)
1781                     uid=node->pkt->pkt.user_id;
1782                   else if(node->pkt->pkttype==PKT_SIGNATURE
1783                           && node->pkt->pkt.signature->
1784                           flags.chosen_selfsig && uid)
1785                     {
1786                       sig=node->pkt->pkt.signature;
1787                       break;
1788                     }
1789                 }
1790
1791               /* Try and parse the keyserver URL.  If it doesn't work,
1792                  then we end up writing NULL which indicates we are
1793                  the same as any other key. */
1794               if(sig)
1795                 (*klist)[*count].skipfncvalue=parse_preferred_keyserver(sig);
1796             }
1797
1798           (*count)++;
1799
1800           if(*count==num)
1801             {
1802               num+=100;
1803               *klist=xrealloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
1804             }
1805         }
1806     }
1807
1808   if(rc==-1)
1809     rc=0;
1810   
1811  leave:
1812   if(rc)
1813     xfree(*klist);
1814   xfree(desc);
1815   keydb_release(kdbhd);
1816   release_kbnode(keyblock);
1817
1818   return rc;
1819 }
1820
1821 /* Note this is different than the original HKP refresh.  It allows
1822    usernames to refresh only part of the keyring. */
1823
1824 int
1825 keyserver_refresh(STRLIST users)
1826 {
1827   int rc,count,numdesc,fakev3=0;
1828   KEYDB_SEARCH_DESC *desc;
1829   unsigned int options=opt.keyserver_options.import_options;
1830
1831   /* We switch merge-only on during a refresh, as 'refresh' should
1832      never import new keys, even if their keyids match. */
1833   opt.keyserver_options.import_options|=IMPORT_MERGE_ONLY;
1834
1835   /* Similarly, we switch on fast-import, since refresh may make
1836      multiple import sets (due to preferred keyserver URLs).  We don't
1837      want each set to rebuild the trustdb.  Instead we do it once at
1838      the end here. */
1839   opt.keyserver_options.import_options|=IMPORT_FAST;
1840
1841   /* If refresh_add_fake_v3_keyids is on and it's a HKP or MAILTO
1842      scheme, then enable fake v3 keyid generation. */
1843   if((opt.keyserver_options.options&KEYSERVER_ADD_FAKE_V3) && opt.keyserver
1844      && (ascii_strcasecmp(opt.keyserver->scheme,"hkp")==0 ||
1845          ascii_strcasecmp(opt.keyserver->scheme,"mailto")==0))
1846     fakev3=1;
1847
1848   rc=keyidlist(users,&desc,&numdesc,fakev3);
1849   if(rc)
1850     return rc;
1851
1852   count=numdesc;
1853   if(count>0)
1854     {
1855       int i;
1856
1857       /* Try to handle preferred keyserver keys first */
1858       for(i=0;i<numdesc;i++)
1859         {
1860           if(desc[i].skipfncvalue)
1861             {
1862               struct keyserver_spec *keyserver=desc[i].skipfncvalue;
1863
1864               /* We use the keyserver structure we parsed out before.
1865                  Note that a preferred keyserver without a scheme://
1866                  will be interpreted as hkp:// */
1867
1868               rc=keyserver_work(KS_GET,NULL,&desc[i],1,NULL,NULL,keyserver);
1869               if(rc)
1870                 log_info(_("WARNING: unable to refresh key %s"
1871                            " via %s: %s\n"),keystr_from_desc(&desc[i]),
1872                          keyserver->uri,g10_errstr(rc));
1873               else
1874                 {
1875                   /* We got it, so mark it as NONE so we don't try and
1876                      get it again from the regular keyserver. */
1877
1878                   desc[i].mode=KEYDB_SEARCH_MODE_NONE;
1879                   count--;
1880                 }
1881
1882               free_keyserver_spec(keyserver);
1883             }
1884         }
1885     }
1886
1887   if(count>0)
1888     {
1889       if(opt.keyserver)
1890         {
1891           if(count==1)
1892             log_info(_("refreshing 1 key from %s\n"),opt.keyserver->uri);
1893           else
1894             log_info(_("refreshing %d keys from %s\n"),
1895                      count,opt.keyserver->uri);
1896         }
1897
1898       rc=keyserver_work(KS_GET,NULL,desc,numdesc,NULL,NULL,opt.keyserver);
1899     }
1900
1901   xfree(desc);
1902
1903   opt.keyserver_options.import_options=options;
1904
1905   /* If the original options didn't have fast import, and the trustdb
1906      is dirty, rebuild. */
1907   if(!(opt.keyserver_options.import_options&IMPORT_FAST))
1908     trustdb_check_or_update();
1909
1910   return rc;
1911 }
1912
1913 int
1914 keyserver_search(STRLIST tokens)
1915 {
1916   if(tokens)
1917     return keyserver_work(KS_SEARCH,tokens,NULL,0,NULL,NULL,opt.keyserver);
1918   else
1919     return 0;
1920 }
1921
1922 int
1923 keyserver_fetch(STRLIST urilist)
1924 {
1925   KEYDB_SEARCH_DESC desc;
1926   STRLIST sl;
1927   unsigned int options=opt.keyserver_options.import_options;
1928
1929   /* Switch on fast-import, since fetch can handle more than one
1930      import and we don't want each set to rebuild the trustdb.
1931      Instead we do it once at the end. */
1932   opt.keyserver_options.import_options|=IMPORT_FAST;
1933
1934   /* A dummy desc since we're not actually fetching a particular key
1935      ID */
1936   memset(&desc,0,sizeof(desc));
1937   desc.mode=KEYDB_SEARCH_MODE_EXACT;
1938
1939   for(sl=urilist;sl;sl=sl->next)
1940     {
1941       struct keyserver_spec *spec;
1942
1943       spec=parse_keyserver_uri(sl->d,1,NULL,0);
1944       if(spec)
1945         {
1946           int rc;
1947
1948           rc=keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,spec);
1949           if(rc)
1950             log_info (_("WARNING: unable to fetch URI %s: %s\n"),
1951                      sl->d,g10_errstr(rc));
1952
1953           free_keyserver_spec(spec);
1954         }
1955       else
1956         log_info (_("WARNING: unable to parse URI %s\n"),sl->d);
1957     }
1958
1959   opt.keyserver_options.import_options=options;
1960
1961   /* If the original options didn't have fast import, and the trustdb
1962      is dirty, rebuild. */
1963   if(!(opt.keyserver_options.import_options&IMPORT_FAST))
1964     trustdb_check_or_update();
1965
1966   return 0;
1967 }
1968
1969 /* Import key in a CERT or pointed to by a CERT */
1970 int
1971 keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len)
1972 {
1973   char *domain,*look,*url;
1974   IOBUF key;
1975   int type,rc=G10ERR_GENERAL;
1976
1977   look=xstrdup(name);
1978
1979   domain=strrchr(look,'@');
1980   if(domain)
1981     *domain='.';
1982
1983   type=get_cert(look,max_cert_size,&key,fpr,fpr_len,&url);
1984   if(type==1)
1985     {
1986       int armor_status=opt.no_armor;
1987
1988       /* CERTs are always in binary format */
1989       opt.no_armor=1;
1990
1991       rc=import_keys_stream(key,NULL,fpr,fpr_len,
1992                             opt.keyserver_options.import_options);
1993
1994       opt.no_armor=armor_status;
1995
1996       iobuf_close(key);
1997     }
1998   else if(type==2 && *fpr)
1999     {
2000       /* We only consider the IPGP type if a fingerprint was provided.
2001          This lets us select the right key regardless of what a URL
2002          points to, or get the key from a keyserver. */
2003       if(url)
2004         {
2005           struct keyserver_spec *spec;
2006
2007           spec=parse_keyserver_uri(url,1,NULL,0);
2008           if(spec)
2009             {
2010               STRLIST list=NULL;
2011
2012               add_to_strlist(&list,url);
2013
2014               rc=keyserver_fetch(list);
2015
2016               free_strlist(list);
2017               free_keyserver_spec(spec);
2018             }
2019         }
2020       else if(opt.keyserver)
2021         {
2022           /* If only a fingerprint is provided, try and fetch it from
2023              our --keyserver */
2024
2025           rc=keyserver_import_fprint(*fpr,*fpr_len,opt.keyserver);
2026         }
2027       else
2028         log_info(_("no keyserver known (use option --keyserver)\n"));
2029
2030       /* Give a better string here? "CERT fingerprint for \"%s\"
2031          found, but no keyserver" " known (use option
2032          --keyserver)\n" ? */
2033
2034       xfree(url);
2035     }
2036
2037   xfree(look);
2038
2039   return rc;
2040 }
2041
2042 /* Import key pointed to by a PKA record. Return the requested
2043    fingerprint in fpr. */
2044 int
2045 keyserver_import_pka(const char *name,unsigned char **fpr,size_t *fpr_len)
2046 {
2047   char *uri;
2048   int rc=-1;
2049
2050   *fpr=xmalloc(20);
2051   *fpr_len=20;
2052
2053   uri = get_pka_info (name, *fpr);
2054   if (uri)
2055     {
2056       struct keyserver_spec *spec;
2057       spec = parse_keyserver_uri (uri, 1, NULL, 0);
2058       if (spec)
2059         {
2060           rc=keyserver_import_fprint (*fpr, 20, spec);
2061           free_keyserver_spec (spec);
2062         }
2063       xfree (uri);
2064     }
2065
2066   if(rc!=0)
2067     xfree(*fpr);
2068
2069   return rc;
2070 }
2071
2072 /* Import all keys that match name */
2073 int
2074 keyserver_import_name(const char *name,unsigned char **fpr,size_t *fpr_len,
2075                       struct keyserver_spec *keyserver)
2076 {
2077   STRLIST list=NULL;
2078   int rc;
2079
2080   append_to_strlist(&list,name);
2081
2082   rc=keyserver_work(KS_GETNAME,list,NULL,0,fpr,fpr_len,keyserver);
2083
2084   free_strlist(list);
2085
2086   return rc;
2087 }
2088
2089 /* Use the PGP Universal trick of asking ldap://keys.(maildomain) for
2090    the key. */
2091 int
2092 keyserver_import_ldap(const char *name,unsigned char **fpr,size_t *fpr_len)
2093 {
2094   char *domain;
2095   struct keyserver_spec *keyserver;
2096   STRLIST list=NULL;
2097   int rc;
2098
2099   append_to_strlist(&list,name);
2100
2101   /* Parse out the domain */
2102   domain=strrchr(name,'@');
2103   if(!domain)
2104     return G10ERR_GENERAL;
2105
2106   domain++;
2107
2108   keyserver=xmalloc_clear(sizeof(struct keyserver_spec));
2109
2110   keyserver->scheme=xstrdup("ldap");
2111   keyserver->host=xmalloc(5+strlen(domain)+1);
2112   strcpy(keyserver->host,"keys.");
2113   strcat(keyserver->host,domain);
2114   keyserver->uri=xmalloc(strlen(keyserver->scheme)+
2115                          3+strlen(keyserver->host)+1);
2116   strcpy(keyserver->uri,keyserver->scheme);
2117   strcat(keyserver->uri,"://");
2118   strcat(keyserver->uri,keyserver->host);
2119     
2120   rc=keyserver_work(KS_GETNAME,list,NULL,0,fpr,fpr_len,keyserver);
2121
2122   free_strlist(list);
2123
2124   free_keyserver_spec(keyserver);
2125
2126   return rc;
2127 }