Flush keyserver search output.
[gnupg.git] / g10 / keyserver.c
1 /* keyserver.c - generic keyserver code
2  * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006,
3  *               2007, 2008 Free Software Foundation, Inc.
4  *
5  * This file is part of GnuPG.
6  *
7  * GnuPG is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 3 of the License, or
10  * (at your option) any later version.
11  *
12  * GnuPG is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, see <http://www.gnu.org/licenses/>.
19  */
20
21 #include <config.h>
22 #include <ctype.h>
23 #include <stdio.h>
24 #include <string.h>
25 #include <stdlib.h>
26 #include <assert.h>
27 #include <errno.h>
28
29 #include "gpg.h"
30 #include "iobuf.h"
31 #include "filter.h"
32 #include "keydb.h"
33 #include "status.h"
34 #include "exec.h"
35 #include "main.h"
36 #include "i18n.h"
37 #include "ttyio.h"
38 #include "options.h"
39 #include "packet.h"
40 #include "trustdb.h"
41 #include "keyserver-internal.h"
42 #include "util.h"
43 #include "dns-cert.h"
44 #include "pka.h"
45
46 #ifdef HAVE_W32_SYSTEM
47 /* It seems Vista doesn't grok X_OK and so fails access() tests.
48    Previous versions interpreted X_OK as F_OK anyway, so we'll just
49    use F_OK directly. */
50 #undef X_OK
51 #define X_OK F_OK
52 #endif /* HAVE_W32_SYSTEM */
53
54 struct keyrec
55 {
56   KEYDB_SEARCH_DESC desc;
57   u32 createtime,expiretime;
58   int size,flags;
59   byte type;
60   IOBUF uidbuf;
61   unsigned int lines;
62 };
63
64 enum ks_action {KS_UNKNOWN=0,KS_GET,KS_GETNAME,KS_SEND,KS_SEARCH};
65
66 static struct parse_options keyserver_opts[]=
67   {
68     /* some of these options are not real - just for the help
69        message */
70     {"max-cert-size",0,NULL,NULL},
71     {"include-revoked",0,NULL,N_("include revoked keys in search results")},
72     {"include-subkeys",0,NULL,N_("include subkeys when searching by key ID")},
73     {"use-temp-files",0,NULL,
74      N_("use temporary files to pass data to keyserver helpers")},
75     {"keep-temp-files",KEYSERVER_KEEP_TEMP_FILES,NULL,
76      N_("do not delete temporary files after using them")},
77     {"refresh-add-fake-v3-keyids",KEYSERVER_ADD_FAKE_V3,NULL,
78      NULL},
79     {"auto-key-retrieve",KEYSERVER_AUTO_KEY_RETRIEVE,NULL,
80      N_("automatically retrieve keys when verifying signatures")},
81     {"honor-keyserver-url",KEYSERVER_HONOR_KEYSERVER_URL,NULL,
82      N_("honor the preferred keyserver URL set on the key")},
83     {"honor-pka-record",KEYSERVER_HONOR_PKA_RECORD,NULL,
84      N_("honor the PKA record set on a key when retrieving keys")},
85     {NULL,0,NULL,NULL}
86   };
87
88 static int keyserver_work(enum ks_action action,strlist_t list,
89                           KEYDB_SEARCH_DESC *desc,int count,
90                           unsigned char **fpr,size_t *fpr_len,
91                           struct keyserver_spec *keyserver);
92
93 /* Reasonable guess */
94 #define DEFAULT_MAX_CERT_SIZE 16384
95
96 static size_t max_cert_size=DEFAULT_MAX_CERT_SIZE;
97
98 static void
99 add_canonical_option(char *option,strlist_t *list)
100 {
101   char *arg=argsplit(option);
102
103   if(arg)
104     {
105       char *joined;
106
107       joined=xmalloc(strlen(option)+1+strlen(arg)+1);
108       /* Make a canonical name=value form with no spaces */
109       strcpy(joined,option);
110       strcat(joined,"=");
111       strcat(joined,arg);
112       append_to_strlist(list,joined);
113       xfree(joined);
114     }
115   else
116     append_to_strlist(list,option);
117 }
118
119 int
120 parse_keyserver_options(char *options)
121 {
122   int ret=1;
123   char *tok;
124   char *max_cert=NULL;
125
126   keyserver_opts[0].value=&max_cert;
127
128   while((tok=optsep(&options)))
129     {
130       if(tok[0]=='\0')
131         continue;
132
133       /* For backwards compatibility.  1.2.x used honor-http-proxy and
134          there are a good number of documents published that recommend
135          it. */
136       if(ascii_strcasecmp(tok,"honor-http-proxy")==0)
137         tok="http-proxy";
138       else if(ascii_strcasecmp(tok,"no-honor-http-proxy")==0)
139         tok="no-http-proxy";
140
141       /* We accept quite a few possible options here - some options to
142          handle specially, the keyserver_options list, and import and
143          export options that pertain to keyserver operations.  Note
144          that you must use strncasecmp here as there might be an
145          =argument attached which will foil the use of strcasecmp. */
146
147 #ifdef EXEC_TEMPFILE_ONLY
148       if(ascii_strncasecmp(tok,"use-temp-files",14)==0 ||
149               ascii_strncasecmp(tok,"no-use-temp-files",17)==0)
150         log_info(_("WARNING: keyserver option `%s' is not used"
151                    " on this platform\n"),tok);
152 #else
153       if(ascii_strncasecmp(tok,"use-temp-files",14)==0)
154         opt.keyserver_options.options|=KEYSERVER_USE_TEMP_FILES;
155       else if(ascii_strncasecmp(tok,"no-use-temp-files",17)==0)
156         opt.keyserver_options.options&=~KEYSERVER_USE_TEMP_FILES;
157 #endif
158       else if(!parse_options(tok,&opt.keyserver_options.options,
159                              keyserver_opts,0)
160          && !parse_import_options(tok,
161                                   &opt.keyserver_options.import_options,0)
162          && !parse_export_options(tok,
163                                   &opt.keyserver_options.export_options,0))
164         {
165           /* All of the standard options have failed, so the option is
166              destined for a keyserver plugin. */
167           add_canonical_option(tok,&opt.keyserver_options.other);
168         }
169     }
170
171   if(max_cert)
172     {
173       max_cert_size=strtoul(max_cert,(char **)NULL,10);
174
175       if(max_cert_size==0)
176         max_cert_size=DEFAULT_MAX_CERT_SIZE;
177     }
178
179   return ret;
180 }
181
182 void
183 free_keyserver_spec(struct keyserver_spec *keyserver)
184 {
185   xfree(keyserver->uri);
186   xfree(keyserver->scheme);
187   xfree(keyserver->auth);
188   xfree(keyserver->host);
189   xfree(keyserver->port);
190   xfree(keyserver->path);
191   xfree(keyserver->opaque);
192   free_strlist(keyserver->options);
193   xfree(keyserver);
194 }
195
196 /* Return 0 for match */
197 static int
198 cmp_keyserver_spec(struct keyserver_spec *one,struct keyserver_spec *two)
199 {
200   if(ascii_strcasecmp(one->scheme,two->scheme)==0)
201     {
202       if(one->host && two->host && ascii_strcasecmp(one->host,two->host)==0)
203         {
204           if((one->port && two->port
205               && ascii_strcasecmp(one->port,two->port)==0)
206              || (!one->port && !two->port))
207             return 0;
208         }
209       else if(one->opaque && two->opaque
210               && ascii_strcasecmp(one->opaque,two->opaque)==0)
211         return 0;
212     }
213
214   return 1;
215 }
216
217 /* Try and match one of our keyservers.  If we can, return that.  If
218    we can't, return our input. */
219 struct keyserver_spec *
220 keyserver_match(struct keyserver_spec *spec)
221 {
222   struct keyserver_spec *ks;
223
224   for(ks=opt.keyserver;ks;ks=ks->next)
225     if(cmp_keyserver_spec(spec,ks)==0)
226       return ks;
227
228   return spec;
229 }
230
231 /* TODO: once we cut over to an all-curl world, we don't need this
232    parser any longer so it can be removed, or at least moved to
233    keyserver/ksutil.c for limited use in gpgkeys_ldap or the like. */
234
235 struct keyserver_spec *
236 parse_keyserver_uri(const char *string,int require_scheme,
237                     const char *configname,unsigned int configlineno)
238 {
239   int assume_hkp=0;
240   struct keyserver_spec *keyserver;
241   const char *idx;
242   int count;
243   char *uri,*options;
244
245   assert(string!=NULL);
246
247   keyserver=xmalloc_clear(sizeof(struct keyserver_spec));
248
249   uri=xstrdup(string);
250
251   options=strchr(uri,' ');
252   if(options)
253     {
254       char *tok;
255
256       *options='\0';
257       options++;
258
259       while((tok=optsep(&options)))
260         add_canonical_option(tok,&keyserver->options);
261     }
262
263   /* Get the scheme */
264
265   for(idx=uri,count=0;*idx && *idx!=':';idx++)
266     {
267       count++;
268
269       /* Do we see the start of an RFC-2732 ipv6 address here?  If so,
270          there clearly isn't a scheme so get out early. */
271       if(*idx=='[')
272         {
273           /* Was the '[' the first thing in the string?  If not, we
274              have a mangled scheme with a [ in it so fail. */
275           if(count==1)
276             break;
277           else
278             goto fail;
279         }
280     }
281
282   if(count==0)
283     goto fail;
284
285   if(*idx=='\0' || *idx=='[')
286     {
287       if(require_scheme)
288         return NULL;
289
290       /* Assume HKP if there is no scheme */
291       assume_hkp=1;
292       keyserver->scheme=xstrdup("hkp");
293
294       keyserver->uri=xmalloc(strlen(keyserver->scheme)+3+strlen(uri)+1);
295       strcpy(keyserver->uri,keyserver->scheme);
296       strcat(keyserver->uri,"://");
297       strcat(keyserver->uri,uri);
298     }
299   else
300     {
301       int i;
302
303       keyserver->uri=xstrdup(uri);
304
305       keyserver->scheme=xmalloc(count+1);
306
307       /* Force to lowercase */
308       for(i=0;i<count;i++)
309         keyserver->scheme[i]=ascii_tolower(uri[i]);
310
311       keyserver->scheme[i]='\0';
312
313       /* Skip past the scheme and colon */
314       uri+=count+1;
315     }
316
317   if(ascii_strcasecmp(keyserver->scheme,"x-broken-hkp")==0)
318     {
319       deprecated_warning(configname,configlineno,"x-broken-hkp",
320                          "--keyserver-options ","broken-http-proxy");
321       xfree(keyserver->scheme);
322       keyserver->scheme=xstrdup("hkp");
323       append_to_strlist(&opt.keyserver_options.other,"broken-http-proxy");
324     }
325   else if(ascii_strcasecmp(keyserver->scheme,"x-hkp")==0)
326     {
327       /* Canonicalize this to "hkp" so it works with both the internal
328          and external keyserver interface. */
329       xfree(keyserver->scheme);
330       keyserver->scheme=xstrdup("hkp");
331     }
332
333   if (uri[0]=='/' && uri[1]=='/' && uri[2] == '/')
334     {
335       /* Three slashes means network path with a default host name.
336          This is a hack because it does not crok all possible
337          combiantions.  We should better repalce all code bythe parser
338          from http.c.  */
339       keyserver->path = xstrdup (uri+2);
340     }
341   else if(assume_hkp || (uri[0]=='/' && uri[1]=='/'))
342     {
343       /* Two slashes means network path. */
344
345       /* Skip over the "//", if any */
346       if(!assume_hkp)
347         uri+=2;
348
349       /* Do we have userinfo auth data present? */
350       for(idx=uri,count=0;*idx && *idx!='@' && *idx!='/';idx++)
351         count++;
352
353       /* We found a @ before the slash, so that means everything
354          before the @ is auth data. */
355       if(*idx=='@')
356         {
357           if(count==0)
358             goto fail;
359
360           keyserver->auth=xmalloc(count+1);
361           strncpy(keyserver->auth,uri,count);
362           keyserver->auth[count]='\0';
363           uri+=count+1;
364         }
365
366       /* Is it an RFC-2732 ipv6 [literal address] ? */
367       if(*uri=='[')
368         {
369           for(idx=uri+1,count=1;*idx
370                 && ((isascii (*idx) && isxdigit(*idx))
371                     || *idx==':' || *idx=='.');idx++)
372             count++;
373
374           /* Is the ipv6 literal address terminated? */
375           if(*idx==']')
376             count++;
377           else
378             goto fail;
379         }
380       else
381         for(idx=uri,count=0;*idx && *idx!=':' && *idx!='/';idx++)
382           count++;
383
384       if(count==0)
385         goto fail;
386
387       keyserver->host=xmalloc(count+1);
388       strncpy(keyserver->host,uri,count);
389       keyserver->host[count]='\0';
390
391       /* Skip past the host */
392       uri+=count;
393
394       if(*uri==':')
395         {
396           /* It would seem to be reasonable to limit the range of the
397              ports to values between 1-65535, but RFC 1738 and 1808
398              imply there is no limit.  Of course, the real world has
399              limits. */
400
401           for(idx=uri+1,count=0;*idx && *idx!='/';idx++)
402             {
403               count++;
404
405               /* Ports are digits only */
406               if(!digitp(idx))
407                 goto fail;
408             }
409
410           keyserver->port=xmalloc(count+1);
411           strncpy(keyserver->port,uri+1,count);
412           keyserver->port[count]='\0';
413
414           /* Skip past the colon and port number */
415           uri+=1+count;
416         }
417
418       /* Everything else is the path */
419       if(*uri)
420         keyserver->path=xstrdup(uri);
421       else
422         keyserver->path=xstrdup("/");
423
424       if(keyserver->path[1])
425         keyserver->flags.direct_uri=1;
426     }
427   else if(uri[0]!='/')
428     {
429       /* No slash means opaque.  Just record the opaque blob and get
430          out. */
431       keyserver->opaque=xstrdup(uri);
432     }
433   else
434     {
435       /* One slash means absolute path.  We don't need to support that
436          yet. */
437       goto fail;
438     }
439
440   return keyserver;
441
442  fail:
443   free_keyserver_spec(keyserver);
444
445   return NULL;
446 }
447
448 struct keyserver_spec *
449 parse_preferred_keyserver(PKT_signature *sig)
450 {
451   struct keyserver_spec *spec=NULL;
452   const byte *p;
453   size_t plen;
454
455   p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&plen);
456   if(p && plen)
457     {
458       byte *dupe=xmalloc(plen+1);
459
460       memcpy(dupe,p,plen);
461       dupe[plen]='\0';
462       spec=parse_keyserver_uri(dupe,1,NULL,0);
463       xfree(dupe);
464     }
465
466   return spec;
467 }
468
469 static void
470 print_keyrec(int number,struct keyrec *keyrec)
471 {
472   int i;
473
474   iobuf_writebyte(keyrec->uidbuf,0);
475   iobuf_flush_temp(keyrec->uidbuf);
476   printf("(%d)\t%s  ",number,iobuf_get_temp_buffer(keyrec->uidbuf));
477
478   if(keyrec->size>0)
479     printf("%d bit ",keyrec->size);
480
481   if(keyrec->type)
482     {
483       const char *str = gcry_pk_algo_name (keyrec->type);
484
485       if(str)
486         printf("%s ",str);
487       else
488         printf("unknown ");
489     }
490
491   switch(keyrec->desc.mode)
492     {
493       /* If the keyserver helper gave us a short keyid, we have no
494          choice but to use it.  Do check --keyid-format to add a 0x if
495          needed. */
496     case KEYDB_SEARCH_MODE_SHORT_KID:
497       printf("key %s%08lX",
498              (opt.keyid_format==KF_0xSHORT
499               || opt.keyid_format==KF_0xLONG)?"0x":"",
500              (ulong)keyrec->desc.u.kid[1]);
501       break;
502
503       /* However, if it gave us a long keyid, we can honor
504          --keyid-format */
505     case KEYDB_SEARCH_MODE_LONG_KID:
506       printf("key %s",keystr(keyrec->desc.u.kid));
507       break;
508
509     case KEYDB_SEARCH_MODE_FPR16:
510       printf("key ");
511       for(i=0;i<16;i++)
512         printf("%02X",keyrec->desc.u.fpr[i]);
513       break;
514
515     case KEYDB_SEARCH_MODE_FPR20:
516       printf("key ");
517       for(i=0;i<20;i++)
518         printf("%02X",keyrec->desc.u.fpr[i]);
519       break;
520
521     default:
522       BUG();
523       break;
524     }
525
526   if(keyrec->createtime>0)
527     {
528       printf(", ");
529       printf(_("created: %s"),strtimestamp(keyrec->createtime));
530     }
531
532   if(keyrec->expiretime>0)
533     {
534       printf(", ");
535       printf(_("expires: %s"),strtimestamp(keyrec->expiretime));
536     }
537
538   if(keyrec->flags&1)
539     printf(" (%s)",_("revoked"));
540   if(keyrec->flags&2)
541     printf(" (%s)",_("disabled"));
542   if(keyrec->flags&4)
543     printf(" (%s)",_("expired"));
544
545   printf("\n");
546 }
547
548 /* Returns a keyrec (which must be freed) once a key is complete, and
549    NULL otherwise.  Call with a NULL keystring once key parsing is
550    complete to return any unfinished keys. */
551 static struct keyrec *
552 parse_keyrec(char *keystring)
553 {
554   static struct keyrec *work=NULL;
555   struct keyrec *ret=NULL;
556   char *record;
557   int i;
558
559   if(keystring==NULL)
560     {
561       if(work==NULL)
562         return NULL;
563       else if(work->desc.mode==KEYDB_SEARCH_MODE_NONE)
564         {
565           xfree(work);
566           return NULL;
567         }
568       else
569         {
570           ret=work;
571           work=NULL;
572           return ret;
573         }
574     }
575
576   if(work==NULL)
577     {
578       work=xmalloc_clear(sizeof(struct keyrec));
579       work->uidbuf=iobuf_temp();
580     }
581
582   /* Remove trailing whitespace */
583   for(i=strlen(keystring);i>0;i--)
584     if(ascii_isspace(keystring[i-1]))
585       keystring[i-1]='\0';
586     else
587       break;
588
589   if((record=strsep(&keystring,":"))==NULL)
590     return ret;
591
592   if(ascii_strcasecmp("pub",record)==0)
593     {
594       char *tok;
595
596       if(work->desc.mode)
597         {
598           ret=work;
599           work=xmalloc_clear(sizeof(struct keyrec));
600           work->uidbuf=iobuf_temp();
601         }
602
603       if((tok=strsep(&keystring,":"))==NULL)
604         return ret;
605
606       classify_user_id(tok,&work->desc);
607       if(work->desc.mode!=KEYDB_SEARCH_MODE_SHORT_KID
608          && work->desc.mode!=KEYDB_SEARCH_MODE_LONG_KID
609          && work->desc.mode!=KEYDB_SEARCH_MODE_FPR16
610          && work->desc.mode!=KEYDB_SEARCH_MODE_FPR20)
611         {
612           work->desc.mode=KEYDB_SEARCH_MODE_NONE;
613           return ret;
614         }
615
616       /* Note all items after this are optional.  This allows us to
617          have a pub line as simple as pub:keyid and nothing else. */
618
619       work->lines++;
620
621       if((tok=strsep(&keystring,":"))==NULL)
622         return ret;
623
624       work->type=atoi(tok);
625
626       if((tok=strsep(&keystring,":"))==NULL)
627         return ret;
628
629       work->size=atoi(tok);
630
631       if((tok=strsep(&keystring,":"))==NULL)
632         return ret;
633
634       if(atoi(tok)<=0)
635         work->createtime=0;
636       else
637         work->createtime=atoi(tok);
638
639       if((tok=strsep(&keystring,":"))==NULL)
640         return ret;
641
642       if(atoi(tok)<=0)
643         work->expiretime=0;
644       else
645         {
646           work->expiretime=atoi(tok);
647           /* Force the 'e' flag on if this key is expired. */
648           if(work->expiretime<=make_timestamp())
649             work->flags|=4;
650         }
651
652       if((tok=strsep(&keystring,":"))==NULL)
653         return ret;
654
655       while(*tok)
656         switch(*tok++)
657           {
658           case 'r':
659           case 'R':
660             work->flags|=1;
661             break;
662             
663           case 'd':
664           case 'D':
665             work->flags|=2;
666             break;
667
668           case 'e':
669           case 'E':
670             work->flags|=4;
671             break;
672           }
673     }
674   else if(ascii_strcasecmp("uid",record)==0 && work->desc.mode)
675     {
676       char *userid,*tok,*decoded;
677
678       if((tok=strsep(&keystring,":"))==NULL)
679         return ret;
680
681       if(strlen(tok)==0)
682         return ret;
683
684       userid=tok;
685
686       /* By definition, de-%-encoding is always smaller than the
687          original string so we can decode in place. */
688
689       i=0;
690
691       while(*tok)
692         if(tok[0]=='%' && tok[1] && tok[2])
693           {
694             int c;
695
696             userid[i] = (c=hextobyte(&tok[1])) == -1 ? '?' : c;
697             i++;
698             tok+=3;
699           }
700         else
701           userid[i++]=*tok++;
702
703       /* We don't care about the other info provided in the uid: line
704          since no keyserver supports marking userids with timestamps
705          or revoked/expired/disabled yet. */
706
707       /* No need to check for control characters, as utf8_to_native
708          does this for us. */
709
710       decoded=utf8_to_native(userid,i,0);
711       if(strlen(decoded)>opt.screen_columns-10)
712         decoded[opt.screen_columns-10]='\0';
713       iobuf_writestr(work->uidbuf,decoded);
714       xfree(decoded);
715       iobuf_writestr(work->uidbuf,"\n\t");
716       work->lines++;
717     }
718
719   /* Ignore any records other than "pri" and "uid" for easy future
720      growth. */
721
722   return ret;
723 }
724
725 /* TODO: do this as a list sent to keyserver_work rather than calling
726    it once for each key to get the correct counts after the import
727    (cosmetics, really) and to better take advantage of the keyservers
728    that can do multiple fetches in one go (LDAP). */
729 static int
730 show_prompt(KEYDB_SEARCH_DESC *desc,int numdesc,int count,const char *search)
731 {
732   char *answer;
733
734   fflush (stdout);
735
736   if(count && opt.command_fd==-1)
737     {
738       static int from=1;
739       tty_printf("Keys %d-%d of %d for \"%s\".  ",from,numdesc,count,search);
740       from=numdesc+1;
741     }
742
743   answer=cpr_get_no_help("keysearch.prompt",
744                          _("Enter number(s), N)ext, or Q)uit > "));
745   /* control-d */
746   if(answer[0]=='\x04')
747     {
748       printf("Q\n");
749       answer[0]='q';
750     }
751
752   if(answer[0]=='q' || answer[0]=='Q')
753     {
754       xfree(answer);
755       return 1;
756     }
757   else if(atoi(answer)>=1 && atoi(answer)<=numdesc)
758     {
759       char *split=answer,*num;
760
761       while((num=strsep(&split," ,"))!=NULL)
762         if(atoi(num)>=1 && atoi(num)<=numdesc)
763           keyserver_work(KS_GET,NULL,&desc[atoi(num)-1],1,
764                          NULL,NULL,opt.keyserver);
765
766       xfree(answer);
767       return 1;
768     }
769
770   return 0;
771 }
772
773 /* Count and searchstr are just for cosmetics.  If the count is too
774    small, it will grow safely.  If negative it disables the "Key x-y
775    of z" messages.  searchstr should be UTF-8 (rather than native). */
776 static void
777 keyserver_search_prompt(IOBUF buffer,const char *searchstr)
778 {
779   int i=0,validcount=0,started=0,header=0,count=1;
780   unsigned int maxlen,buflen,numlines=0;
781   KEYDB_SEARCH_DESC *desc;
782   byte *line=NULL;
783   char *localstr=NULL;
784
785   if(searchstr)
786     localstr=utf8_to_native(searchstr,strlen(searchstr),0);
787
788   desc=xmalloc(count*sizeof(KEYDB_SEARCH_DESC));
789
790   for(;;)
791     {
792       struct keyrec *keyrec;
793       int rl;
794
795       maxlen=1024;
796       rl=iobuf_read_line(buffer,&line,&buflen,&maxlen);
797
798       if(opt.with_colons)
799         {
800           if(!header && ascii_strncasecmp("SEARCH ",line,7)==0
801              && ascii_strncasecmp(" BEGIN",&line[strlen(line)-7],6)==0)
802             {
803               header=1;
804               continue;
805             }
806           else if(ascii_strncasecmp("SEARCH ",line,7)==0
807                   && ascii_strncasecmp(" END",&line[strlen(line)-5],4)==0)
808             continue;
809
810           printf("%s",line);
811         }
812
813       /* Look for an info: line.  The only current info: values
814          defined are the version and key count. */
815       if(!started && rl>0 && ascii_strncasecmp("info:",line,5)==0)
816         {
817           char *tok,*str=&line[5];
818
819           if((tok=strsep(&str,":"))!=NULL)
820             {
821               int version;
822
823               if(sscanf(tok,"%d",&version)!=1)
824                 version=1;
825
826               if(version!=1)
827                 {
828                   log_error(_("invalid keyserver protocol "
829                               "(us %d!=handler %d)\n"),1,version);
830                   break;
831                 }
832             }
833
834           if((tok=strsep(&str,":"))!=NULL && sscanf(tok,"%d",&count)==1)
835             {
836               if(count==0)
837                 goto notfound;
838               else if(count<0)
839                 count=10;
840               else
841                 validcount=1;
842
843               desc=xrealloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
844             }
845
846           started=1;
847           continue;
848         }
849
850       if(rl==0)
851         {
852           keyrec=parse_keyrec(NULL);
853
854           if(keyrec==NULL)
855             {
856               if(i==0)
857                 {
858                   count=0;
859                   break;
860                 }
861
862               if(i!=count)
863                 validcount=0;
864
865               for(;;)
866                 {
867                   if(show_prompt(desc,i,validcount?count:0,localstr))
868                     break;
869                   validcount=0;
870                 }
871
872               break;
873             }
874         }
875       else
876         keyrec=parse_keyrec(line);
877
878       if(i==count)
879         {
880           /* keyserver helper sent more keys than they claimed in the
881              info: line. */
882           count+=10;
883           desc=xrealloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
884           validcount=0;
885         }
886
887       if(keyrec)
888         {
889           desc[i]=keyrec->desc;
890
891           if(!opt.with_colons)
892             {
893               /* screen_lines - 1 for the prompt. */
894               if(numlines+keyrec->lines>opt.screen_lines-1)
895                 {
896                   if(show_prompt(desc,i,validcount?count:0,localstr))
897                     break;
898                   else
899                     numlines=0;
900                 }
901
902               print_keyrec(i+1,keyrec);
903             }
904
905           numlines+=keyrec->lines;
906           iobuf_close(keyrec->uidbuf);
907           xfree(keyrec);
908
909           started=1;
910           i++;
911         }
912     }
913
914  notfound:
915   /* Leave this commented out or now, and perhaps for a very long
916      time.  All HKPish servers return HTML error messages for
917      no-key-found. */
918   /* 
919      if(!started)
920      log_info(_("keyserver does not support searching\n"));
921      else
922   */
923   if(count==0)
924     {
925       if(localstr)
926         log_info(_("key \"%s\" not found on keyserver\n"),localstr);
927       else
928         log_info(_("key not found on keyserver\n"));
929     }
930
931   xfree(localstr);
932   xfree(desc);
933   xfree(line);
934 }
935
936 /* We sometimes want to use a different gpgkeys_xxx for a given
937    protocol (for example, ldaps is handled by gpgkeys_ldap).  Map
938    these here. */
939 static const char *
940 keyserver_typemap(const char *type)
941 {
942   if(strcmp(type,"ldaps")==0)
943     return "ldap";
944   else
945     return type;
946 }
947
948 /* The PGP LDAP and the curl fetch-a-LDAP-object methodologies are
949    sufficiently different that we can't use curl to do LDAP. */
950 static int
951 direct_uri_map(const char *scheme,unsigned int is_direct)
952 {
953   if(is_direct && strcmp(scheme,"ldap")==0)
954     return 1;
955
956   return 0;
957 }
958
959 #if GNUPG_MAJOR_VERSION == 2
960 #define GPGKEYS_PREFIX "gpg2keys_"
961 #else
962 #define GPGKEYS_PREFIX "gpgkeys_"
963 #endif
964 #define GPGKEYS_CURL GPGKEYS_PREFIX "curl" EXEEXT
965 #define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_CURL))
966 #define KEYSERVER_ARGS_KEEP " -o \"%O\" \"%I\""
967 #define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\""
968
969 static int 
970 keyserver_spawn(enum ks_action action,strlist_t list,KEYDB_SEARCH_DESC *desc,
971                 int count,int *prog,unsigned char **fpr,size_t *fpr_len,
972                 struct keyserver_spec *keyserver)
973 {
974   int ret=0,i,gotversion=0,outofband=0;
975   strlist_t temp;
976   unsigned int maxlen,buflen;
977   char *command,*end,*searchstr=NULL;
978   byte *line=NULL;
979   struct exec_info *spawn;
980   const char *scheme;
981   const char *libexecdir = gnupg_libexecdir ();
982
983   assert(keyserver);
984
985 #ifdef EXEC_TEMPFILE_ONLY
986   opt.keyserver_options.options|=KEYSERVER_USE_TEMP_FILES;
987 #endif
988
989   /* Build the filename for the helper to execute */
990   scheme=keyserver_typemap(keyserver->scheme);
991
992 #ifdef DISABLE_KEYSERVER_PATH
993   /* Destroy any path we might have.  This is a little tricky,
994      portability-wise.  It's not correct to delete the PATH
995      environment variable, as that may fall back to a system built-in
996      PATH.  Similarly, it is not correct to set PATH to the null
997      string (PATH="") since this actually deletes the PATH environment
998      variable under MinGW.  The safest thing to do here is to force
999      PATH to be GNUPG_LIBEXECDIR.  All this is not that meaningful on
1000      Unix-like systems (since we're going to give a full path to
1001      gpgkeys_foo), but on W32 it prevents loading any DLLs from
1002      directories in %PATH%.
1003
1004      After some more thinking about this we came to the conclusion
1005      that it is better to load the helpers from the directory where
1006      the program of this process lives.  Fortunately Windows provides
1007      a way to retrieve this and our gnupg_libexecdir function has been
1008      modified to return just this.  Setting the exec-path is not
1009      anymore required.  
1010        set_exec_path(libexecdir);
1011  */
1012 #else
1013   if(opt.exec_path_set)
1014     {
1015       /* If exec-path was set, and DISABLE_KEYSERVER_PATH is
1016          undefined, then don't specify a full path to gpgkeys_foo, so
1017          that the PATH can work. */
1018       command=xmalloc(GPGKEYS_PREFIX_LEN+strlen(scheme)+3+strlen(EXEEXT)+1);
1019       command[0]='\0';
1020     }
1021   else
1022 #endif
1023     {
1024       /* Specify a full path to gpgkeys_foo. */
1025       command=xmalloc(strlen(libexecdir)+strlen(DIRSEP_S)+
1026                       GPGKEYS_PREFIX_LEN+strlen(scheme)+3+strlen(EXEEXT)+1);
1027       strcpy(command,libexecdir);
1028       strcat(command,DIRSEP_S);
1029     }
1030
1031   end=command+strlen(command);
1032
1033   /* Build a path for the keyserver helper.  If it is direct_uri
1034      (i.e. an object fetch and not a keyserver), then add "_uri" to
1035      the end to distinguish the keyserver helper from an object
1036      fetcher that can speak that protocol (this is a problem for
1037      LDAP). */
1038
1039   strcat(command,GPGKEYS_PREFIX); 
1040   strcat(command,scheme);
1041
1042   /* This "_uri" thing is in case we need to call a direct handler
1043      instead of the keyserver handler.  This lets us use gpgkeys_curl
1044      or gpgkeys_ldap_uri (we don't provide it, but a user might)
1045      instead of gpgkeys_ldap to fetch things like
1046      ldap://keyserver.pgp.com/o=PGP%20keys?pgpkey?sub?pgpkeyid=99242560 */
1047
1048   if(direct_uri_map(scheme,keyserver->flags.direct_uri))
1049     strcat(command,"_uri");
1050
1051   strcat(command,EXEEXT);
1052
1053   /* Can we execute it?  If not, try curl as our catchall. */
1054   if(path_access(command,X_OK)!=0)
1055     strcpy(end,GPGKEYS_CURL);
1056
1057   if(opt.keyserver_options.options&KEYSERVER_USE_TEMP_FILES)
1058     {
1059       if(opt.keyserver_options.options&KEYSERVER_KEEP_TEMP_FILES)
1060         {
1061           command=xrealloc(command,strlen(command)+
1062                             strlen(KEYSERVER_ARGS_KEEP)+1);
1063           strcat(command,KEYSERVER_ARGS_KEEP);
1064         }
1065       else
1066         {
1067           command=xrealloc(command,strlen(command)+
1068                             strlen(KEYSERVER_ARGS_NOKEEP)+1);
1069           strcat(command,KEYSERVER_ARGS_NOKEEP);  
1070         }
1071
1072       ret=exec_write(&spawn,NULL,command,NULL,0,0);
1073     }
1074   else
1075     ret=exec_write(&spawn,command,NULL,NULL,0,0);
1076
1077   xfree(command);
1078
1079   if(ret)
1080     return ret;
1081
1082   fprintf(spawn->tochild,
1083           "# This is a GnuPG %s keyserver communications file\n",VERSION);
1084   fprintf(spawn->tochild,"VERSION %d\n",KEYSERVER_PROTO_VERSION);
1085   fprintf(spawn->tochild,"PROGRAM %s\n",VERSION);
1086   fprintf(spawn->tochild,"SCHEME %s\n",keyserver->scheme);
1087
1088   if(keyserver->opaque)
1089     fprintf(spawn->tochild,"OPAQUE %s\n",keyserver->opaque);
1090   else
1091     {
1092       if(keyserver->auth)
1093         fprintf(spawn->tochild,"AUTH %s\n",keyserver->auth);
1094
1095       if(keyserver->host)
1096         fprintf(spawn->tochild,"HOST %s\n",keyserver->host);
1097
1098       if(keyserver->port)
1099         fprintf(spawn->tochild,"PORT %s\n",keyserver->port);
1100
1101       if(keyserver->path)
1102         fprintf(spawn->tochild,"PATH %s\n",keyserver->path);
1103     }
1104
1105   /* Write global options */
1106
1107   for(temp=opt.keyserver_options.other;temp;temp=temp->next)
1108     fprintf(spawn->tochild,"OPTION %s\n",temp->d);
1109
1110   /* Write per-keyserver options */
1111
1112   for(temp=keyserver->options;temp;temp=temp->next)
1113     fprintf(spawn->tochild,"OPTION %s\n",temp->d);
1114
1115   switch(action)
1116     {
1117     case KS_GET:
1118       {
1119         fprintf(spawn->tochild,"COMMAND GET\n\n");
1120
1121         /* Which keys do we want? */
1122
1123         for(i=0;i<count;i++)
1124           {
1125             int quiet=0;
1126
1127             if(desc[i].mode==KEYDB_SEARCH_MODE_FPR20)
1128               {
1129                 int f;
1130
1131                 fprintf(spawn->tochild,"0x");
1132
1133                 for(f=0;f<MAX_FINGERPRINT_LEN;f++)
1134                   fprintf(spawn->tochild,"%02X",desc[i].u.fpr[f]);
1135
1136                 fprintf(spawn->tochild,"\n");
1137               }
1138             else if(desc[i].mode==KEYDB_SEARCH_MODE_FPR16)
1139               {
1140                 int f;
1141
1142                 fprintf(spawn->tochild,"0x");
1143
1144                 for(f=0;f<16;f++)
1145                   fprintf(spawn->tochild,"%02X",desc[i].u.fpr[f]);
1146
1147                 fprintf(spawn->tochild,"\n");
1148               }
1149             else if(desc[i].mode==KEYDB_SEARCH_MODE_LONG_KID)
1150               fprintf(spawn->tochild,"0x%08lX%08lX\n",
1151                       (ulong)desc[i].u.kid[0],
1152                       (ulong)desc[i].u.kid[1]);
1153             else if(desc[i].mode==KEYDB_SEARCH_MODE_SHORT_KID)
1154               fprintf(spawn->tochild,"0x%08lX\n",
1155                       (ulong)desc[i].u.kid[1]);
1156             else if(desc[i].mode==KEYDB_SEARCH_MODE_EXACT)
1157               {
1158                 fprintf(spawn->tochild,"0x0000000000000000\n");
1159                 quiet=1;
1160               }
1161             else if(desc[i].mode==KEYDB_SEARCH_MODE_NONE)
1162               continue;
1163             else
1164               BUG();
1165
1166             if(!quiet)
1167               {
1168                 if(keyserver->host)
1169                   log_info(_("requesting key %s from %s server %s\n"),
1170                            keystr_from_desc(&desc[i]),
1171                            keyserver->scheme,keyserver->host);
1172                 else
1173                   log_info(_("requesting key %s from %s\n"),
1174                            keystr_from_desc(&desc[i]),keyserver->uri);
1175               }
1176           }
1177
1178         fprintf(spawn->tochild,"\n");
1179
1180         break;
1181       }
1182
1183     case KS_GETNAME:
1184       {
1185         strlist_t key;
1186
1187         fprintf(spawn->tochild,"COMMAND GETNAME\n\n");
1188
1189         /* Which names do we want? */
1190
1191         for(key=list;key!=NULL;key=key->next)
1192           fprintf(spawn->tochild,"%s\n",key->d);
1193
1194         fprintf(spawn->tochild,"\n");
1195
1196         if(keyserver->host)
1197           log_info(_("searching for names from %s server %s\n"),
1198                    keyserver->scheme,keyserver->host);
1199         else
1200           log_info(_("searching for names from %s\n"),keyserver->uri);
1201
1202         break;
1203       }
1204
1205     case KS_SEND:
1206       {
1207         strlist_t key;
1208
1209         /* Note the extra \n here to send an empty keylist block */
1210         fprintf(spawn->tochild,"COMMAND SEND\n\n\n");
1211
1212         for(key=list;key!=NULL;key=key->next)
1213           {
1214             armor_filter_context_t *afx;
1215             IOBUF buffer = iobuf_temp ();
1216             KBNODE block;
1217
1218             temp=NULL;
1219             add_to_strlist(&temp,key->d);
1220
1221             afx = new_armor_context ();
1222             afx->what = 1;
1223             /* Tell the armor filter to use Unix-style \n line
1224                endings, since we're going to fprintf this to a file
1225                that (on Win32) is open in text mode.  The win32 stdio
1226                will transform the \n to \r\n and we'll end up with the
1227                proper line endings on win32.  This is a no-op on
1228                Unix. */
1229             afx->eol[0] = '\n';
1230             push_armor_filter (afx, buffer);
1231             release_armor_context (afx);
1232
1233             /* TODO: Remove Comment: lines from keys exported this
1234                way? */
1235
1236             if(export_pubkeys_stream(buffer,temp,&block,
1237                                      opt.keyserver_options.export_options)==-1)
1238               iobuf_close(buffer);
1239             else
1240               {
1241                 KBNODE node;
1242
1243                 iobuf_flush_temp(buffer);
1244
1245                 merge_keys_and_selfsig(block);
1246
1247                 fprintf(spawn->tochild,"INFO %08lX%08lX BEGIN\n",
1248                         (ulong)block->pkt->pkt.public_key->keyid[0],
1249                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1250
1251                 for(node=block;node;node=node->next)
1252                   {
1253                     switch(node->pkt->pkttype)
1254                       {
1255                       default:
1256                         continue;
1257
1258                       case PKT_PUBLIC_KEY:
1259                       case PKT_PUBLIC_SUBKEY:
1260                         {
1261                           PKT_public_key *pk=node->pkt->pkt.public_key;
1262
1263                           keyid_from_pk(pk,NULL);
1264
1265                           fprintf(spawn->tochild,"%sb:%08lX%08lX:%u:%u:%u:%u:",
1266                                   node->pkt->pkttype==PKT_PUBLIC_KEY?"pu":"su",
1267                                   (ulong)pk->keyid[0],(ulong)pk->keyid[1],
1268                                   pk->pubkey_algo,
1269                                   nbits_from_pk(pk),
1270                                   pk->timestamp,
1271                                   pk->expiredate);
1272
1273                           if(pk->is_revoked)
1274                             fprintf(spawn->tochild,"r");
1275                           if(pk->has_expired)
1276                             fprintf(spawn->tochild,"e");
1277
1278                           fprintf(spawn->tochild,"\n");
1279                         }
1280                         break;
1281
1282                       case PKT_USER_ID:
1283                         {
1284                           PKT_user_id *uid=node->pkt->pkt.user_id;
1285                           int r;
1286
1287                           if(uid->attrib_data)
1288                             continue;
1289
1290                           fprintf(spawn->tochild,"uid:");
1291
1292                           /* Quote ':', '%', and any 8-bit
1293                              characters */
1294                           for(r=0;r<uid->len;r++)
1295                             {
1296                               if(uid->name[r]==':' || uid->name[r]=='%'
1297                                  || uid->name[r]&0x80)
1298                                 fprintf(spawn->tochild,"%%%02X",
1299                                         (byte)uid->name[r]);
1300                               else
1301                                 fprintf(spawn->tochild,"%c",uid->name[r]);
1302                             }
1303
1304                           fprintf(spawn->tochild,":%u:%u:",
1305                                   uid->created,uid->expiredate);
1306
1307                           if(uid->is_revoked)
1308                             fprintf(spawn->tochild,"r");
1309                           if(uid->is_expired)
1310                             fprintf(spawn->tochild,"e");
1311
1312                           fprintf(spawn->tochild,"\n");
1313                         }
1314                         break;
1315
1316                         /* This bit is really for the benefit of
1317                            people who store their keys in LDAP
1318                            servers.  It makes it easy to do queries
1319                            for things like "all keys signed by
1320                            Isabella". */
1321                       case PKT_SIGNATURE:
1322                         {
1323                           PKT_signature *sig=node->pkt->pkt.signature;
1324
1325                           if(!IS_UID_SIG(sig))
1326                             continue;
1327
1328                           fprintf(spawn->tochild,"sig:%08lX%08lX:%X:%u:%u\n",
1329                                   (ulong)sig->keyid[0],(ulong)sig->keyid[1],
1330                                   sig->sig_class,sig->timestamp,
1331                                   sig->expiredate);
1332                         }
1333                         break;
1334                       }
1335                   }
1336
1337                 fprintf(spawn->tochild,"INFO %08lX%08lX END\n",
1338                         (ulong)block->pkt->pkt.public_key->keyid[0],
1339                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1340
1341                 fprintf(spawn->tochild,"KEY %08lX%08lX BEGIN\n",
1342                         (ulong)block->pkt->pkt.public_key->keyid[0],
1343                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1344                 fwrite(iobuf_get_temp_buffer(buffer),
1345                        iobuf_get_temp_length(buffer),1,spawn->tochild);
1346                 fprintf(spawn->tochild,"KEY %08lX%08lX END\n",
1347                         (ulong)block->pkt->pkt.public_key->keyid[0],
1348                         (ulong)block->pkt->pkt.public_key->keyid[1]);
1349
1350                 iobuf_close(buffer);
1351
1352                 if(keyserver->host)
1353                   log_info(_("sending key %s to %s server %s\n"),
1354                            keystr(block->pkt->pkt.public_key->keyid),
1355                            keyserver->scheme,keyserver->host);
1356                 else
1357                   log_info(_("sending key %s to %s\n"),
1358                            keystr(block->pkt->pkt.public_key->keyid),
1359                            keyserver->uri);
1360
1361                 release_kbnode(block);
1362               }
1363
1364             free_strlist(temp);
1365           }
1366
1367         break;
1368       }
1369
1370     case KS_SEARCH:
1371       {
1372         strlist_t key;
1373
1374         fprintf(spawn->tochild,"COMMAND SEARCH\n\n");
1375
1376         /* Which keys do we want?  Remember that the gpgkeys_ program
1377            is going to lump these together into a search string. */
1378
1379         for(key=list;key!=NULL;key=key->next)
1380           {
1381             fprintf(spawn->tochild,"%s\n",key->d);
1382             if(key!=list)
1383               {
1384                 searchstr=xrealloc(searchstr,
1385                                     strlen(searchstr)+strlen(key->d)+2);
1386                 strcat(searchstr," ");
1387               }
1388             else
1389               {
1390                 searchstr=xmalloc(strlen(key->d)+1);
1391                 searchstr[0]='\0';
1392               }
1393
1394             strcat(searchstr,key->d);
1395           }
1396
1397         fprintf(spawn->tochild,"\n");
1398
1399         if(keyserver->host)
1400           log_info(_("searching for \"%s\" from %s server %s\n"),
1401                    searchstr,keyserver->scheme,keyserver->host);
1402         else
1403           log_info(_("searching for \"%s\" from %s\n"),
1404                    searchstr,keyserver->uri);
1405
1406         break;
1407       }
1408
1409     default:
1410       log_fatal(_("no keyserver action!\n"));
1411       break;
1412     }
1413
1414   /* Done sending, so start reading. */
1415   ret=exec_read(spawn);
1416   if(ret)
1417     goto fail;
1418
1419   /* Now handle the response */
1420
1421   for(;;)
1422     {
1423       int plen;
1424       char *ptr;
1425
1426       maxlen=1024;
1427       if(iobuf_read_line(spawn->fromchild,&line,&buflen,&maxlen)==0)
1428         {
1429           ret = gpg_error_from_syserror ();
1430           goto fail; /* i.e. EOF */
1431         }
1432
1433       ptr=line;
1434
1435       /* remove trailing whitespace */
1436       plen=strlen(ptr);
1437       while(plen>0 && ascii_isspace(ptr[plen-1]))
1438         plen--;
1439       plen[ptr]='\0';
1440
1441       if(*ptr=='\0')
1442         break;
1443
1444       if(ascii_strncasecmp(ptr,"VERSION ",8)==0)
1445         {
1446           gotversion=1;
1447
1448           if(atoi(&ptr[8])!=KEYSERVER_PROTO_VERSION)
1449             {
1450               log_error(_("invalid keyserver protocol (us %d!=handler %d)\n"),
1451                         KEYSERVER_PROTO_VERSION,atoi(&ptr[8]));
1452               goto fail;
1453             }
1454         }
1455       else if(ascii_strncasecmp(ptr,"PROGRAM ",8)==0)
1456         {
1457           if(ascii_strncasecmp(&ptr[8],VERSION,strlen(VERSION))!=0)
1458             log_info(_("WARNING: keyserver handler from a different"
1459                        " version of GnuPG (%s)\n"),&ptr[8]);
1460         }
1461       else if(ascii_strncasecmp(ptr,"OPTION OUTOFBAND",16)==0)
1462         outofband=1; /* Currently the only OPTION */
1463     }
1464
1465   if(!gotversion)
1466     {
1467       log_error(_("keyserver did not send VERSION\n"));
1468       goto fail;
1469     }
1470
1471   if(!outofband)
1472     switch(action)
1473       {
1474       case KS_GET:
1475       case KS_GETNAME:
1476         {
1477           void *stats_handle;
1478
1479           stats_handle=import_new_stats_handle();
1480
1481           /* Slurp up all the key data.  In the future, it might be
1482              nice to look for KEY foo OUTOFBAND and FAILED indicators.
1483              It's harmless to ignore them, but ignoring them does make
1484              gpg complain about "no valid OpenPGP data found".  One
1485              way to do this could be to continue parsing this
1486              line-by-line and make a temp iobuf for each key. */
1487
1488           import_keys_stream(spawn->fromchild,stats_handle,fpr,fpr_len,
1489                              opt.keyserver_options.import_options);
1490
1491           import_print_stats(stats_handle);
1492           import_release_stats_handle(stats_handle);
1493
1494           break;
1495         }
1496
1497         /* Nothing to do here */
1498       case KS_SEND:
1499         break;
1500
1501       case KS_SEARCH:
1502         keyserver_search_prompt(spawn->fromchild,searchstr);
1503         break;
1504
1505       default:
1506         log_fatal(_("no keyserver action!\n"));
1507         break;
1508       }
1509
1510  fail:
1511   xfree(line);
1512   xfree(searchstr);
1513
1514
1515   *prog=exec_finish(spawn);
1516
1517   return ret;
1518 }
1519
1520 static int 
1521 keyserver_work(enum ks_action action,strlist_t list,KEYDB_SEARCH_DESC *desc,
1522                int count,unsigned char **fpr,size_t *fpr_len,
1523                struct keyserver_spec *keyserver)
1524 {
1525   int rc=0,ret=0;
1526
1527   if(!keyserver)
1528     {
1529       log_error(_("no keyserver known (use option --keyserver)\n"));
1530       return G10ERR_BAD_URI;
1531     }
1532
1533 #ifdef DISABLE_KEYSERVER_HELPERS
1534
1535   log_error(_("external keyserver calls are not supported in this build\n"));
1536   return G10ERR_KEYSERVER;
1537
1538 #else
1539   /* Spawn a handler */
1540
1541   rc=keyserver_spawn(action,list,desc,count,&ret,fpr,fpr_len,keyserver);
1542   if(ret)
1543     {
1544       switch(ret)
1545         {
1546         case KEYSERVER_SCHEME_NOT_FOUND:
1547           log_error(_("no handler for keyserver scheme `%s'\n"),
1548                     keyserver->scheme);
1549           break;
1550
1551         case KEYSERVER_NOT_SUPPORTED:
1552           log_error(_("action `%s' not supported with keyserver "
1553                       "scheme `%s'\n"),
1554                     action==KS_GET?"get":action==KS_SEND?"send":
1555                     action==KS_SEARCH?"search":"unknown",
1556                     keyserver->scheme);
1557           break;
1558
1559         case KEYSERVER_VERSION_ERROR:
1560           log_error(_(GPGKEYS_PREFIX "%s does not support"
1561                       " handler version %d\n"),
1562                     keyserver_typemap(keyserver->scheme),
1563                     KEYSERVER_PROTO_VERSION);
1564           break;
1565
1566         case KEYSERVER_TIMEOUT:
1567           log_error(_("keyserver timed out\n"));
1568           break;
1569
1570         case KEYSERVER_INTERNAL_ERROR:
1571         default:
1572           log_error(_("keyserver internal error\n"));
1573           break;
1574         }
1575
1576       return G10ERR_KEYSERVER;
1577     }
1578
1579   if(rc)
1580     {
1581       log_error(_("keyserver communications error: %s\n"),g10_errstr(rc));
1582
1583       return rc;
1584     }
1585
1586   return 0;
1587 #endif /* ! DISABLE_KEYSERVER_HELPERS*/
1588 }
1589
1590 int 
1591 keyserver_export(strlist_t users)
1592 {
1593   strlist_t sl=NULL;
1594   KEYDB_SEARCH_DESC desc;
1595   int rc=0;
1596
1597   /* Weed out descriptors that we don't support sending */
1598   for(;users;users=users->next)
1599     {
1600       classify_user_id (users->d, &desc);
1601       if(desc.mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
1602          desc.mode!=KEYDB_SEARCH_MODE_LONG_KID &&
1603          desc.mode!=KEYDB_SEARCH_MODE_FPR16 &&
1604          desc.mode!=KEYDB_SEARCH_MODE_FPR20)
1605         {
1606           log_error(_("\"%s\" not a key ID: skipping\n"),users->d);
1607           continue;
1608         }
1609       else
1610         append_to_strlist(&sl,users->d);
1611     }
1612
1613   if(sl)
1614     {
1615       rc=keyserver_work(KS_SEND,sl,NULL,0,NULL,NULL,opt.keyserver);
1616       free_strlist(sl);
1617     }
1618
1619   return rc;
1620 }
1621
1622 int 
1623 keyserver_import(strlist_t users)
1624 {
1625   KEYDB_SEARCH_DESC *desc;
1626   int num=100,count=0;
1627   int rc=0;
1628
1629   /* Build a list of key ids */
1630   desc=xmalloc(sizeof(KEYDB_SEARCH_DESC)*num);
1631
1632   for(;users;users=users->next)
1633     {
1634       classify_user_id (users->d, &desc[count]);
1635       if(desc[count].mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
1636          desc[count].mode!=KEYDB_SEARCH_MODE_LONG_KID &&
1637          desc[count].mode!=KEYDB_SEARCH_MODE_FPR16 &&
1638          desc[count].mode!=KEYDB_SEARCH_MODE_FPR20)
1639         {
1640           log_error(_("\"%s\" not a key ID: skipping\n"),users->d);
1641           continue;
1642         }
1643
1644       count++;
1645       if(count==num)
1646         {
1647           num+=100;
1648           desc=xrealloc(desc,sizeof(KEYDB_SEARCH_DESC)*num);
1649         }
1650     }
1651
1652   if(count>0)
1653     rc=keyserver_work(KS_GET,NULL,desc,count,NULL,NULL,opt.keyserver);
1654
1655   xfree(desc);
1656
1657   return rc;
1658 }
1659
1660 int
1661 keyserver_import_fprint(const byte *fprint,size_t fprint_len,
1662                         struct keyserver_spec *keyserver)
1663 {
1664   KEYDB_SEARCH_DESC desc;
1665
1666   memset(&desc,0,sizeof(desc));
1667
1668   if(fprint_len==16)
1669     desc.mode=KEYDB_SEARCH_MODE_FPR16;
1670   else if(fprint_len==20)
1671     desc.mode=KEYDB_SEARCH_MODE_FPR20;
1672   else
1673     return -1;
1674
1675   memcpy(desc.u.fpr,fprint,fprint_len);
1676
1677   /* TODO: Warn here if the fingerprint we got doesn't match the one
1678      we asked for? */
1679   return keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,keyserver);
1680 }
1681
1682 int 
1683 keyserver_import_keyid(u32 *keyid,struct keyserver_spec *keyserver)
1684 {
1685   KEYDB_SEARCH_DESC desc;
1686
1687   memset(&desc,0,sizeof(desc));
1688
1689   desc.mode=KEYDB_SEARCH_MODE_LONG_KID;
1690   desc.u.kid[0]=keyid[0];
1691   desc.u.kid[1]=keyid[1];
1692
1693   return keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,keyserver);
1694 }
1695
1696 /* code mostly stolen from do_export_stream */
1697 static int 
1698 keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
1699 {
1700   int rc=0,ndesc,num=100;
1701   KBNODE keyblock=NULL,node;
1702   KEYDB_HANDLE kdbhd;
1703   KEYDB_SEARCH_DESC *desc;
1704   strlist_t sl;
1705
1706   *count=0;
1707
1708   *klist=xmalloc(sizeof(KEYDB_SEARCH_DESC)*num);
1709
1710   kdbhd=keydb_new(0);
1711
1712   if(!users)
1713     {
1714       ndesc = 1;
1715       desc = xmalloc_clear ( ndesc * sizeof *desc);
1716       desc[0].mode = KEYDB_SEARCH_MODE_FIRST;
1717     }
1718   else
1719     {
1720       for (ndesc=0, sl=users; sl; sl = sl->next, ndesc++) 
1721         ;
1722       desc = xmalloc ( ndesc * sizeof *desc);
1723         
1724       for (ndesc=0, sl=users; sl; sl = sl->next)
1725         {
1726           if(classify_user_id (sl->d, desc+ndesc))
1727             ndesc++;
1728           else
1729             log_error (_("key \"%s\" not found: %s\n"),
1730                        sl->d, g10_errstr (G10ERR_INV_USER_ID));
1731         }
1732     }
1733
1734   while (!(rc = keydb_search (kdbhd, desc, ndesc)))
1735     {
1736       if (!users) 
1737         desc[0].mode = KEYDB_SEARCH_MODE_NEXT;
1738
1739       /* read the keyblock */
1740       rc = keydb_get_keyblock (kdbhd, &keyblock );
1741       if( rc )
1742         {
1743           log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) );
1744           goto leave;
1745         }
1746
1747       if((node=find_kbnode(keyblock,PKT_PUBLIC_KEY)))
1748         {
1749           /* This is to work around a bug in some keyservers (pksd and
1750              OKS) that calculate v4 RSA keyids as if they were v3 RSA.
1751              The answer is to refresh both the correct v4 keyid
1752              (e.g. 99242560) and the fake v3 keyid (e.g. 68FDDBC7).
1753              This only happens for key refresh using the HKP scheme
1754              and if the refresh-add-fake-v3-keyids keyserver option is
1755              set. */
1756           if(fakev3 && is_RSA(node->pkt->pkt.public_key->pubkey_algo) &&
1757              node->pkt->pkt.public_key->version>=4)
1758             {
1759               (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
1760               v3_keyid (node->pkt->pkt.public_key->pkey[0],
1761                         (*klist)[*count].u.kid);
1762               (*count)++;
1763
1764               if(*count==num)
1765                 {
1766                   num+=100;
1767                   *klist=xrealloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
1768                 }
1769             }
1770
1771           /* v4 keys get full fingerprints.  v3 keys get long keyids.
1772              This is because it's easy to calculate any sort of keyid
1773              from a v4 fingerprint, but not a v3 fingerprint. */
1774
1775           if(node->pkt->pkt.public_key->version<4)
1776             {
1777               (*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
1778               keyid_from_pk(node->pkt->pkt.public_key,
1779                             (*klist)[*count].u.kid);
1780             }
1781           else
1782             {
1783               size_t dummy;
1784
1785               (*klist)[*count].mode=KEYDB_SEARCH_MODE_FPR20;
1786               fingerprint_from_pk(node->pkt->pkt.public_key,
1787                                   (*klist)[*count].u.fpr,&dummy);
1788             }
1789
1790           /* This is a little hackish, using the skipfncvalue as a
1791              void* pointer to the keyserver spec, but we don't need
1792              the skipfnc here, and it saves having an additional field
1793              for this (which would be wasted space most of the
1794              time). */
1795
1796           (*klist)[*count].skipfncvalue=NULL;
1797
1798           /* Are we honoring preferred keyservers? */
1799           if(opt.keyserver_options.options&KEYSERVER_HONOR_KEYSERVER_URL)
1800             {
1801               PKT_user_id *uid=NULL;
1802               PKT_signature *sig=NULL;
1803
1804               merge_keys_and_selfsig(keyblock);
1805
1806               for(node=node->next;node;node=node->next)
1807                 {
1808                   if(node->pkt->pkttype==PKT_USER_ID
1809                      && node->pkt->pkt.user_id->is_primary)
1810                     uid=node->pkt->pkt.user_id;
1811                   else if(node->pkt->pkttype==PKT_SIGNATURE
1812                           && node->pkt->pkt.signature->
1813                           flags.chosen_selfsig && uid)
1814                     {
1815                       sig=node->pkt->pkt.signature;
1816                       break;
1817                     }
1818                 }
1819
1820               /* Try and parse the keyserver URL.  If it doesn't work,
1821                  then we end up writing NULL which indicates we are
1822                  the same as any other key. */
1823               if(sig)
1824                 (*klist)[*count].skipfncvalue=parse_preferred_keyserver(sig);
1825             }
1826
1827           (*count)++;
1828
1829           if(*count==num)
1830             {
1831               num+=100;
1832               *klist=xrealloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
1833             }
1834         }
1835     }
1836
1837   if(rc==-1)
1838     rc=0;
1839   
1840  leave:
1841   if(rc)
1842     xfree(*klist);
1843   xfree(desc);
1844   keydb_release(kdbhd);
1845   release_kbnode(keyblock);
1846
1847   return rc;
1848 }
1849
1850 /* Note this is different than the original HKP refresh.  It allows
1851    usernames to refresh only part of the keyring. */
1852
1853 int
1854 keyserver_refresh(strlist_t users)
1855 {
1856   int rc,count,numdesc,fakev3=0;
1857   KEYDB_SEARCH_DESC *desc;
1858   unsigned int options=opt.keyserver_options.import_options;
1859
1860   /* We switch merge-only on during a refresh, as 'refresh' should
1861      never import new keys, even if their keyids match. */
1862   opt.keyserver_options.import_options|=IMPORT_MERGE_ONLY;
1863
1864   /* Similarly, we switch on fast-import, since refresh may make
1865      multiple import sets (due to preferred keyserver URLs).  We don't
1866      want each set to rebuild the trustdb.  Instead we do it once at
1867      the end here. */
1868   opt.keyserver_options.import_options|=IMPORT_FAST;
1869
1870   /* If refresh_add_fake_v3_keyids is on and it's a HKP or MAILTO
1871      scheme, then enable fake v3 keyid generation. */
1872   if((opt.keyserver_options.options&KEYSERVER_ADD_FAKE_V3) && opt.keyserver
1873      && (ascii_strcasecmp(opt.keyserver->scheme,"hkp")==0 ||
1874          ascii_strcasecmp(opt.keyserver->scheme,"mailto")==0))
1875     fakev3=1;
1876
1877   rc=keyidlist(users,&desc,&numdesc,fakev3);
1878   if(rc)
1879     return rc;
1880
1881   count=numdesc;
1882   if(count>0)
1883     {
1884       int i;
1885
1886       /* Try to handle preferred keyserver keys first */
1887       for(i=0;i<numdesc;i++)
1888         {
1889           if(desc[i].skipfncvalue)
1890             {
1891               struct keyserver_spec *keyserver=desc[i].skipfncvalue;
1892
1893               /* We use the keyserver structure we parsed out before.
1894                  Note that a preferred keyserver without a scheme://
1895                  will be interpreted as hkp:// */
1896
1897               rc=keyserver_work(KS_GET,NULL,&desc[i],1,NULL,NULL,keyserver);
1898               if(rc)
1899                 log_info(_("WARNING: unable to refresh key %s"
1900                            " via %s: %s\n"),keystr_from_desc(&desc[i]),
1901                          keyserver->uri,g10_errstr(rc));
1902               else
1903                 {
1904                   /* We got it, so mark it as NONE so we don't try and
1905                      get it again from the regular keyserver. */
1906
1907                   desc[i].mode=KEYDB_SEARCH_MODE_NONE;
1908                   count--;
1909                 }
1910
1911               free_keyserver_spec(keyserver);
1912             }
1913         }
1914     }
1915
1916   if(count>0)
1917     {
1918       if(opt.keyserver)
1919         {
1920           if(count==1)
1921             log_info(_("refreshing 1 key from %s\n"),opt.keyserver->uri);
1922           else
1923             log_info(_("refreshing %d keys from %s\n"),
1924                      count,opt.keyserver->uri);
1925         }
1926
1927       rc=keyserver_work(KS_GET,NULL,desc,numdesc,NULL,NULL,opt.keyserver);
1928     }
1929
1930   xfree(desc);
1931
1932   opt.keyserver_options.import_options=options;
1933
1934   /* If the original options didn't have fast import, and the trustdb
1935      is dirty, rebuild. */
1936   if(!(opt.keyserver_options.import_options&IMPORT_FAST))
1937     trustdb_check_or_update();
1938
1939   return rc;
1940 }
1941
1942 int
1943 keyserver_search(strlist_t tokens)
1944 {
1945   if(tokens)
1946     return keyserver_work(KS_SEARCH,tokens,NULL,0,NULL,NULL,opt.keyserver);
1947   else
1948     return 0;
1949 }
1950
1951 int
1952 keyserver_fetch(strlist_t urilist)
1953 {
1954   KEYDB_SEARCH_DESC desc;
1955   strlist_t sl;
1956   unsigned int options=opt.keyserver_options.import_options;
1957
1958   /* Switch on fast-import, since fetch can handle more than one
1959      import and we don't want each set to rebuild the trustdb.
1960      Instead we do it once at the end. */
1961   opt.keyserver_options.import_options|=IMPORT_FAST;
1962
1963   /* A dummy desc since we're not actually fetching a particular key
1964      ID */
1965   memset(&desc,0,sizeof(desc));
1966   desc.mode=KEYDB_SEARCH_MODE_EXACT;
1967
1968   for(sl=urilist;sl;sl=sl->next)
1969     {
1970       struct keyserver_spec *spec;
1971
1972       spec=parse_keyserver_uri(sl->d,1,NULL,0);
1973       if(spec)
1974         {
1975           int rc;
1976
1977           rc=keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,spec);
1978           if(rc)
1979             log_info (_("WARNING: unable to fetch URI %s: %s\n"),
1980                      sl->d,g10_errstr(rc));
1981
1982           free_keyserver_spec(spec);
1983         }
1984       else
1985         log_info (_("WARNING: unable to parse URI %s\n"),sl->d);
1986     }
1987
1988   opt.keyserver_options.import_options=options;
1989
1990   /* If the original options didn't have fast import, and the trustdb
1991      is dirty, rebuild. */
1992   if(!(opt.keyserver_options.import_options&IMPORT_FAST))
1993     trustdb_check_or_update();
1994
1995   return 0;
1996 }
1997
1998 /* Import key in a CERT or pointed to by a CERT */
1999 int
2000 keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len)
2001 {
2002   char *domain,*look,*url;
2003   IOBUF key;
2004   int type,rc=G10ERR_GENERAL;
2005
2006   look=xstrdup(name);
2007
2008   domain=strrchr(look,'@');
2009   if(domain)
2010     *domain='.';
2011
2012   type=get_dns_cert(look,max_cert_size,&key,fpr,fpr_len,&url);
2013   if (!type || type == -1)
2014     {
2015       /* There might be an error in res_query which leads to an error
2016          return (-1) in the case that nothing was found.  Thus we take
2017          all errors as key not found.  */
2018       rc = G10ERR_NO_PUBKEY;
2019     }
2020   else if (type==1)
2021     {
2022       int armor_status=opt.no_armor;
2023
2024       /* CERTs are always in binary format */
2025       opt.no_armor=1;
2026
2027       rc=import_keys_stream(key,NULL,fpr,fpr_len,
2028                             opt.keyserver_options.import_options);
2029
2030       opt.no_armor=armor_status;
2031
2032       iobuf_close(key);
2033     }
2034   else if(type==2 && *fpr)
2035     {
2036       /* We only consider the IPGP type if a fingerprint was provided.
2037          This lets us select the right key regardless of what a URL
2038          points to, or get the key from a keyserver. */
2039       if(url)
2040         {
2041           struct keyserver_spec *spec;
2042
2043           spec=parse_keyserver_uri(url,1,NULL,0);
2044           if(spec)
2045             {
2046               rc=keyserver_import_fprint(*fpr,*fpr_len,spec);
2047               free_keyserver_spec(spec);
2048             }
2049         }
2050       else if(opt.keyserver)
2051         {
2052           /* If only a fingerprint is provided, try and fetch it from
2053              our --keyserver */
2054
2055           rc=keyserver_import_fprint(*fpr,*fpr_len,opt.keyserver);
2056         }
2057       else
2058         log_info(_("no keyserver known (use option --keyserver)\n"));
2059
2060       /* Give a better string here? "CERT fingerprint for \"%s\"
2061          found, but no keyserver" " known (use option
2062          --keyserver)\n" ? */
2063
2064       xfree(url);
2065     }
2066
2067   xfree(look);
2068
2069   return rc;
2070 }
2071
2072 /* Import key pointed to by a PKA record. Return the requested
2073    fingerprint in fpr. */
2074 int
2075 keyserver_import_pka(const char *name,unsigned char **fpr,size_t *fpr_len)
2076 {
2077   char *uri;
2078   int rc = G10ERR_NO_PUBKEY;
2079
2080   *fpr = xmalloc (20);
2081   *fpr_len = 20;
2082
2083   uri = get_pka_info (name, *fpr);
2084   if (uri && *uri)
2085     {
2086       /* An URI is available.  Lookup the key. */
2087       struct keyserver_spec *spec;
2088       spec = parse_keyserver_uri (uri, 1, NULL, 0);
2089       if (spec)
2090         {
2091           rc = keyserver_import_fprint (*fpr, 20, spec);
2092           free_keyserver_spec (spec);
2093         }
2094       xfree (uri);
2095     }
2096
2097   if (rc)
2098     {
2099       xfree(*fpr);
2100       *fpr = NULL;
2101     }
2102
2103   return rc;
2104 }
2105
2106 /* Import all keys that match name */
2107 int
2108 keyserver_import_name(const char *name,unsigned char **fpr,size_t *fpr_len,
2109                       struct keyserver_spec *keyserver)
2110 {
2111   strlist_t list=NULL;
2112   int rc;
2113
2114   append_to_strlist(&list,name);
2115
2116   rc=keyserver_work(KS_GETNAME,list,NULL,0,fpr,fpr_len,keyserver);
2117
2118   free_strlist(list);
2119
2120   return rc;
2121 }
2122
2123 /* Use the PGP Universal trick of asking ldap://keys.(maildomain) for
2124    the key. */
2125 int
2126 keyserver_import_ldap(const char *name,unsigned char **fpr,size_t *fpr_len)
2127 {
2128   char *domain;
2129   struct keyserver_spec *keyserver;
2130   strlist_t list=NULL;
2131   int rc;
2132
2133   append_to_strlist(&list,name);
2134
2135   /* Parse out the domain */
2136   domain=strrchr(name,'@');
2137   if(!domain)
2138     return G10ERR_GENERAL;
2139
2140   domain++;
2141
2142   keyserver=xmalloc_clear(sizeof(struct keyserver_spec));
2143
2144   keyserver->scheme=xstrdup("ldap");
2145   keyserver->host=xmalloc(5+strlen(domain)+1);
2146   strcpy(keyserver->host,"keys.");
2147   strcat(keyserver->host,domain);
2148   keyserver->uri=xmalloc(strlen(keyserver->scheme)+
2149                          3+strlen(keyserver->host)+1);
2150   strcpy(keyserver->uri,keyserver->scheme);
2151   strcat(keyserver->uri,"://");
2152   strcat(keyserver->uri,keyserver->host);
2153     
2154   rc=keyserver_work(KS_GETNAME,list,NULL,0,fpr,fpr_len,keyserver);
2155
2156   free_strlist(list);
2157
2158   free_keyserver_spec(keyserver);
2159
2160   return rc;
2161 }