2011-01-10 14:30:17 +01:00
|
|
|
|
/* ks-engine-hkp.c - HKP keyserver engine
|
2012-01-10 16:23:54 +01:00
|
|
|
|
* Copyright (C) 2011, 2012 Free Software Foundation, Inc.
|
2014-03-11 14:26:39 +01:00
|
|
|
|
* Copyright (C) 2011, 2012, 2014 Werner Koch
|
2011-01-10 14:30:17 +01:00
|
|
|
|
*
|
|
|
|
|
* This file is part of GnuPG.
|
|
|
|
|
*
|
|
|
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 3 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* GnuPG is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <assert.h>
|
2011-04-12 16:30:08 +02:00
|
|
|
|
#ifdef HAVE_W32_SYSTEM
|
2014-03-07 09:46:44 +01:00
|
|
|
|
# ifdef HAVE_WINSOCK2_H
|
|
|
|
|
# include <winsock2.h>
|
|
|
|
|
# endif
|
2011-04-12 16:30:08 +02:00
|
|
|
|
# include <windows.h>
|
|
|
|
|
#else /*!HAVE_W32_SYSTEM*/
|
|
|
|
|
# include <sys/types.h>
|
|
|
|
|
# include <sys/socket.h>
|
|
|
|
|
# include <netdb.h>
|
|
|
|
|
#endif /*!HAVE_W32_SYSTEM*/
|
2011-01-10 14:30:17 +01:00
|
|
|
|
|
|
|
|
|
#include "dirmngr.h"
|
|
|
|
|
#include "misc.h"
|
|
|
|
|
#include "userids.h"
|
|
|
|
|
#include "ks-engine.h"
|
|
|
|
|
|
2014-03-11 18:02:29 +01:00
|
|
|
|
/* Substitute a missing Mingw macro. */
|
|
|
|
|
#ifndef EAI_OVERFLOW
|
|
|
|
|
# define EAI_OVERFLOW EAI_FAIL
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
|
2014-03-18 11:07:05 +01:00
|
|
|
|
/* Number of seconds after a host is marked as resurrected. */
|
|
|
|
|
#define RESURRECT_INTERVAL (3600*3) /* 3 hours */
|
|
|
|
|
|
2011-01-10 14:30:17 +01:00
|
|
|
|
/* To match the behaviour of our old gpgkeys helper code we escape
|
|
|
|
|
more characters than actually needed. */
|
|
|
|
|
#define EXTRA_ESCAPE_CHARS "@!\"#$%&'()*+,-./:;<=>?[\\]^_{|}~"
|
|
|
|
|
|
|
|
|
|
/* How many redirections do we allow. */
|
|
|
|
|
#define MAX_REDIRECTS 2
|
|
|
|
|
|
2014-03-12 14:32:34 +01:00
|
|
|
|
/* Number of retries done for a dead host etc. */
|
|
|
|
|
#define SEND_REQUEST_RETRIES 3
|
|
|
|
|
|
2011-04-12 16:30:08 +02:00
|
|
|
|
/* Objects used to maintain information about hosts. */
|
|
|
|
|
struct hostinfo_s;
|
|
|
|
|
typedef struct hostinfo_s *hostinfo_t;
|
|
|
|
|
struct hostinfo_s
|
|
|
|
|
{
|
|
|
|
|
time_t lastfail; /* Time we tried to connect and failed. */
|
|
|
|
|
time_t lastused; /* Time of last use. */
|
|
|
|
|
int *pool; /* A -1 terminated array with indices into
|
|
|
|
|
HOSTTABLE or NULL if NAME is not a pool
|
|
|
|
|
name. */
|
2014-05-16 21:14:03 +02:00
|
|
|
|
int poolidx; /* Index into POOL with the used host. -1 if not set. */
|
2011-04-12 16:30:08 +02:00
|
|
|
|
unsigned int v4:1; /* Host supports AF_INET. */
|
|
|
|
|
unsigned int v6:1; /* Host supports AF_INET6. */
|
|
|
|
|
unsigned int dead:1; /* Host is currently unresponsive. */
|
2014-05-16 21:14:03 +02:00
|
|
|
|
time_t died_at; /* The time the host was marked dead. If this is
|
2014-03-18 11:07:05 +01:00
|
|
|
|
0 the host has been manually marked dead. */
|
2014-05-16 21:14:03 +02:00
|
|
|
|
char *cname; /* Canonical name of the host. Only set if this
|
|
|
|
|
is a pool. */
|
|
|
|
|
char *v4addr; /* A string with the v4 IP address of the host.
|
|
|
|
|
NULL if NAME has a numeric IP address or no v4
|
|
|
|
|
address is available. */
|
|
|
|
|
char *v6addr; /* A string with the v6 IP address of the host.
|
|
|
|
|
NULL if NAME has a numeric IP address or no v4
|
|
|
|
|
address is available. */
|
2011-04-12 16:30:08 +02:00
|
|
|
|
char name[1]; /* The hostname. */
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* An array of hostinfo_t for all hosts requested by the caller or
|
|
|
|
|
resolved from a pool name and its allocated size.*/
|
|
|
|
|
static hostinfo_t *hosttable;
|
|
|
|
|
static int hosttable_size;
|
|
|
|
|
|
|
|
|
|
/* The number of host slots we initally allocate for HOSTTABLE. */
|
|
|
|
|
#define INITIAL_HOSTTABLE_SIZE 10
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Create a new hostinfo object, fill in NAME and put it into
|
|
|
|
|
HOSTTABLE. Return the index into hosttable on success or -1 on
|
|
|
|
|
error. */
|
|
|
|
|
static int
|
|
|
|
|
create_new_hostinfo (const char *name)
|
|
|
|
|
{
|
|
|
|
|
hostinfo_t hi, *newtable;
|
|
|
|
|
int newsize;
|
|
|
|
|
int idx, rc;
|
|
|
|
|
|
|
|
|
|
hi = xtrymalloc (sizeof *hi + strlen (name));
|
|
|
|
|
if (!hi)
|
|
|
|
|
return -1;
|
|
|
|
|
strcpy (hi->name, name);
|
|
|
|
|
hi->pool = NULL;
|
|
|
|
|
hi->poolidx = -1;
|
|
|
|
|
hi->lastused = (time_t)(-1);
|
|
|
|
|
hi->lastfail = (time_t)(-1);
|
|
|
|
|
hi->v4 = 0;
|
|
|
|
|
hi->v6 = 0;
|
2014-03-11 14:26:39 +01:00
|
|
|
|
hi->dead = 0;
|
2014-03-18 11:07:05 +01:00
|
|
|
|
hi->died_at = 0;
|
2014-05-16 21:14:03 +02:00
|
|
|
|
hi->cname = NULL;
|
|
|
|
|
hi->v4addr = NULL;
|
|
|
|
|
hi->v6addr = NULL;
|
2011-04-12 16:30:08 +02:00
|
|
|
|
|
|
|
|
|
/* Add it to the hosttable. */
|
|
|
|
|
for (idx=0; idx < hosttable_size; idx++)
|
|
|
|
|
if (!hosttable[idx])
|
|
|
|
|
{
|
|
|
|
|
hosttable[idx] = hi;
|
|
|
|
|
return idx;
|
|
|
|
|
}
|
|
|
|
|
/* Need to extend the hosttable. */
|
|
|
|
|
newsize = hosttable_size + INITIAL_HOSTTABLE_SIZE;
|
|
|
|
|
newtable = xtryrealloc (hosttable, newsize * sizeof *hosttable);
|
|
|
|
|
if (!newtable)
|
|
|
|
|
{
|
|
|
|
|
xfree (hi);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
hosttable = newtable;
|
|
|
|
|
idx = hosttable_size;
|
|
|
|
|
hosttable_size = newsize;
|
|
|
|
|
rc = idx;
|
|
|
|
|
hosttable[idx++] = hi;
|
|
|
|
|
while (idx < hosttable_size)
|
|
|
|
|
hosttable[idx++] = NULL;
|
|
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Find the host NAME in our table. Return the index into the
|
|
|
|
|
hosttable or -1 if not found. */
|
|
|
|
|
static int
|
|
|
|
|
find_hostinfo (const char *name)
|
|
|
|
|
{
|
|
|
|
|
int idx;
|
|
|
|
|
|
|
|
|
|
for (idx=0; idx < hosttable_size; idx++)
|
|
|
|
|
if (hosttable[idx] && !ascii_strcasecmp (hosttable[idx]->name, name))
|
|
|
|
|
return idx;
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
sort_hostpool (const void *xa, const void *xb)
|
|
|
|
|
{
|
|
|
|
|
int a = *(int *)xa;
|
|
|
|
|
int b = *(int *)xb;
|
|
|
|
|
|
|
|
|
|
assert (a >= 0 && a < hosttable_size);
|
|
|
|
|
assert (b >= 0 && b < hosttable_size);
|
|
|
|
|
assert (hosttable[a]);
|
|
|
|
|
assert (hosttable[b]);
|
|
|
|
|
|
|
|
|
|
return ascii_strcasecmp (hosttable[a]->name, hosttable[b]->name);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2014-03-11 16:19:41 +01:00
|
|
|
|
/* Return true if the host with the hosttable index TBLIDX is in POOL. */
|
|
|
|
|
static int
|
|
|
|
|
host_in_pool_p (int *pool, int tblidx)
|
|
|
|
|
{
|
|
|
|
|
int i, pidx;
|
|
|
|
|
|
|
|
|
|
for (i=0; (pidx = pool[i]) != -1; i++)
|
|
|
|
|
if (pidx == tblidx && hosttable[pidx])
|
|
|
|
|
return 1;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2011-04-12 16:30:08 +02:00
|
|
|
|
/* Select a random host. Consult TABLE which indices into the global
|
|
|
|
|
hosttable. Returns index into TABLE or -1 if no host could be
|
|
|
|
|
selected. */
|
|
|
|
|
static int
|
|
|
|
|
select_random_host (int *table)
|
|
|
|
|
{
|
|
|
|
|
int *tbl;
|
|
|
|
|
size_t tblsize;
|
|
|
|
|
int pidx, idx;
|
|
|
|
|
|
2014-03-11 14:26:39 +01:00
|
|
|
|
/* We create a new table so that we randomly select only from
|
|
|
|
|
currently alive hosts. */
|
2011-04-12 16:30:08 +02:00
|
|
|
|
for (idx=0, tblsize=0; (pidx = table[idx]) != -1; idx++)
|
|
|
|
|
if (hosttable[pidx] && !hosttable[pidx]->dead)
|
|
|
|
|
tblsize++;
|
|
|
|
|
if (!tblsize)
|
|
|
|
|
return -1; /* No hosts. */
|
|
|
|
|
|
|
|
|
|
tbl = xtrymalloc (tblsize * sizeof *tbl);
|
|
|
|
|
if (!tbl)
|
|
|
|
|
return -1;
|
|
|
|
|
for (idx=0, tblsize=0; (pidx = table[idx]) != -1; idx++)
|
|
|
|
|
if (hosttable[pidx] && !hosttable[pidx]->dead)
|
|
|
|
|
tbl[tblsize++] = pidx;
|
|
|
|
|
|
|
|
|
|
if (tblsize == 1) /* Save a get_uint_nonce. */
|
|
|
|
|
pidx = tbl[0];
|
|
|
|
|
else
|
2014-03-11 14:26:39 +01:00
|
|
|
|
pidx = tbl[get_uint_nonce () % tblsize];
|
2011-04-12 16:30:08 +02:00
|
|
|
|
|
|
|
|
|
xfree (tbl);
|
|
|
|
|
return pidx;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2014-03-11 18:02:29 +01:00
|
|
|
|
/* Simplified version of getnameinfo which also returns a numeric
|
|
|
|
|
hostname inside of brackets. The caller should provide a buffer
|
2014-05-16 21:14:03 +02:00
|
|
|
|
for HOST which is 2 bytes larger than the largest hostname. If
|
|
|
|
|
NUMERIC is true the returned value is numeric IP address. Returns
|
|
|
|
|
0 on success or an EAI error code. True is stored at R_ISNUMERIC
|
|
|
|
|
if HOST has a numeric IP address. */
|
2014-03-11 18:02:29 +01:00
|
|
|
|
static int
|
2014-05-16 21:14:03 +02:00
|
|
|
|
my_getnameinfo (struct addrinfo *ai, char *host, size_t hostlen,
|
|
|
|
|
int numeric, int *r_isnumeric)
|
2014-03-11 18:02:29 +01:00
|
|
|
|
{
|
|
|
|
|
int ec;
|
2014-03-14 16:22:54 +01:00
|
|
|
|
char *p;
|
2014-03-11 18:02:29 +01:00
|
|
|
|
|
2014-05-16 21:14:03 +02:00
|
|
|
|
*r_isnumeric = 0;
|
|
|
|
|
|
2014-03-11 18:02:29 +01:00
|
|
|
|
if (hostlen < 5)
|
|
|
|
|
return EAI_OVERFLOW;
|
|
|
|
|
|
2014-05-16 21:14:03 +02:00
|
|
|
|
if (numeric)
|
|
|
|
|
ec = EAI_NONAME;
|
|
|
|
|
else
|
|
|
|
|
ec = getnameinfo (ai->ai_addr, ai->ai_addrlen,
|
|
|
|
|
host, hostlen, NULL, 0, NI_NAMEREQD);
|
|
|
|
|
|
2014-03-11 18:02:29 +01:00
|
|
|
|
if (!ec && *host == '[')
|
|
|
|
|
ec = EAI_FAIL; /* A name may never start with a bracket. */
|
|
|
|
|
else if (ec == EAI_NONAME)
|
|
|
|
|
{
|
2014-03-14 16:22:54 +01:00
|
|
|
|
p = host;
|
|
|
|
|
if (ai->ai_family == AF_INET6)
|
|
|
|
|
{
|
|
|
|
|
*p++ = '[';
|
|
|
|
|
hostlen -= 2;
|
|
|
|
|
}
|
|
|
|
|
ec = getnameinfo (ai->ai_addr, ai->ai_addrlen,
|
|
|
|
|
p, hostlen, NULL, 0, NI_NUMERICHOST);
|
|
|
|
|
if (!ec && ai->ai_family == AF_INET6)
|
2014-03-11 18:02:29 +01:00
|
|
|
|
strcat (host, "]");
|
2014-05-16 21:14:03 +02:00
|
|
|
|
|
|
|
|
|
*r_isnumeric = 1;
|
2014-03-11 18:02:29 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ec;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2014-05-16 21:14:03 +02:00
|
|
|
|
/* Check whether NAME is an IP address. */
|
|
|
|
|
static int
|
|
|
|
|
is_ip_address (const char *name)
|
|
|
|
|
{
|
|
|
|
|
int ndots, n;
|
|
|
|
|
|
|
|
|
|
if (*name == '[')
|
|
|
|
|
return 1;
|
|
|
|
|
/* Check whether it is legacy IP address. */
|
|
|
|
|
if (*name == '.')
|
|
|
|
|
return 0; /* No. */
|
|
|
|
|
ndots = n = 0;
|
|
|
|
|
for (; *name; name++)
|
|
|
|
|
{
|
|
|
|
|
if (*name == '.')
|
|
|
|
|
{
|
|
|
|
|
if (name[1] == '.')
|
|
|
|
|
return 0; /* No. */
|
|
|
|
|
if (atoi (name+1) > 255)
|
|
|
|
|
return 0; /* Value too large. */
|
|
|
|
|
ndots++;
|
|
|
|
|
n = 0;
|
|
|
|
|
}
|
|
|
|
|
else if (!strchr ("012345678", *name))
|
|
|
|
|
return 0; /* Not a digit. */
|
|
|
|
|
else if (++n > 3)
|
|
|
|
|
return 0; /* More than 3 digits. */
|
|
|
|
|
}
|
|
|
|
|
return !!(ndots == 3);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2011-04-12 16:30:08 +02:00
|
|
|
|
/* Map the host name NAME to the actual to be used host name. This
|
|
|
|
|
allows us to manage round robin DNS names. We use our own strategy
|
|
|
|
|
to choose one of the hosts. For example we skip those hosts which
|
|
|
|
|
failed for some time and we stick to one host for a time
|
2014-03-11 14:26:39 +01:00
|
|
|
|
independent of DNS retry times. If FORCE_RESELECT is true a new
|
2014-03-14 17:00:10 +01:00
|
|
|
|
host is always selected. If R_HTTPFLAGS is not NULL if will
|
2014-05-16 21:14:03 +02:00
|
|
|
|
receive flags which are to be passed to http_open. If R_HOST is
|
|
|
|
|
not NULL a malloced name of the pool is stored or NULL if it is not
|
|
|
|
|
a pool. */
|
2011-04-12 16:30:08 +02:00
|
|
|
|
static char *
|
2014-03-14 17:00:10 +01:00
|
|
|
|
map_host (ctrl_t ctrl, const char *name, int force_reselect,
|
2014-05-16 21:14:03 +02:00
|
|
|
|
unsigned int *r_httpflags, char **r_host)
|
2011-04-12 16:30:08 +02:00
|
|
|
|
{
|
|
|
|
|
hostinfo_t hi;
|
|
|
|
|
int idx;
|
|
|
|
|
|
2014-03-14 17:00:10 +01:00
|
|
|
|
if (r_httpflags)
|
|
|
|
|
*r_httpflags = 0;
|
2014-05-16 21:14:03 +02:00
|
|
|
|
if (r_host)
|
|
|
|
|
*r_host = NULL;
|
2014-03-14 17:00:10 +01:00
|
|
|
|
|
2011-04-12 16:30:08 +02:00
|
|
|
|
/* No hostname means localhost. */
|
|
|
|
|
if (!name || !*name)
|
|
|
|
|
return xtrystrdup ("localhost");
|
|
|
|
|
|
|
|
|
|
/* See whether the host is in our table. */
|
|
|
|
|
idx = find_hostinfo (name);
|
|
|
|
|
if (idx == -1)
|
|
|
|
|
{
|
|
|
|
|
/* We never saw this host. Allocate a new entry. */
|
|
|
|
|
struct addrinfo hints, *aibuf, *ai;
|
|
|
|
|
int *reftbl;
|
|
|
|
|
size_t reftblsize;
|
|
|
|
|
int refidx;
|
2014-05-16 21:14:03 +02:00
|
|
|
|
int is_pool = 0;
|
2011-04-12 16:30:08 +02:00
|
|
|
|
|
|
|
|
|
reftblsize = 100;
|
2011-11-24 15:48:24 +01:00
|
|
|
|
reftbl = xtrymalloc (reftblsize * sizeof *reftbl);
|
2011-04-12 16:30:08 +02:00
|
|
|
|
if (!reftbl)
|
|
|
|
|
return NULL;
|
|
|
|
|
refidx = 0;
|
|
|
|
|
|
|
|
|
|
idx = create_new_hostinfo (name);
|
|
|
|
|
if (idx == -1)
|
|
|
|
|
{
|
|
|
|
|
xfree (reftbl);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
hi = hosttable[idx];
|
|
|
|
|
|
|
|
|
|
/* Find all A records for this entry and put them into the pool
|
|
|
|
|
list - if any. */
|
|
|
|
|
memset (&hints, 0, sizeof (hints));
|
2014-05-16 21:14:03 +02:00
|
|
|
|
hints.ai_family = AF_UNSPEC;
|
2011-04-12 16:30:08 +02:00
|
|
|
|
hints.ai_socktype = SOCK_STREAM;
|
2014-05-16 21:14:03 +02:00
|
|
|
|
hints.ai_flags = AI_CANONNAME;
|
|
|
|
|
/* We can't use the the AI_IDN flag because that does the
|
|
|
|
|
conversion using the current locale. However, GnuPG always
|
|
|
|
|
used UTF-8. To support IDN we would need to make use of the
|
|
|
|
|
libidn API. */
|
2011-04-12 16:30:08 +02:00
|
|
|
|
if (!getaddrinfo (name, NULL, &hints, &aibuf))
|
|
|
|
|
{
|
2014-05-16 21:14:03 +02:00
|
|
|
|
int n_v6, n_v4;
|
|
|
|
|
|
|
|
|
|
/* First figure out whether this is a pool. For a pool we
|
|
|
|
|
use a different strategy than for a plains erver: We use
|
|
|
|
|
the canonical name of the pool as the virtual host along
|
|
|
|
|
with the IP addresses. If it is not a pool, we use the
|
|
|
|
|
specified name. */
|
|
|
|
|
n_v6 = n_v4 = 0;
|
2011-04-12 16:30:08 +02:00
|
|
|
|
for (ai = aibuf; ai; ai = ai->ai_next)
|
|
|
|
|
{
|
2014-05-16 21:14:03 +02:00
|
|
|
|
if (ai->ai_family != AF_INET6)
|
|
|
|
|
n_v6++;
|
|
|
|
|
else if (ai->ai_family != AF_INET)
|
|
|
|
|
n_v4++;
|
|
|
|
|
}
|
|
|
|
|
if (n_v6 > 1 || n_v4 > 1)
|
|
|
|
|
is_pool = 1;
|
|
|
|
|
if (is_pool && aibuf->ai_canonname)
|
|
|
|
|
hi->cname = xtrystrdup (aibuf->ai_canonname);
|
|
|
|
|
|
|
|
|
|
for (ai = aibuf; ai; ai = ai->ai_next)
|
|
|
|
|
{
|
|
|
|
|
char tmphost[NI_MAXHOST + 2];
|
2011-04-12 16:30:08 +02:00
|
|
|
|
int tmpidx;
|
2014-05-16 21:14:03 +02:00
|
|
|
|
int is_numeric;
|
2011-04-12 16:30:08 +02:00
|
|
|
|
int ec;
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
|
|
|
|
|
continue;
|
|
|
|
|
|
2014-03-12 14:32:34 +01:00
|
|
|
|
dirmngr_tick (ctrl);
|
2014-05-16 21:14:03 +02:00
|
|
|
|
|
|
|
|
|
if (!is_pool && !is_ip_address (name))
|
|
|
|
|
{
|
|
|
|
|
/* This is a hostname but not a pool. Use the name
|
|
|
|
|
as given without going through getnameinfo. */
|
|
|
|
|
if (strlen (name)+1 > sizeof tmphost)
|
|
|
|
|
{
|
|
|
|
|
ec = EAI_SYSTEM;
|
|
|
|
|
gpg_err_set_errno (EINVAL);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
ec = 0;
|
|
|
|
|
strcpy (tmphost, name);
|
|
|
|
|
}
|
|
|
|
|
is_numeric = 0;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
ec = my_getnameinfo (ai, tmphost, sizeof tmphost,
|
|
|
|
|
0, &is_numeric);
|
|
|
|
|
|
|
|
|
|
if (ec)
|
2014-03-11 14:26:39 +01:00
|
|
|
|
{
|
|
|
|
|
log_info ("getnameinfo failed while checking '%s': %s\n",
|
|
|
|
|
name, gai_strerror (ec));
|
|
|
|
|
}
|
2011-04-12 16:30:08 +02:00
|
|
|
|
else if (refidx+1 >= reftblsize)
|
|
|
|
|
{
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error ("getnameinfo returned for '%s': '%s'"
|
2011-04-12 16:30:08 +02:00
|
|
|
|
" [index table full - ignored]\n", name, tmphost);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2014-05-16 21:14:03 +02:00
|
|
|
|
tmpidx = find_hostinfo (tmphost);
|
|
|
|
|
log_info ("getnameinfo returned for '%s': '%s'%s\n",
|
|
|
|
|
name, tmphost,
|
|
|
|
|
tmpidx == -1? "" : " [already known]");
|
|
|
|
|
|
|
|
|
|
if (tmpidx == -1) /* Create a new entry. */
|
|
|
|
|
tmpidx = create_new_hostinfo (tmphost);
|
2011-04-12 16:30:08 +02:00
|
|
|
|
|
2014-05-16 21:14:03 +02:00
|
|
|
|
if (tmpidx == -1)
|
|
|
|
|
{
|
|
|
|
|
log_error ("map_host for '%s' problem: %s - '%s'"
|
|
|
|
|
" [ignored]\n",
|
|
|
|
|
name, strerror (errno), tmphost);
|
|
|
|
|
}
|
|
|
|
|
else /* Set or update the entry. */
|
2011-04-12 16:30:08 +02:00
|
|
|
|
{
|
2014-05-16 21:14:03 +02:00
|
|
|
|
char *ipaddr = NULL;
|
|
|
|
|
|
|
|
|
|
if (!is_numeric)
|
|
|
|
|
{
|
|
|
|
|
ec = my_getnameinfo (ai, tmphost, sizeof tmphost,
|
|
|
|
|
1, &is_numeric);
|
|
|
|
|
if (!ec && !(ipaddr = xtrystrdup (tmphost)))
|
|
|
|
|
ec = EAI_SYSTEM;
|
|
|
|
|
if (ec)
|
|
|
|
|
log_info ("getnameinfo failed: %s\n",
|
|
|
|
|
gai_strerror (ec));
|
|
|
|
|
}
|
|
|
|
|
|
2011-04-12 16:30:08 +02:00
|
|
|
|
if (ai->ai_family == AF_INET6)
|
2014-05-16 21:14:03 +02:00
|
|
|
|
{
|
|
|
|
|
hosttable[tmpidx]->v6 = 1;
|
|
|
|
|
xfree (hosttable[tmpidx]->v6addr);
|
|
|
|
|
hosttable[tmpidx]->v6addr = ipaddr;
|
|
|
|
|
}
|
|
|
|
|
else if (ai->ai_family == AF_INET)
|
|
|
|
|
{
|
|
|
|
|
hosttable[tmpidx]->v4 = 1;
|
|
|
|
|
xfree (hosttable[tmpidx]->v4addr);
|
|
|
|
|
hosttable[tmpidx]->v4addr = ipaddr;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
BUG ();
|
2011-04-12 16:30:08 +02:00
|
|
|
|
|
|
|
|
|
for (i=0; i < refidx; i++)
|
|
|
|
|
if (reftbl[i] == tmpidx)
|
2014-03-11 14:26:39 +01:00
|
|
|
|
break;
|
2011-04-12 16:30:08 +02:00
|
|
|
|
if (!(i < refidx) && tmpidx != idx)
|
|
|
|
|
reftbl[refidx++] = tmpidx;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-05-16 21:14:03 +02:00
|
|
|
|
freeaddrinfo (aibuf);
|
2011-04-12 16:30:08 +02:00
|
|
|
|
}
|
|
|
|
|
reftbl[refidx] = -1;
|
2014-05-16 21:14:03 +02:00
|
|
|
|
if (refidx && is_pool)
|
2011-04-12 16:30:08 +02:00
|
|
|
|
{
|
|
|
|
|
assert (!hi->pool);
|
|
|
|
|
hi->pool = xtryrealloc (reftbl, (refidx+1) * sizeof *reftbl);
|
|
|
|
|
if (!hi->pool)
|
|
|
|
|
{
|
|
|
|
|
log_error ("shrinking index table in map_host failed: %s\n",
|
|
|
|
|
strerror (errno));
|
|
|
|
|
xfree (reftbl);
|
|
|
|
|
}
|
|
|
|
|
qsort (reftbl, refidx, sizeof *reftbl, sort_hostpool);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
xfree (reftbl);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
hi = hosttable[idx];
|
|
|
|
|
if (hi->pool)
|
|
|
|
|
{
|
|
|
|
|
/* If the currently selected host is now marked dead, force a
|
|
|
|
|
re-selection . */
|
2014-03-11 14:26:39 +01:00
|
|
|
|
if (force_reselect)
|
|
|
|
|
hi->poolidx = -1;
|
|
|
|
|
else if (hi->poolidx >= 0 && hi->poolidx < hosttable_size
|
|
|
|
|
&& hosttable[hi->poolidx] && hosttable[hi->poolidx]->dead)
|
2011-04-12 16:30:08 +02:00
|
|
|
|
hi->poolidx = -1;
|
|
|
|
|
|
|
|
|
|
/* Select a host if needed. */
|
|
|
|
|
if (hi->poolidx == -1)
|
|
|
|
|
{
|
|
|
|
|
hi->poolidx = select_random_host (hi->pool);
|
|
|
|
|
if (hi->poolidx == -1)
|
|
|
|
|
{
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error ("no alive host found in pool '%s'\n", name);
|
2011-04-12 16:30:08 +02:00
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
assert (hi->poolidx >= 0 && hi->poolidx < hosttable_size);
|
|
|
|
|
hi = hosttable[hi->poolidx];
|
|
|
|
|
assert (hi);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (hi->dead)
|
|
|
|
|
{
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error ("host '%s' marked as dead\n", hi->name);
|
2011-04-12 16:30:08 +02:00
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-14 17:00:10 +01:00
|
|
|
|
if (r_httpflags)
|
|
|
|
|
{
|
|
|
|
|
/* If the hosttable does not indicate that a certain host
|
|
|
|
|
supports IPv<N>, we explicit set the corresponding http
|
|
|
|
|
flags. The reason for this is that a host might be listed in
|
|
|
|
|
a pool as not v6 only but actually support v6 when later
|
2014-05-16 21:14:03 +02:00
|
|
|
|
the name is resolved by our http layer. */
|
2014-03-14 17:00:10 +01:00
|
|
|
|
if (!hi->v4)
|
|
|
|
|
*r_httpflags |= HTTP_FLAG_IGNORE_IPv4;
|
|
|
|
|
if (!hi->v6)
|
|
|
|
|
*r_httpflags |= HTTP_FLAG_IGNORE_IPv6;
|
|
|
|
|
}
|
2014-05-16 21:14:03 +02:00
|
|
|
|
|
|
|
|
|
if (r_host && hi->pool && hi->cname)
|
|
|
|
|
*r_host = xtrystrdup (hi->cname);
|
|
|
|
|
|
2011-04-12 16:30:08 +02:00
|
|
|
|
return xtrystrdup (hi->name);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2014-03-12 14:32:34 +01:00
|
|
|
|
/* Mark the host NAME as dead. NAME may be given as an URL. Returns
|
|
|
|
|
true if a host was really marked as dead or was already marked dead
|
|
|
|
|
(e.g. by a concurrent session). */
|
|
|
|
|
static int
|
2011-04-12 16:30:08 +02:00
|
|
|
|
mark_host_dead (const char *name)
|
|
|
|
|
{
|
2014-03-12 14:32:34 +01:00
|
|
|
|
const char *host;
|
|
|
|
|
char *host_buffer = NULL;
|
|
|
|
|
parsed_uri_t parsed_uri = NULL;
|
|
|
|
|
int done = 0;
|
2011-04-12 16:30:08 +02:00
|
|
|
|
|
2014-03-12 14:32:34 +01:00
|
|
|
|
if (name && *name && !http_parse_uri (&parsed_uri, name, 1))
|
|
|
|
|
{
|
|
|
|
|
if (parsed_uri->v6lit)
|
|
|
|
|
{
|
|
|
|
|
host_buffer = strconcat ("[", parsed_uri->host, "]", NULL);
|
|
|
|
|
if (!host_buffer)
|
|
|
|
|
log_error ("out of core in mark_host_dead");
|
|
|
|
|
host = host_buffer;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
host = parsed_uri->host;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
host = name;
|
2011-04-12 16:30:08 +02:00
|
|
|
|
|
2014-03-12 14:32:34 +01:00
|
|
|
|
if (host && *host && strcmp (host, "localhost"))
|
|
|
|
|
{
|
|
|
|
|
hostinfo_t hi;
|
|
|
|
|
int idx;
|
|
|
|
|
|
|
|
|
|
idx = find_hostinfo (host);
|
|
|
|
|
if (idx != -1)
|
|
|
|
|
{
|
|
|
|
|
hi = hosttable[idx];
|
|
|
|
|
log_info ("marking host '%s' as dead%s\n",
|
|
|
|
|
hi->name, hi->dead? " (again)":"");
|
|
|
|
|
hi->dead = 1;
|
2014-03-18 11:07:05 +01:00
|
|
|
|
hi->died_at = gnupg_get_time ();
|
|
|
|
|
if (!hi->died_at)
|
|
|
|
|
hi->died_at = 1;
|
2014-03-12 14:32:34 +01:00
|
|
|
|
done = 1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
http_release_parsed_uri (parsed_uri);
|
|
|
|
|
xfree (host_buffer);
|
|
|
|
|
return done;
|
2011-04-12 16:30:08 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2014-03-11 16:19:41 +01:00
|
|
|
|
/* Mark a host in the hosttable as dead or - if ALIVE is true - as
|
2014-03-14 16:12:54 +01:00
|
|
|
|
alive. */
|
2014-03-11 16:19:41 +01:00
|
|
|
|
gpg_error_t
|
|
|
|
|
ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive)
|
|
|
|
|
{
|
|
|
|
|
gpg_error_t err = 0;
|
|
|
|
|
hostinfo_t hi, hi2;
|
|
|
|
|
int idx, idx2, idx3, n;
|
|
|
|
|
|
|
|
|
|
if (!name || !*name || !strcmp (name, "localhost"))
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
idx = find_hostinfo (name);
|
|
|
|
|
if (idx == -1)
|
|
|
|
|
return gpg_error (GPG_ERR_NOT_FOUND);
|
|
|
|
|
|
|
|
|
|
hi = hosttable[idx];
|
|
|
|
|
if (alive && hi->dead)
|
|
|
|
|
{
|
|
|
|
|
hi->dead = 0;
|
|
|
|
|
err = ks_printf_help (ctrl, "marking '%s' as alive", name);
|
|
|
|
|
}
|
|
|
|
|
else if (!alive && !hi->dead)
|
|
|
|
|
{
|
|
|
|
|
hi->dead = 1;
|
2014-03-18 11:07:05 +01:00
|
|
|
|
hi->died_at = 0; /* Manually set dead. */
|
2014-03-11 16:19:41 +01:00
|
|
|
|
err = ks_printf_help (ctrl, "marking '%s' as dead", name);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* If the host is a pool mark all member hosts. */
|
|
|
|
|
if (!err && hi->pool)
|
|
|
|
|
{
|
|
|
|
|
for (idx2=0; !err && (n=hi->pool[idx2]) != -1; idx2++)
|
|
|
|
|
{
|
|
|
|
|
assert (n >= 0 && n < hosttable_size);
|
|
|
|
|
|
|
|
|
|
if (!alive)
|
|
|
|
|
{
|
|
|
|
|
/* Do not mark a host from a pool dead if it is also a
|
|
|
|
|
member in another pool. */
|
|
|
|
|
for (idx3=0; idx3 < hosttable_size; idx3++)
|
|
|
|
|
{
|
|
|
|
|
if (hosttable[idx3] && hosttable[idx3]
|
|
|
|
|
&& hosttable[idx3]->pool
|
|
|
|
|
&& idx3 != idx
|
|
|
|
|
&& host_in_pool_p (hosttable[idx3]->pool, n))
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if (idx3 < hosttable_size)
|
|
|
|
|
continue; /* Host is also a member of another pool. */
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
hi2 = hosttable[n];
|
|
|
|
|
if (!hi2)
|
|
|
|
|
;
|
|
|
|
|
else if (alive && hi2->dead)
|
|
|
|
|
{
|
|
|
|
|
hi2->dead = 0;
|
|
|
|
|
err = ks_printf_help (ctrl, "marking '%s' as alive",
|
|
|
|
|
hi2->name);
|
|
|
|
|
}
|
|
|
|
|
else if (!alive && !hi2->dead)
|
|
|
|
|
{
|
|
|
|
|
hi2->dead = 1;
|
2014-03-18 11:07:05 +01:00
|
|
|
|
hi2->died_at = 0; /* Manually set dead. */
|
2014-03-11 16:19:41 +01:00
|
|
|
|
err = ks_printf_help (ctrl, "marking '%s' as dead",
|
|
|
|
|
hi2->name);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2011-04-12 16:30:08 +02:00
|
|
|
|
/* Debug function to print the entire hosttable. */
|
2014-03-11 14:26:39 +01:00
|
|
|
|
gpg_error_t
|
|
|
|
|
ks_hkp_print_hosttable (ctrl_t ctrl)
|
2011-04-12 16:30:08 +02:00
|
|
|
|
{
|
2014-03-11 14:26:39 +01:00
|
|
|
|
gpg_error_t err;
|
2011-04-12 16:30:08 +02:00
|
|
|
|
int idx, idx2;
|
|
|
|
|
hostinfo_t hi;
|
2014-03-11 14:26:39 +01:00
|
|
|
|
membuf_t mb;
|
2014-03-18 11:07:05 +01:00
|
|
|
|
time_t curtime;
|
|
|
|
|
char *p, *died;
|
|
|
|
|
const char *diedstr;
|
2014-03-11 14:26:39 +01:00
|
|
|
|
|
2014-05-16 21:14:03 +02:00
|
|
|
|
err = ks_print_help (ctrl, "hosttable (idx, ipv6, ipv4, dead, name, time):");
|
2014-03-11 14:26:39 +01:00
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
2011-04-12 16:30:08 +02:00
|
|
|
|
|
2014-03-18 11:07:05 +01:00
|
|
|
|
curtime = gnupg_get_time ();
|
2011-04-12 16:30:08 +02:00
|
|
|
|
for (idx=0; idx < hosttable_size; idx++)
|
|
|
|
|
if ((hi=hosttable[idx]))
|
|
|
|
|
{
|
2014-03-18 11:07:05 +01:00
|
|
|
|
if (hi->dead && hi->died_at)
|
|
|
|
|
{
|
|
|
|
|
died = elapsed_time_string (hi->died_at, curtime);
|
|
|
|
|
diedstr = died? died : "error";
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
diedstr = died = NULL;
|
2014-05-16 21:14:03 +02:00
|
|
|
|
err = ks_printf_help (ctrl, "%3d %s %s %s %s%s%s%s%s%s%s%s\n",
|
|
|
|
|
idx, hi->v6? "6":" ", hi->v4? "4":" ",
|
|
|
|
|
hi->dead? "d":" ",
|
|
|
|
|
hi->name,
|
|
|
|
|
hi->v6addr? " v6=":"",
|
|
|
|
|
hi->v6addr? hi->v6addr:"",
|
|
|
|
|
hi->v4addr? " v4=":"",
|
|
|
|
|
hi->v4addr? hi->v4addr:"",
|
2014-03-18 11:07:05 +01:00
|
|
|
|
diedstr? " (":"",
|
|
|
|
|
diedstr? diedstr:"",
|
|
|
|
|
diedstr? ")":"" );
|
|
|
|
|
xfree (died);
|
2014-05-16 21:14:03 +02:00
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
2014-03-18 11:07:05 +01:00
|
|
|
|
|
2014-05-16 21:14:03 +02:00
|
|
|
|
if (hi->cname)
|
|
|
|
|
err = ks_printf_help (ctrl, " . %s", hi->cname);
|
2014-03-11 14:26:39 +01:00
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
2014-05-16 21:14:03 +02:00
|
|
|
|
|
2011-04-12 16:30:08 +02:00
|
|
|
|
if (hi->pool)
|
|
|
|
|
{
|
2014-03-11 14:26:39 +01:00
|
|
|
|
init_membuf (&mb, 256);
|
|
|
|
|
put_membuf_printf (&mb, " . -->");
|
2011-04-12 16:30:08 +02:00
|
|
|
|
for (idx2=0; hi->pool[idx2] != -1; idx2++)
|
|
|
|
|
{
|
2014-03-11 14:26:39 +01:00
|
|
|
|
put_membuf_printf (&mb, " %d", hi->pool[idx2]);
|
|
|
|
|
if (hi->poolidx == hi->pool[idx2])
|
|
|
|
|
put_membuf_printf (&mb, "*");
|
2011-04-12 16:30:08 +02:00
|
|
|
|
}
|
2014-03-11 14:26:39 +01:00
|
|
|
|
put_membuf( &mb, "", 1);
|
|
|
|
|
p = get_membuf (&mb, NULL);
|
|
|
|
|
if (!p)
|
|
|
|
|
return gpg_error_from_syserror ();
|
|
|
|
|
err = ks_print_help (ctrl, p);
|
|
|
|
|
xfree (p);
|
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
2011-04-12 16:30:08 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
2014-03-11 14:26:39 +01:00
|
|
|
|
return 0;
|
2011-04-12 16:30:08 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2011-02-09 17:48:00 +01:00
|
|
|
|
/* Print a help output for the schemata supported by this module. */
|
|
|
|
|
gpg_error_t
|
|
|
|
|
ks_hkp_help (ctrl_t ctrl, parsed_uri_t uri)
|
|
|
|
|
{
|
|
|
|
|
const char const data[] =
|
|
|
|
|
"Handler for HKP URLs:\n"
|
|
|
|
|
" hkp://\n"
|
2014-05-05 16:09:45 +02:00
|
|
|
|
" hkps://\n"
|
2011-02-09 17:48:00 +01:00
|
|
|
|
"Supported methods: search, get, put\n";
|
|
|
|
|
gpg_error_t err;
|
|
|
|
|
|
|
|
|
|
if (!uri)
|
2014-05-05 16:09:45 +02:00
|
|
|
|
err = ks_print_help (ctrl, " hkp\n hkps");
|
|
|
|
|
else if (uri->is_http && (!strcmp (uri->scheme, "hkp")
|
|
|
|
|
|| !strcmp (uri->scheme, "hkps")))
|
2011-02-09 17:48:00 +01:00
|
|
|
|
err = ks_print_help (ctrl, data);
|
|
|
|
|
else
|
|
|
|
|
err = 0;
|
|
|
|
|
|
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-10 14:30:17 +01:00
|
|
|
|
|
2014-05-16 21:14:03 +02:00
|
|
|
|
/* Build the remote part of the URL from SCHEME, HOST and an optional
|
2011-04-12 16:30:08 +02:00
|
|
|
|
PORT. Returns an allocated string or NULL on failure and sets
|
2014-05-16 21:14:03 +02:00
|
|
|
|
ERRNO. If R_HTTPHOST is not NULL it receive a mallcoed string with
|
|
|
|
|
the poolname. */
|
2011-04-12 16:30:08 +02:00
|
|
|
|
static char *
|
2014-03-12 14:32:34 +01:00
|
|
|
|
make_host_part (ctrl_t ctrl,
|
|
|
|
|
const char *scheme, const char *host, unsigned short port,
|
2014-05-16 21:14:03 +02:00
|
|
|
|
int force_reselect,
|
|
|
|
|
unsigned int *r_httpflags, char **r_httphost)
|
2011-04-12 16:30:08 +02:00
|
|
|
|
{
|
|
|
|
|
char portstr[10];
|
|
|
|
|
char *hostname;
|
|
|
|
|
char *hostport;
|
|
|
|
|
|
|
|
|
|
/* Map scheme and port. */
|
|
|
|
|
if (!strcmp (scheme, "hkps") || !strcmp (scheme,"https"))
|
|
|
|
|
{
|
|
|
|
|
scheme = "https";
|
|
|
|
|
strcpy (portstr, "443");
|
|
|
|
|
}
|
|
|
|
|
else /* HKP or HTTP. */
|
|
|
|
|
{
|
|
|
|
|
scheme = "http";
|
|
|
|
|
strcpy (portstr, "11371");
|
|
|
|
|
}
|
|
|
|
|
if (port)
|
|
|
|
|
snprintf (portstr, sizeof portstr, "%hu", port);
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/*fixme_do_srv_lookup ()*/
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-16 21:14:03 +02:00
|
|
|
|
hostname = map_host (ctrl, host, force_reselect, r_httpflags, r_httphost);
|
2011-04-12 16:30:08 +02:00
|
|
|
|
if (!hostname)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
hostport = strconcat (scheme, "://", hostname, ":", portstr, NULL);
|
|
|
|
|
xfree (hostname);
|
|
|
|
|
return hostport;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2014-03-11 14:26:39 +01:00
|
|
|
|
/* Resolve all known keyserver names and update the hosttable. This
|
|
|
|
|
is mainly useful for debugging because the resolving is anyway done
|
|
|
|
|
on demand. */
|
|
|
|
|
gpg_error_t
|
|
|
|
|
ks_hkp_resolve (ctrl_t ctrl, parsed_uri_t uri)
|
|
|
|
|
{
|
|
|
|
|
gpg_error_t err;
|
|
|
|
|
char *hostport = NULL;
|
|
|
|
|
|
2014-05-16 21:14:03 +02:00
|
|
|
|
hostport = make_host_part (ctrl, uri->scheme, uri->host, uri->port, 1,
|
|
|
|
|
NULL, NULL);
|
2014-03-11 14:26:39 +01:00
|
|
|
|
if (!hostport)
|
|
|
|
|
{
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
err = ks_printf_help (ctrl, "%s://%s:%hu: resolve failed: %s",
|
|
|
|
|
uri->scheme, uri->host, uri->port,
|
|
|
|
|
gpg_strerror (err));
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
err = ks_printf_help (ctrl, "%s", hostport);
|
|
|
|
|
xfree (hostport);
|
|
|
|
|
}
|
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2014-03-18 11:07:05 +01:00
|
|
|
|
/* Housekeeping function called from the housekeeping thread. It is
|
|
|
|
|
used to mark dead hosts alive so that they may be tried again after
|
|
|
|
|
some time. */
|
|
|
|
|
void
|
|
|
|
|
ks_hkp_housekeeping (time_t curtime)
|
|
|
|
|
{
|
|
|
|
|
int idx;
|
|
|
|
|
hostinfo_t hi;
|
|
|
|
|
|
|
|
|
|
for (idx=0; idx < hosttable_size; idx++)
|
|
|
|
|
{
|
|
|
|
|
hi = hosttable[idx];
|
|
|
|
|
if (!hi)
|
|
|
|
|
continue;
|
|
|
|
|
if (!hi->dead)
|
|
|
|
|
continue;
|
|
|
|
|
if (!hi->died_at)
|
|
|
|
|
continue; /* Do not resurrect manually shot hosts. */
|
|
|
|
|
if (hi->died_at + RESURRECT_INTERVAL <= curtime
|
|
|
|
|
|| hi->died_at > curtime)
|
|
|
|
|
{
|
|
|
|
|
hi->dead = 0;
|
|
|
|
|
log_info ("resurrected host '%s'", hi->name);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2014-05-19 09:48:42 +02:00
|
|
|
|
/* Callback to print infos about the TLS certificates. */
|
|
|
|
|
static void
|
|
|
|
|
cert_log_cb (http_session_t sess, gpg_error_t err,
|
|
|
|
|
const char *hostname, const void **certs, size_t *certlens)
|
|
|
|
|
{
|
|
|
|
|
ksba_cert_t cert;
|
|
|
|
|
size_t n;
|
|
|
|
|
|
|
|
|
|
(void)sess;
|
|
|
|
|
|
|
|
|
|
if (!err)
|
|
|
|
|
return; /* No error - no need to log anything */
|
|
|
|
|
|
|
|
|
|
log_debug ("expected hostname: %s\n", hostname);
|
|
|
|
|
for (n=0; certs[n]; n++)
|
|
|
|
|
{
|
|
|
|
|
err = ksba_cert_new (&cert);
|
|
|
|
|
if (!err)
|
|
|
|
|
err = ksba_cert_init_from_mem (cert, certs[n], certlens[n]);
|
|
|
|
|
if (err)
|
|
|
|
|
log_error ("error parsing cert for logging: %s\n", gpg_strerror (err));
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
char textbuf[20];
|
|
|
|
|
snprintf (textbuf, sizeof textbuf, "server[%u]", (unsigned int)n);
|
|
|
|
|
dump_cert (textbuf, cert);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ksba_cert_release (cert);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2011-01-18 12:51:16 +01:00
|
|
|
|
/* Send an HTTP request. On success returns an estream object at
|
2014-05-16 21:14:03 +02:00
|
|
|
|
R_FP. HOSTPORTSTR is only used for diagnostics. If HTTPHOST is
|
|
|
|
|
not NULL it will be used as HTTP "Host" header. If POST_CB is not
|
2011-01-20 14:12:53 +01:00
|
|
|
|
NULL a post request is used and that callback is called to allow
|
|
|
|
|
writing the post data. */
|
2011-01-18 12:51:16 +01:00
|
|
|
|
static gpg_error_t
|
|
|
|
|
send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
|
2014-05-16 21:14:03 +02:00
|
|
|
|
const char *httphost, unsigned int httpflags,
|
2011-01-20 14:12:53 +01:00
|
|
|
|
gpg_error_t (*post_cb)(void *, http_t), void *post_cb_value,
|
2011-01-18 12:51:16 +01:00
|
|
|
|
estream_t *r_fp)
|
|
|
|
|
{
|
|
|
|
|
gpg_error_t err;
|
2014-05-05 16:09:45 +02:00
|
|
|
|
http_session_t session = NULL;
|
2011-01-18 12:51:16 +01:00
|
|
|
|
http_t http = NULL;
|
|
|
|
|
int redirects_left = MAX_REDIRECTS;
|
|
|
|
|
estream_t fp = NULL;
|
|
|
|
|
char *request_buffer = NULL;
|
|
|
|
|
|
|
|
|
|
*r_fp = NULL;
|
2011-11-24 15:48:24 +01:00
|
|
|
|
|
2014-05-05 16:09:45 +02:00
|
|
|
|
err = http_session_new (&session, NULL);
|
|
|
|
|
if (err)
|
|
|
|
|
goto leave;
|
2014-05-19 09:48:42 +02:00
|
|
|
|
http_session_set_log_cb (session, cert_log_cb);
|
2014-05-05 16:09:45 +02:00
|
|
|
|
|
2011-01-18 12:51:16 +01:00
|
|
|
|
once_more:
|
2011-01-20 14:12:53 +01:00
|
|
|
|
err = http_open (&http,
|
|
|
|
|
post_cb? HTTP_REQ_POST : HTTP_REQ_GET,
|
|
|
|
|
request,
|
2014-05-16 21:14:03 +02:00
|
|
|
|
httphost,
|
2011-01-18 12:51:16 +01:00
|
|
|
|
/* fixme: AUTH */ NULL,
|
2014-03-14 17:00:10 +01:00
|
|
|
|
httpflags,
|
2011-01-18 12:51:16 +01:00
|
|
|
|
/* fixme: proxy*/ NULL,
|
2014-05-05 16:09:45 +02:00
|
|
|
|
session,
|
|
|
|
|
NULL,
|
2011-01-18 12:51:16 +01:00
|
|
|
|
/*FIXME curl->srvtag*/NULL);
|
|
|
|
|
if (!err)
|
|
|
|
|
{
|
|
|
|
|
fp = http_get_write_ptr (http);
|
|
|
|
|
/* Avoid caches to get the most recent copy of the key. We set
|
|
|
|
|
both the Pragma and Cache-Control versions of the header, so
|
|
|
|
|
we're good with both HTTP 1.0 and 1.1. */
|
|
|
|
|
es_fputs ("Pragma: no-cache\r\n"
|
|
|
|
|
"Cache-Control: no-cache\r\n", fp);
|
2011-01-20 14:12:53 +01:00
|
|
|
|
if (post_cb)
|
|
|
|
|
err = post_cb (post_cb_value, http);
|
|
|
|
|
if (!err)
|
|
|
|
|
{
|
|
|
|
|
http_start_data (http);
|
|
|
|
|
if (es_ferror (fp))
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
}
|
2011-01-18 12:51:16 +01:00
|
|
|
|
}
|
|
|
|
|
if (err)
|
|
|
|
|
{
|
|
|
|
|
/* Fixme: After a redirection we show the old host name. */
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error (_("error connecting to '%s': %s\n"),
|
2011-01-18 12:51:16 +01:00
|
|
|
|
hostportstr, gpg_strerror (err));
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Wait for the response. */
|
|
|
|
|
dirmngr_tick (ctrl);
|
|
|
|
|
err = http_wait_response (http);
|
|
|
|
|
if (err)
|
|
|
|
|
{
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error (_("error reading HTTP response for '%s': %s\n"),
|
2011-01-18 12:51:16 +01:00
|
|
|
|
hostportstr, gpg_strerror (err));
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-05 16:09:45 +02:00
|
|
|
|
if (http_get_tls_info (http, NULL))
|
|
|
|
|
{
|
|
|
|
|
/* Update the httpflags so that a redirect won't fallback to an
|
|
|
|
|
unencrypted connection. */
|
|
|
|
|
httpflags |= HTTP_FLAG_FORCE_TLS;
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-18 12:51:16 +01:00
|
|
|
|
switch (http_get_status_code (http))
|
|
|
|
|
{
|
|
|
|
|
case 200:
|
|
|
|
|
err = 0;
|
|
|
|
|
break; /* Success. */
|
|
|
|
|
|
|
|
|
|
case 301:
|
|
|
|
|
case 302:
|
2014-05-05 16:09:45 +02:00
|
|
|
|
case 307:
|
2011-01-18 12:51:16 +01:00
|
|
|
|
{
|
|
|
|
|
const char *s = http_get_header (http, "Location");
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_info (_("URL '%s' redirected to '%s' (%u)\n"),
|
2011-01-18 12:51:16 +01:00
|
|
|
|
request, s?s:"[none]", http_get_status_code (http));
|
|
|
|
|
if (s && *s && redirects_left-- )
|
|
|
|
|
{
|
|
|
|
|
xfree (request_buffer);
|
|
|
|
|
request_buffer = xtrystrdup (s);
|
|
|
|
|
if (request_buffer)
|
|
|
|
|
{
|
|
|
|
|
request = request_buffer;
|
|
|
|
|
http_close (http, 0);
|
|
|
|
|
http = NULL;
|
|
|
|
|
goto once_more;
|
|
|
|
|
}
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
err = gpg_error (GPG_ERR_NO_DATA);
|
|
|
|
|
log_error (_("too many redirections\n"));
|
|
|
|
|
}
|
|
|
|
|
goto leave;
|
|
|
|
|
|
|
|
|
|
default:
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error (_("error accessing '%s': http status %u\n"),
|
2011-01-18 12:51:16 +01:00
|
|
|
|
request, http_get_status_code (http));
|
|
|
|
|
err = gpg_error (GPG_ERR_NO_DATA);
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-05 16:09:45 +02:00
|
|
|
|
/* FIXME: We should register a permanent redirection and whether a
|
|
|
|
|
host has ever used TLS so that future calls will always use
|
|
|
|
|
TLS. */
|
|
|
|
|
|
2011-01-18 12:51:16 +01:00
|
|
|
|
fp = http_get_read_ptr (http);
|
|
|
|
|
if (!fp)
|
|
|
|
|
{
|
|
|
|
|
err = gpg_error (GPG_ERR_BUG);
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Return the read stream and close the HTTP context. */
|
|
|
|
|
*r_fp = fp;
|
|
|
|
|
http_close (http, 1);
|
|
|
|
|
http = NULL;
|
|
|
|
|
|
|
|
|
|
leave:
|
|
|
|
|
http_close (http, 0);
|
2014-05-05 16:09:45 +02:00
|
|
|
|
http_session_release (session);
|
2011-01-18 12:51:16 +01:00
|
|
|
|
xfree (request_buffer);
|
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2014-03-12 14:32:34 +01:00
|
|
|
|
/* Helper to evaluate the error code ERR form a send_request() call
|
|
|
|
|
with REQUEST. The function returns true if the caller shall try
|
|
|
|
|
again. TRIES_LEFT points to a variable to track the number of
|
|
|
|
|
retries; this function decrements it and won't return true if it is
|
|
|
|
|
down to zero. */
|
|
|
|
|
static int
|
|
|
|
|
handle_send_request_error (gpg_error_t err, const char *request,
|
|
|
|
|
unsigned int *tries_left)
|
|
|
|
|
{
|
|
|
|
|
int retry = 0;
|
|
|
|
|
|
|
|
|
|
switch (gpg_err_code (err))
|
|
|
|
|
{
|
|
|
|
|
case GPG_ERR_ECONNREFUSED:
|
|
|
|
|
case GPG_ERR_ENETUNREACH:
|
|
|
|
|
if (mark_host_dead (request) && *tries_left)
|
|
|
|
|
retry = 1;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case GPG_ERR_ETIMEDOUT:
|
|
|
|
|
if (*tries_left)
|
|
|
|
|
{
|
|
|
|
|
log_info ("selecting a different host due to a timeout\n");
|
|
|
|
|
retry = 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (*tries_left)
|
|
|
|
|
--*tries_left;
|
|
|
|
|
|
|
|
|
|
return retry;
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-20 14:12:53 +01:00
|
|
|
|
static gpg_error_t
|
|
|
|
|
armor_data (char **r_string, const void *data, size_t datalen)
|
|
|
|
|
{
|
|
|
|
|
gpg_error_t err;
|
|
|
|
|
struct b64state b64state;
|
|
|
|
|
estream_t fp;
|
|
|
|
|
long length;
|
|
|
|
|
char *buffer;
|
|
|
|
|
size_t nread;
|
|
|
|
|
|
|
|
|
|
*r_string = NULL;
|
|
|
|
|
|
2014-05-06 09:49:26 +02:00
|
|
|
|
fp = es_fopenmem (0, "rw,samethread");
|
2011-01-20 14:12:53 +01:00
|
|
|
|
if (!fp)
|
|
|
|
|
return gpg_error_from_syserror ();
|
2011-01-18 12:51:16 +01:00
|
|
|
|
|
2011-01-20 14:12:53 +01:00
|
|
|
|
if ((err=b64enc_start_es (&b64state, fp, "PGP PUBLIC KEY BLOCK"))
|
|
|
|
|
|| (err=b64enc_write (&b64state, data, datalen))
|
|
|
|
|
|| (err = b64enc_finish (&b64state)))
|
|
|
|
|
{
|
|
|
|
|
es_fclose (fp);
|
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* FIXME: To avoid the extra buffer allocation estream should
|
|
|
|
|
provide a function to snatch the internal allocated memory from
|
|
|
|
|
such a memory stream. */
|
|
|
|
|
length = es_ftell (fp);
|
|
|
|
|
if (length < 0)
|
|
|
|
|
{
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
es_fclose (fp);
|
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
buffer = xtrymalloc (length+1);
|
|
|
|
|
if (!buffer)
|
|
|
|
|
{
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
es_fclose (fp);
|
|
|
|
|
return err;
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2011-01-20 14:12:53 +01:00
|
|
|
|
es_rewind (fp);
|
|
|
|
|
if (es_read (fp, buffer, length, &nread))
|
|
|
|
|
{
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
es_fclose (fp);
|
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
buffer[nread] = 0;
|
|
|
|
|
es_fclose (fp);
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2011-01-20 14:12:53 +01:00
|
|
|
|
*r_string = buffer;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2011-01-10 14:30:17 +01:00
|
|
|
|
/* Search the keyserver identified by URI for keys matching PATTERN.
|
|
|
|
|
On success R_FP has an open stream to read the data. */
|
|
|
|
|
gpg_error_t
|
|
|
|
|
ks_hkp_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
|
|
|
|
|
estream_t *r_fp)
|
|
|
|
|
{
|
|
|
|
|
gpg_error_t err;
|
|
|
|
|
KEYDB_SEARCH_DESC desc;
|
|
|
|
|
char fprbuf[2+40+1];
|
|
|
|
|
char *hostport = NULL;
|
|
|
|
|
char *request = NULL;
|
|
|
|
|
estream_t fp = NULL;
|
2014-03-12 14:32:34 +01:00
|
|
|
|
int reselect;
|
2014-03-14 17:00:10 +01:00
|
|
|
|
unsigned int httpflags;
|
2014-05-16 21:14:03 +02:00
|
|
|
|
char *httphost = NULL;
|
2014-03-12 14:32:34 +01:00
|
|
|
|
unsigned int tries = SEND_REQUEST_RETRIES;
|
2011-01-10 14:30:17 +01:00
|
|
|
|
|
|
|
|
|
*r_fp = NULL;
|
|
|
|
|
|
|
|
|
|
/* Remove search type indicator and adjust PATTERN accordingly.
|
|
|
|
|
Note that HKP keyservers like the 0x to be present when searching
|
|
|
|
|
by keyid. We need to re-format the fingerprint and keyids so to
|
|
|
|
|
remove the gpg specific force-use-of-this-key flag ("!"). */
|
2011-04-25 23:56:47 +02:00
|
|
|
|
err = classify_user_id (pattern, &desc, 1);
|
2011-01-10 14:30:17 +01:00
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
|
|
|
|
switch (desc.mode)
|
|
|
|
|
{
|
|
|
|
|
case KEYDB_SEARCH_MODE_EXACT:
|
|
|
|
|
case KEYDB_SEARCH_MODE_SUBSTR:
|
|
|
|
|
case KEYDB_SEARCH_MODE_MAIL:
|
|
|
|
|
case KEYDB_SEARCH_MODE_MAILSUB:
|
|
|
|
|
pattern = desc.u.name;
|
|
|
|
|
break;
|
|
|
|
|
case KEYDB_SEARCH_MODE_SHORT_KID:
|
|
|
|
|
snprintf (fprbuf, sizeof fprbuf, "0x%08lX", (ulong)desc.u.kid[1]);
|
|
|
|
|
pattern = fprbuf;
|
|
|
|
|
break;
|
|
|
|
|
case KEYDB_SEARCH_MODE_LONG_KID:
|
2011-02-04 12:57:53 +01:00
|
|
|
|
snprintf (fprbuf, sizeof fprbuf, "0x%08lX%08lX",
|
2011-01-10 14:30:17 +01:00
|
|
|
|
(ulong)desc.u.kid[0], (ulong)desc.u.kid[1]);
|
|
|
|
|
pattern = fprbuf;
|
|
|
|
|
break;
|
|
|
|
|
case KEYDB_SEARCH_MODE_FPR16:
|
|
|
|
|
bin2hex (desc.u.fpr, 16, fprbuf);
|
|
|
|
|
pattern = fprbuf;
|
|
|
|
|
break;
|
|
|
|
|
case KEYDB_SEARCH_MODE_FPR20:
|
|
|
|
|
case KEYDB_SEARCH_MODE_FPR:
|
|
|
|
|
bin2hex (desc.u.fpr, 20, fprbuf);
|
|
|
|
|
pattern = fprbuf;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
return gpg_error (GPG_ERR_INV_USER_ID);
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2011-01-10 14:30:17 +01:00
|
|
|
|
/* Build the request string. */
|
2014-03-12 14:32:34 +01:00
|
|
|
|
reselect = 0;
|
|
|
|
|
again:
|
2011-01-10 14:30:17 +01:00
|
|
|
|
{
|
|
|
|
|
char *searchkey;
|
|
|
|
|
|
2014-03-12 14:32:34 +01:00
|
|
|
|
xfree (hostport);
|
2014-05-16 21:14:03 +02:00
|
|
|
|
xfree (httphost); httphost = NULL;
|
2014-03-12 14:32:34 +01:00
|
|
|
|
hostport = make_host_part (ctrl, uri->scheme, uri->host, uri->port,
|
2014-05-16 21:14:03 +02:00
|
|
|
|
reselect, &httpflags, &httphost);
|
2011-01-10 14:30:17 +01:00
|
|
|
|
if (!hostport)
|
|
|
|
|
{
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
searchkey = http_escape_string (pattern, EXTRA_ESCAPE_CHARS);
|
|
|
|
|
if (!searchkey)
|
|
|
|
|
{
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-12 14:32:34 +01:00
|
|
|
|
xfree (request);
|
2011-01-10 14:30:17 +01:00
|
|
|
|
request = strconcat (hostport,
|
|
|
|
|
"/pks/lookup?op=index&options=mr&search=",
|
|
|
|
|
searchkey,
|
|
|
|
|
NULL);
|
|
|
|
|
xfree (searchkey);
|
|
|
|
|
if (!request)
|
|
|
|
|
{
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2011-01-10 14:30:17 +01:00
|
|
|
|
/* Send the request. */
|
2014-05-16 21:14:03 +02:00
|
|
|
|
err = send_request (ctrl, request, hostport, httphost, httpflags,
|
|
|
|
|
NULL, NULL, &fp);
|
2014-03-12 14:32:34 +01:00
|
|
|
|
if (handle_send_request_error (err, request, &tries))
|
|
|
|
|
{
|
|
|
|
|
reselect = 1;
|
|
|
|
|
goto again;
|
|
|
|
|
}
|
2011-01-10 14:30:17 +01:00
|
|
|
|
if (err)
|
2011-01-18 12:51:16 +01:00
|
|
|
|
goto leave;
|
2011-01-10 14:30:17 +01:00
|
|
|
|
|
2014-03-14 16:12:54 +01:00
|
|
|
|
err = dirmngr_status (ctrl, "SOURCE", hostport, NULL);
|
|
|
|
|
if (err)
|
|
|
|
|
goto leave;
|
|
|
|
|
|
2014-03-11 14:26:39 +01:00
|
|
|
|
/* Peek at the response. */
|
2011-01-10 14:30:17 +01:00
|
|
|
|
{
|
|
|
|
|
int c = es_getc (fp);
|
|
|
|
|
if (c == -1)
|
|
|
|
|
{
|
|
|
|
|
err = es_ferror (fp)?gpg_error_from_syserror ():gpg_error (GPG_ERR_EOF);
|
|
|
|
|
log_error ("error reading response: %s\n", gpg_strerror (err));
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
if (c == '<')
|
|
|
|
|
{
|
2014-03-11 14:26:39 +01:00
|
|
|
|
/* The document begins with a '<': Assume a HTML response,
|
|
|
|
|
which we don't support. */
|
2011-01-10 14:30:17 +01:00
|
|
|
|
err = gpg_error (GPG_ERR_UNSUPPORTED_ENCODING);
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
es_ungetc (c, fp);
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-18 12:51:16 +01:00
|
|
|
|
/* Return the read stream. */
|
|
|
|
|
*r_fp = fp;
|
|
|
|
|
fp = NULL;
|
|
|
|
|
|
|
|
|
|
leave:
|
|
|
|
|
es_fclose (fp);
|
|
|
|
|
xfree (request);
|
|
|
|
|
xfree (hostport);
|
2014-05-16 21:14:03 +02:00
|
|
|
|
xfree (httphost);
|
2011-01-18 12:51:16 +01:00
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Get the key described key the KEYSPEC string from the keyserver
|
|
|
|
|
identified by URI. On success R_FP has an open stream to read the
|
|
|
|
|
data. */
|
|
|
|
|
gpg_error_t
|
|
|
|
|
ks_hkp_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec, estream_t *r_fp)
|
|
|
|
|
{
|
|
|
|
|
gpg_error_t err;
|
|
|
|
|
KEYDB_SEARCH_DESC desc;
|
2014-03-17 15:39:33 +01:00
|
|
|
|
char kidbuf[2+40+1];
|
|
|
|
|
const char *exactname = NULL;
|
|
|
|
|
char *searchkey = NULL;
|
2011-01-18 12:51:16 +01:00
|
|
|
|
char *hostport = NULL;
|
|
|
|
|
char *request = NULL;
|
|
|
|
|
estream_t fp = NULL;
|
2014-03-12 14:32:34 +01:00
|
|
|
|
int reselect;
|
2014-05-16 21:14:03 +02:00
|
|
|
|
char *httphost = NULL;
|
2014-03-14 17:00:10 +01:00
|
|
|
|
unsigned int httpflags;
|
2014-03-12 14:32:34 +01:00
|
|
|
|
unsigned int tries = SEND_REQUEST_RETRIES;
|
2011-01-18 12:51:16 +01:00
|
|
|
|
|
|
|
|
|
*r_fp = NULL;
|
|
|
|
|
|
|
|
|
|
/* Remove search type indicator and adjust PATTERN accordingly.
|
|
|
|
|
Note that HKP keyservers like the 0x to be present when searching
|
|
|
|
|
by keyid. We need to re-format the fingerprint and keyids so to
|
|
|
|
|
remove the gpg specific force-use-of-this-key flag ("!"). */
|
2011-04-25 23:56:47 +02:00
|
|
|
|
err = classify_user_id (keyspec, &desc, 1);
|
2011-01-18 12:51:16 +01:00
|
|
|
|
if (err)
|
|
|
|
|
return err;
|
|
|
|
|
switch (desc.mode)
|
|
|
|
|
{
|
|
|
|
|
case KEYDB_SEARCH_MODE_SHORT_KID:
|
2014-03-17 15:39:33 +01:00
|
|
|
|
snprintf (kidbuf, sizeof kidbuf, "0x%08lX", (ulong)desc.u.kid[1]);
|
2011-01-18 12:51:16 +01:00
|
|
|
|
break;
|
2012-01-10 16:23:54 +01:00
|
|
|
|
case KEYDB_SEARCH_MODE_LONG_KID:
|
2014-03-17 15:39:33 +01:00
|
|
|
|
snprintf (kidbuf, sizeof kidbuf, "0x%08lX%08lX",
|
2012-01-10 16:23:54 +01:00
|
|
|
|
(ulong)desc.u.kid[0], (ulong)desc.u.kid[1]);
|
|
|
|
|
break;
|
2011-01-18 12:51:16 +01:00
|
|
|
|
case KEYDB_SEARCH_MODE_FPR20:
|
|
|
|
|
case KEYDB_SEARCH_MODE_FPR:
|
2012-01-10 16:23:54 +01:00
|
|
|
|
/* This is a v4 fingerprint. */
|
2014-03-17 15:39:33 +01:00
|
|
|
|
kidbuf[0] = '0';
|
|
|
|
|
kidbuf[1] = 'x';
|
|
|
|
|
bin2hex (desc.u.fpr, 20, kidbuf+2);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case KEYDB_SEARCH_MODE_EXACT:
|
|
|
|
|
exactname = desc.u.name;
|
2011-01-18 12:51:16 +01:00
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case KEYDB_SEARCH_MODE_FPR16:
|
2012-01-10 16:23:54 +01:00
|
|
|
|
log_error ("HKP keyservers do not support v3 fingerprints\n");
|
2011-01-18 12:51:16 +01:00
|
|
|
|
default:
|
|
|
|
|
return gpg_error (GPG_ERR_INV_USER_ID);
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2014-03-17 15:39:33 +01:00
|
|
|
|
searchkey = http_escape_string (exactname? exactname : kidbuf,
|
|
|
|
|
EXTRA_ESCAPE_CHARS);
|
|
|
|
|
if (!searchkey)
|
|
|
|
|
{
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-12 14:32:34 +01:00
|
|
|
|
reselect = 0;
|
|
|
|
|
again:
|
2011-04-12 16:30:08 +02:00
|
|
|
|
/* Build the request string. */
|
2014-03-12 14:32:34 +01:00
|
|
|
|
xfree (hostport);
|
2014-05-16 21:14:03 +02:00
|
|
|
|
xfree (httphost); httphost = NULL;
|
2014-03-14 17:00:10 +01:00
|
|
|
|
hostport = make_host_part (ctrl, uri->scheme, uri->host, uri->port,
|
2014-05-16 21:14:03 +02:00
|
|
|
|
reselect, &httpflags, &httphost);
|
2011-04-12 16:30:08 +02:00
|
|
|
|
if (!hostport)
|
2011-01-18 12:51:16 +01:00
|
|
|
|
{
|
2011-04-12 16:30:08 +02:00
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
goto leave;
|
2011-01-18 12:51:16 +01:00
|
|
|
|
}
|
2011-04-12 16:30:08 +02:00
|
|
|
|
|
2014-03-12 14:32:34 +01:00
|
|
|
|
xfree (request);
|
2011-04-12 16:30:08 +02:00
|
|
|
|
request = strconcat (hostport,
|
2014-03-17 15:39:33 +01:00
|
|
|
|
"/pks/lookup?op=get&options=mr&search=",
|
|
|
|
|
searchkey,
|
|
|
|
|
exactname? "&exact=on":"",
|
2011-04-12 16:30:08 +02:00
|
|
|
|
NULL);
|
|
|
|
|
if (!request)
|
2011-01-18 12:51:16 +01:00
|
|
|
|
{
|
2011-04-12 16:30:08 +02:00
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
goto leave;
|
2011-01-18 12:51:16 +01:00
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2011-01-18 12:51:16 +01:00
|
|
|
|
/* Send the request. */
|
2014-05-16 21:14:03 +02:00
|
|
|
|
err = send_request (ctrl, request, hostport, httphost, httpflags,
|
|
|
|
|
NULL, NULL, &fp);
|
2014-03-12 14:32:34 +01:00
|
|
|
|
if (handle_send_request_error (err, request, &tries))
|
|
|
|
|
{
|
|
|
|
|
reselect = 1;
|
|
|
|
|
goto again;
|
|
|
|
|
}
|
2011-01-18 12:51:16 +01:00
|
|
|
|
if (err)
|
|
|
|
|
goto leave;
|
|
|
|
|
|
2014-03-14 16:12:54 +01:00
|
|
|
|
err = dirmngr_status (ctrl, "SOURCE", hostport, NULL);
|
|
|
|
|
if (err)
|
|
|
|
|
goto leave;
|
|
|
|
|
|
2011-01-10 14:30:17 +01:00
|
|
|
|
/* Return the read stream and close the HTTP context. */
|
|
|
|
|
*r_fp = fp;
|
|
|
|
|
fp = NULL;
|
|
|
|
|
|
|
|
|
|
leave:
|
|
|
|
|
es_fclose (fp);
|
|
|
|
|
xfree (request);
|
|
|
|
|
xfree (hostport);
|
2014-05-16 21:14:03 +02:00
|
|
|
|
xfree (httphost);
|
2014-03-17 15:39:33 +01:00
|
|
|
|
xfree (searchkey);
|
2011-01-10 14:30:17 +01:00
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2011-01-20 14:12:53 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Callback parameters for put_post_cb. */
|
|
|
|
|
struct put_post_parm_s
|
|
|
|
|
{
|
|
|
|
|
char *datastring;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Helper for ks_hkp_put. */
|
|
|
|
|
static gpg_error_t
|
|
|
|
|
put_post_cb (void *opaque, http_t http)
|
|
|
|
|
{
|
|
|
|
|
struct put_post_parm_s *parm = opaque;
|
|
|
|
|
gpg_error_t err = 0;
|
|
|
|
|
estream_t fp;
|
|
|
|
|
size_t len;
|
|
|
|
|
|
|
|
|
|
fp = http_get_write_ptr (http);
|
|
|
|
|
len = strlen (parm->datastring);
|
|
|
|
|
|
|
|
|
|
es_fprintf (fp,
|
|
|
|
|
"Content-Type: application/x-www-form-urlencoded\r\n"
|
|
|
|
|
"Content-Length: %zu\r\n", len+8 /* 8 is for "keytext" */);
|
|
|
|
|
http_start_data (http);
|
|
|
|
|
if (es_fputs ("keytext=", fp) || es_write (fp, parm->datastring, len, NULL))
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Send the key in {DATA,DATALEN} to the keyserver identified by URI. */
|
|
|
|
|
gpg_error_t
|
|
|
|
|
ks_hkp_put (ctrl_t ctrl, parsed_uri_t uri, const void *data, size_t datalen)
|
|
|
|
|
{
|
|
|
|
|
gpg_error_t err;
|
|
|
|
|
char *hostport = NULL;
|
|
|
|
|
char *request = NULL;
|
|
|
|
|
estream_t fp = NULL;
|
|
|
|
|
struct put_post_parm_s parm;
|
|
|
|
|
char *armored = NULL;
|
2014-03-12 14:32:34 +01:00
|
|
|
|
int reselect;
|
2014-05-16 21:14:03 +02:00
|
|
|
|
char *httphost = NULL;
|
2014-03-14 17:00:10 +01:00
|
|
|
|
unsigned int httpflags;
|
2014-03-12 14:32:34 +01:00
|
|
|
|
unsigned int tries = SEND_REQUEST_RETRIES;
|
2011-01-20 14:12:53 +01:00
|
|
|
|
|
|
|
|
|
parm.datastring = NULL;
|
|
|
|
|
|
|
|
|
|
err = armor_data (&armored, data, datalen);
|
|
|
|
|
if (err)
|
|
|
|
|
goto leave;
|
|
|
|
|
|
|
|
|
|
parm.datastring = http_escape_string (armored, EXTRA_ESCAPE_CHARS);
|
|
|
|
|
if (!parm.datastring)
|
|
|
|
|
{
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
xfree (armored);
|
|
|
|
|
armored = NULL;
|
|
|
|
|
|
|
|
|
|
/* Build the request string. */
|
2014-03-12 14:32:34 +01:00
|
|
|
|
reselect = 0;
|
|
|
|
|
again:
|
|
|
|
|
xfree (hostport);
|
2014-05-16 21:14:03 +02:00
|
|
|
|
xfree (httphost); httphost = NULL;
|
2014-03-14 17:00:10 +01:00
|
|
|
|
hostport = make_host_part (ctrl, uri->scheme, uri->host, uri->port,
|
2014-05-16 21:14:03 +02:00
|
|
|
|
reselect, &httpflags, &httphost);
|
2011-01-20 14:12:53 +01:00
|
|
|
|
if (!hostport)
|
|
|
|
|
{
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-12 14:32:34 +01:00
|
|
|
|
xfree (request);
|
2011-01-20 14:12:53 +01:00
|
|
|
|
request = strconcat (hostport, "/pks/add", NULL);
|
|
|
|
|
if (!request)
|
|
|
|
|
{
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2011-01-20 14:12:53 +01:00
|
|
|
|
/* Send the request. */
|
2014-05-16 21:14:03 +02:00
|
|
|
|
err = send_request (ctrl, request, hostport, httphost, 0,
|
|
|
|
|
put_post_cb, &parm, &fp);
|
2014-03-12 14:32:34 +01:00
|
|
|
|
if (handle_send_request_error (err, request, &tries))
|
|
|
|
|
{
|
|
|
|
|
reselect = 1;
|
|
|
|
|
goto again;
|
|
|
|
|
}
|
2011-01-20 14:12:53 +01:00
|
|
|
|
if (err)
|
|
|
|
|
goto leave;
|
|
|
|
|
|
|
|
|
|
leave:
|
|
|
|
|
es_fclose (fp);
|
|
|
|
|
xfree (parm.datastring);
|
|
|
|
|
xfree (armored);
|
|
|
|
|
xfree (request);
|
|
|
|
|
xfree (hostport);
|
2014-05-16 21:14:03 +02:00
|
|
|
|
xfree (httphost);
|
2011-01-20 14:12:53 +01:00
|
|
|
|
return err;
|
|
|
|
|
}
|