mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
Remove the obsolete keyserver directory from the repo.
-- We also merge dirmngr/ChangeLog.1 into dirmngr/ChangeLog-2011 and rename keyserver/ChangeLog-2011 to dirmngr/ChangeLog-2011-ks.
This commit is contained in:
parent
2180845959
commit
62b2cee85f
@ -1583,8 +1583,813 @@
|
||||
|
||||
Please note that earlier entries are found in the top level
|
||||
ChangeLog.
|
||||
[Update after merge with GnuPG: see ./ChangeLog.1]
|
||||
[Update after merge with GnuPG: These old ChangeLog entries are
|
||||
found below up to ==END OLDEST CHANGELOG==]
|
||||
|
||||
==BEGIN OLDEST CHANGELOG==
|
||||
|
||||
2004-10-04 Werner Koch <wk@g10code.com>
|
||||
|
||||
* src/dirmngr.c: Changed an help entry description.
|
||||
|
||||
2004-09-30 Werner Koch <wk@g10code.com>
|
||||
|
||||
* src/dirmngr.c (i18n_init): Always use LC_ALL.
|
||||
|
||||
2004-09-28 Werner Koch <wk@g10code.com>
|
||||
|
||||
Released 0.5.6.
|
||||
|
||||
* config.guess, config.sub: Updated.
|
||||
|
||||
2004-06-21 Werner Koch <wk@g10code.com>
|
||||
|
||||
* src/crlfetch.c (crl_fetch): Bad hack to use the right attribute.
|
||||
|
||||
2004-05-13 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Released 0.5.5.
|
||||
|
||||
* src/ldap.c (start_cert_fetch_ldap, start_cert_fetch_ldap): More
|
||||
detailed error messages.
|
||||
|
||||
* src/crlcache.c (update_dir): Handle i-records properly.
|
||||
|
||||
2004-04-29 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Released 0.5.4.
|
||||
|
||||
* src/crlcache.h (crl_cache_result_t): Add CRL_CACHE_CANTUSE.
|
||||
* src/server.c (cmd_isvalid): Handle it here.
|
||||
* src/crlcache.c (crl_cache_isvalid): Issue this code if the CRL
|
||||
cant be used.
|
||||
(open_dir): Parse new fields 8,9 and 10 as well as the invalid flag.
|
||||
(write_dir_line_crl): Write new fields.
|
||||
(get_crl_number, get_auth_key_id): New.
|
||||
(crl_cache_insert): Fill new fields. Mark the entry invalid if
|
||||
the CRL is too old after an update or an unknown critical
|
||||
extension was seen.
|
||||
(list_one_crl_entry): Print the new fields.
|
||||
|
||||
2004-04-28 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* configure.ac: Requires libksba 0.9.6.
|
||||
|
||||
* src/dirmngr.c: New option --ocsp-signer.
|
||||
* src/dirmngr.h (opt): Renamed member OCSP_REPONDERS to
|
||||
OCSP_RESPONDER and made ist a simple string. Add OCSP_SIGNER.
|
||||
* src/ocsp.c (ocsp_isvalid): Changed it accordingly.
|
||||
(ocsp_isvalid): Pass the ocsp_signer to check_signature.
|
||||
(check_signature): New arg SIGNER_FPR. Use it to retrieve the
|
||||
certificate. Factored out common code to ..
|
||||
(check_signature_core): .. New.
|
||||
|
||||
2004-04-27 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/server.c (start_command_handler): Keep track of the first
|
||||
connection.
|
||||
(dirmngr_tick): New.
|
||||
* src/ldap.c (attr_fetch_fun_reader): Call it from time to time.
|
||||
|
||||
2004-04-23 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c (main): Removed the add-servers option from the
|
||||
gpgconf list. It is not really useful.
|
||||
|
||||
2004-04-02 Thomas Schwinge <schwinge@nic-nac-project.de>
|
||||
|
||||
* autogen.sh: Added ACLOCAL_FLAGS.
|
||||
|
||||
2004-04-13 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlcache.c (update_dir): Do not double close FPOUT.
|
||||
|
||||
2004-04-09 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/cdblib.c (cdb_make_start): Wipeout the entire buffer to
|
||||
shutup valgrind.
|
||||
(ewrite): Fixed writing bad data on EINTR.
|
||||
|
||||
* src/ldap.c (get_attr_from_result_ldap): Fixed bad copy and
|
||||
terminate of a string.
|
||||
|
||||
* src/crlfetch.c (crl_fetch): Fixed freeing of VALUE on error.
|
||||
|
||||
2004-04-07 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.h (server_control_s): Add member force_crl_refresh.
|
||||
* src/server.c (option_handler): New.
|
||||
(start_command_handler): Register option handler
|
||||
* src/crlcache.c (crl_cache_isvalid): Add arg FORCE_REFRESH.
|
||||
(crl_cache_insert): Record last refresh in memory.
|
||||
|
||||
* src/server.c (inquire_cert_and_load_crl): Renamed from
|
||||
inquire_cert.
|
||||
|
||||
2004-04-06 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Released 0.5.3
|
||||
|
||||
* doc/dirmngr.texi: Updated.
|
||||
* doc/texinfo.tex: Updated.
|
||||
|
||||
2004-04-05 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/ocsp.c (ocsp_isvalid): Check THIS_UPDATE.
|
||||
|
||||
* src/misc.c (add_isotime): New.
|
||||
(date2jd, jd2date, days_per_month, days_per_year): New. Taken from
|
||||
my ancient (1988) code used in Wedit (time2.c).
|
||||
|
||||
2004-04-02 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* autogen.sh: Check gettext version.
|
||||
* configure.ac: Add AM_GNU_GETTEXT.
|
||||
|
||||
2004-04-02 gettextize <bug-gnu-gettext@gnu.org>
|
||||
|
||||
* Makefile.am (SUBDIRS): Add intl.
|
||||
(EXTRA_DIST): Add config.rpath.
|
||||
* configure.ac (AC_CONFIG_FILES): Add intl/Makefile,
|
||||
|
||||
2004-04-02 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Add i18n at most places.
|
||||
|
||||
* src/dirmngr.c (i18n_init): New.
|
||||
(main): Call it.
|
||||
* src/dirmngr.h: Add i18n stuff.
|
||||
|
||||
2004-04-01 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/misc.c (get_fingerprint_hexstring): New.
|
||||
|
||||
* src/server.c (dirmngr_status): New.
|
||||
|
||||
2004-03-26 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* configure.ac: Add AC_SYS_LARGEFILE.
|
||||
|
||||
* doc/dirmngr.texi: Changed the license to the GPL as per message
|
||||
by Mathhias Kalle Dalheimer of Klaralvdalens-Datakonsult dated
|
||||
Jan 7, 2004.
|
||||
* doc/fdl.texi: Removed.
|
||||
|
||||
2004-03-25 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c (main): New command --fetch-crl.
|
||||
|
||||
2004-03-23 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c: New option --allow-ocsp.
|
||||
* src/server.c (cmd_isvalid): Make use of allow_ocsp.
|
||||
|
||||
2004-03-17 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c (main) <gpgconf>: Fixed default value quoting.
|
||||
|
||||
2004-03-16 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c (main): Add ocsp-responder to the gpgconf list.
|
||||
Add option --debug-level.
|
||||
(set_debug): New.
|
||||
|
||||
2004-03-15 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/misc.c (canon_sexp_to_grcy): New.
|
||||
|
||||
2004-03-12 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlfetch.c (crl_fetch): Hack to substitute http for https.
|
||||
|
||||
2004-03-10 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c (parse_ldapserver_file): Don't skip the entire
|
||||
file on errors.
|
||||
|
||||
2004-03-09 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c (my_ksba_hash_buffer): New.
|
||||
(main): Initialize the internal libksba hashing.
|
||||
|
||||
* src/server.c (get_issuer_cert_local): Renamed to ...
|
||||
(get_cert_local): ... this. Changed all callers. Allow NULL for
|
||||
ISSUER to return the current target cert.
|
||||
(get_issuing_cert_local): New.
|
||||
(do_get_cert_local): Moved common code to here.
|
||||
|
||||
2004-03-06 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Released 0.5.2.
|
||||
|
||||
* configure.ac: Fixed last change to check the API version of
|
||||
libgcrypt.
|
||||
|
||||
2004-03-05 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* configure.ac: Also check the SONAME of libgcrypt.
|
||||
|
||||
2004-03-03 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c: New option --ocsp-responder.
|
||||
* src/dirmngr.h (opt): Add member OCSP_RESPONDERS.
|
||||
|
||||
2004-02-26 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* src/server.c (start_command_handler): Corrected typo and made
|
||||
dirmngr output it's version in the greeting message.
|
||||
|
||||
2004-02-24 Marcus Brinkmann <marcus@g10code.de>
|
||||
|
||||
* src/dirmngr.c (DEFAULT_ADD_SERVERS): Removed. If this were
|
||||
true, there'd be no way to disable it.
|
||||
(main): Dump options in new gpgconf format.
|
||||
|
||||
2004-02-11 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* autogen.sh (check_version): Removed bashism and simplified.
|
||||
|
||||
2004-02-06 Moritz Schulte <mo@g10code.com>
|
||||
|
||||
* src/crlfetch.c (crl_fetch_default): Do not dereference VALUE,
|
||||
when checking for non-zero.
|
||||
|
||||
2004-02-01 Marcus Brinkmann <marcus@g10code.de>
|
||||
|
||||
* src/dirmngr.c (DEFAULT_ADD_SERVERS, DEFAULT_MAX_REPLIES)
|
||||
(DEFAULT_LDAP_TIMEOUT): New macros.
|
||||
(main): Use them.
|
||||
(enum cmd_and_opt_values): New command aGPGConfList.
|
||||
(main): Add handler here.
|
||||
|
||||
2004-01-17 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* configure.ac: Added AC_CHECK_FUNCS tests again, because the
|
||||
other test occurrences belong to the jnlib tests block.
|
||||
|
||||
2004-01-15 Moritz Schulte <mo@g10code.com>
|
||||
|
||||
* configure.ac: Fixed funopen replacement mechanism; removed
|
||||
unnecessary AC_CHECK_FUNCS calls.
|
||||
|
||||
2004-01-14 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlcache.c (list_one_crl_entry): Don't use putchar.
|
||||
|
||||
* src/server.c (cmd_listcrls): New.
|
||||
|
||||
2003-12-23 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Released 0.5.1.
|
||||
|
||||
2003-12-17 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* configure.ac (CFLAGS): Add -Wformat-noliteral in gcc +
|
||||
maintainer mode.
|
||||
(NEED_LIBASSUAN_VERSION): Bump up to 0.6.2.
|
||||
|
||||
2003-12-16 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* configure.ac: Update the tests for jnlib.
|
||||
* src/dirmngr.c (main): Ignore SIGPIPE in server mode.
|
||||
|
||||
2003-12-12 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlcache.c (hash_dbfile): Also hash version info of the
|
||||
cache file format.
|
||||
|
||||
* src/Makefile.am (dirmngr_SOURCES): Add http.h.
|
||||
|
||||
* configure.ac: Removed checking for DB2. Add checking for mmap.
|
||||
* src/cdb.h, src/cdblib.h: New. Add a few comments from the
|
||||
original man page and fixed typos.
|
||||
* src/cdblib.c (cdb_findinit, cdb_findnext): Modified to allow
|
||||
walking over all entries.
|
||||
* src/crlcache.h: Removed DB2/4 cruft.
|
||||
(release_one_cache_entry, lock_db_file, crl_parse_insert)
|
||||
(crl_cache_insert, crl_cache_isvalid, list_one_crl_entry): Use the
|
||||
new CDB interface.
|
||||
|
||||
* src/dirmngr.c: Beautified the help messages.
|
||||
(wrong_args): New.
|
||||
(main): new option --force. Revamped the command handling code.
|
||||
Allow to pass multiple CRLS as well as stdin to --local-crl.
|
||||
* src/crlcache.c (crl_cache_insert): Make --force work.
|
||||
|
||||
2003-12-11 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlfetch.c (crl_fetch): Enhanced to allow fetching binary
|
||||
data using HTTP.
|
||||
* src/http.c, src/http.h: Replaced by the code from gnupg 1.3 and
|
||||
modified acording to our needs.
|
||||
(read_line): New. Based on the code from GnuPG's iobuf_read_line.
|
||||
* configure.ac: Check for getaddrinfo.
|
||||
|
||||
* src/dirmngr.c (parse_ldapserver_file): Close the stream.
|
||||
(main): Free ldapfile.
|
||||
|
||||
* src/ocsp.c, src/ocsp.h: New. Albeit not functionality.
|
||||
|
||||
* src/server.c (inquire_cert): Catch EOF when reading dist points.
|
||||
|
||||
* src/crlcache.c (hash_dbfile, check_dbfile): New.
|
||||
(lock_db_file, crl_cache_insert): Use them here to detect
|
||||
corrupted CRL files.
|
||||
(open_dir): Read the new dbfile hash field.
|
||||
|
||||
* src/crlfetch.c (crl_fetch, crl_fetch_default): Changed to retrun
|
||||
a stream.
|
||||
(fun_reader, fun_closer, setup_funopen): New.
|
||||
* src/server.c (inquire_cert): Changed to use the new stream interface
|
||||
of crlfetch.c.
|
||||
|
||||
2003-12-10 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/funopen.c: New.
|
||||
* configure.ac (funopen): Add test.
|
||||
* src/Makefile.am (dirmngr_LDADD): Add LIBOBJS.
|
||||
|
||||
* src/crlcache.c (next_line_from_file): Remove the limit on the
|
||||
line length.
|
||||
(crl_cache_new): Removed.
|
||||
(open_dbcontent): New.
|
||||
(crl_cache_init): Use it here.
|
||||
(crl_cache_flush): The DB content fie is now in the cache
|
||||
directory, so we can simplify it.
|
||||
(make_db_file_name, lock_db_file, unlock_db_file): New.
|
||||
(release_cache): Close the cached DB files.
|
||||
(crl_cache_isvalid): Make use of the new lock_db_file.
|
||||
(crl_cache_insert): Changed to take a stream as argument.
|
||||
(crl_parse_insert): Rewritten to use a temporary DB and to avoid
|
||||
using up large amounts of memory.
|
||||
(db_entry_new): Removed.
|
||||
(release_cache,release_one_cache_entry): Splitted up.
|
||||
(find_entry): Take care of the new deleted flag.
|
||||
(crl_cache_load): Simplified becuase we can now pass a FP to the
|
||||
insert code.
|
||||
(save_contents): Removed.
|
||||
(update_dir): New.
|
||||
(open_dbcontent_file): Renamed to open_dir_file.
|
||||
(check_dbcontent_version): Renamed to check_dir_version.
|
||||
(open_dbcontent): Renamed to open_dir.
|
||||
|
||||
* src/dirmngr.c: New option --faked-system-time.
|
||||
* src/misc.c (faked_time_p, set_time, get_time): New. Taken from GnuPG.
|
||||
(check_isotime): New.
|
||||
(unpercent_string): New.
|
||||
|
||||
2003-12-09 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlcache.h (DBDIR,DBCONTENTFILE): Changed value.
|
||||
|
||||
* autogen.sh: Reworked.
|
||||
* README.CVS: New.
|
||||
* configure.ac: Added min_automake_version.
|
||||
|
||||
2003-12-03 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/server.c (cmd_lookup): Send an END line after each
|
||||
certificate.
|
||||
|
||||
2003-11-28 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/Makefile.am (dirmngr_LDADD): Remove DB_LIBS
|
||||
because it never got defined and -ldb{2,4} is implictly set
|
||||
by the AC_CHECK_LIB test in configure.
|
||||
|
||||
* src/crlcache.c (mydbopen): DB4 needs an extra parameter; I
|
||||
wonder who ever tested DB4 support. Add an error statement in
|
||||
case no DB support is configured.
|
||||
|
||||
* tests/Makefile.am: Don't use AM_CPPFLAGS but AM_CFLAGS, replaced
|
||||
variables by configure templates.
|
||||
* src/Makefile.am: Ditto.
|
||||
|
||||
2003-11-19 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlcache.c (list_one_crl_entry): Define X to nothing for non
|
||||
DB4 systems. Thanks to Luca M. G. Centamore.
|
||||
|
||||
2003-11-17 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Released 0.5.0
|
||||
|
||||
* src/crlcache.c (crl_cache_new): Fixed eof detection.
|
||||
|
||||
* src/server.c (cmd_loadcrl): Do the unescaping.
|
||||
|
||||
* doc/dirmngr.texi: Added a history section for this modified
|
||||
version.
|
||||
|
||||
2003-11-14 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* tests/asschk.c: New. Taken from GnuPG.
|
||||
* tests/Makefile.am: Added asschk.
|
||||
|
||||
2003-11-13 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/ldap.c (fetch_next_cert_ldap): Get the pattern switching
|
||||
right.
|
||||
|
||||
* tests/test-dirmngr.c: Replaced a couple of deprecated types.
|
||||
|
||||
* configure.ac (GPG_ERR_SOURCE_DEFAULT): Added.
|
||||
(fopencookie, asprintf): Removed unneeded test.
|
||||
(PRINTABLE_OS_NAME): Updated the test from gnupg.
|
||||
(CFLAGS): Do full warnings only in maintainer mode. Add flag
|
||||
--enable gcc-warnings to override it and to enable even more
|
||||
warnings.
|
||||
* acinclude.m4: Removed the libgcrypt test.
|
||||
|
||||
* src/ldap.c (get_attr_from_result_ldap): Simplified the binary
|
||||
hack and return a proper gpg error.
|
||||
(attr_fetch_ldap_internal): Changed error handling.
|
||||
(attr_fetch_ldap): Reworked. Return configuration error if no
|
||||
servers are configured.
|
||||
(url_fetch_ldap, add_server_to_servers)
|
||||
(url_fetch_ldap_internal): Reworked.
|
||||
(struct cert_fetch_context_s): New to get rid of a global state.
|
||||
(start_cert_fetch_ldap): Allocate context and do a bind with a
|
||||
timeout. Parse pattern.
|
||||
(end_cert_fetch_ldap): Take context and don't return anything.
|
||||
(find_next_pattern): Removed.
|
||||
(parse_one_pattern): Redone.
|
||||
(get_cert_ldap): Redone.
|
||||
* src/server.c (cmd_lookup): Changed for changed fetch functions.
|
||||
|
||||
* doc/dirmngr.texi: Reworked a bit to get rid of tex errors.
|
||||
|
||||
* configure.ac: Enable makeinfo test.
|
||||
|
||||
* src/crlcache.c (crl_cache_insert): Fixed for latest KSBA API
|
||||
changes.
|
||||
* tests/test-dirmngr.c (main): Ditto. Also added some more error
|
||||
checking.
|
||||
|
||||
2003-11-11 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/cert.c (hashify_data, hexify_data, serial_hex)
|
||||
(serial_to_buffer): Moved all to ...
|
||||
* src/misc.c: .. here.
|
||||
* src/Makefile.am (cert.c, cert.h): Removed.
|
||||
* cert.c, cert.h: Removed.
|
||||
|
||||
* m4/: New.
|
||||
* configure.ac, Makefile.am: Include m4 directory support, updated
|
||||
required library versions.
|
||||
|
||||
* src/cert.c (make_cert): Removed.
|
||||
|
||||
* src/ldap.c (fetch_next_cert_ldap): Return a gpg style error.
|
||||
|
||||
* src/misc.h (copy_time): New.
|
||||
* src/misc.c (get_isotime): New.
|
||||
(iso_string2time, iso_time2string): Removed.
|
||||
(unhexify): New.
|
||||
|
||||
* src/crlcache.h (DBCONTENTSVERSION): Bumbed to 0.6.
|
||||
* src/crlcache.c (finish_sig_check): New. Factored out from
|
||||
crl_parse_insert and entirely redone.
|
||||
(do_encode_md): Removed.
|
||||
(print_time): Removed
|
||||
(crl_cache_isvalid): Reworked.
|
||||
|
||||
2003-11-10 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlcache.c (make_db_val, parse_db_val): Removed.
|
||||
|
||||
* src/cert.c (serial_to_buffer): New.
|
||||
|
||||
* src/server.c (get_issuer_cert_local): Rewritten.
|
||||
|
||||
* src/crlcache.c (crl_parse_insert): Rewritten. Takes now a CTRL
|
||||
instead of the Assuan context. Changed caller accordingly.
|
||||
(get_issuer_cert): Cleaned up.
|
||||
|
||||
* src/crlfetch.c (crl_fetch): Changed VALUE to unsigned char* for
|
||||
documentation reasons. Make sure that VALUE is released on error.
|
||||
(crl_fetch_default, ca_cert_fetch): Ditto.
|
||||
|
||||
* src/crlcache.c (release_cache): New.
|
||||
(crl_cache_deinit): Use it here.
|
||||
(crl_cache_flush): Redone.
|
||||
(save_contents): Redone.
|
||||
(crl_cache_list, list_one_crl_entry): Print error messages.
|
||||
|
||||
2003-11-06 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlcache.c (create_directory_if_needed, cleanup_cache_dir):
|
||||
New. Factored out from crl_cache_new and mostly rewritten.
|
||||
(crl_cache_new): Rewritten.
|
||||
(next_line_from_file): New.
|
||||
(find_entry): Cleaned up.
|
||||
(crl_cache_deinit): Cleaned up.
|
||||
|
||||
* src/dirmngr.c (dirmngr_init_default_ctrl): New stub.
|
||||
* src/dirmngr.h (ctrl_t): New.
|
||||
(DBG_ASSUAN,...): Added the usual debug test macros.
|
||||
* src/server.c: Removed the GET_PTR cruft, replaced it by ctrl_t.
|
||||
Removed the recursion flag.
|
||||
(get_issuer_cert_local): Allow for arbitary large
|
||||
certificates. 4096 is definitely too small.
|
||||
(inquire_cert): Ditto.
|
||||
(start_command_handler): Set a hello line and call the default
|
||||
init function.
|
||||
(cmd_isvalid): Rewritten.
|
||||
(inquire_cert): Removed unused arg LINE. General cleanup.
|
||||
(map_assuan_err,map_to_assuan_status): New. Taken from gnupg 1.9.
|
||||
(cmd_lookup): Rewritten.
|
||||
(cmd_loadcrl): Started to rewrite it.
|
||||
|
||||
2003-10-29 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c (parse_ldapserver_file): Entirely rewritten.
|
||||
(cleanup): New.
|
||||
(main): Cleaned up.
|
||||
|
||||
2003-10-28 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.h: Renamed dirmngr_opt to opt.
|
||||
|
||||
* src/dirmngr.c (parse_ldapserver_file, free_ldapservers_list):
|
||||
Moved with this file. Cleaned up. Replaced too deep recursion in
|
||||
the free function.
|
||||
|
||||
2003-10-21 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Changed all occurrences of assuan.h to use use the system provided
|
||||
one.
|
||||
* src/server.c (register_commands): Adjusted for Assuan API change.
|
||||
|
||||
2003-08-14 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/Makefile.am: s/LIBKSBA_/KSBA_/. Changed for external Assuan lib.
|
||||
* tests/Makefile.am: Ditto.
|
||||
|
||||
* configure.ac: Partly restructured, add standard checks for
|
||||
required libraries, removed included libassuan.
|
||||
* Makefile.am (SUBDIRS): Removed assuan becuase we now use the
|
||||
libassuan package.
|
||||
|
||||
* src/dirmngr.c (main): Properly initialize Libgcrypt and libksba.
|
||||
|
||||
2003-08-13 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/server.c (get_issuer_cert_local): Print error using
|
||||
assuan_strerror.
|
||||
|
||||
* src/crlcache.c (do_encode_md, start_sig_check): Adjust for
|
||||
changed Libgcrypt API.
|
||||
|
||||
2003-06-19 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* configure.ac: Upped version to 0.4.7-cvs.
|
||||
|
||||
2003-06-19 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* configure.ac: Release 0.4.6.
|
||||
|
||||
2003-06-17 Bernhard Reiter <bernhard@intevation.de>
|
||||
|
||||
* src/ldap.c (url_fetch_ldap()):
|
||||
try other default servers when an url with hostname failed
|
||||
* AUTHORS: added Steffen and Werner
|
||||
* THANKS: Thanked people in the ChangeLog and the Ägypten-Team
|
||||
|
||||
|
||||
2003-06-16 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* configure.ac, src/crlcache.h, src/crlcache.c: Added db4 support.
|
||||
* src/Makefile.am, tests/Makefile.am: Removed automake warning.
|
||||
* tests/test-dirmngr.c: Removed a warning.
|
||||
|
||||
2003-05-12 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* doc/Makefile.am: Added dirmngr.ops to DISTCLEANFILES.
|
||||
* ChangeLog, doc/ChangeLog, src/ChangeLog: Merged dirmngr ChangeLogs
|
||||
into one toplevel file.
|
||||
* acinclude.m4, configure.ac: Renamed PFX to PATH for consistency.
|
||||
|
||||
2003-05-12 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* src/ldap.c: Fixed end-of-certificates-list indication.
|
||||
|
||||
2003-05-08 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* src/server.c: Fixed iteration over server list
|
||||
|
||||
2003-02-23 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* src/crlcache.h, src/crlcache.c, src/dirmngr.c: Implemented --flush command.
|
||||
|
||||
2003-02-07 Marcus Brinkmann <marcus@g10code.de>
|
||||
|
||||
* configure.ac: Release 0.4.4.
|
||||
|
||||
2003-02-05 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* src/ldap.c: Try harder with and without ";binary" in the
|
||||
attribute name when fetching certificates.
|
||||
* src/ldap.c, src/server.c: Support multiple userCertificate attributes
|
||||
per entry.
|
||||
|
||||
2003-02-04 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* src/ldap.c: Include the sn attribute in the search filter.
|
||||
Better log messages.
|
||||
|
||||
2002-11-20 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Doc updates (fixes #1373)
|
||||
* Fix for #1419 (crash in free_ldapservers_list())
|
||||
* Fix for #1375. Dirmngr now asks back with an INQUIRE SENDCERT before
|
||||
querying the LDAP servers for an issuer certificate to validate a CRL
|
||||
|
||||
2002-11-12 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* config.sub, config.guess: Updated from ftp.gnu.org/gnu/config
|
||||
to version 2002-11-08.
|
||||
|
||||
2002-11-12 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* dirmngr.c (main) <load_crl_filename>: Better pass NULL instead
|
||||
of an unitialized Assuan context. Let's hope that the other
|
||||
functions can cope with this.
|
||||
|
||||
2002-10-25 Bernhard Reiter <bernhard@intevation.de>
|
||||
|
||||
* src/ldap.c (get_attr_from_result_ldap()):
|
||||
added value extraction retry for CRLs and Certs without ";binary"
|
||||
* changed version number to reflect cvs status to "0.4.3-cvs"
|
||||
|
||||
2002-08-21 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* dirmngr.c (main): Changed default homedir to .gnupg.
|
||||
|
||||
2002-08-07 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Added configure check to examine whether db2 cursor() uses 3 or
|
||||
4 parameters.
|
||||
|
||||
2002-07-31 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* doc/dirmngr.texi: Fixed the structure and added menu entries
|
||||
for the other nodes.
|
||||
|
||||
2002-07-30 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Added doc dir and first steps towards manual.
|
||||
|
||||
2002-07-29 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Got rid of the default server for CRL lookup. We now use the
|
||||
same list of servers that we use for cert. lookup.
|
||||
|
||||
2002-07-29 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* New option --add-servers to allow dirmngr to add LDAP servers
|
||||
found in CRL distribution points to the list of servers it
|
||||
searches. NOTE: The added servers are only active in the currently
|
||||
running dirmngr -- the info isn't written to persistens storage.
|
||||
|
||||
2002-07-26 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Default LDAP timeout is 100 seconds now.
|
||||
|
||||
* Use DB2 instead of DB1. Check for libresolv, fixed bug when
|
||||
libldap was found in the default search path.
|
||||
|
||||
2002-07-22 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Implemented --load-crl <filename> option. Also available as
|
||||
LOADCRL assuan command when in server mode.
|
||||
|
||||
2002-07-22 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Implemented new option --ldaptimeout to specify the number of seconds to
|
||||
wait for an LDAP request before timeout.
|
||||
|
||||
* Added --list-crls option to print the contents of the CRL cache
|
||||
* Added some items to the dbcontents file to make printout nicer
|
||||
and updated it's version number
|
||||
|
||||
2002-07-02 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* crlcache.c (crl_parse_insert): Fixed log_debug format string.
|
||||
|
||||
2002-07-02 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* configure.ac: Use DB->get() return value correctly.
|
||||
|
||||
2002-06-28 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* crlcache.c (crl_parse_insert): Keep track of newly allocated
|
||||
ENTRY so that we don't free existing errors after a bad signature.
|
||||
|
||||
* dirmngr.h: Include prototype for start_command_handler.
|
||||
|
||||
* crlfetch.c, crlcache.c, http.c, cert.c, ldap.c: Include
|
||||
config.h.
|
||||
|
||||
* crlcache.c (crl_parse_insert): Fixed format type specifiers for
|
||||
time_t variables in log_debug.
|
||||
|
||||
* error.h: Use log_debug instead of dirmngr_debug. Changed all
|
||||
callers.
|
||||
* Makefile.am (dirmngr_SOURCES): Removed error.c
|
||||
|
||||
* dirmngr.c (main): Register gcrypt malloc functions with ksba so
|
||||
that we don't run into problems by using the wrong free function.
|
||||
The gcrypt malloc function have the additional benefit of a
|
||||
providing allocation sanity checks when compiled with that
|
||||
feature.
|
||||
|
||||
* crlcache.c (get_issuer_cert): Use xfree instead of ksba_free.
|
||||
|
||||
|
||||
2002-06-27 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* ldap.c: Look for both userCertificate and caCertificate
|
||||
|
||||
2002-06-26 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* configure.ac: Upped version number to 0.3.1
|
||||
|
||||
2002-06-25 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* server.c (cmd_lookup): Use assuan_write_status which ensures a
|
||||
correct syntax.
|
||||
|
||||
2002-06-20 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* crlcache.c (crl_cache_isvalid): Started with some nicer logging.
|
||||
However, this will need a lot more work.
|
||||
(get_issuer_cert): Ditto.
|
||||
|
||||
* dirmngr.c (main): Changed required libgcrypt version and don't
|
||||
print the prefix when using a logfile.
|
||||
|
||||
2002-06-20 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* tests/Makefile.am (TESTS): Removed test-dirmngr because it
|
||||
is not a proper test program.
|
||||
(EXTRA_DIST): Removed the non-existent test certificate.
|
||||
|
||||
2002-05-21 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* server.c (start_command_handler): Enable assuan debugging.
|
||||
|
||||
2002-05-08 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Replaced gdbm check with db1 check
|
||||
|
||||
2002-05-08 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Replaced gdbm with db1, updated file format version
|
||||
|
||||
2002-03-01 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Added gdbm configure check
|
||||
|
||||
2002-01-23 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Return ASSUAN_CRL_Too_Old if the CRL is too old
|
||||
|
||||
|
||||
2002-01-17 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
Added commandline options --ldapserver <host> --ldapport <port>
|
||||
--ldapuser <user> --ldappassword <passwd>.
|
||||
|
||||
Cleaned up CRL parsing, signature evaluation a bit, changed
|
||||
datetime format in config file to ISO, added version string to
|
||||
contents format and cache file clean up code in case of mismatch.
|
||||
|
||||
2002-01-14 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Use dirmngr_opt.homedir for storing the db. Added Makefile.am to
|
||||
tests, bugfixes.
|
||||
|
||||
* First code.
|
||||
Things that work:
|
||||
Loading/saving database (paths hardcoded)
|
||||
Fetching CRL from hardcoded server, parsing and inserting in database
|
||||
Answer ISVALID xxx.yyy requests
|
||||
|
||||
Things that are missing:
|
||||
Some error-checking/handling
|
||||
Proper autoconf handling of gdbm and OpenLDAP
|
||||
Signature checking downloaded CRLs
|
||||
Answer LOOKUP requests
|
||||
...
|
||||
|
||||
How to test:
|
||||
cd tests
|
||||
ldapsearch -v -x -h www.trustcenter.de -b '<some-users-DN>' userCertificate -t
|
||||
cp /tmp/<cert-file> testcert.der
|
||||
./test-dirmngr
|
||||
|
||||
==END OLDEST CHANGELOG==
|
||||
|
||||
Copyright 2004, 2005, 2006, 2007, 2008, 2009, 2010,
|
||||
2011 Free Software Foundation, Inc.
|
||||
|
@ -1,3 +1,7 @@
|
||||
[ This is the ChangeLog from the former keyserver/ directory which
|
||||
kept the old gpgkeys_* keyserver access helpers. We keep it here
|
||||
to document the history of certain keyserver relates features. ]
|
||||
|
||||
2011-12-01 Werner Koch <wk@g10code.com>
|
||||
|
||||
NB: ChangeLog files are no longer manually maintained. Starting
|
@ -1,806 +0,0 @@
|
||||
There are old Dirmngr ChangeLog entries.
|
||||
|
||||
2004-10-04 Werner Koch <wk@g10code.com>
|
||||
|
||||
* src/dirmngr.c: Changed an help entry description.
|
||||
|
||||
2004-09-30 Werner Koch <wk@g10code.com>
|
||||
|
||||
* src/dirmngr.c (i18n_init): Always use LC_ALL.
|
||||
|
||||
2004-09-28 Werner Koch <wk@g10code.com>
|
||||
|
||||
Released 0.5.6.
|
||||
|
||||
* config.guess, config.sub: Updated.
|
||||
|
||||
2004-06-21 Werner Koch <wk@g10code.com>
|
||||
|
||||
* src/crlfetch.c (crl_fetch): Bad hack to use the right attribute.
|
||||
|
||||
2004-05-13 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Released 0.5.5.
|
||||
|
||||
* src/ldap.c (start_cert_fetch_ldap, start_cert_fetch_ldap): More
|
||||
detailed error messages.
|
||||
|
||||
* src/crlcache.c (update_dir): Handle i-records properly.
|
||||
|
||||
2004-04-29 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Released 0.5.4.
|
||||
|
||||
* src/crlcache.h (crl_cache_result_t): Add CRL_CACHE_CANTUSE.
|
||||
* src/server.c (cmd_isvalid): Handle it here.
|
||||
* src/crlcache.c (crl_cache_isvalid): Issue this code if the CRL
|
||||
cant be used.
|
||||
(open_dir): Parse new fields 8,9 and 10 as well as the invalid flag.
|
||||
(write_dir_line_crl): Write new fields.
|
||||
(get_crl_number, get_auth_key_id): New.
|
||||
(crl_cache_insert): Fill new fields. Mark the entry invalid if
|
||||
the CRL is too old after an update or an unknown critical
|
||||
extension was seen.
|
||||
(list_one_crl_entry): Print the new fields.
|
||||
|
||||
2004-04-28 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* configure.ac: Requires libksba 0.9.6.
|
||||
|
||||
* src/dirmngr.c: New option --ocsp-signer.
|
||||
* src/dirmngr.h (opt): Renamed member OCSP_REPONDERS to
|
||||
OCSP_RESPONDER and made ist a simple string. Add OCSP_SIGNER.
|
||||
* src/ocsp.c (ocsp_isvalid): Changed it accordingly.
|
||||
(ocsp_isvalid): Pass the ocsp_signer to check_signature.
|
||||
(check_signature): New arg SIGNER_FPR. Use it to retrieve the
|
||||
certificate. Factored out common code to ..
|
||||
(check_signature_core): .. New.
|
||||
|
||||
2004-04-27 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/server.c (start_command_handler): Keep track of the first
|
||||
connection.
|
||||
(dirmngr_tick): New.
|
||||
* src/ldap.c (attr_fetch_fun_reader): Call it from time to time.
|
||||
|
||||
2004-04-23 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c (main): Removed the add-servers option from the
|
||||
gpgconf list. It is not really useful.
|
||||
|
||||
2004-04-02 Thomas Schwinge <schwinge@nic-nac-project.de>
|
||||
|
||||
* autogen.sh: Added ACLOCAL_FLAGS.
|
||||
|
||||
2004-04-13 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlcache.c (update_dir): Do not double close FPOUT.
|
||||
|
||||
2004-04-09 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/cdblib.c (cdb_make_start): Wipeout the entire buffer to
|
||||
shutup valgrind.
|
||||
(ewrite): Fixed writing bad data on EINTR.
|
||||
|
||||
* src/ldap.c (get_attr_from_result_ldap): Fixed bad copy and
|
||||
terminate of a string.
|
||||
|
||||
* src/crlfetch.c (crl_fetch): Fixed freeing of VALUE on error.
|
||||
|
||||
2004-04-07 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.h (server_control_s): Add member force_crl_refresh.
|
||||
* src/server.c (option_handler): New.
|
||||
(start_command_handler): Register option handler
|
||||
* src/crlcache.c (crl_cache_isvalid): Add arg FORCE_REFRESH.
|
||||
(crl_cache_insert): Record last refresh in memory.
|
||||
|
||||
* src/server.c (inquire_cert_and_load_crl): Renamed from
|
||||
inquire_cert.
|
||||
|
||||
2004-04-06 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Released 0.5.3
|
||||
|
||||
* doc/dirmngr.texi: Updated.
|
||||
* doc/texinfo.tex: Updated.
|
||||
|
||||
2004-04-05 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/ocsp.c (ocsp_isvalid): Check THIS_UPDATE.
|
||||
|
||||
* src/misc.c (add_isotime): New.
|
||||
(date2jd, jd2date, days_per_month, days_per_year): New. Taken from
|
||||
my ancient (1988) code used in Wedit (time2.c).
|
||||
|
||||
2004-04-02 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* autogen.sh: Check gettext version.
|
||||
* configure.ac: Add AM_GNU_GETTEXT.
|
||||
|
||||
2004-04-02 gettextize <bug-gnu-gettext@gnu.org>
|
||||
|
||||
* Makefile.am (SUBDIRS): Add intl.
|
||||
(EXTRA_DIST): Add config.rpath.
|
||||
* configure.ac (AC_CONFIG_FILES): Add intl/Makefile,
|
||||
|
||||
2004-04-02 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Add i18n at most places.
|
||||
|
||||
* src/dirmngr.c (i18n_init): New.
|
||||
(main): Call it.
|
||||
* src/dirmngr.h: Add i18n stuff.
|
||||
|
||||
2004-04-01 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/misc.c (get_fingerprint_hexstring): New.
|
||||
|
||||
* src/server.c (dirmngr_status): New.
|
||||
|
||||
2004-03-26 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* configure.ac: Add AC_SYS_LARGEFILE.
|
||||
|
||||
* doc/dirmngr.texi: Changed the license to the GPL as per message
|
||||
by Mathhias Kalle Dalheimer of Klaralvdalens-Datakonsult dated
|
||||
Jan 7, 2004.
|
||||
* doc/fdl.texi: Removed.
|
||||
|
||||
2004-03-25 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c (main): New command --fetch-crl.
|
||||
|
||||
2004-03-23 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c: New option --allow-ocsp.
|
||||
* src/server.c (cmd_isvalid): Make use of allow_ocsp.
|
||||
|
||||
2004-03-17 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c (main) <gpgconf>: Fixed default value quoting.
|
||||
|
||||
2004-03-16 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c (main): Add ocsp-responder to the gpgconf list.
|
||||
Add option --debug-level.
|
||||
(set_debug): New.
|
||||
|
||||
2004-03-15 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/misc.c (canon_sexp_to_grcy): New.
|
||||
|
||||
2004-03-12 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlfetch.c (crl_fetch): Hack to substitute http for https.
|
||||
|
||||
2004-03-10 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c (parse_ldapserver_file): Don't skip the entire
|
||||
file on errors.
|
||||
|
||||
2004-03-09 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c (my_ksba_hash_buffer): New.
|
||||
(main): Initialize the internal libksba hashing.
|
||||
|
||||
* src/server.c (get_issuer_cert_local): Renamed to ...
|
||||
(get_cert_local): ... this. Changed all callers. Allow NULL for
|
||||
ISSUER to return the current target cert.
|
||||
(get_issuing_cert_local): New.
|
||||
(do_get_cert_local): Moved common code to here.
|
||||
|
||||
2004-03-06 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Released 0.5.2.
|
||||
|
||||
* configure.ac: Fixed last change to check the API version of
|
||||
libgcrypt.
|
||||
|
||||
2004-03-05 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* configure.ac: Also check the SONAME of libgcrypt.
|
||||
|
||||
2004-03-03 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c: New option --ocsp-responder.
|
||||
* src/dirmngr.h (opt): Add member OCSP_RESPONDERS.
|
||||
|
||||
2004-02-26 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* src/server.c (start_command_handler): Corrected typo and made
|
||||
dirmngr output it's version in the greeting message.
|
||||
|
||||
2004-02-24 Marcus Brinkmann <marcus@g10code.de>
|
||||
|
||||
* src/dirmngr.c (DEFAULT_ADD_SERVERS): Removed. If this were
|
||||
true, there'd be no way to disable it.
|
||||
(main): Dump options in new gpgconf format.
|
||||
|
||||
2004-02-11 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* autogen.sh (check_version): Removed bashism and simplified.
|
||||
|
||||
2004-02-06 Moritz Schulte <mo@g10code.com>
|
||||
|
||||
* src/crlfetch.c (crl_fetch_default): Do not dereference VALUE,
|
||||
when checking for non-zero.
|
||||
|
||||
2004-02-01 Marcus Brinkmann <marcus@g10code.de>
|
||||
|
||||
* src/dirmngr.c (DEFAULT_ADD_SERVERS, DEFAULT_MAX_REPLIES)
|
||||
(DEFAULT_LDAP_TIMEOUT): New macros.
|
||||
(main): Use them.
|
||||
(enum cmd_and_opt_values): New command aGPGConfList.
|
||||
(main): Add handler here.
|
||||
|
||||
2004-01-17 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* configure.ac: Added AC_CHECK_FUNCS tests again, because the
|
||||
other test occurrences belong to the jnlib tests block.
|
||||
|
||||
2004-01-15 Moritz Schulte <mo@g10code.com>
|
||||
|
||||
* configure.ac: Fixed funopen replacement mechanism; removed
|
||||
unnecessary AC_CHECK_FUNCS calls.
|
||||
|
||||
2004-01-14 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlcache.c (list_one_crl_entry): Don't use putchar.
|
||||
|
||||
* src/server.c (cmd_listcrls): New.
|
||||
|
||||
2003-12-23 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Released 0.5.1.
|
||||
|
||||
2003-12-17 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* configure.ac (CFLAGS): Add -Wformat-noliteral in gcc +
|
||||
maintainer mode.
|
||||
(NEED_LIBASSUAN_VERSION): Bump up to 0.6.2.
|
||||
|
||||
2003-12-16 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* configure.ac: Update the tests for jnlib.
|
||||
* src/dirmngr.c (main): Ignore SIGPIPE in server mode.
|
||||
|
||||
2003-12-12 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlcache.c (hash_dbfile): Also hash version info of the
|
||||
cache file format.
|
||||
|
||||
* src/Makefile.am (dirmngr_SOURCES): Add http.h.
|
||||
|
||||
* configure.ac: Removed checking for DB2. Add checking for mmap.
|
||||
* src/cdb.h, src/cdblib.h: New. Add a few comments from the
|
||||
original man page and fixed typos.
|
||||
* src/cdblib.c (cdb_findinit, cdb_findnext): Modified to allow
|
||||
walking over all entries.
|
||||
* src/crlcache.h: Removed DB2/4 cruft.
|
||||
(release_one_cache_entry, lock_db_file, crl_parse_insert)
|
||||
(crl_cache_insert, crl_cache_isvalid, list_one_crl_entry): Use the
|
||||
new CDB interface.
|
||||
|
||||
* src/dirmngr.c: Beautified the help messages.
|
||||
(wrong_args): New.
|
||||
(main): new option --force. Revamped the command handling code.
|
||||
Allow to pass multiple CRLS as well as stdin to --local-crl.
|
||||
* src/crlcache.c (crl_cache_insert): Make --force work.
|
||||
|
||||
2003-12-11 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlfetch.c (crl_fetch): Enhanced to allow fetching binary
|
||||
data using HTTP.
|
||||
* src/http.c, src/http.h: Replaced by the code from gnupg 1.3 and
|
||||
modified acording to our needs.
|
||||
(read_line): New. Based on the code from GnuPG's iobuf_read_line.
|
||||
* configure.ac: Check for getaddrinfo.
|
||||
|
||||
* src/dirmngr.c (parse_ldapserver_file): Close the stream.
|
||||
(main): Free ldapfile.
|
||||
|
||||
* src/ocsp.c, src/ocsp.h: New. Albeit not functionality.
|
||||
|
||||
* src/server.c (inquire_cert): Catch EOF when reading dist points.
|
||||
|
||||
* src/crlcache.c (hash_dbfile, check_dbfile): New.
|
||||
(lock_db_file, crl_cache_insert): Use them here to detect
|
||||
corrupted CRL files.
|
||||
(open_dir): Read the new dbfile hash field.
|
||||
|
||||
* src/crlfetch.c (crl_fetch, crl_fetch_default): Changed to retrun
|
||||
a stream.
|
||||
(fun_reader, fun_closer, setup_funopen): New.
|
||||
* src/server.c (inquire_cert): Changed to use the new stream interface
|
||||
of crlfetch.c.
|
||||
|
||||
2003-12-10 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/funopen.c: New.
|
||||
* configure.ac (funopen): Add test.
|
||||
* src/Makefile.am (dirmngr_LDADD): Add LIBOBJS.
|
||||
|
||||
* src/crlcache.c (next_line_from_file): Remove the limit on the
|
||||
line length.
|
||||
(crl_cache_new): Removed.
|
||||
(open_dbcontent): New.
|
||||
(crl_cache_init): Use it here.
|
||||
(crl_cache_flush): The DB content fie is now in the cache
|
||||
directory, so we can simplify it.
|
||||
(make_db_file_name, lock_db_file, unlock_db_file): New.
|
||||
(release_cache): Close the cached DB files.
|
||||
(crl_cache_isvalid): Make use of the new lock_db_file.
|
||||
(crl_cache_insert): Changed to take a stream as argument.
|
||||
(crl_parse_insert): Rewritten to use a temporary DB and to avoid
|
||||
using up large amounts of memory.
|
||||
(db_entry_new): Removed.
|
||||
(release_cache,release_one_cache_entry): Splitted up.
|
||||
(find_entry): Take care of the new deleted flag.
|
||||
(crl_cache_load): Simplified becuase we can now pass a FP to the
|
||||
insert code.
|
||||
(save_contents): Removed.
|
||||
(update_dir): New.
|
||||
(open_dbcontent_file): Renamed to open_dir_file.
|
||||
(check_dbcontent_version): Renamed to check_dir_version.
|
||||
(open_dbcontent): Renamed to open_dir.
|
||||
|
||||
* src/dirmngr.c: New option --faked-system-time.
|
||||
* src/misc.c (faked_time_p, set_time, get_time): New. Taken from GnuPG.
|
||||
(check_isotime): New.
|
||||
(unpercent_string): New.
|
||||
|
||||
2003-12-09 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlcache.h (DBDIR,DBCONTENTFILE): Changed value.
|
||||
|
||||
* autogen.sh: Reworked.
|
||||
* README.CVS: New.
|
||||
* configure.ac: Added min_automake_version.
|
||||
|
||||
2003-12-03 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/server.c (cmd_lookup): Send an END line after each
|
||||
certificate.
|
||||
|
||||
2003-11-28 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/Makefile.am (dirmngr_LDADD): Remove DB_LIBS
|
||||
because it never got defined and -ldb{2,4} is implictly set
|
||||
by the AC_CHECK_LIB test in configure.
|
||||
|
||||
* src/crlcache.c (mydbopen): DB4 needs an extra parameter; I
|
||||
wonder who ever tested DB4 support. Add an error statement in
|
||||
case no DB support is configured.
|
||||
|
||||
* tests/Makefile.am: Don't use AM_CPPFLAGS but AM_CFLAGS, replaced
|
||||
variables by configure templates.
|
||||
* src/Makefile.am: Ditto.
|
||||
|
||||
2003-11-19 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlcache.c (list_one_crl_entry): Define X to nothing for non
|
||||
DB4 systems. Thanks to Luca M. G. Centamore.
|
||||
|
||||
2003-11-17 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Released 0.5.0
|
||||
|
||||
* src/crlcache.c (crl_cache_new): Fixed eof detection.
|
||||
|
||||
* src/server.c (cmd_loadcrl): Do the unescaping.
|
||||
|
||||
* doc/dirmngr.texi: Added a history section for this modified
|
||||
version.
|
||||
|
||||
2003-11-14 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* tests/asschk.c: New. Taken from GnuPG.
|
||||
* tests/Makefile.am: Added asschk.
|
||||
|
||||
2003-11-13 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/ldap.c (fetch_next_cert_ldap): Get the pattern switching
|
||||
right.
|
||||
|
||||
* tests/test-dirmngr.c: Replaced a couple of deprecated types.
|
||||
|
||||
* configure.ac (GPG_ERR_SOURCE_DEFAULT): Added.
|
||||
(fopencookie, asprintf): Removed unneeded test.
|
||||
(PRINTABLE_OS_NAME): Updated the test from gnupg.
|
||||
(CFLAGS): Do full warnings only in maintainer mode. Add flag
|
||||
--enable gcc-warnings to override it and to enable even more
|
||||
warnings.
|
||||
* acinclude.m4: Removed the libgcrypt test.
|
||||
|
||||
* src/ldap.c (get_attr_from_result_ldap): Simplified the binary
|
||||
hack and return a proper gpg error.
|
||||
(attr_fetch_ldap_internal): Changed error handling.
|
||||
(attr_fetch_ldap): Reworked. Return configuration error if no
|
||||
servers are configured.
|
||||
(url_fetch_ldap, add_server_to_servers)
|
||||
(url_fetch_ldap_internal): Reworked.
|
||||
(struct cert_fetch_context_s): New to get rid of a global state.
|
||||
(start_cert_fetch_ldap): Allocate context and do a bind with a
|
||||
timeout. Parse pattern.
|
||||
(end_cert_fetch_ldap): Take context and don't return anything.
|
||||
(find_next_pattern): Removed.
|
||||
(parse_one_pattern): Redone.
|
||||
(get_cert_ldap): Redone.
|
||||
* src/server.c (cmd_lookup): Changed for changed fetch functions.
|
||||
|
||||
* doc/dirmngr.texi: Reworked a bit to get rid of tex errors.
|
||||
|
||||
* configure.ac: Enable makeinfo test.
|
||||
|
||||
* src/crlcache.c (crl_cache_insert): Fixed for latest KSBA API
|
||||
changes.
|
||||
* tests/test-dirmngr.c (main): Ditto. Also added some more error
|
||||
checking.
|
||||
|
||||
2003-11-11 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/cert.c (hashify_data, hexify_data, serial_hex)
|
||||
(serial_to_buffer): Moved all to ...
|
||||
* src/misc.c: .. here.
|
||||
* src/Makefile.am (cert.c, cert.h): Removed.
|
||||
* cert.c, cert.h: Removed.
|
||||
|
||||
* m4/: New.
|
||||
* configure.ac, Makefile.am: Include m4 directory support, updated
|
||||
required library versions.
|
||||
|
||||
* src/cert.c (make_cert): Removed.
|
||||
|
||||
* src/ldap.c (fetch_next_cert_ldap): Return a gpg style error.
|
||||
|
||||
* src/misc.h (copy_time): New.
|
||||
* src/misc.c (get_isotime): New.
|
||||
(iso_string2time, iso_time2string): Removed.
|
||||
(unhexify): New.
|
||||
|
||||
* src/crlcache.h (DBCONTENTSVERSION): Bumbed to 0.6.
|
||||
* src/crlcache.c (finish_sig_check): New. Factored out from
|
||||
crl_parse_insert and entirely redone.
|
||||
(do_encode_md): Removed.
|
||||
(print_time): Removed
|
||||
(crl_cache_isvalid): Reworked.
|
||||
|
||||
2003-11-10 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlcache.c (make_db_val, parse_db_val): Removed.
|
||||
|
||||
* src/cert.c (serial_to_buffer): New.
|
||||
|
||||
* src/server.c (get_issuer_cert_local): Rewritten.
|
||||
|
||||
* src/crlcache.c (crl_parse_insert): Rewritten. Takes now a CTRL
|
||||
instead of the Assuan context. Changed caller accordingly.
|
||||
(get_issuer_cert): Cleaned up.
|
||||
|
||||
* src/crlfetch.c (crl_fetch): Changed VALUE to unsigned char* for
|
||||
documentation reasons. Make sure that VALUE is released on error.
|
||||
(crl_fetch_default, ca_cert_fetch): Ditto.
|
||||
|
||||
* src/crlcache.c (release_cache): New.
|
||||
(crl_cache_deinit): Use it here.
|
||||
(crl_cache_flush): Redone.
|
||||
(save_contents): Redone.
|
||||
(crl_cache_list, list_one_crl_entry): Print error messages.
|
||||
|
||||
2003-11-06 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/crlcache.c (create_directory_if_needed, cleanup_cache_dir):
|
||||
New. Factored out from crl_cache_new and mostly rewritten.
|
||||
(crl_cache_new): Rewritten.
|
||||
(next_line_from_file): New.
|
||||
(find_entry): Cleaned up.
|
||||
(crl_cache_deinit): Cleaned up.
|
||||
|
||||
* src/dirmngr.c (dirmngr_init_default_ctrl): New stub.
|
||||
* src/dirmngr.h (ctrl_t): New.
|
||||
(DBG_ASSUAN,...): Added the usual debug test macros.
|
||||
* src/server.c: Removed the GET_PTR cruft, replaced it by ctrl_t.
|
||||
Removed the recursion flag.
|
||||
(get_issuer_cert_local): Allow for arbitary large
|
||||
certificates. 4096 is definitely too small.
|
||||
(inquire_cert): Ditto.
|
||||
(start_command_handler): Set a hello line and call the default
|
||||
init function.
|
||||
(cmd_isvalid): Rewritten.
|
||||
(inquire_cert): Removed unused arg LINE. General cleanup.
|
||||
(map_assuan_err,map_to_assuan_status): New. Taken from gnupg 1.9.
|
||||
(cmd_lookup): Rewritten.
|
||||
(cmd_loadcrl): Started to rewrite it.
|
||||
|
||||
2003-10-29 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.c (parse_ldapserver_file): Entirely rewritten.
|
||||
(cleanup): New.
|
||||
(main): Cleaned up.
|
||||
|
||||
2003-10-28 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/dirmngr.h: Renamed dirmngr_opt to opt.
|
||||
|
||||
* src/dirmngr.c (parse_ldapserver_file, free_ldapservers_list):
|
||||
Moved with this file. Cleaned up. Replaced too deep recursion in
|
||||
the free function.
|
||||
|
||||
2003-10-21 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Changed all occurrences of assuan.h to use use the system provided
|
||||
one.
|
||||
* src/server.c (register_commands): Adjusted for Assuan API change.
|
||||
|
||||
2003-08-14 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/Makefile.am: s/LIBKSBA_/KSBA_/. Changed for external Assuan lib.
|
||||
* tests/Makefile.am: Ditto.
|
||||
|
||||
* configure.ac: Partly restructured, add standard checks for
|
||||
required libraries, removed included libassuan.
|
||||
* Makefile.am (SUBDIRS): Removed assuan becuase we now use the
|
||||
libassuan package.
|
||||
|
||||
* src/dirmngr.c (main): Properly initialize Libgcrypt and libksba.
|
||||
|
||||
2003-08-13 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* src/server.c (get_issuer_cert_local): Print error using
|
||||
assuan_strerror.
|
||||
|
||||
* src/crlcache.c (do_encode_md, start_sig_check): Adjust for
|
||||
changed Libgcrypt API.
|
||||
|
||||
2003-06-19 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* configure.ac: Upped version to 0.4.7-cvs.
|
||||
|
||||
2003-06-19 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* configure.ac: Release 0.4.6.
|
||||
|
||||
2003-06-17 Bernhard Reiter <bernhard@intevation.de>
|
||||
|
||||
* src/ldap.c (url_fetch_ldap()):
|
||||
try other default servers when an url with hostname failed
|
||||
* AUTHORS: added Steffen and Werner
|
||||
* THANKS: Thanked people in the ChangeLog and the Ägypten-Team
|
||||
|
||||
|
||||
2003-06-16 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* configure.ac, src/crlcache.h, src/crlcache.c: Added db4 support.
|
||||
* src/Makefile.am, tests/Makefile.am: Removed automake warning.
|
||||
* tests/test-dirmngr.c: Removed a warning.
|
||||
|
||||
2003-05-12 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* doc/Makefile.am: Added dirmngr.ops to DISTCLEANFILES.
|
||||
* ChangeLog, doc/ChangeLog, src/ChangeLog: Merged dirmngr ChangeLogs
|
||||
into one toplevel file.
|
||||
* acinclude.m4, configure.ac: Renamed PFX to PATH for consistency.
|
||||
|
||||
2003-05-12 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* src/ldap.c: Fixed end-of-certificates-list indication.
|
||||
|
||||
2003-05-08 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* src/server.c: Fixed iteration over server list
|
||||
|
||||
2003-02-23 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* src/crlcache.h, src/crlcache.c, src/dirmngr.c: Implemented --flush command.
|
||||
|
||||
2003-02-07 Marcus Brinkmann <marcus@g10code.de>
|
||||
|
||||
* configure.ac: Release 0.4.4.
|
||||
|
||||
2003-02-05 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* src/ldap.c: Try harder with and without ";binary" in the
|
||||
attribute name when fetching certificates.
|
||||
* src/ldap.c, src/server.c: Support multiple userCertificate attributes
|
||||
per entry.
|
||||
|
||||
2003-02-04 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* src/ldap.c: Include the sn attribute in the search filter.
|
||||
Better log messages.
|
||||
|
||||
2002-11-20 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Doc updates (fixes #1373)
|
||||
* Fix for #1419 (crash in free_ldapservers_list())
|
||||
* Fix for #1375. Dirmngr now asks back with an INQUIRE SENDCERT before
|
||||
querying the LDAP servers for an issuer certificate to validate a CRL
|
||||
|
||||
2002-11-12 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* config.sub, config.guess: Updated from ftp.gnu.org/gnu/config
|
||||
to version 2002-11-08.
|
||||
|
||||
2002-11-12 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* dirmngr.c (main) <load_crl_filename>: Better pass NULL instead
|
||||
of an unitialized Assuan context. Let's hope that the other
|
||||
functions can cope with this.
|
||||
|
||||
2002-10-25 Bernhard Reiter <bernhard@intevation.de>
|
||||
|
||||
* src/ldap.c (get_attr_from_result_ldap()):
|
||||
added value extraction retry for CRLs and Certs without ";binary"
|
||||
* changed version number to reflect cvs status to "0.4.3-cvs"
|
||||
|
||||
2002-08-21 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* dirmngr.c (main): Changed default homedir to .gnupg.
|
||||
|
||||
2002-08-07 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Added configure check to examine whether db2 cursor() uses 3 or
|
||||
4 parameters.
|
||||
|
||||
2002-07-31 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* doc/dirmngr.texi: Fixed the structure and added menu entries
|
||||
for the other nodes.
|
||||
|
||||
2002-07-30 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Added doc dir and first steps towards manual.
|
||||
|
||||
2002-07-29 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Got rid of the default server for CRL lookup. We now use the
|
||||
same list of servers that we use for cert. lookup.
|
||||
|
||||
2002-07-29 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* New option --add-servers to allow dirmngr to add LDAP servers
|
||||
found in CRL distribution points to the list of servers it
|
||||
searches. NOTE: The added servers are only active in the currently
|
||||
running dirmngr -- the info isn't written to persistens storage.
|
||||
|
||||
2002-07-26 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Default LDAP timeout is 100 seconds now.
|
||||
|
||||
* Use DB2 instead of DB1. Check for libresolv, fixed bug when
|
||||
libldap was found in the default search path.
|
||||
|
||||
2002-07-22 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Implemented --load-crl <filename> option. Also available as
|
||||
LOADCRL assuan command when in server mode.
|
||||
|
||||
2002-07-22 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Implemented new option --ldaptimeout to specify the number of seconds to
|
||||
wait for an LDAP request before timeout.
|
||||
|
||||
* Added --list-crls option to print the contents of the CRL cache
|
||||
* Added some items to the dbcontents file to make printout nicer
|
||||
and updated it's version number
|
||||
|
||||
2002-07-02 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* crlcache.c (crl_parse_insert): Fixed log_debug format string.
|
||||
|
||||
2002-07-02 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* configure.ac: Use DB->get() return value correctly.
|
||||
|
||||
2002-06-28 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* crlcache.c (crl_parse_insert): Keep track of newly allocated
|
||||
ENTRY so that we don't free existing errors after a bad signature.
|
||||
|
||||
* dirmngr.h: Include prototype for start_command_handler.
|
||||
|
||||
* crlfetch.c, crlcache.c, http.c, cert.c, ldap.c: Include
|
||||
config.h.
|
||||
|
||||
* crlcache.c (crl_parse_insert): Fixed format type specifiers for
|
||||
time_t variables in log_debug.
|
||||
|
||||
* error.h: Use log_debug instead of dirmngr_debug. Changed all
|
||||
callers.
|
||||
* Makefile.am (dirmngr_SOURCES): Removed error.c
|
||||
|
||||
* dirmngr.c (main): Register gcrypt malloc functions with ksba so
|
||||
that we don't run into problems by using the wrong free function.
|
||||
The gcrypt malloc function have the additional benefit of a
|
||||
providing allocation sanity checks when compiled with that
|
||||
feature.
|
||||
|
||||
* crlcache.c (get_issuer_cert): Use xfree instead of ksba_free.
|
||||
|
||||
|
||||
2002-06-27 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* ldap.c: Look for both userCertificate and caCertificate
|
||||
|
||||
2002-06-26 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* configure.ac: Upped version number to 0.3.1
|
||||
|
||||
2002-06-25 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* server.c (cmd_lookup): Use assuan_write_status which ensures a
|
||||
correct syntax.
|
||||
|
||||
2002-06-20 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* crlcache.c (crl_cache_isvalid): Started with some nicer logging.
|
||||
However, this will need a lot more work.
|
||||
(get_issuer_cert): Ditto.
|
||||
|
||||
* dirmngr.c (main): Changed required libgcrypt version and don't
|
||||
print the prefix when using a logfile.
|
||||
|
||||
2002-06-20 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* tests/Makefile.am (TESTS): Removed test-dirmngr because it
|
||||
is not a proper test program.
|
||||
(EXTRA_DIST): Removed the non-existent test certificate.
|
||||
|
||||
2002-05-21 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* server.c (start_command_handler): Enable assuan debugging.
|
||||
|
||||
2002-05-08 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Replaced gdbm check with db1 check
|
||||
|
||||
2002-05-08 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Replaced gdbm with db1, updated file format version
|
||||
|
||||
2002-03-01 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Added gdbm configure check
|
||||
|
||||
2002-01-23 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Return ASSUAN_CRL_Too_Old if the CRL is too old
|
||||
|
||||
|
||||
2002-01-17 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
Added commandline options --ldapserver <host> --ldapport <port>
|
||||
--ldapuser <user> --ldappassword <passwd>.
|
||||
|
||||
Cleaned up CRL parsing, signature evaluation a bit, changed
|
||||
datetime format in config file to ISO, added version string to
|
||||
contents format and cache file clean up code in case of mismatch.
|
||||
|
||||
2002-01-14 Steffen Hansen <steffen@klaralvdalens-datakonsult.se>
|
||||
|
||||
* Use dirmngr_opt.homedir for storing the db. Added Makefile.am to
|
||||
tests, bugfixes.
|
||||
|
||||
* First code.
|
||||
Things that work:
|
||||
Loading/saving database (paths hardcoded)
|
||||
Fetching CRL from hardcoded server, parsing and inserting in database
|
||||
Answer ISVALID xxx.yyy requests
|
||||
|
||||
Things that are missing:
|
||||
Some error-checking/handling
|
||||
Proper autoconf handling of gdbm and OpenLDAP
|
||||
Signature checking downloaded CRLs
|
||||
Answer LOOKUP requests
|
||||
...
|
||||
|
||||
How to test:
|
||||
cd tests
|
||||
ldapsearch -v -x -h www.trustcenter.de -b '<some-users-DN>' userCertificate -t
|
||||
cp /tmp/<cert-file> testcert.der
|
||||
./test-dirmngr
|
||||
|
||||
Local Variables:
|
||||
buffer-read-only: t
|
||||
End:
|
@ -19,7 +19,7 @@
|
||||
|
||||
## Process this file with automake to produce Makefile.in
|
||||
|
||||
EXTRA_DIST = OAUTHORS ONEWS ChangeLog.1 ChangeLog-2011
|
||||
EXTRA_DIST = OAUTHORS ONEWS ChangeLog-2011
|
||||
|
||||
bin_PROGRAMS = dirmngr dirmngr-client
|
||||
|
||||
|
@ -1,382 +0,0 @@
|
||||
/* curl-shim.c - Implement a small subset of the curl API in terms of
|
||||
* the iobuf HTTP API
|
||||
*
|
||||
* Copyright (C) 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
* GnuPG is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GnuPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <config.h>
|
||||
#include <stdarg.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
#include <errno.h>
|
||||
|
||||
#include "util.h"
|
||||
#include "http.h"
|
||||
#include "ksutil.h"
|
||||
#include "curl-shim.h"
|
||||
|
||||
static CURLcode
|
||||
handle_error(CURL *curl,CURLcode err,const char *str)
|
||||
{
|
||||
if(curl->errorbuffer)
|
||||
{
|
||||
/* Make sure you never exceed CURL_ERROR_SIZE, currently set to
|
||||
256 in curl-shim.h */
|
||||
switch(err)
|
||||
{
|
||||
case CURLE_OK:
|
||||
strcpy(curl->errorbuffer,"okay");
|
||||
break;
|
||||
|
||||
case CURLE_UNSUPPORTED_PROTOCOL:
|
||||
strcpy(curl->errorbuffer,"unsupported protocol");
|
||||
break;
|
||||
|
||||
case CURLE_COULDNT_CONNECT:
|
||||
strcpy(curl->errorbuffer,"couldn't connect");
|
||||
break;
|
||||
|
||||
case CURLE_WRITE_ERROR:
|
||||
strcpy(curl->errorbuffer,"write error");
|
||||
break;
|
||||
|
||||
case CURLE_HTTP_RETURNED_ERROR:
|
||||
sprintf(curl->errorbuffer,"url returned error %u",curl->status);
|
||||
break;
|
||||
|
||||
default:
|
||||
strcpy(curl->errorbuffer,"generic error");
|
||||
break;
|
||||
}
|
||||
|
||||
if(str && (strlen(curl->errorbuffer)+2+strlen(str)+1)<=CURL_ERROR_SIZE)
|
||||
{
|
||||
strcat(curl->errorbuffer,": ");
|
||||
strcat(curl->errorbuffer,str);
|
||||
}
|
||||
}
|
||||
|
||||
return err;
|
||||
}
|
||||
|
||||
CURLcode
|
||||
curl_global_init(long flags)
|
||||
{
|
||||
(void)flags;
|
||||
return CURLE_OK;
|
||||
}
|
||||
|
||||
void
|
||||
curl_global_cleanup(void) {}
|
||||
|
||||
CURL *
|
||||
curl_easy_init(void)
|
||||
{
|
||||
CURL *handle;
|
||||
|
||||
#ifdef HAVE_W32_SYSTEM
|
||||
w32_init_sockets ();
|
||||
#endif
|
||||
|
||||
handle=calloc(1,sizeof(CURL));
|
||||
if(handle)
|
||||
handle->errors=stderr;
|
||||
|
||||
return handle;
|
||||
}
|
||||
|
||||
void
|
||||
curl_easy_cleanup(CURL *curl)
|
||||
{
|
||||
if (curl)
|
||||
{
|
||||
http_close (curl->hd, 0);
|
||||
free(curl);
|
||||
}
|
||||
}
|
||||
|
||||
CURLcode
|
||||
curl_easy_setopt(CURL *curl,CURLoption option,...)
|
||||
{
|
||||
va_list ap;
|
||||
|
||||
va_start(ap,option);
|
||||
|
||||
switch(option)
|
||||
{
|
||||
case CURLOPT_URL:
|
||||
curl->url=va_arg(ap,char *);
|
||||
break;
|
||||
case CURLOPT_USERPWD:
|
||||
curl->auth=va_arg(ap,char *);
|
||||
break;
|
||||
case CURLOPT_WRITEFUNCTION:
|
||||
curl->writer=va_arg(ap,write_func);
|
||||
break;
|
||||
case CURLOPT_FILE:
|
||||
curl->file=va_arg(ap,void *);
|
||||
break;
|
||||
case CURLOPT_ERRORBUFFER:
|
||||
curl->errorbuffer=va_arg(ap,char *);
|
||||
break;
|
||||
case CURLOPT_PROXY:
|
||||
curl->proxy=va_arg(ap,char *);
|
||||
break;
|
||||
case CURLOPT_POST:
|
||||
curl->flags.post=va_arg(ap,long)?1:0;
|
||||
break;
|
||||
case CURLOPT_POSTFIELDS:
|
||||
curl->postfields=va_arg(ap,char *);
|
||||
break;
|
||||
case CURLOPT_SRVTAG_GPG_HACK:
|
||||
curl->srvtag=va_arg(ap,char *);
|
||||
break;
|
||||
case CURLOPT_FAILONERROR:
|
||||
curl->flags.failonerror=va_arg(ap,long)?1:0;
|
||||
break;
|
||||
case CURLOPT_VERBOSE:
|
||||
curl->flags.verbose=va_arg(ap,long)?1:0;
|
||||
break;
|
||||
case CURLOPT_STDERR:
|
||||
curl->errors=va_arg(ap,FILE *);
|
||||
break;
|
||||
case CURLOPT_HTTPHEADER:
|
||||
curl->headers=va_arg(ap,struct curl_slist *);
|
||||
break;
|
||||
default:
|
||||
/* We ignore the huge majority of curl options */
|
||||
break;
|
||||
}
|
||||
|
||||
return handle_error(curl,CURLE_OK,NULL);
|
||||
}
|
||||
|
||||
CURLcode
|
||||
curl_easy_perform(CURL *curl)
|
||||
{
|
||||
int rc;
|
||||
CURLcode err=CURLE_OK;
|
||||
const char *errstr=NULL;
|
||||
char *proxy=NULL;
|
||||
|
||||
/* Emulate the libcurl proxy behavior. If the calling program set a
|
||||
proxy, use it. If it didn't set a proxy or set it to NULL, check
|
||||
for one in the environment. If the calling program explicitly
|
||||
set a null-string proxy the http code doesn't use a proxy at
|
||||
all. */
|
||||
|
||||
if(curl->proxy)
|
||||
proxy=curl->proxy;
|
||||
else
|
||||
proxy=getenv(HTTP_PROXY_ENV);
|
||||
|
||||
if(curl->flags.verbose)
|
||||
{
|
||||
fprintf(curl->errors,"* HTTP proxy is \"%s\"\n",proxy?proxy:"null");
|
||||
fprintf(curl->errors,"* HTTP URL is \"%s\"\n",curl->url);
|
||||
fprintf(curl->errors,"* HTTP auth is \"%s\"\n",
|
||||
curl->auth?curl->auth:"null");
|
||||
fprintf(curl->errors,"* HTTP method is %s\n",
|
||||
curl->flags.post?"POST":"GET");
|
||||
}
|
||||
|
||||
if(curl->flags.post)
|
||||
{
|
||||
rc = http_open (&curl->hd, HTTP_REQ_POST, curl->url, NULL, curl->auth,
|
||||
0, proxy, NULL, curl->srvtag,
|
||||
curl->headers?curl->headers->list:NULL);
|
||||
if (!rc)
|
||||
{
|
||||
unsigned int post_len = strlen(curl->postfields);
|
||||
|
||||
es_fprintf (http_get_write_ptr (curl->hd),
|
||||
"Content-Type: application/x-www-form-urlencoded\r\n"
|
||||
"Content-Length: %u\r\n", post_len);
|
||||
http_start_data (curl->hd);
|
||||
es_write (http_get_write_ptr (curl->hd),
|
||||
curl->postfields, post_len, NULL);
|
||||
|
||||
rc = http_wait_response (curl->hd);
|
||||
curl->status = http_get_status_code (curl->hd);
|
||||
if (!rc && curl->flags.failonerror && curl->status>=300)
|
||||
err = CURLE_HTTP_RETURNED_ERROR;
|
||||
http_close (curl->hd, 0);
|
||||
curl->hd = NULL;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
rc = http_open (&curl->hd, HTTP_REQ_GET, curl->url, NULL, curl->auth,
|
||||
0, proxy, NULL, curl->srvtag,
|
||||
curl->headers?curl->headers->list:NULL);
|
||||
if (!rc)
|
||||
{
|
||||
rc = http_wait_response (curl->hd);
|
||||
curl->status = http_get_status_code (curl->hd);
|
||||
if (!rc)
|
||||
{
|
||||
if (curl->flags.failonerror && curl->status>=300)
|
||||
err = CURLE_HTTP_RETURNED_ERROR;
|
||||
else
|
||||
{
|
||||
size_t maxlen = 1024;
|
||||
size_t buflen;
|
||||
unsigned int len;
|
||||
char *line = NULL;
|
||||
|
||||
while ((len = es_read_line (http_get_read_ptr (curl->hd),
|
||||
&line, &buflen, &maxlen)))
|
||||
{
|
||||
size_t ret;
|
||||
|
||||
maxlen=1024;
|
||||
|
||||
ret=(curl->writer)(line,len,1,curl->file);
|
||||
if(ret!=len)
|
||||
{
|
||||
err=CURLE_WRITE_ERROR;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
es_free (line);
|
||||
http_close(curl->hd, 0);
|
||||
curl->hd = NULL;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
http_close (curl->hd, 0);
|
||||
curl->hd = NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
switch(gpg_err_code (rc))
|
||||
{
|
||||
case 0:
|
||||
break;
|
||||
|
||||
case GPG_ERR_INV_URI:
|
||||
err=CURLE_UNSUPPORTED_PROTOCOL;
|
||||
break;
|
||||
|
||||
default:
|
||||
errstr=gpg_strerror (rc);
|
||||
err=CURLE_COULDNT_CONNECT;
|
||||
break;
|
||||
}
|
||||
|
||||
return handle_error(curl,err,errstr);
|
||||
}
|
||||
|
||||
/* This is not the same exact set that is allowed according to
|
||||
RFC-2396, but it is what the real curl uses. */
|
||||
#define VALID_URI_CHARS "abcdefghijklmnopqrstuvwxyz" \
|
||||
"ABCDEFGHIJKLMNOPQRSTUVWXYZ" \
|
||||
"0123456789"
|
||||
|
||||
char *
|
||||
curl_escape(char *str,int length)
|
||||
{
|
||||
int len,max,idx,enc_idx=0;
|
||||
char *enc;
|
||||
|
||||
if(length)
|
||||
len=length;
|
||||
else
|
||||
len=strlen(str);
|
||||
|
||||
enc=malloc(len+1);
|
||||
if(!enc)
|
||||
return enc;
|
||||
|
||||
max=len;
|
||||
|
||||
for(idx=0;idx<len;idx++)
|
||||
{
|
||||
if(enc_idx+3>max)
|
||||
{
|
||||
char *tmp;
|
||||
|
||||
max+=100;
|
||||
|
||||
tmp=realloc(enc,max+1);
|
||||
if(!tmp)
|
||||
{
|
||||
free(enc);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
enc=tmp;
|
||||
}
|
||||
|
||||
if(strchr(VALID_URI_CHARS,str[idx]))
|
||||
enc[enc_idx++]=str[idx];
|
||||
else
|
||||
{
|
||||
char numbuf[5];
|
||||
sprintf(numbuf,"%%%02X",str[idx]);
|
||||
strcpy(&enc[enc_idx],numbuf);
|
||||
enc_idx+=3;
|
||||
}
|
||||
}
|
||||
|
||||
enc[enc_idx]='\0';
|
||||
|
||||
return enc;
|
||||
}
|
||||
|
||||
curl_version_info_data *
|
||||
curl_version_info(int type)
|
||||
{
|
||||
static curl_version_info_data data;
|
||||
static const char *protocols[]={"http",NULL};
|
||||
|
||||
(void)type;
|
||||
|
||||
data.protocols=protocols;
|
||||
|
||||
return &data;
|
||||
}
|
||||
|
||||
struct curl_slist *
|
||||
curl_slist_append(struct curl_slist *list,const char *string)
|
||||
{
|
||||
if(!list)
|
||||
{
|
||||
list=calloc(1,sizeof(*list));
|
||||
if(!list)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
add_to_strlist(&list->list,string);
|
||||
|
||||
return list;
|
||||
}
|
||||
|
||||
void
|
||||
curl_slist_free_all(struct curl_slist *list)
|
||||
{
|
||||
if(list)
|
||||
{
|
||||
free_strlist(list->list);
|
||||
free(list);
|
||||
}
|
||||
}
|
@ -1,111 +0,0 @@
|
||||
/* curl-shim.h
|
||||
* Copyright (C) 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GNUPG.
|
||||
*
|
||||
* GNUPG is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GNUPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef _CURL_SHIM_H_
|
||||
#define _CURL_SHIM_H_
|
||||
|
||||
#include "util.h"
|
||||
#include "http.h"
|
||||
|
||||
typedef enum
|
||||
{
|
||||
CURLE_OK=0,
|
||||
CURLE_UNSUPPORTED_PROTOCOL=1,
|
||||
CURLE_COULDNT_CONNECT=7,
|
||||
CURLE_FTP_COULDNT_RETR_FILE=19,
|
||||
CURLE_HTTP_RETURNED_ERROR=22,
|
||||
CURLE_WRITE_ERROR=23
|
||||
} CURLcode;
|
||||
|
||||
typedef enum
|
||||
{
|
||||
CURLOPT_URL,
|
||||
CURLOPT_USERPWD,
|
||||
CURLOPT_WRITEFUNCTION,
|
||||
CURLOPT_FILE,
|
||||
CURLOPT_ERRORBUFFER,
|
||||
CURLOPT_FOLLOWLOCATION,
|
||||
CURLOPT_MAXREDIRS,
|
||||
CURLOPT_STDERR,
|
||||
CURLOPT_VERBOSE,
|
||||
CURLOPT_SSL_VERIFYPEER,
|
||||
CURLOPT_PROXY,
|
||||
CURLOPT_CAINFO,
|
||||
CURLOPT_POST,
|
||||
CURLOPT_POSTFIELDS,
|
||||
CURLOPT_FAILONERROR,
|
||||
CURLOPT_HTTPHEADER,
|
||||
CURLOPT_SRVTAG_GPG_HACK
|
||||
} CURLoption;
|
||||
|
||||
typedef size_t (*write_func)(char *buffer,size_t size,
|
||||
size_t nitems,void *outstream);
|
||||
|
||||
typedef struct
|
||||
{
|
||||
char *url;
|
||||
char *auth;
|
||||
char *errorbuffer;
|
||||
char *proxy;
|
||||
write_func writer;
|
||||
void *file;
|
||||
char *postfields;
|
||||
char *srvtag;
|
||||
unsigned int status;
|
||||
FILE *errors;
|
||||
struct curl_slist *headers;
|
||||
struct
|
||||
{
|
||||
unsigned int post:1;
|
||||
unsigned int failonerror:1;
|
||||
unsigned int verbose:1;
|
||||
} flags;
|
||||
http_t hd;
|
||||
} CURL;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
const char **protocols;
|
||||
} curl_version_info_data;
|
||||
|
||||
#define CURL_ERROR_SIZE 256
|
||||
#define CURL_GLOBAL_DEFAULT 0
|
||||
#define CURLVERSION_NOW 0
|
||||
|
||||
CURLcode curl_global_init(long flags);
|
||||
void curl_global_cleanup(void);
|
||||
CURL *curl_easy_init(void);
|
||||
CURLcode curl_easy_setopt(CURL *curl,CURLoption option,...);
|
||||
CURLcode curl_easy_perform(CURL *curl);
|
||||
void curl_easy_cleanup(CURL *curl);
|
||||
char *curl_escape(char *str,int len);
|
||||
#define curl_free(x) free(x)
|
||||
#define curl_version() GNUPG_NAME" curl-shim"
|
||||
curl_version_info_data *curl_version_info(int type);
|
||||
|
||||
struct curl_slist
|
||||
{
|
||||
strlist_t list;
|
||||
};
|
||||
|
||||
struct curl_slist *curl_slist_append(struct curl_slist *list,
|
||||
const char *string);
|
||||
void curl_slist_free_all(struct curl_slist *list);
|
||||
|
||||
#endif /* !_CURL_SHIM_H_ */
|
@ -1,211 +0,0 @@
|
||||
#!@PERL@ -w
|
||||
|
||||
# gpg2keys_mailto - talk to a email keyserver
|
||||
# Copyright (C) 2001, 2002 Free Software Foundation, Inc.
|
||||
#
|
||||
# This file is part of GnuPG.
|
||||
#
|
||||
# GnuPG is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# GnuPG is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
use Getopt::Std;
|
||||
$Getopt::Std::STANDARD_HELP_VERSION=1;
|
||||
$sendmail="@SENDMAIL@ -t";
|
||||
|
||||
###
|
||||
|
||||
sub VERSION_MESSAGE ()
|
||||
{
|
||||
print STDOUT "gpg2keys_mailto (GnuPG) @VERSION@\n";
|
||||
}
|
||||
|
||||
sub HELP_MESSAGE ()
|
||||
{
|
||||
print STDOUT <<EOT
|
||||
|
||||
--help Print this help
|
||||
--version Print the version
|
||||
-o FILE Write output to FILE
|
||||
EOT
|
||||
}
|
||||
|
||||
|
||||
|
||||
getopts('o:');
|
||||
|
||||
if(defined($opt_o))
|
||||
{
|
||||
open(STDOUT,">$opt_o") || die "Can't open output file $opt_o\n";
|
||||
}
|
||||
|
||||
if(@ARGV)
|
||||
{
|
||||
open(STDIN,$ARGV[0]) || die "Can't open input file $ARGV[0]\n";
|
||||
}
|
||||
|
||||
while(<STDIN>)
|
||||
{
|
||||
last if($_ eq "\n");
|
||||
|
||||
if(/^COMMAND (\S+)/)
|
||||
{
|
||||
$command=$1;
|
||||
}
|
||||
|
||||
if(/^OPAQUE (\S+)/)
|
||||
{
|
||||
$address=$1;
|
||||
}
|
||||
|
||||
if(/^PROGRAM (\S+)/)
|
||||
{
|
||||
$program=$1;
|
||||
}
|
||||
|
||||
if(/^OPTION (\S+)/)
|
||||
{
|
||||
if($1=~/^verbose$/i)
|
||||
{
|
||||
$verbose++;
|
||||
}
|
||||
elsif($1=~/^no-verbose$/i)
|
||||
{
|
||||
$verbose--;
|
||||
}
|
||||
elsif($1=~/^mail-from=(.+)$/i)
|
||||
{
|
||||
$from=$1;
|
||||
}
|
||||
elsif($1=~/^no-mail-from$/i)
|
||||
{
|
||||
undef $from;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
if(!defined($from))
|
||||
{
|
||||
($login,$name)=(getpwuid($<))[0,6];
|
||||
$from="$name <$login>";
|
||||
}
|
||||
|
||||
$program="(unknown)" if(!defined($program));
|
||||
|
||||
if(!defined($address))
|
||||
{
|
||||
print STDERR "gpgkeys: no address provided\n";
|
||||
exit(1);
|
||||
}
|
||||
|
||||
while(<STDIN>)
|
||||
{
|
||||
last if($_ eq "\n");
|
||||
|
||||
chomp;
|
||||
|
||||
push(@keys,$_);
|
||||
}
|
||||
|
||||
# Send response
|
||||
|
||||
print "VERSION 1\n";
|
||||
print "OPTION OUTOFBAND\n\n";
|
||||
|
||||
# Email keyservers get and search the same way
|
||||
|
||||
if($command=~/get/i || $command=~/search/i)
|
||||
{
|
||||
if($command=~/search/i)
|
||||
{
|
||||
print "COUNT 0\n";
|
||||
}
|
||||
|
||||
foreach $key (@keys)
|
||||
{
|
||||
open(MAIL,"|$sendmail") || die "ERROR: Can't open $sendmail\n";
|
||||
print MAIL "From: $from\n";
|
||||
print MAIL "To: $address\n";
|
||||
if($command=~/get/i)
|
||||
{
|
||||
# mail keyservers don't like long-form keyids
|
||||
|
||||
if(substr($key,0,2) eq "0x")
|
||||
{
|
||||
$key=substr($key,2);
|
||||
}
|
||||
|
||||
if(length($key)>8)
|
||||
{
|
||||
$key=substr($key,-8);
|
||||
}
|
||||
|
||||
print MAIL "Subject: GET 0x$key\n\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
print MAIL "Subject: GET $key\n\n";
|
||||
}
|
||||
print MAIL "GnuPG $program email keyserver request\n";
|
||||
close(MAIL);
|
||||
|
||||
# Tell GnuPG not to expect a key
|
||||
print "KEY $key OUTOFBAND\n";
|
||||
|
||||
if($verbose)
|
||||
{
|
||||
print STDERR "gpgkeys: key $key requested from $address\n";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if($command=~/send/i)
|
||||
{
|
||||
while(!eof(STDIN))
|
||||
{
|
||||
open(MAIL,"|$sendmail") || die "ERROR: Can't open $sendmail\n";
|
||||
print MAIL "From: $name <$login>\n";
|
||||
print MAIL "To: $address\n";
|
||||
print MAIL "Subject: ADD\n\n";
|
||||
|
||||
while(<STDIN>)
|
||||
{
|
||||
if(/^KEY (\S+) BEGIN$/)
|
||||
{
|
||||
$key=$1;
|
||||
last;
|
||||
}
|
||||
}
|
||||
|
||||
while(<STDIN>)
|
||||
{
|
||||
if(/^KEY \S+ END$/)
|
||||
{
|
||||
last;
|
||||
}
|
||||
|
||||
print MAIL;
|
||||
}
|
||||
|
||||
close(MAIL);
|
||||
|
||||
if($verbose)
|
||||
{
|
||||
print STDERR "gpgkeys: key $key sent to $address\n";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# Local Variables:
|
||||
# mode:perl
|
||||
# End:
|
@ -1,97 +0,0 @@
|
||||
#!@PERL@
|
||||
|
||||
# gpg2keys_test - keyserver code tester
|
||||
# Copyright (C) 2001 Free Software Foundation, Inc.
|
||||
#
|
||||
# This file is part of GnuPG.
|
||||
#
|
||||
# GnuPG is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# GnuPG is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
use Getopt::Std;
|
||||
$Getopt::Std::STANDARD_HELP_VERSION=1;
|
||||
|
||||
$|=1;
|
||||
|
||||
sub VERSION_MESSAGE ()
|
||||
{
|
||||
print STDOUT "gpg2keys_test (GnuPG) @VERSION@\n";
|
||||
}
|
||||
|
||||
sub HELP_MESSAGE ()
|
||||
{
|
||||
print STDOUT <<EOT
|
||||
|
||||
--help Print this help
|
||||
--version Print the version
|
||||
EOT
|
||||
}
|
||||
|
||||
|
||||
getopts('o:');
|
||||
|
||||
print STDERR "gpgkeys_test starting\n";
|
||||
|
||||
if(defined($opt_o))
|
||||
{
|
||||
print STDERR "Using output file $opt_o\n";
|
||||
open(STDOUT,">$opt_o") || die "Can't open output file $opt_o\n";
|
||||
}
|
||||
|
||||
if(@ARGV)
|
||||
{
|
||||
print STDERR "Using input file $ARGV[0]\n";
|
||||
open(STDIN,$ARGV[0]) || die "Can't open input file $ARGV[0]\n";
|
||||
}
|
||||
|
||||
# Get the command block
|
||||
|
||||
print STDERR "Command block:\n";
|
||||
|
||||
while(<STDIN>)
|
||||
{
|
||||
last if($_ eq "\n");
|
||||
print STDERR "--command-> $_";
|
||||
|
||||
if(/^COMMAND (\w+)/)
|
||||
{
|
||||
$command=$1;
|
||||
}
|
||||
}
|
||||
|
||||
# Get the keylist block
|
||||
|
||||
print STDERR "Keylist block:\n";
|
||||
|
||||
while(<STDIN>)
|
||||
{
|
||||
last if($_ eq "\n");
|
||||
print STDERR "--keylist-> $_";
|
||||
}
|
||||
|
||||
# If it's a SEND, then get the key material
|
||||
|
||||
if($command eq "SEND")
|
||||
{
|
||||
print STDERR "Key material to send:\n";
|
||||
|
||||
while(<STDIN>)
|
||||
{
|
||||
print STDERR "$_";
|
||||
}
|
||||
}
|
||||
|
||||
printf STDERR "gpgkeys_test finished\n";
|
||||
|
||||
# Local Variables:
|
||||
# mode:perl
|
||||
# End:
|
@ -1,419 +0,0 @@
|
||||
/* gpgkeys_curl.c - fetch a key via libcurl
|
||||
* Copyright (C) 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
* GnuPG is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GnuPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
* In addition, as a special exception, the Free Software Foundation
|
||||
* gives permission to link the code of the keyserver helper tools:
|
||||
* gpgkeys_ldap, gpgkeys_curl and gpgkeys_hkp with the OpenSSL
|
||||
* project's "OpenSSL" library (or with modified versions of it that
|
||||
* use the same license as the "OpenSSL" library), and distribute the
|
||||
* linked executables. You must obey the GNU General Public License
|
||||
* in all respects for all of the code used other than "OpenSSL". If
|
||||
* you modify this file, you may extend this exception to your version
|
||||
* of the file, but you are not obligated to do so. If you do not
|
||||
* wish to do so, delete this exception statement from your version.
|
||||
*/
|
||||
|
||||
#include <config.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <errno.h>
|
||||
#include <unistd.h>
|
||||
#ifdef HAVE_GETOPT_H
|
||||
#include <getopt.h>
|
||||
#endif
|
||||
#ifdef HAVE_LIBCURL
|
||||
#include <curl/curl.h>
|
||||
#else
|
||||
#include "curl-shim.h"
|
||||
#endif
|
||||
#include "keyserver.h"
|
||||
#include "ksutil.h"
|
||||
|
||||
extern char *optarg;
|
||||
extern int optind;
|
||||
|
||||
static FILE *input,*output,*console;
|
||||
static CURL *curl;
|
||||
static struct ks_options *opt;
|
||||
|
||||
static int
|
||||
get_key(char *getkey)
|
||||
{
|
||||
CURLcode res;
|
||||
char errorbuffer[CURL_ERROR_SIZE];
|
||||
char request[MAX_URL];
|
||||
struct curl_writer_ctx ctx;
|
||||
|
||||
memset(&ctx,0,sizeof(ctx));
|
||||
|
||||
if(strncmp(getkey,"0x",2)==0)
|
||||
getkey+=2;
|
||||
|
||||
fprintf(output,"KEY 0x%s BEGIN\n",getkey);
|
||||
|
||||
sprintf(request,"%s://%s%s%s%s",opt->scheme,opt->host,
|
||||
opt->port?":":"",opt->port?opt->port:"",opt->path?opt->path:"/");
|
||||
|
||||
curl_easy_setopt(curl,CURLOPT_URL,request);
|
||||
curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,curl_writer);
|
||||
ctx.stream=output;
|
||||
curl_easy_setopt(curl,CURLOPT_FILE,&ctx);
|
||||
curl_easy_setopt(curl,CURLOPT_ERRORBUFFER,errorbuffer);
|
||||
|
||||
res=curl_easy_perform(curl);
|
||||
if(res!=CURLE_OK)
|
||||
{
|
||||
fprintf(console,"gpgkeys: %s fetch error %d: %s\n",opt->scheme,
|
||||
res,errorbuffer);
|
||||
fprintf(output,"\nKEY 0x%s FAILED %d\n",getkey,curl_err_to_gpg_err(res));
|
||||
}
|
||||
else
|
||||
{
|
||||
curl_writer_finalize(&ctx);
|
||||
if(!ctx.flags.done)
|
||||
{
|
||||
fprintf(console,"gpgkeys: no key data found for %s\n",request);
|
||||
fprintf(output,"\nKEY 0x%s FAILED %d\n",
|
||||
getkey,KEYSERVER_KEY_NOT_FOUND);
|
||||
}
|
||||
else
|
||||
fprintf(output,"\nKEY 0x%s END\n",getkey);
|
||||
}
|
||||
|
||||
return curl_err_to_gpg_err(res);
|
||||
}
|
||||
|
||||
static void
|
||||
show_help (FILE *fp)
|
||||
{
|
||||
fprintf (fp,"-h, --help\thelp\n");
|
||||
fprintf (fp,"-V\t\tmachine readable version\n");
|
||||
fprintf (fp,"--version\thuman readable version\n");
|
||||
fprintf (fp,"-o\t\toutput to this file\n");
|
||||
}
|
||||
|
||||
int
|
||||
main(int argc,char *argv[])
|
||||
{
|
||||
int arg,ret=KEYSERVER_INTERNAL_ERROR,i;
|
||||
char line[MAX_LINE];
|
||||
char *thekey=NULL;
|
||||
long follow_redirects=5;
|
||||
char *proxy=NULL;
|
||||
curl_version_info_data *curldata;
|
||||
struct curl_slist *headers=NULL;
|
||||
|
||||
console=stderr;
|
||||
|
||||
/* Kludge to implement standard GNU options. */
|
||||
if (argc > 1 && !strcmp (argv[1], "--version"))
|
||||
{
|
||||
printf ("gpgkeys_curl (%s) %s\n", GNUPG_NAME, VERSION);
|
||||
printf ("Uses: %s\n", curl_version());
|
||||
return 0;
|
||||
}
|
||||
else if (argc > 1 && !strcmp (argv[1], "--help"))
|
||||
{
|
||||
show_help (stdout);
|
||||
return 0;
|
||||
}
|
||||
|
||||
while((arg=getopt(argc,argv,"hVo:"))!=-1)
|
||||
switch(arg)
|
||||
{
|
||||
default:
|
||||
case 'h':
|
||||
show_help (console);
|
||||
return KEYSERVER_OK;
|
||||
|
||||
case 'V':
|
||||
fprintf(stdout,"%d\n%s\n",KEYSERVER_PROTO_VERSION,VERSION);
|
||||
return KEYSERVER_OK;
|
||||
|
||||
case 'o':
|
||||
output=fopen(optarg,"wb");
|
||||
if(output==NULL)
|
||||
{
|
||||
fprintf(console,"gpgkeys: Cannot open output file '%s': %s\n",
|
||||
optarg,strerror(errno));
|
||||
return KEYSERVER_INTERNAL_ERROR;
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
if(argc>optind)
|
||||
{
|
||||
input=fopen(argv[optind],"r");
|
||||
if(input==NULL)
|
||||
{
|
||||
fprintf(console,"gpgkeys: Cannot open input file '%s': %s\n",
|
||||
argv[optind],strerror(errno));
|
||||
return KEYSERVER_INTERNAL_ERROR;
|
||||
}
|
||||
}
|
||||
|
||||
if(input==NULL)
|
||||
input=stdin;
|
||||
|
||||
if(output==NULL)
|
||||
output=stdout;
|
||||
|
||||
opt=init_ks_options();
|
||||
if(!opt)
|
||||
return KEYSERVER_NO_MEMORY;
|
||||
|
||||
/* Get the command and info block */
|
||||
|
||||
while(fgets(line,MAX_LINE,input)!=NULL)
|
||||
{
|
||||
int err;
|
||||
char option[MAX_OPTION+1];
|
||||
|
||||
if(line[0]=='\n')
|
||||
break;
|
||||
|
||||
err=parse_ks_options(line,opt);
|
||||
if(err>0)
|
||||
{
|
||||
ret=err;
|
||||
goto fail;
|
||||
}
|
||||
else if(err==0)
|
||||
continue;
|
||||
|
||||
if(sscanf(line,"OPTION %" MKSTRING(MAX_OPTION) "s\n",option)==1)
|
||||
{
|
||||
int no=0;
|
||||
char *start=&option[0];
|
||||
|
||||
option[MAX_OPTION]='\0';
|
||||
|
||||
if(strncasecmp(option,"no-",3)==0)
|
||||
{
|
||||
no=1;
|
||||
start=&option[3];
|
||||
}
|
||||
|
||||
if(strncasecmp(start,"http-proxy",10)==0)
|
||||
{
|
||||
/* Safe to not check the return code of strdup() here.
|
||||
If it fails, we simply won't use a proxy. */
|
||||
if(no)
|
||||
{
|
||||
free(proxy);
|
||||
proxy=strdup("");
|
||||
}
|
||||
else if(start[10]=='=')
|
||||
{
|
||||
if(strlen(&start[11])<MAX_PROXY)
|
||||
{
|
||||
free(proxy);
|
||||
proxy=strdup(&start[11]);
|
||||
}
|
||||
}
|
||||
}
|
||||
else if(strncasecmp(start,"follow-redirects",16)==0)
|
||||
{
|
||||
if(no)
|
||||
follow_redirects=0;
|
||||
else if(start[16]=='=')
|
||||
follow_redirects=atoi(&start[17]);
|
||||
else if(start[16]=='\0')
|
||||
follow_redirects=-1;
|
||||
}
|
||||
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if(!opt->scheme)
|
||||
{
|
||||
fprintf(console,"gpgkeys: no scheme supplied!\n");
|
||||
ret=KEYSERVER_SCHEME_NOT_FOUND;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if(!opt->host)
|
||||
{
|
||||
fprintf(console,"gpgkeys: no keyserver host provided\n");
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if(opt->timeout && register_timeout()==-1)
|
||||
{
|
||||
fprintf(console,"gpgkeys: unable to register timeout handler\n");
|
||||
return KEYSERVER_INTERNAL_ERROR;
|
||||
}
|
||||
|
||||
curl_global_init(CURL_GLOBAL_DEFAULT);
|
||||
|
||||
curl=curl_easy_init();
|
||||
if(!curl)
|
||||
{
|
||||
fprintf(console,"gpgkeys: unable to initialize curl\n");
|
||||
ret=KEYSERVER_INTERNAL_ERROR;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
/* Make sure we have the protocol the user is asking for so we can
|
||||
print a nicer error message. */
|
||||
curldata=curl_version_info(CURLVERSION_NOW);
|
||||
for(i=0;curldata->protocols[i];i++)
|
||||
if(strcasecmp(curldata->protocols[i],opt->scheme)==0)
|
||||
break;
|
||||
|
||||
if(curldata->protocols[i]==NULL)
|
||||
{
|
||||
fprintf(console,"gpgkeys: protocol '%s' not supported\n",opt->scheme);
|
||||
ret=KEYSERVER_SCHEME_NOT_FOUND;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if(follow_redirects)
|
||||
{
|
||||
curl_easy_setopt(curl,CURLOPT_FOLLOWLOCATION,1L);
|
||||
if(follow_redirects>0)
|
||||
curl_easy_setopt(curl,CURLOPT_MAXREDIRS,follow_redirects);
|
||||
}
|
||||
|
||||
if(opt->auth)
|
||||
curl_easy_setopt(curl,CURLOPT_USERPWD,opt->auth);
|
||||
|
||||
if(opt->debug)
|
||||
{
|
||||
fprintf(console,"gpgkeys: curl version = %s\n",curl_version());
|
||||
curl_easy_setopt(curl,CURLOPT_STDERR,console);
|
||||
curl_easy_setopt(curl,CURLOPT_VERBOSE,1L);
|
||||
}
|
||||
|
||||
curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(long)opt->flags.check_cert);
|
||||
curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file);
|
||||
|
||||
/* Avoid caches to get the most recent copy of the key. This is bug
|
||||
#1061. In pre-curl versions of the code, we didn't do it. Then
|
||||
we did do it (as a curl default) until curl changed the default.
|
||||
Now we're doing it again, but in such a way that changing
|
||||
defaults in the future won't impact us. We set both the Pragma
|
||||
and Cache-Control versions of the header, so we're good with both
|
||||
HTTP 1.0 and 1.1. */
|
||||
headers=curl_slist_append(headers,"Pragma: no-cache");
|
||||
if(headers)
|
||||
headers=curl_slist_append(headers,"Cache-Control: no-cache");
|
||||
|
||||
if(!headers)
|
||||
{
|
||||
fprintf(console,"gpgkeys: out of memory when building HTTP headers\n");
|
||||
ret=KEYSERVER_NO_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
curl_easy_setopt(curl,CURLOPT_HTTPHEADER,headers);
|
||||
|
||||
if(proxy)
|
||||
curl_easy_setopt(curl,CURLOPT_PROXY,proxy);
|
||||
|
||||
/* If it's a GET or a SEARCH, the next thing to come in is the
|
||||
keyids. If it's a SEND, then there are no keyids. */
|
||||
|
||||
if(opt->action==KS_GET)
|
||||
{
|
||||
/* Eat the rest of the file */
|
||||
for(;;)
|
||||
{
|
||||
if(fgets(line,MAX_LINE,input)==NULL)
|
||||
break;
|
||||
else
|
||||
{
|
||||
if(line[0]=='\n' || line[0]=='\0')
|
||||
break;
|
||||
|
||||
if(!thekey)
|
||||
{
|
||||
thekey=strdup(line);
|
||||
if(!thekey)
|
||||
{
|
||||
fprintf(console,"gpgkeys: out of memory while "
|
||||
"building key list\n");
|
||||
ret=KEYSERVER_NO_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
/* Trim the trailing \n */
|
||||
thekey[strlen(line)-1]='\0';
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(console,
|
||||
"gpgkeys: this keyserver type only supports key retrieval\n");
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if(!thekey)
|
||||
{
|
||||
fprintf(console,"gpgkeys: invalid keyserver instructions\n");
|
||||
goto fail;
|
||||
}
|
||||
|
||||
/* Send the response */
|
||||
|
||||
fprintf(output,"VERSION %d\n",KEYSERVER_PROTO_VERSION);
|
||||
fprintf(output,"PROGRAM %s\n\n",VERSION);
|
||||
|
||||
if(opt->verbose)
|
||||
{
|
||||
fprintf(console,"Scheme:\t\t%s\n",opt->scheme);
|
||||
fprintf(console,"Host:\t\t%s\n",opt->host);
|
||||
if(opt->port)
|
||||
fprintf(console,"Port:\t\t%s\n",opt->port);
|
||||
if(opt->path)
|
||||
fprintf(console,"Path:\t\t%s\n",opt->path);
|
||||
fprintf(console,"Command:\tGET\n");
|
||||
}
|
||||
|
||||
set_timeout(opt->timeout);
|
||||
|
||||
ret=get_key(thekey);
|
||||
|
||||
fail:
|
||||
|
||||
free(thekey);
|
||||
|
||||
if(input!=stdin)
|
||||
fclose(input);
|
||||
|
||||
if(output!=stdout)
|
||||
fclose(output);
|
||||
|
||||
free_ks_options(opt);
|
||||
|
||||
curl_slist_free_all(headers);
|
||||
|
||||
if(curl)
|
||||
curl_easy_cleanup(curl);
|
||||
|
||||
free(proxy);
|
||||
|
||||
curl_global_cleanup();
|
||||
|
||||
return ret;
|
||||
}
|
@ -1,500 +0,0 @@
|
||||
/* gpgkeys_finger.c - fetch a key via finger
|
||||
* Copyright (C) 2004, 2005 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
* GnuPG is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GnuPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <config.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <errno.h>
|
||||
#include <unistd.h>
|
||||
#ifdef HAVE_GETOPT_H
|
||||
#include <getopt.h>
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_W32_SYSTEM
|
||||
#include <windows.h>
|
||||
#else
|
||||
#include <unistd.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/time.h>
|
||||
#include <time.h>
|
||||
#include <netinet/in.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <netdb.h>
|
||||
#endif
|
||||
|
||||
#define INCLUDED_BY_MAIN_MODULE 1
|
||||
#include "util.h"
|
||||
#include "keyserver.h"
|
||||
#include "ksutil.h"
|
||||
#include "iobuf.h"
|
||||
|
||||
#ifdef HAVE_W32_SYSTEM
|
||||
#define sock_close(a) closesocket(a)
|
||||
#else
|
||||
#define sock_close(a) close(a)
|
||||
#endif
|
||||
|
||||
extern char *optarg;
|
||||
extern int optind;
|
||||
|
||||
static FILE *input,*output,*console;
|
||||
static struct ks_options *opt;
|
||||
|
||||
|
||||
/* Connect to SERVER at PORT and return a file descriptor or -1 on
|
||||
error. */
|
||||
static int
|
||||
connect_server (const char *server, unsigned short port)
|
||||
{
|
||||
int sock = -1;
|
||||
|
||||
#ifdef HAVE_W32_SYSTEM
|
||||
struct hostent *hp;
|
||||
struct sockaddr_in addr;
|
||||
unsigned long l;
|
||||
|
||||
w32_init_sockets ();
|
||||
|
||||
memset (&addr, 0, sizeof addr);
|
||||
addr.sin_family = AF_INET;
|
||||
addr.sin_port = htons (port);
|
||||
|
||||
/* Win32 gethostbyname doesn't handle IP addresses internally, so we
|
||||
try inet_addr first on that platform only. */
|
||||
if ((l = inet_addr (server)) != INADDR_NONE)
|
||||
memcpy (&addr.sin_addr, &l, sizeof l);
|
||||
else if ((hp = gethostbyname (server)))
|
||||
{
|
||||
if (hp->h_addrtype != AF_INET)
|
||||
{
|
||||
fprintf (console, "gpgkeys: unknown address family for '%s'\n",
|
||||
server);
|
||||
return -1;
|
||||
}
|
||||
if (hp->h_length != 4)
|
||||
{
|
||||
fprintf (console, "gpgkeys: illegal address length for '%s'\n",
|
||||
server);
|
||||
return -1;
|
||||
}
|
||||
memcpy (&addr.sin_addr, hp->h_addr, hp->h_length);
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf (console, "gpgkeys: host '%s' not found: ec=%d\n",
|
||||
server, (int)WSAGetLastError ());
|
||||
return -1;
|
||||
}
|
||||
|
||||
sock = socket (AF_INET, SOCK_STREAM, 0);
|
||||
if (sock == INVALID_SOCKET)
|
||||
{
|
||||
fprintf (console, "gpgkeys: error creating socket: ec=%d\n",
|
||||
(int)WSAGetLastError ());
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (connect (sock, (struct sockaddr *)&addr, sizeof addr))
|
||||
{
|
||||
fprintf (console, "gpgkeys: error connecting '%s': ec=%d\n",
|
||||
server, (int)WSAGetLastError ());
|
||||
sock_close (sock);
|
||||
return -1;
|
||||
}
|
||||
|
||||
#else
|
||||
|
||||
struct sockaddr_in addr;
|
||||
struct hostent *host;
|
||||
|
||||
addr.sin_family = AF_INET;
|
||||
addr.sin_port = htons (port);
|
||||
host = gethostbyname ((char*)server);
|
||||
if (!host)
|
||||
{
|
||||
fprintf (console, "gpgkeys: host '%s' not found: %s\n",
|
||||
server, strerror (errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
addr.sin_addr = *(struct in_addr*)host->h_addr;
|
||||
|
||||
sock = socket (AF_INET, SOCK_STREAM, 0);
|
||||
if (sock == -1)
|
||||
{
|
||||
fprintf (console, "gpgkeys: error creating socket: %s\n",
|
||||
strerror (errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (connect (sock, (struct sockaddr *)&addr, sizeof addr) == -1)
|
||||
{
|
||||
fprintf (console, "gpgkeys: error connecting '%s': %s\n",
|
||||
server, strerror (errno));
|
||||
close (sock);
|
||||
return -1;
|
||||
}
|
||||
#endif
|
||||
|
||||
return sock;
|
||||
}
|
||||
|
||||
static int
|
||||
write_server (int sock, const char *data, size_t length)
|
||||
{
|
||||
int nleft;
|
||||
|
||||
nleft = length;
|
||||
while (nleft > 0)
|
||||
{
|
||||
int nwritten;
|
||||
|
||||
#ifdef HAVE_W32_SYSTEM
|
||||
nwritten = send (sock, data, nleft, 0);
|
||||
if ( nwritten == SOCKET_ERROR )
|
||||
{
|
||||
fprintf (console, "gpgkeys: write failed: ec=%d\n",
|
||||
(int)WSAGetLastError ());
|
||||
return -1;
|
||||
}
|
||||
#else
|
||||
nwritten = write (sock, data, nleft);
|
||||
if (nwritten == -1)
|
||||
{
|
||||
if (errno == EINTR)
|
||||
continue;
|
||||
if (errno == EAGAIN)
|
||||
{
|
||||
struct timeval tv;
|
||||
|
||||
tv.tv_sec = 0;
|
||||
tv.tv_usec = 50000;
|
||||
select(0, NULL, NULL, NULL, &tv);
|
||||
continue;
|
||||
}
|
||||
fprintf (console, "gpgkeys: write failed: %s\n", strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
#endif
|
||||
nleft -=nwritten;
|
||||
data += nwritten;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/* Send the finger REQUEST to the server. Returns 0 and a file descriptor
|
||||
in R_SOCK if the request was sucessful. */
|
||||
static int
|
||||
send_request (const char *request, int *r_sock)
|
||||
{
|
||||
char *server;
|
||||
char *name;
|
||||
int sock;
|
||||
|
||||
*r_sock = -1;
|
||||
name = strdup (request);
|
||||
if (!name)
|
||||
{
|
||||
fprintf(console,"gpgkeys: out of memory\n");
|
||||
return KEYSERVER_NO_MEMORY;
|
||||
}
|
||||
|
||||
server = strchr (name, '@');
|
||||
if (!server)
|
||||
{
|
||||
fprintf (console, "gpgkeys: no name included in request\n");
|
||||
free (name);
|
||||
return KEYSERVER_GENERAL_ERROR;
|
||||
}
|
||||
*server++ = 0;
|
||||
|
||||
sock = connect_server (server, 79);
|
||||
if (sock == -1)
|
||||
{
|
||||
free (name);
|
||||
return KEYSERVER_UNREACHABLE;
|
||||
}
|
||||
|
||||
if (write_server (sock, name, strlen (name))
|
||||
|| write_server (sock, "\r\n", 2))
|
||||
{
|
||||
free (name);
|
||||
sock_close (sock);
|
||||
return KEYSERVER_GENERAL_ERROR;
|
||||
}
|
||||
free (name);
|
||||
*r_sock = sock;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
||||
static int
|
||||
get_key (char *getkey)
|
||||
{
|
||||
int rc;
|
||||
int sock;
|
||||
iobuf_t fp_read;
|
||||
unsigned int maxlen, buflen, gotit=0;
|
||||
byte *line = NULL;
|
||||
|
||||
if (strncmp (getkey,"0x",2)==0)
|
||||
getkey+=2;
|
||||
|
||||
/* Frankly we don't know what keys the server will return; we
|
||||
indicated the requested key anyway. */
|
||||
fprintf(output,"KEY 0x%s BEGIN\n",getkey);
|
||||
|
||||
rc=send_request(opt->opaque,&sock);
|
||||
if(rc)
|
||||
{
|
||||
fprintf(output,"KEY 0x%s FAILED %d\n",getkey, rc);
|
||||
sock_close (sock);
|
||||
return KEYSERVER_OK;
|
||||
}
|
||||
|
||||
/* Hmmm, we use iobuf here only to cope with Windows socket
|
||||
peculiarities (we can't used fdopen). */
|
||||
fp_read = iobuf_sockopen (sock , "r");
|
||||
if (!fp_read)
|
||||
{
|
||||
fprintf(output,"KEY 0x%s FAILED %d\n",getkey, KEYSERVER_INTERNAL_ERROR);
|
||||
sock_close (sock);
|
||||
return KEYSERVER_OK;
|
||||
}
|
||||
|
||||
while ( iobuf_read_line ( fp_read, &line, &buflen, &maxlen))
|
||||
{
|
||||
maxlen=1024;
|
||||
|
||||
if(gotit)
|
||||
{
|
||||
print_nocr(output, (const char*)line);
|
||||
if (!strncmp((char*)line,END,strlen(END)))
|
||||
break;
|
||||
}
|
||||
else if(!strncmp((char*)line,BEGIN,strlen(BEGIN)))
|
||||
{
|
||||
print_nocr(output, (const char*)line);
|
||||
gotit=1;
|
||||
}
|
||||
}
|
||||
|
||||
if(gotit)
|
||||
fprintf (output,"KEY 0x%s END\n", getkey);
|
||||
else
|
||||
{
|
||||
fprintf(console,"gpgkeys: no key data found for finger:%s\n",
|
||||
opt->opaque);
|
||||
fprintf(output,"KEY 0x%s FAILED %d\n",getkey,KEYSERVER_KEY_NOT_FOUND);
|
||||
}
|
||||
|
||||
xfree(line);
|
||||
iobuf_close (fp_read);
|
||||
|
||||
return KEYSERVER_OK;
|
||||
}
|
||||
|
||||
|
||||
static void
|
||||
show_help (FILE *fp)
|
||||
{
|
||||
fprintf (fp,"-h, --help\thelp\n");
|
||||
fprintf (fp,"-V\t\tmachine readable version\n");
|
||||
fprintf (fp,"--version\thuman readable version\n");
|
||||
fprintf (fp,"-o\t\toutput to this file\n");
|
||||
}
|
||||
|
||||
int
|
||||
main(int argc,char *argv[])
|
||||
{
|
||||
int arg,ret=KEYSERVER_INTERNAL_ERROR;
|
||||
char line[MAX_LINE];
|
||||
char *thekey=NULL;
|
||||
|
||||
console=stderr;
|
||||
|
||||
/* Kludge to implement standard GNU options. */
|
||||
if (argc > 1 && !strcmp (argv[1], "--version"))
|
||||
{
|
||||
fputs ("gpgkeys_finger ("GNUPG_NAME") " VERSION"\n", stdout);
|
||||
return 0;
|
||||
}
|
||||
else if (argc > 1 && !strcmp (argv[1], "--help"))
|
||||
{
|
||||
show_help (stdout);
|
||||
return 0;
|
||||
}
|
||||
|
||||
while((arg=getopt(argc,argv,"hVo:"))!=-1)
|
||||
switch(arg)
|
||||
{
|
||||
default:
|
||||
case 'h':
|
||||
show_help (console);
|
||||
return KEYSERVER_OK;
|
||||
|
||||
case 'V':
|
||||
fprintf(stdout,"%d\n%s\n",KEYSERVER_PROTO_VERSION,VERSION);
|
||||
return KEYSERVER_OK;
|
||||
|
||||
case 'o':
|
||||
output=fopen(optarg,"w");
|
||||
if(output==NULL)
|
||||
{
|
||||
fprintf(console,"gpgkeys: Cannot open output file '%s': %s\n",
|
||||
optarg,strerror(errno));
|
||||
return KEYSERVER_INTERNAL_ERROR;
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
if(argc>optind)
|
||||
{
|
||||
input=fopen(argv[optind],"r");
|
||||
if(input==NULL)
|
||||
{
|
||||
fprintf(console,"gpgkeys: Cannot open input file '%s': %s\n",
|
||||
argv[optind],strerror(errno));
|
||||
return KEYSERVER_INTERNAL_ERROR;
|
||||
}
|
||||
}
|
||||
|
||||
if(input==NULL)
|
||||
input=stdin;
|
||||
|
||||
if(output==NULL)
|
||||
output=stdout;
|
||||
|
||||
opt=init_ks_options();
|
||||
if(!opt)
|
||||
return KEYSERVER_NO_MEMORY;
|
||||
|
||||
/* Get the command and info block */
|
||||
|
||||
while(fgets(line,MAX_LINE,input)!=NULL)
|
||||
{
|
||||
int err;
|
||||
|
||||
if(line[0]=='\n')
|
||||
break;
|
||||
|
||||
err=parse_ks_options(line,opt);
|
||||
if(err>0)
|
||||
{
|
||||
ret=err;
|
||||
goto fail;
|
||||
}
|
||||
else if(err==0)
|
||||
continue;
|
||||
}
|
||||
|
||||
if(opt->host)
|
||||
{
|
||||
fprintf(console,"gpgkeys: finger://relay/user syntax is not"
|
||||
" supported. Use finger:user instead.\n");
|
||||
ret=KEYSERVER_NOT_SUPPORTED;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if(opt->timeout && register_timeout()==-1)
|
||||
{
|
||||
fprintf(console,"gpgkeys: unable to register timeout handler\n");
|
||||
return KEYSERVER_INTERNAL_ERROR;
|
||||
}
|
||||
|
||||
/* If it's a GET or a SEARCH, the next thing to come in is the
|
||||
keyids. If it's a SEND, then there are no keyids. */
|
||||
|
||||
if(opt->action==KS_GET)
|
||||
{
|
||||
/* Eat the rest of the file */
|
||||
for(;;)
|
||||
{
|
||||
if(fgets(line,MAX_LINE,input)==NULL)
|
||||
break;
|
||||
else
|
||||
{
|
||||
if(line[0]=='\n' || line[0]=='\0')
|
||||
break;
|
||||
|
||||
if(!thekey)
|
||||
{
|
||||
thekey=strdup(line);
|
||||
if(!thekey)
|
||||
{
|
||||
fprintf(console,"gpgkeys: out of memory while "
|
||||
"building key list\n");
|
||||
ret=KEYSERVER_NO_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
/* Trim the trailing \n */
|
||||
thekey[strlen(line)-1]='\0';
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(console,
|
||||
"gpgkeys: this keyserver type only supports key retrieval\n");
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if(!thekey || !opt->opaque)
|
||||
{
|
||||
fprintf(console,"gpgkeys: invalid keyserver instructions\n");
|
||||
goto fail;
|
||||
}
|
||||
|
||||
/* Send the response */
|
||||
|
||||
fprintf(output,"VERSION %d\n",KEYSERVER_PROTO_VERSION);
|
||||
fprintf(output,"PROGRAM %s\n\n",VERSION);
|
||||
|
||||
if(opt->verbose>1)
|
||||
{
|
||||
fprintf(console,"User:\t\t%s\n",opt->opaque);
|
||||
fprintf(console,"Command:\tGET\n");
|
||||
}
|
||||
|
||||
set_timeout(opt->timeout);
|
||||
|
||||
ret=get_key(thekey);
|
||||
|
||||
fail:
|
||||
|
||||
free(thekey);
|
||||
|
||||
if(input!=stdin)
|
||||
fclose(input);
|
||||
|
||||
if(output!=stdout)
|
||||
fclose(output);
|
||||
|
||||
free_ks_options(opt);
|
||||
|
||||
return ret;
|
||||
}
|
@ -1,976 +0,0 @@
|
||||
/* gpgkeys_hkp.c - talk to an HKP keyserver
|
||||
* Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,
|
||||
* 2009 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
* GnuPG is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GnuPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
* In addition, as a special exception, the Free Software Foundation
|
||||
* gives permission to link the code of the keyserver helper tools:
|
||||
* gpgkeys_ldap, gpgkeys_curl and gpgkeys_hkp with the OpenSSL
|
||||
* project's "OpenSSL" library (or with modified versions of it that
|
||||
* use the same license as the "OpenSSL" library), and distribute the
|
||||
* linked executables. You must obey the GNU General Public License
|
||||
* in all respects for all of the code used other than "OpenSSL". If
|
||||
* you modify this file, you may extend this exception to your version
|
||||
* of the file, but you are not obligated to do so. If you do not
|
||||
* wish to do so, delete this exception statement from your version.
|
||||
*/
|
||||
|
||||
#include <config.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <errno.h>
|
||||
#include <unistd.h>
|
||||
#ifdef HAVE_GETOPT_H
|
||||
#include <getopt.h>
|
||||
#endif
|
||||
#ifdef HAVE_LIBCURL
|
||||
#include <curl/curl.h>
|
||||
#else
|
||||
#include "curl-shim.h"
|
||||
#endif
|
||||
#include "util.h"
|
||||
#ifdef USE_DNS_SRV
|
||||
#include "srv.h"
|
||||
#endif
|
||||
#include "keyserver.h"
|
||||
#include "ksutil.h"
|
||||
|
||||
extern char *optarg;
|
||||
extern int optind;
|
||||
|
||||
static FILE *input,*output,*console;
|
||||
static CURL *curl;
|
||||
static struct ks_options *opt;
|
||||
static char errorbuffer[CURL_ERROR_SIZE];
|
||||
static char *proto,*port;
|
||||
|
||||
static size_t
|
||||
curl_mrindex_writer(const void *ptr,size_t size,size_t nmemb,void *stream)
|
||||
{
|
||||
static int checked=0,swallow=0;
|
||||
|
||||
if(!checked)
|
||||
{
|
||||
/* If the document begins with a '<', assume it's a HTML
|
||||
response, which we don't support. Discard the whole message
|
||||
body. GPG can handle it, but this is an optimization to deal
|
||||
with it on this side of the pipe. */
|
||||
const char *buf=ptr;
|
||||
if(buf[0]=='<')
|
||||
swallow=1;
|
||||
|
||||
checked=1;
|
||||
}
|
||||
|
||||
if(swallow || fwrite(ptr,size,nmemb,stream)==nmemb)
|
||||
return size*nmemb;
|
||||
else
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Append but avoid creating a double slash // in the path. */
|
||||
static char *
|
||||
append_path(char *dest,const char *src)
|
||||
{
|
||||
size_t n=strlen(dest);
|
||||
|
||||
if(src[0]=='/' && n>0 && dest[n-1]=='/')
|
||||
dest[n-1]='\0';
|
||||
|
||||
return strcat(dest,src);
|
||||
}
|
||||
|
||||
/* Return a pointer into STRING so that appending PATH to STRING will
|
||||
not yield a duplicated slash. */
|
||||
static const char *
|
||||
appendable_path (const char *string, const char *path)
|
||||
{
|
||||
size_t n;
|
||||
|
||||
if (path[0] == '/' && (n=strlen (string)) && string[n-1] == '/')
|
||||
return path+1;
|
||||
else
|
||||
return path;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
send_key(int *r_eof)
|
||||
{
|
||||
CURLcode res;
|
||||
char request[MAX_URL+15];
|
||||
int begin=0,end=0,ret=KEYSERVER_INTERNAL_ERROR;
|
||||
char keyid[17],state[6];
|
||||
char line[MAX_LINE];
|
||||
char *key=NULL,*encoded_key=NULL;
|
||||
size_t keylen=0,keymax=0;
|
||||
|
||||
/* Read and throw away input until we see the BEGIN */
|
||||
|
||||
while(fgets(line,MAX_LINE,input)!=NULL)
|
||||
if(sscanf(line,"KEY%*[ ]%16s%*[ ]%5s\n",keyid,state)==2
|
||||
&& strcmp(state,"BEGIN")==0)
|
||||
{
|
||||
begin=1;
|
||||
break;
|
||||
}
|
||||
|
||||
if(!begin)
|
||||
{
|
||||
/* i.e. eof before the KEY BEGIN was found. This isn't an
|
||||
error. */
|
||||
*r_eof=1;
|
||||
ret=KEYSERVER_OK;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
/* Now slurp up everything until we see the END */
|
||||
|
||||
while(fgets(line,MAX_LINE,input))
|
||||
if(sscanf(line,"KEY%*[ ]%16s%*[ ]%3s\n",keyid,state)==2
|
||||
&& strcmp(state,"END")==0)
|
||||
{
|
||||
end=1;
|
||||
break;
|
||||
}
|
||||
else
|
||||
{
|
||||
if(strlen(line)+keylen>keymax)
|
||||
{
|
||||
char *tmp;
|
||||
|
||||
keymax+=200;
|
||||
tmp=realloc(key,keymax+1);
|
||||
if(!tmp)
|
||||
{
|
||||
free(key);
|
||||
fprintf(console,"gpgkeys: out of memory\n");
|
||||
ret=KEYSERVER_NO_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
key=tmp;
|
||||
}
|
||||
|
||||
strcpy(&key[keylen],line);
|
||||
keylen+=strlen(line);
|
||||
}
|
||||
|
||||
if(!end)
|
||||
{
|
||||
fprintf(console,"gpgkeys: no KEY %s END found\n",keyid);
|
||||
*r_eof=1;
|
||||
ret=KEYSERVER_KEY_INCOMPLETE;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
encoded_key=curl_escape(key,keylen);
|
||||
if(!encoded_key)
|
||||
{
|
||||
fprintf(console,"gpgkeys: out of memory\n");
|
||||
ret=KEYSERVER_NO_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
free(key);
|
||||
|
||||
key = strconcat ("keytext=", encoded_key, NULL);
|
||||
if(!key)
|
||||
{
|
||||
fprintf(console,"gpgkeys: out of memory\n");
|
||||
ret=KEYSERVER_NO_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
strcpy(request,proto);
|
||||
strcat(request,"://");
|
||||
strcat(request,opt->host);
|
||||
strcat(request,":");
|
||||
strcat(request,port);
|
||||
strcat(request,opt->path);
|
||||
/* request is MAX_URL+15 bytes long - MAX_URL covers the whole URL,
|
||||
including any supplied path. The 15 covers /pks/add. */
|
||||
append_path(request,"/pks/add");
|
||||
|
||||
if(opt->verbose>2)
|
||||
fprintf(console,"gpgkeys: HTTP URL is '%s'\n",request);
|
||||
|
||||
curl_easy_setopt(curl,CURLOPT_URL,request);
|
||||
curl_easy_setopt(curl,CURLOPT_POST,1L);
|
||||
curl_easy_setopt(curl,CURLOPT_POSTFIELDS,key);
|
||||
curl_easy_setopt(curl,CURLOPT_FAILONERROR,1L);
|
||||
|
||||
res=curl_easy_perform(curl);
|
||||
if(res!=0)
|
||||
{
|
||||
fprintf(console,"gpgkeys: HTTP post error %d: %s\n",res,errorbuffer);
|
||||
ret=curl_err_to_gpg_err(res);
|
||||
goto fail;
|
||||
}
|
||||
else
|
||||
fprintf(output,"\nKEY %s SENT\n",keyid);
|
||||
|
||||
ret=KEYSERVER_OK;
|
||||
|
||||
fail:
|
||||
xfree (key);
|
||||
curl_free(encoded_key);
|
||||
|
||||
if(ret!=0 && begin)
|
||||
fprintf(output,"KEY %s FAILED %d\n",keyid,ret);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int
|
||||
get_key(char *getkey)
|
||||
{
|
||||
CURLcode res;
|
||||
char request[MAX_URL+92];
|
||||
char *offset;
|
||||
struct curl_writer_ctx ctx;
|
||||
size_t keylen;
|
||||
|
||||
memset(&ctx,0,sizeof(ctx));
|
||||
|
||||
/* Build the search string. HKP only uses the short key IDs. */
|
||||
|
||||
if(strncmp(getkey,"0x",2)==0)
|
||||
getkey+=2;
|
||||
|
||||
fprintf(output,"KEY 0x%s BEGIN\n",getkey);
|
||||
|
||||
if(strlen(getkey)==32)
|
||||
{
|
||||
fprintf(console,
|
||||
"gpgkeys: HKP keyservers do not support v3 fingerprints\n");
|
||||
fprintf(output,"KEY 0x%s FAILED %d\n",getkey,KEYSERVER_NOT_SUPPORTED);
|
||||
return KEYSERVER_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
strcpy(request,proto);
|
||||
strcat(request,"://");
|
||||
strcat(request,opt->host);
|
||||
strcat(request,":");
|
||||
strcat(request,port);
|
||||
strcat(request,opt->path);
|
||||
/* request is MAX_URL+55 bytes long - MAX_URL covers the whole URL,
|
||||
including any supplied path. The 92 overcovers this /pks/... etc
|
||||
string plus the 8, 16, or 40 bytes of key id/fingerprint */
|
||||
append_path(request,"/pks/lookup?op=get&options=mr&search=0x");
|
||||
|
||||
/* send only fingerprint, long key id, or short keyid. see:
|
||||
https://tools.ietf.org/html/draft-shaw-openpgp-hkp-00#section-3.1.1.1 */
|
||||
keylen = strlen(getkey);
|
||||
if(keylen >= 40)
|
||||
offset=&getkey[keylen-40];
|
||||
else if(keylen >= 16)
|
||||
offset=&getkey[keylen-16];
|
||||
else if(keylen >= 8)
|
||||
offset=&getkey[keylen-8];
|
||||
else
|
||||
offset=getkey;
|
||||
|
||||
strcat(request,offset);
|
||||
|
||||
if(opt->verbose>2)
|
||||
fprintf(console,"gpgkeys: HTTP URL is '%s'\n",request);
|
||||
|
||||
curl_easy_setopt(curl,CURLOPT_URL,request);
|
||||
curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,curl_writer);
|
||||
ctx.stream=output;
|
||||
curl_easy_setopt(curl,CURLOPT_FILE,&ctx);
|
||||
|
||||
res=curl_easy_perform(curl);
|
||||
if(res!=CURLE_OK)
|
||||
{
|
||||
fprintf(console,"gpgkeys: HTTP fetch error %d: %s\n",res,errorbuffer);
|
||||
fprintf(output,"\nKEY 0x%s FAILED %d\n",getkey,curl_err_to_gpg_err(res));
|
||||
}
|
||||
else
|
||||
{
|
||||
curl_writer_finalize(&ctx);
|
||||
if(!ctx.flags.done)
|
||||
{
|
||||
fprintf(console,"gpgkeys: key %s not found on keyserver\n",getkey);
|
||||
fprintf(output,"\nKEY 0x%s FAILED %d\n",
|
||||
getkey,KEYSERVER_KEY_NOT_FOUND);
|
||||
}
|
||||
else
|
||||
fprintf(output,"\nKEY 0x%s END\n",getkey);
|
||||
}
|
||||
|
||||
return KEYSERVER_OK;
|
||||
}
|
||||
|
||||
static int
|
||||
get_name(const char *getkey)
|
||||
{
|
||||
CURLcode res;
|
||||
char *request=NULL;
|
||||
char *searchkey_encoded;
|
||||
int ret=KEYSERVER_INTERNAL_ERROR;
|
||||
struct curl_writer_ctx ctx;
|
||||
|
||||
memset(&ctx,0,sizeof(ctx));
|
||||
|
||||
searchkey_encoded=curl_escape((char *)getkey,0);
|
||||
if(!searchkey_encoded)
|
||||
{
|
||||
fprintf(console,"gpgkeys: out of memory\n");
|
||||
ret=KEYSERVER_NO_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
request = strconcat
|
||||
(proto,
|
||||
"://",
|
||||
opt->host,
|
||||
":",
|
||||
port,
|
||||
opt->path,
|
||||
appendable_path (opt->path,"/pks/lookup?op=get&options=mr&search="),
|
||||
searchkey_encoded,
|
||||
"&exact=on",
|
||||
NULL);
|
||||
if(!request)
|
||||
{
|
||||
fprintf(console,"gpgkeys: out of memory\n");
|
||||
ret=KEYSERVER_NO_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
fprintf(output,"NAME %s BEGIN\n",getkey);
|
||||
|
||||
if(opt->verbose>2)
|
||||
fprintf(console,"gpgkeys: HTTP URL is '%s'\n",request);
|
||||
|
||||
curl_easy_setopt(curl,CURLOPT_URL,request);
|
||||
curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,curl_writer);
|
||||
ctx.stream=output;
|
||||
curl_easy_setopt(curl,CURLOPT_FILE,&ctx);
|
||||
|
||||
res=curl_easy_perform(curl);
|
||||
if(res!=CURLE_OK)
|
||||
{
|
||||
fprintf(console,"gpgkeys: HTTP fetch error %d: %s\n",res,errorbuffer);
|
||||
ret=curl_err_to_gpg_err(res);
|
||||
}
|
||||
else
|
||||
{
|
||||
curl_writer_finalize(&ctx);
|
||||
if(!ctx.flags.done)
|
||||
{
|
||||
fprintf(console,"gpgkeys: key %s not found on keyserver\n",getkey);
|
||||
ret=KEYSERVER_KEY_NOT_FOUND;
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(output,"\nNAME %s END\n",getkey);
|
||||
ret=KEYSERVER_OK;
|
||||
}
|
||||
}
|
||||
|
||||
fail:
|
||||
curl_free(searchkey_encoded);
|
||||
xfree (request);
|
||||
|
||||
if(ret!=KEYSERVER_OK)
|
||||
fprintf(output,"\nNAME %s FAILED %d\n",getkey,ret);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int
|
||||
search_key(const char *searchkey)
|
||||
{
|
||||
CURLcode res;
|
||||
char *request=NULL;
|
||||
char *searchkey_encoded;
|
||||
int ret=KEYSERVER_INTERNAL_ERROR;
|
||||
enum ks_search_type search_type;
|
||||
const char *hexprefix;
|
||||
|
||||
search_type=classify_ks_search(&searchkey);
|
||||
|
||||
if(opt->debug)
|
||||
fprintf(console,"gpgkeys: search type is %d, and key is \"%s\"\n",
|
||||
search_type,searchkey);
|
||||
|
||||
searchkey_encoded=curl_escape((char *)searchkey,0);
|
||||
if(!searchkey_encoded)
|
||||
{
|
||||
fprintf(console,"gpgkeys: out of memory\n");
|
||||
ret=KEYSERVER_NO_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
/* HKP keyservers like the 0x to be present when searching by
|
||||
keyid. */
|
||||
hexprefix = (search_type==KS_SEARCH_KEYID_SHORT
|
||||
|| search_type==KS_SEARCH_KEYID_LONG)? "0x":"";
|
||||
|
||||
request = strconcat
|
||||
(proto,
|
||||
"://",
|
||||
opt->host,
|
||||
":",
|
||||
port,
|
||||
opt->path,
|
||||
appendable_path (opt->path, "/pks/lookup?op=index&options=mr&search="),
|
||||
hexprefix,
|
||||
searchkey_encoded,
|
||||
NULL);
|
||||
if(!request)
|
||||
{
|
||||
fprintf(console,"gpgkeys: out of memory\n");
|
||||
ret=KEYSERVER_NO_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
fprintf(output,"SEARCH %s BEGIN\n",searchkey);
|
||||
|
||||
if(opt->verbose>2)
|
||||
fprintf(console,"gpgkeys: HTTP URL is '%s'\n",request);
|
||||
|
||||
curl_easy_setopt(curl,CURLOPT_URL,request);
|
||||
curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,curl_mrindex_writer);
|
||||
curl_easy_setopt(curl,CURLOPT_FILE,output);
|
||||
|
||||
res=curl_easy_perform(curl);
|
||||
if(res!=0)
|
||||
{
|
||||
fprintf(console,"gpgkeys: HTTP search error %d: %s\n",res,errorbuffer);
|
||||
ret=curl_err_to_gpg_err(res);
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(output,"\nSEARCH %s END\n",searchkey);
|
||||
ret=KEYSERVER_OK;
|
||||
}
|
||||
|
||||
fail:
|
||||
curl_free(searchkey_encoded);
|
||||
xfree (request);
|
||||
|
||||
if(ret!=KEYSERVER_OK)
|
||||
fprintf(output,"\nSEARCH %s FAILED %d\n",searchkey,ret);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
void
|
||||
fail_all(struct keylist *keylist,int err)
|
||||
{
|
||||
if(!keylist)
|
||||
return;
|
||||
|
||||
if(opt->action==KS_SEARCH)
|
||||
{
|
||||
fprintf(output,"SEARCH ");
|
||||
while(keylist)
|
||||
{
|
||||
fprintf(output,"%s ",keylist->str);
|
||||
keylist=keylist->next;
|
||||
}
|
||||
fprintf(output,"FAILED %d\n",err);
|
||||
}
|
||||
else
|
||||
while(keylist)
|
||||
{
|
||||
fprintf(output,"KEY %s FAILED %d\n",keylist->str,err);
|
||||
keylist=keylist->next;
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef HAVE_LIBCURL
|
||||
/* If there is a SRV record, take the highest ranked possibility.
|
||||
This is a hack, as we don't proceed downwards. */
|
||||
static void
|
||||
srv_replace(const char *srvtag)
|
||||
{
|
||||
#ifdef USE_DNS_SRV
|
||||
struct srventry *srvlist=NULL;
|
||||
int srvcount;
|
||||
|
||||
if(!srvtag)
|
||||
return;
|
||||
|
||||
if(1+strlen(srvtag)+6+strlen(opt->host)+1<=MAXDNAME)
|
||||
{
|
||||
char srvname[MAXDNAME];
|
||||
|
||||
strcpy(srvname,"_");
|
||||
strcat(srvname,srvtag);
|
||||
strcat(srvname,"._tcp.");
|
||||
strcat(srvname,opt->host);
|
||||
srvcount=getsrv(srvname,&srvlist);
|
||||
}
|
||||
|
||||
if(srvlist)
|
||||
{
|
||||
char *newname,*newport;
|
||||
|
||||
newname=strdup(srvlist->target);
|
||||
newport=malloc(MAX_PORT);
|
||||
if(newname && newport)
|
||||
{
|
||||
free(opt->host);
|
||||
free(opt->port);
|
||||
opt->host=newname;
|
||||
snprintf(newport,MAX_PORT,"%u",srvlist->port);
|
||||
opt->port=newport;
|
||||
}
|
||||
else
|
||||
{
|
||||
free(newname);
|
||||
free(newport);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
|
||||
static void
|
||||
show_help (FILE *fp)
|
||||
{
|
||||
fprintf (fp,"-h, --help\thelp\n");
|
||||
fprintf (fp,"-V\t\tmachine readable version\n");
|
||||
fprintf (fp,"--version\thuman readable version\n");
|
||||
fprintf (fp,"-o\t\toutput to this file\n");
|
||||
}
|
||||
|
||||
int
|
||||
main(int argc,char *argv[])
|
||||
{
|
||||
int arg,ret=KEYSERVER_INTERNAL_ERROR,try_srv=1;
|
||||
char line[MAX_LINE];
|
||||
int failed=0;
|
||||
struct keylist *keylist=NULL,*keyptr=NULL;
|
||||
char *proxy=NULL;
|
||||
struct curl_slist *headers=NULL;
|
||||
|
||||
console=stderr;
|
||||
|
||||
/* Kludge to implement standard GNU options. */
|
||||
if (argc > 1 && !strcmp (argv[1], "--version"))
|
||||
{
|
||||
printf ("gpgkeys_hkp (%s) %s\n", GNUPG_NAME, VERSION);
|
||||
printf ("Uses: %s\n", curl_version());
|
||||
return 0;
|
||||
}
|
||||
else if (argc > 1 && !strcmp (argv[1], "--help"))
|
||||
{
|
||||
show_help (stdout);
|
||||
return 0;
|
||||
}
|
||||
|
||||
while((arg=getopt(argc,argv,"hVo:"))!=-1)
|
||||
switch(arg)
|
||||
{
|
||||
default:
|
||||
case 'h':
|
||||
show_help (console);
|
||||
return KEYSERVER_OK;
|
||||
|
||||
case 'V':
|
||||
fprintf(stdout,"%d\n%s\n",KEYSERVER_PROTO_VERSION,VERSION);
|
||||
return KEYSERVER_OK;
|
||||
|
||||
case 'o':
|
||||
output=fopen(optarg,"w");
|
||||
if(output==NULL)
|
||||
{
|
||||
fprintf(console,"gpgkeys: Cannot open output file '%s': %s\n",
|
||||
optarg,strerror(errno));
|
||||
return KEYSERVER_INTERNAL_ERROR;
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
if(argc>optind)
|
||||
{
|
||||
input=fopen(argv[optind],"r");
|
||||
if(input==NULL)
|
||||
{
|
||||
fprintf(console,"gpgkeys: Cannot open input file '%s': %s\n",
|
||||
argv[optind],strerror(errno));
|
||||
return KEYSERVER_INTERNAL_ERROR;
|
||||
}
|
||||
}
|
||||
|
||||
if(input==NULL)
|
||||
input=stdin;
|
||||
|
||||
if(output==NULL)
|
||||
output=stdout;
|
||||
|
||||
opt=init_ks_options();
|
||||
if(!opt)
|
||||
return KEYSERVER_NO_MEMORY;
|
||||
|
||||
/* Get the command and info block */
|
||||
|
||||
while(fgets(line,MAX_LINE,input)!=NULL)
|
||||
{
|
||||
int err;
|
||||
char option[MAX_OPTION+1];
|
||||
|
||||
if(line[0]=='\n')
|
||||
break;
|
||||
|
||||
err=parse_ks_options(line,opt);
|
||||
if(err>0)
|
||||
{
|
||||
ret=err;
|
||||
goto fail;
|
||||
}
|
||||
else if(err==0)
|
||||
continue;
|
||||
|
||||
if(sscanf(line,"OPTION %" MKSTRING(MAX_OPTION) "s\n",option)==1)
|
||||
{
|
||||
int no=0;
|
||||
char *start=&option[0];
|
||||
|
||||
option[MAX_OPTION]='\0';
|
||||
|
||||
if(strncasecmp(option,"no-",3)==0)
|
||||
{
|
||||
no=1;
|
||||
start=&option[3];
|
||||
}
|
||||
|
||||
if(strncasecmp(start,"http-proxy",10)==0)
|
||||
{
|
||||
if(no)
|
||||
{
|
||||
free(proxy);
|
||||
proxy=strdup("");
|
||||
}
|
||||
else if(start[10]=='=')
|
||||
{
|
||||
if(strlen(&start[11])<MAX_PROXY)
|
||||
{
|
||||
free(proxy);
|
||||
proxy=strdup(&start[11]);
|
||||
}
|
||||
}
|
||||
}
|
||||
else if(strcasecmp(start,"try-dns-srv")==0)
|
||||
{
|
||||
if(no)
|
||||
try_srv=0;
|
||||
else
|
||||
try_srv=1;
|
||||
}
|
||||
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if(!opt->scheme)
|
||||
{
|
||||
fprintf(console,"gpgkeys: no scheme supplied!\n");
|
||||
ret=KEYSERVER_SCHEME_NOT_FOUND;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if(ascii_strcasecmp(opt->scheme,"hkps")==0)
|
||||
{
|
||||
proto="https";
|
||||
port="443";
|
||||
}
|
||||
else
|
||||
{
|
||||
proto="http";
|
||||
port="11371";
|
||||
}
|
||||
|
||||
if(!opt->host)
|
||||
{
|
||||
fprintf(console,"gpgkeys: no keyserver host provided\n");
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if(opt->timeout && register_timeout()==-1)
|
||||
{
|
||||
fprintf(console,"gpgkeys: unable to register timeout handler\n");
|
||||
return KEYSERVER_INTERNAL_ERROR;
|
||||
}
|
||||
|
||||
curl_global_init(CURL_GLOBAL_DEFAULT);
|
||||
curl=curl_easy_init();
|
||||
if(!curl)
|
||||
{
|
||||
fprintf(console,"gpgkeys: unable to initialize curl\n");
|
||||
ret=KEYSERVER_INTERNAL_ERROR;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
/* If the user gives a :port, then disable SRV. The semantics of a
|
||||
specified port and SRV do not play well together. */
|
||||
if(opt->port)
|
||||
port=opt->port;
|
||||
else if(try_srv)
|
||||
{
|
||||
char *srvtag;
|
||||
|
||||
if(ks_strcasecmp(opt->scheme,"hkp")==0)
|
||||
srvtag="pgpkey-http";
|
||||
else if(ks_strcasecmp(opt->scheme,"hkps")==0)
|
||||
srvtag="pgpkey-https";
|
||||
else
|
||||
srvtag=NULL;
|
||||
|
||||
#ifdef HAVE_LIBCURL
|
||||
/* We're using libcurl, so fake SRV support via our wrapper.
|
||||
This isn't as good as true SRV support, as we do not try all
|
||||
possible targets at one particular level and work our way
|
||||
down the list, but it's better than nothing. */
|
||||
srv_replace(srvtag);
|
||||
#else
|
||||
/* We're using our internal curl shim, so we can use its (true)
|
||||
SRV support. Obviously, CURLOPT_SRVTAG_GPG_HACK isn't a real
|
||||
libcurl option. It's specific to our shim. */
|
||||
curl_easy_setopt(curl,CURLOPT_SRVTAG_GPG_HACK,srvtag);
|
||||
#endif
|
||||
}
|
||||
|
||||
curl_easy_setopt(curl,CURLOPT_ERRORBUFFER,errorbuffer);
|
||||
|
||||
if(opt->auth)
|
||||
curl_easy_setopt(curl,CURLOPT_USERPWD,opt->auth);
|
||||
|
||||
if(opt->debug)
|
||||
{
|
||||
fprintf(console,"gpgkeys: curl version = %s\n",curl_version());
|
||||
curl_easy_setopt(curl,CURLOPT_STDERR,console);
|
||||
curl_easy_setopt(curl,CURLOPT_VERBOSE,1L);
|
||||
}
|
||||
|
||||
curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(long)opt->flags.check_cert);
|
||||
curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file);
|
||||
|
||||
/* Avoid caches to get the most recent copy of the key. This is bug
|
||||
#1061. In pre-curl versions of the code, we didn't do it. Then
|
||||
we did do it (as a curl default) until curl changed the default.
|
||||
Now we're doing it again, but in such a way that changing
|
||||
defaults in the future won't impact us. We set both the Pragma
|
||||
and Cache-Control versions of the header, so we're good with both
|
||||
HTTP 1.0 and 1.1. */
|
||||
headers=curl_slist_append(headers,"Pragma: no-cache");
|
||||
if(headers)
|
||||
headers=curl_slist_append(headers,"Cache-Control: no-cache");
|
||||
|
||||
if(!headers)
|
||||
{
|
||||
fprintf(console,"gpgkeys: out of memory when building HTTP headers\n");
|
||||
ret=KEYSERVER_NO_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
curl_easy_setopt(curl,CURLOPT_HTTPHEADER,headers);
|
||||
|
||||
if(proxy)
|
||||
curl_easy_setopt(curl,CURLOPT_PROXY,proxy);
|
||||
|
||||
/* If it's a GET or a SEARCH, the next thing to come in is the
|
||||
keyids. If it's a SEND, then there are no keyids. */
|
||||
|
||||
if(opt->action==KS_SEND)
|
||||
while(fgets(line,MAX_LINE,input)!=NULL && line[0]!='\n');
|
||||
else if(opt->action==KS_GET
|
||||
|| opt->action==KS_GETNAME || opt->action==KS_SEARCH)
|
||||
{
|
||||
for(;;)
|
||||
{
|
||||
struct keylist *work;
|
||||
|
||||
if(fgets(line,MAX_LINE,input)==NULL)
|
||||
break;
|
||||
else
|
||||
{
|
||||
if(line[0]=='\n' || line[0]=='\0')
|
||||
break;
|
||||
|
||||
work=malloc(sizeof(struct keylist));
|
||||
if(work==NULL)
|
||||
{
|
||||
fprintf(console,"gpgkeys: out of memory while "
|
||||
"building key list\n");
|
||||
ret=KEYSERVER_NO_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
strcpy(work->str,line);
|
||||
|
||||
/* Trim the trailing \n */
|
||||
work->str[strlen(line)-1]='\0';
|
||||
|
||||
work->next=NULL;
|
||||
|
||||
/* Always attach at the end to keep the list in proper
|
||||
order for searching */
|
||||
if(keylist==NULL)
|
||||
keylist=work;
|
||||
else
|
||||
keyptr->next=work;
|
||||
|
||||
keyptr=work;
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(console,"gpgkeys: no keyserver command specified\n");
|
||||
goto fail;
|
||||
}
|
||||
|
||||
/* Send the response */
|
||||
|
||||
fprintf(output,"VERSION %d\n",KEYSERVER_PROTO_VERSION);
|
||||
fprintf(output,"PROGRAM %s\n\n",VERSION);
|
||||
|
||||
if(opt->verbose>1)
|
||||
{
|
||||
fprintf(console,"Host:\t\t%s\n",opt->host);
|
||||
if(opt->port)
|
||||
fprintf(console,"Port:\t\t%s\n",opt->port);
|
||||
if(strcmp(opt->path,"/")!=0)
|
||||
fprintf(console,"Path:\t\t%s\n",opt->path);
|
||||
fprintf(console,"Command:\t%s\n",ks_action_to_string(opt->action));
|
||||
}
|
||||
|
||||
if(opt->action==KS_GET)
|
||||
{
|
||||
keyptr=keylist;
|
||||
|
||||
while(keyptr!=NULL)
|
||||
{
|
||||
set_timeout(opt->timeout);
|
||||
|
||||
if(get_key(keyptr->str)!=KEYSERVER_OK)
|
||||
failed++;
|
||||
|
||||
keyptr=keyptr->next;
|
||||
}
|
||||
}
|
||||
else if(opt->action==KS_GETNAME)
|
||||
{
|
||||
keyptr=keylist;
|
||||
|
||||
while(keyptr!=NULL)
|
||||
{
|
||||
set_timeout(opt->timeout);
|
||||
|
||||
if(get_name(keyptr->str)!=KEYSERVER_OK)
|
||||
failed++;
|
||||
|
||||
keyptr=keyptr->next;
|
||||
}
|
||||
}
|
||||
else if(opt->action==KS_SEND)
|
||||
{
|
||||
int myeof=0;
|
||||
|
||||
do
|
||||
{
|
||||
set_timeout(opt->timeout);
|
||||
|
||||
if(send_key(&myeof)!=KEYSERVER_OK)
|
||||
failed++;
|
||||
}
|
||||
while(!myeof);
|
||||
}
|
||||
else if(opt->action==KS_SEARCH)
|
||||
{
|
||||
char *searchkey=NULL;
|
||||
int len=0;
|
||||
|
||||
set_timeout(opt->timeout);
|
||||
|
||||
/* To search, we stick a space in between each key to search
|
||||
for. */
|
||||
|
||||
keyptr=keylist;
|
||||
while(keyptr!=NULL)
|
||||
{
|
||||
len+=strlen(keyptr->str)+1;
|
||||
keyptr=keyptr->next;
|
||||
}
|
||||
|
||||
searchkey=malloc(len+1);
|
||||
if(searchkey==NULL)
|
||||
{
|
||||
ret=KEYSERVER_NO_MEMORY;
|
||||
fail_all(keylist,KEYSERVER_NO_MEMORY);
|
||||
goto fail;
|
||||
}
|
||||
|
||||
searchkey[0]='\0';
|
||||
|
||||
keyptr=keylist;
|
||||
while(keyptr!=NULL)
|
||||
{
|
||||
strcat(searchkey,keyptr->str);
|
||||
strcat(searchkey," ");
|
||||
keyptr=keyptr->next;
|
||||
}
|
||||
|
||||
/* Nail that last space */
|
||||
if(*searchkey)
|
||||
searchkey[strlen(searchkey)-1]='\0';
|
||||
|
||||
if(search_key(searchkey)!=KEYSERVER_OK)
|
||||
failed++;
|
||||
|
||||
free(searchkey);
|
||||
}
|
||||
else
|
||||
abort();
|
||||
|
||||
if(!failed)
|
||||
ret=KEYSERVER_OK;
|
||||
|
||||
fail:
|
||||
while(keylist!=NULL)
|
||||
{
|
||||
struct keylist *current=keylist;
|
||||
keylist=keylist->next;
|
||||
free(current);
|
||||
}
|
||||
|
||||
if(input!=stdin)
|
||||
fclose(input);
|
||||
|
||||
if(output!=stdout)
|
||||
fclose(output);
|
||||
|
||||
free_ks_options(opt);
|
||||
|
||||
curl_slist_free_all(headers);
|
||||
|
||||
if(curl)
|
||||
curl_easy_cleanup(curl);
|
||||
|
||||
free(proxy);
|
||||
|
||||
return ret;
|
||||
}
|
@ -1,444 +0,0 @@
|
||||
/* gpgkeys_kdns.c - Fetch a key via the GnuPG specific KDNS scheme.
|
||||
* Copyright (C) 2008 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
* GnuPG is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GnuPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <config.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <errno.h>
|
||||
#include <unistd.h>
|
||||
#ifdef HAVE_GETOPT_H
|
||||
# include <getopt.h>
|
||||
#endif
|
||||
#include <assert.h>
|
||||
#ifdef HAVE_ADNS_H
|
||||
# include <adns.h>
|
||||
# ifndef HAVE_ADNS_FREE
|
||||
# define adns_free free
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#define INCLUDED_BY_MAIN_MODULE 1
|
||||
#include "util.h"
|
||||
#include "keyserver.h"
|
||||
#include "ksutil.h"
|
||||
|
||||
/* Our own name. */
|
||||
#define PGM "gpgkeys_kdns"
|
||||
|
||||
/* getopt(3) requires declarion of some global variables. */
|
||||
extern char *optarg;
|
||||
extern int optind;
|
||||
|
||||
/* Convenience variables usually intialized withn std{in,out,err}. */
|
||||
static FILE *input, *output, *console;
|
||||
|
||||
/* Standard keyserver module options. */
|
||||
static struct ks_options *opt;
|
||||
|
||||
/* The flags we pass to adns_init: Do not allow any environment
|
||||
variables and for now enable debugging. */
|
||||
#define MY_ADNS_INITFLAGS (adns_if_noenv)
|
||||
|
||||
|
||||
/* ADNS has no support for CERT yes. */
|
||||
#define my_adns_r_cert 37
|
||||
|
||||
/* The root of the KDNS tree. */
|
||||
static const char *kdns_root;
|
||||
|
||||
/* The replacement string for the at sign. */
|
||||
static const char *kdns_at_repl;
|
||||
|
||||
/* Flag indicating that a TCP connection should be used. */
|
||||
static int kdns_usevc;
|
||||
|
||||
|
||||
|
||||
/* Retrieve one key. ADDRESS should be an RFC-2822 addr-spec. */
|
||||
static int
|
||||
get_key (adns_state adns_ctx, char *address)
|
||||
{
|
||||
int ret = KEYSERVER_INTERNAL_ERROR;
|
||||
const char *domain;
|
||||
char *name = NULL;
|
||||
adns_answer *answer = NULL;
|
||||
const unsigned char *data;
|
||||
int datalen;
|
||||
struct b64state b64state;
|
||||
char *p;
|
||||
|
||||
domain = strrchr (address, '@');
|
||||
if (!domain || domain == address || !domain[1])
|
||||
{
|
||||
fprintf (console, PGM": invalid mail address '%s'\n", address);
|
||||
ret = KEYSERVER_GENERAL_ERROR;
|
||||
goto leave;
|
||||
}
|
||||
name = xtrymalloc (strlen (address) + strlen (kdns_at_repl)
|
||||
+ 1 + strlen (kdns_root) + 1);
|
||||
if (!name)
|
||||
goto leave;
|
||||
memcpy (name, address, domain - address);
|
||||
p = stpcpy (name + (domain-address), ".");
|
||||
if (*kdns_at_repl)
|
||||
p = stpcpy (stpcpy (p, kdns_at_repl), ".");
|
||||
p = stpcpy (p, domain+1);
|
||||
if (*kdns_root)
|
||||
strcpy (stpcpy (p, "."), kdns_root);
|
||||
|
||||
fprintf (output,"NAME %s BEGIN\n", address);
|
||||
if (opt->verbose > 2)
|
||||
fprintf(console, PGM": looking up '%s'\n", name);
|
||||
|
||||
if ( adns_synchronous (adns_ctx, name, (adns_r_unknown | my_adns_r_cert),
|
||||
adns_qf_quoteok_query|(kdns_usevc?adns_qf_usevc:0),
|
||||
&answer) )
|
||||
{
|
||||
fprintf (console, PGM": DNS query failed: %s\n", strerror (errno));
|
||||
ret = KEYSERVER_KEY_NOT_FOUND;
|
||||
goto leave;
|
||||
}
|
||||
if (answer->status != adns_s_ok)
|
||||
{
|
||||
fprintf (console, PGM": DNS query returned: %s (%s)\n",
|
||||
adns_strerror (answer->status),
|
||||
adns_errabbrev (answer->status));
|
||||
ret = KEYSERVER_KEY_NOT_FOUND;
|
||||
goto leave;
|
||||
}
|
||||
datalen = answer->rrs.byteblock->len;
|
||||
data = answer->rrs.byteblock->data;
|
||||
|
||||
if ( opt->debug > 1 )
|
||||
{
|
||||
int i;
|
||||
|
||||
fprintf (console, "got %d bytes of data:", datalen);
|
||||
for (i=0; i < datalen; i++)
|
||||
{
|
||||
if (!(i % 32))
|
||||
fprintf (console, "\n%08x ", i);
|
||||
fprintf (console, "%02x", data[i]);
|
||||
}
|
||||
putc ('\n', console);
|
||||
}
|
||||
if ( datalen < 5 )
|
||||
{
|
||||
fprintf (console, PGM": error: truncated CERT record\n");
|
||||
ret = KEYSERVER_KEY_NOT_FOUND;
|
||||
goto leave;
|
||||
}
|
||||
|
||||
switch ( ((data[0]<<8)|data[1]) )
|
||||
{
|
||||
case 3: /* CERT type is PGP. */
|
||||
/* (key tag and algorithm fields are ignored for this CERT type). */
|
||||
data += 5;
|
||||
datalen -= 5;
|
||||
if ( datalen < 11 )
|
||||
{
|
||||
/* Gpg checks for a minium length of 11, thus we do the same. */
|
||||
fprintf (console, PGM": error: OpenPGP data to short\n");
|
||||
ret = KEYSERVER_KEY_NOT_FOUND;
|
||||
goto leave;
|
||||
}
|
||||
if (b64enc_start (&b64state, output, "PGP PUBLIC KEY BLOCK")
|
||||
|| b64enc_write (&b64state, data, datalen)
|
||||
|| b64enc_finish (&b64state))
|
||||
goto leave; /* Oops, base64 encoder failed. */
|
||||
break;
|
||||
|
||||
default:
|
||||
fprintf (console, PGM": CERT type %d ignored\n", (data[0] <<8|data[1]));
|
||||
ret = KEYSERVER_KEY_NOT_FOUND;
|
||||
goto leave;
|
||||
}
|
||||
|
||||
ret = 0; /* All fine. */
|
||||
|
||||
leave:
|
||||
if (ret)
|
||||
fprintf (output, "\nNAME %s FAILED %d\n", address, ret);
|
||||
else
|
||||
fprintf (output, "\nNAME %s END\n", address);
|
||||
adns_free (answer);
|
||||
xfree (name);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
/* Print some help. */
|
||||
static void
|
||||
show_help (FILE *fp)
|
||||
{
|
||||
fputs (PGM" ("GNUPG_NAME") " VERSION"\n\n", fp);
|
||||
fputs (" -h\thelp\n"
|
||||
" -V\tversion\n"
|
||||
" -o\toutput to this file\n"
|
||||
"\n", fp);
|
||||
fputs ("This keyserver helper accepts URLs of the form:\n"
|
||||
" kdns://[NAMESERVER]/[ROOT][?at=STRING]\n"
|
||||
"with\n"
|
||||
" NAMESERVER used for queries (default: system standard)\n"
|
||||
" ROOT a DNS name appended to the query (default: none)\n"
|
||||
" STRING a string to replace the '@' (default: \".\")\n"
|
||||
"If a long answer is expected add the parameter \"usevc=1\".\n"
|
||||
"\n", fp);
|
||||
fputs ("Example: A query for \"hacker@gnupg.org\" with\n"
|
||||
" kdns://10.0.0.1/example.net?at=_key&usevc=1\n"
|
||||
"setup as --auto-key-lookup does a CERT record query\n"
|
||||
"with type PGP on the nameserver 10.0.0.1 for\n"
|
||||
" hacker._key_.gnupg.org.example.net\n"
|
||||
"\n", fp);
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
main (int argc, char *argv[])
|
||||
{
|
||||
int arg;
|
||||
int ret = KEYSERVER_INTERNAL_ERROR;
|
||||
char line[MAX_LINE];
|
||||
struct keylist *keylist = NULL;
|
||||
struct keylist **keylist_tail = &keylist;
|
||||
struct keylist *akey;
|
||||
int failed = 0;
|
||||
adns_state adns_ctx = NULL;
|
||||
adns_initflags my_adns_initflags = MY_ADNS_INITFLAGS;
|
||||
int tmprc;
|
||||
|
||||
/* The defaults for the KDNS name mangling. */
|
||||
kdns_root = "";
|
||||
kdns_at_repl = "";
|
||||
|
||||
console = stderr;
|
||||
|
||||
/* Kludge to implement standard GNU options. */
|
||||
if (argc > 1 && !strcmp (argv[1], "--version"))
|
||||
{
|
||||
fputs (PGM" ("GNUPG_NAME") " VERSION"\n", stdout);
|
||||
return 0;
|
||||
}
|
||||
else if (argc > 1 && !strcmp (argv[1], "--help"))
|
||||
{
|
||||
show_help (stdout);
|
||||
return 0;
|
||||
}
|
||||
|
||||
while ( (arg = getopt (argc, argv, "hVo:")) != -1 )
|
||||
{
|
||||
switch(arg)
|
||||
{
|
||||
case 'V':
|
||||
printf ("%d\n%s\n", KEYSERVER_PROTO_VERSION, VERSION);
|
||||
return KEYSERVER_OK;
|
||||
|
||||
case 'o':
|
||||
output = fopen (optarg,"w");
|
||||
if (!output)
|
||||
{
|
||||
fprintf (console, PGM": cannot open output file '%s': %s\n",
|
||||
optarg, strerror(errno) );
|
||||
return KEYSERVER_INTERNAL_ERROR;
|
||||
}
|
||||
break;
|
||||
|
||||
case 'h':
|
||||
default:
|
||||
show_help (console);
|
||||
return KEYSERVER_OK;
|
||||
}
|
||||
}
|
||||
|
||||
if (argc > optind)
|
||||
{
|
||||
input = fopen (argv[optind], "r");
|
||||
if (!input)
|
||||
{
|
||||
fprintf (console, PGM": cannot open input file '%s': %s\n",
|
||||
argv[optind], strerror(errno) );
|
||||
return KEYSERVER_INTERNAL_ERROR;
|
||||
}
|
||||
}
|
||||
|
||||
if (!input)
|
||||
input = stdin;
|
||||
|
||||
if (!output)
|
||||
output = stdout;
|
||||
|
||||
opt = init_ks_options();
|
||||
if(!opt)
|
||||
return KEYSERVER_NO_MEMORY;
|
||||
|
||||
/* Get the command and info block */
|
||||
while ( fgets(line,MAX_LINE,input) )
|
||||
{
|
||||
int err;
|
||||
|
||||
if(line[0]=='\n')
|
||||
break;
|
||||
|
||||
err = parse_ks_options (line, opt);
|
||||
if (err > 0)
|
||||
{
|
||||
ret = err;
|
||||
goto leave;
|
||||
}
|
||||
else if (!err)
|
||||
continue;
|
||||
}
|
||||
|
||||
if (opt->timeout && register_timeout() == -1 )
|
||||
{
|
||||
fprintf (console, PGM": unable to register timeout handler\n");
|
||||
return KEYSERVER_INTERNAL_ERROR;
|
||||
}
|
||||
|
||||
if (opt->verbose)
|
||||
{
|
||||
fprintf (console, PGM": HOST=%s\n", opt->host? opt->host:"(none)");
|
||||
fprintf (console, PGM": PATH=%s\n", opt->path? opt->path:"(none)");
|
||||
}
|
||||
if (opt->path && *opt->path == '/')
|
||||
{
|
||||
char *p, *pend;
|
||||
|
||||
kdns_root = opt->path+1;
|
||||
p = strchr (opt->path+1, '?');
|
||||
if (p)
|
||||
{
|
||||
*p++ = 0;
|
||||
do
|
||||
{
|
||||
pend = strchr (p, '&');
|
||||
if (pend)
|
||||
*pend++ = 0;
|
||||
if (!strncmp (p, "at=", 3))
|
||||
kdns_at_repl = p+3;
|
||||
else if (!strncmp (p, "usevc=", 6))
|
||||
kdns_usevc = !!atoi (p+6);
|
||||
}
|
||||
while ((p = pend));
|
||||
}
|
||||
}
|
||||
if (strchr (kdns_root, '/'))
|
||||
{
|
||||
fprintf (console, PGM": invalid character in KDNS root\n");
|
||||
return KEYSERVER_GENERAL_ERROR;
|
||||
}
|
||||
if (!strcmp (kdns_at_repl, "."))
|
||||
kdns_at_repl = "";
|
||||
|
||||
if (opt->verbose)
|
||||
{
|
||||
fprintf (console, PGM": kdns_root=%s\n", kdns_root);
|
||||
fprintf (console, PGM": kdns_at=%s\n", kdns_at_repl);
|
||||
fprintf (console, PGM": kdns_usevc=%d\n", kdns_usevc);
|
||||
}
|
||||
|
||||
if (opt->debug)
|
||||
my_adns_initflags |= adns_if_debug;
|
||||
if (opt->host)
|
||||
{
|
||||
char cfgtext[200];
|
||||
|
||||
snprintf (cfgtext, sizeof cfgtext, "nameserver %s\n", opt->host);
|
||||
tmprc = adns_init_strcfg (&adns_ctx, my_adns_initflags, console,cfgtext);
|
||||
}
|
||||
else
|
||||
tmprc = adns_init (&adns_ctx, my_adns_initflags, console);
|
||||
if (tmprc)
|
||||
{
|
||||
fprintf (console, PGM": error initializing ADNS: %s\n",
|
||||
strerror (errno));
|
||||
goto leave;
|
||||
}
|
||||
|
||||
if (opt->action == KS_GETNAME)
|
||||
{
|
||||
while ( fgets (line,MAX_LINE,input) )
|
||||
{
|
||||
if (line[0]=='\n' || !line[0] )
|
||||
break;
|
||||
line[strlen(line)-1] = 0; /* Trim the trailing LF. */
|
||||
|
||||
akey = xtrymalloc (sizeof *akey);
|
||||
if (!akey)
|
||||
{
|
||||
fprintf (console,
|
||||
PGM": out of memory while building key list\n");
|
||||
ret = KEYSERVER_NO_MEMORY;
|
||||
goto leave;
|
||||
}
|
||||
assert (sizeof (akey->str) > strlen(line));
|
||||
strcpy (akey->str, line);
|
||||
akey->next = NULL;
|
||||
*keylist_tail = akey;
|
||||
keylist_tail = &akey->next;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf (console,
|
||||
PGM": this keyserver type only supports "
|
||||
"key retrieval by name\n");
|
||||
goto leave;
|
||||
}
|
||||
|
||||
/* Send the response */
|
||||
fprintf (output, "VERSION %d\n", KEYSERVER_PROTO_VERSION);
|
||||
fprintf (output, "PROGRAM %s\n\n", VERSION);
|
||||
|
||||
if (opt->verbose > 1)
|
||||
{
|
||||
if (opt->opaque)
|
||||
fprintf (console, "User:\t\t%s\n", opt->opaque);
|
||||
fprintf (console, "Command:\tGET\n");
|
||||
}
|
||||
|
||||
for (akey = keylist; akey; akey = akey->next)
|
||||
{
|
||||
set_timeout (opt->timeout);
|
||||
if ( get_key (adns_ctx, akey->str) )
|
||||
failed++;
|
||||
}
|
||||
if (!failed)
|
||||
ret = KEYSERVER_OK;
|
||||
|
||||
|
||||
leave:
|
||||
if (adns_ctx)
|
||||
adns_finish (adns_ctx);
|
||||
while (keylist)
|
||||
{
|
||||
akey = keylist->next;
|
||||
xfree (keylist);
|
||||
keylist = akey;
|
||||
}
|
||||
if (input != stdin)
|
||||
fclose (input);
|
||||
if (output != stdout)
|
||||
fclose (output);
|
||||
kdns_root = "";
|
||||
kdns_at_repl = ".";
|
||||
free_ks_options (opt);
|
||||
return ret;
|
||||
}
|
File diff suppressed because it is too large
Load Diff
@ -1,624 +0,0 @@
|
||||
/* ksutil.c - general keyserver utility functions
|
||||
* Copyright (C) 2004, 2005, 2006 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
* GnuPG is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GnuPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
* In addition, as a special exception, the Free Software Foundation
|
||||
* gives permission to link the code of the keyserver helper tools:
|
||||
* gpgkeys_ldap, gpgkeys_curl and gpgkeys_hkp with the OpenSSL
|
||||
* project's "OpenSSL" library (or with modified versions of it that
|
||||
* use the same license as the "OpenSSL" library), and distribute the
|
||||
* linked executables. You must obey the GNU General Public License
|
||||
* in all respects for all of the code used other than "OpenSSL". If
|
||||
* you modify this file, you may extend this exception to your version
|
||||
* of the file, but you are not obligated to do so. If you do not
|
||||
* wish to do so, delete this exception statement from your version.
|
||||
*/
|
||||
|
||||
#include <config.h>
|
||||
#ifdef HAVE_SIGNAL_H
|
||||
# include <signal.h>
|
||||
#endif
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
#ifdef HAVE_W32_SYSTEM
|
||||
#include <windows.h>
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_LIBCURL
|
||||
#include <curl/curl.h>
|
||||
#else
|
||||
#include "curl-shim.h"
|
||||
#endif
|
||||
#include "util.h"
|
||||
#include "keyserver.h"
|
||||
#include "ksutil.h"
|
||||
|
||||
#ifdef HAVE_DOSISH_SYSTEM
|
||||
|
||||
unsigned int set_timeout(unsigned int seconds) {return 0;}
|
||||
int register_timeout(void) {return 0;}
|
||||
|
||||
#else
|
||||
|
||||
static void
|
||||
catch_alarm(int foo)
|
||||
{
|
||||
(void)foo;
|
||||
_exit(KEYSERVER_TIMEOUT);
|
||||
}
|
||||
|
||||
unsigned int
|
||||
set_timeout(unsigned int seconds)
|
||||
{
|
||||
return alarm(seconds);
|
||||
}
|
||||
|
||||
int
|
||||
register_timeout(void)
|
||||
{
|
||||
#if defined(HAVE_SIGACTION) && defined(HAVE_STRUCT_SIGACTION)
|
||||
struct sigaction act;
|
||||
|
||||
act.sa_handler=catch_alarm;
|
||||
sigemptyset(&act.sa_mask);
|
||||
act.sa_flags=0;
|
||||
return sigaction(SIGALRM,&act,NULL);
|
||||
#else
|
||||
if(signal(SIGALRM,catch_alarm)==SIG_ERR)
|
||||
return -1;
|
||||
else
|
||||
return 0;
|
||||
#endif
|
||||
}
|
||||
|
||||
#endif /* !HAVE_DOSISH_SYSTEM */
|
||||
|
||||
#ifdef HAVE_W32_SYSTEM
|
||||
void
|
||||
w32_init_sockets (void)
|
||||
{
|
||||
static int initialized;
|
||||
static WSADATA wsdata;
|
||||
|
||||
if (!initialized)
|
||||
{
|
||||
WSAStartup (0x0202, &wsdata);
|
||||
initialized = 1;
|
||||
}
|
||||
}
|
||||
#endif /*HAVE_W32_SYSTEM*/
|
||||
|
||||
|
||||
struct ks_options *
|
||||
init_ks_options(void)
|
||||
{
|
||||
struct ks_options *opt;
|
||||
|
||||
opt=calloc(1,sizeof(struct ks_options));
|
||||
|
||||
if(opt)
|
||||
{
|
||||
opt->action=KS_UNKNOWN;
|
||||
opt->flags.include_revoked=1;
|
||||
opt->flags.include_subkeys=1;
|
||||
opt->flags.check_cert=1;
|
||||
opt->timeout=DEFAULT_KEYSERVER_TIMEOUT;
|
||||
opt->path=strdup("/");
|
||||
if(!opt->path)
|
||||
{
|
||||
free(opt);
|
||||
opt=NULL;
|
||||
}
|
||||
}
|
||||
|
||||
return opt;
|
||||
}
|
||||
|
||||
void
|
||||
free_ks_options(struct ks_options *opt)
|
||||
{
|
||||
if(opt)
|
||||
{
|
||||
free(opt->host);
|
||||
free(opt->port);
|
||||
free(opt->scheme);
|
||||
free(opt->auth);
|
||||
free(opt->path);
|
||||
free(opt->opaque);
|
||||
free(opt->ca_cert_file);
|
||||
free(opt);
|
||||
}
|
||||
}
|
||||
|
||||
/* Returns 0 if we "ate" the line. Returns >0, a KEYSERVER_ error
|
||||
code if that error applies. Returns -1 if we did not match the
|
||||
line at all. */
|
||||
int
|
||||
parse_ks_options(char *line,struct ks_options *opt)
|
||||
{
|
||||
int version;
|
||||
char command[MAX_COMMAND+1];
|
||||
char host[MAX_HOST+1];
|
||||
char port[MAX_PORT+1];
|
||||
char scheme[MAX_SCHEME+1];
|
||||
char auth[MAX_AUTH+1];
|
||||
char path[URLMAX_PATH+1];
|
||||
char opaque[MAX_OPAQUE+1];
|
||||
char option[MAX_OPTION+1];
|
||||
|
||||
if(line[0]=='#')
|
||||
return 0;
|
||||
|
||||
if(sscanf(line,"COMMAND %" MKSTRING(MAX_COMMAND) "s\n",command)==1)
|
||||
{
|
||||
command[MAX_COMMAND]='\0';
|
||||
|
||||
if(strcasecmp(command,"get")==0)
|
||||
opt->action=KS_GET;
|
||||
else if(strcasecmp(command,"getname")==0)
|
||||
opt->action=KS_GETNAME;
|
||||
else if(strcasecmp(command,"send")==0)
|
||||
opt->action=KS_SEND;
|
||||
else if(strcasecmp(command,"search")==0)
|
||||
opt->action=KS_SEARCH;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
if(sscanf(line,"HOST %" MKSTRING(MAX_HOST) "s\n",host)==1)
|
||||
{
|
||||
host[MAX_HOST]='\0';
|
||||
free(opt->host);
|
||||
opt->host=strdup(host);
|
||||
if(!opt->host)
|
||||
return KEYSERVER_NO_MEMORY;
|
||||
return 0;
|
||||
}
|
||||
|
||||
if(sscanf(line,"PORT %" MKSTRING(MAX_PORT) "s\n",port)==1)
|
||||
{
|
||||
port[MAX_PORT]='\0';
|
||||
free(opt->port);
|
||||
opt->port=strdup(port);
|
||||
if(!opt->port)
|
||||
return KEYSERVER_NO_MEMORY;
|
||||
return 0;
|
||||
}
|
||||
|
||||
if(sscanf(line,"SCHEME %" MKSTRING(MAX_SCHEME) "s\n",scheme)==1)
|
||||
{
|
||||
scheme[MAX_SCHEME]='\0';
|
||||
free(opt->scheme);
|
||||
opt->scheme=strdup(scheme);
|
||||
if(!opt->scheme)
|
||||
return KEYSERVER_NO_MEMORY;
|
||||
return 0;
|
||||
}
|
||||
|
||||
if(sscanf(line,"AUTH %" MKSTRING(MAX_AUTH) "s\n",auth)==1)
|
||||
{
|
||||
auth[MAX_AUTH]='\0';
|
||||
free(opt->auth);
|
||||
opt->auth=strdup(auth);
|
||||
if(!opt->auth)
|
||||
return KEYSERVER_NO_MEMORY;
|
||||
return 0;
|
||||
}
|
||||
|
||||
if(sscanf(line,"PATH %" MKSTRING(URLMAX_PATH) "s\n",path)==1)
|
||||
{
|
||||
path[URLMAX_PATH]='\0';
|
||||
free(opt->path);
|
||||
opt->path=strdup(path);
|
||||
if(!opt->path)
|
||||
return KEYSERVER_NO_MEMORY;
|
||||
return 0;
|
||||
}
|
||||
|
||||
if(sscanf(line,"OPAQUE %" MKSTRING(MAX_OPAQUE) "s\n",opaque)==1)
|
||||
{
|
||||
opaque[MAX_OPAQUE]='\0';
|
||||
free(opt->opaque);
|
||||
opt->opaque=strdup(opaque);
|
||||
if(!opt->opaque)
|
||||
return KEYSERVER_NO_MEMORY;
|
||||
return 0;
|
||||
}
|
||||
|
||||
if(sscanf(line,"VERSION %d\n",&version)==1)
|
||||
{
|
||||
if(version!=KEYSERVER_PROTO_VERSION)
|
||||
return KEYSERVER_VERSION_ERROR;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
if(sscanf(line,"OPTION %" MKSTRING(MAX_OPTION) "[^\n]\n",option)==1)
|
||||
{
|
||||
int no=0;
|
||||
char *start=&option[0];
|
||||
|
||||
option[MAX_OPTION]='\0';
|
||||
|
||||
if(strncasecmp(option,"no-",3)==0)
|
||||
{
|
||||
no=1;
|
||||
start=&option[3];
|
||||
}
|
||||
|
||||
if(strncasecmp(start,"verbose",7)==0)
|
||||
{
|
||||
if(no)
|
||||
opt->verbose=0;
|
||||
else if(start[7]=='=')
|
||||
opt->verbose=atoi(&start[8]);
|
||||
else
|
||||
opt->verbose++;
|
||||
}
|
||||
else if(strcasecmp(start,"include-disabled")==0)
|
||||
{
|
||||
if(no)
|
||||
opt->flags.include_disabled=0;
|
||||
else
|
||||
opt->flags.include_disabled=1;
|
||||
}
|
||||
else if(strcasecmp(start,"include-revoked")==0)
|
||||
{
|
||||
if(no)
|
||||
opt->flags.include_revoked=0;
|
||||
else
|
||||
opt->flags.include_revoked=1;
|
||||
}
|
||||
else if(strcasecmp(start,"include-subkeys")==0)
|
||||
{
|
||||
if(no)
|
||||
opt->flags.include_subkeys=0;
|
||||
else
|
||||
opt->flags.include_subkeys=1;
|
||||
}
|
||||
else if(strcasecmp(start,"check-cert")==0)
|
||||
{
|
||||
if(no)
|
||||
opt->flags.check_cert=0;
|
||||
else
|
||||
opt->flags.check_cert=1;
|
||||
}
|
||||
else if(strncasecmp(start,"debug",5)==0)
|
||||
{
|
||||
if(no)
|
||||
opt->debug=0;
|
||||
else if(start[5]=='=')
|
||||
opt->debug=atoi(&start[6]);
|
||||
else if(start[5]=='\0')
|
||||
opt->debug=1;
|
||||
}
|
||||
else if(strncasecmp(start,"timeout",7)==0)
|
||||
{
|
||||
if(no)
|
||||
opt->timeout=0;
|
||||
else if(start[7]=='=')
|
||||
opt->timeout=atoi(&start[8]);
|
||||
else if(start[7]=='\0')
|
||||
opt->timeout=DEFAULT_KEYSERVER_TIMEOUT;
|
||||
}
|
||||
else if(strncasecmp(start,"ca-cert-file",12)==0)
|
||||
{
|
||||
if(no)
|
||||
{
|
||||
free(opt->ca_cert_file);
|
||||
opt->ca_cert_file=NULL;
|
||||
}
|
||||
else if(start[12]=='=')
|
||||
{
|
||||
free(opt->ca_cert_file);
|
||||
opt->ca_cert_file = make_filename_try (start+13, NULL);
|
||||
if(!opt->ca_cert_file)
|
||||
return KEYSERVER_NO_MEMORY;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return -1;
|
||||
}
|
||||
|
||||
const char *
|
||||
ks_action_to_string(enum ks_action action)
|
||||
{
|
||||
switch(action)
|
||||
{
|
||||
case KS_UNKNOWN: return "UNKNOWN";
|
||||
case KS_GET: return "GET";
|
||||
case KS_GETNAME: return "GETNAME";
|
||||
case KS_SEND: return "SEND";
|
||||
case KS_SEARCH: return "SEARCH";
|
||||
}
|
||||
|
||||
return "?";
|
||||
}
|
||||
|
||||
/* Canonicalize CRLF to just LF by stripping CRs. This actually makes
|
||||
sense, since on Unix-like machines LF is correct, and on win32-like
|
||||
machines, our output buffer is opened in textmode and will
|
||||
re-canonicalize line endings back to CRLF. Since we only need to
|
||||
handle armored keys, we don't have to worry about odd cases like
|
||||
CRCRCR and the like. */
|
||||
|
||||
void
|
||||
print_nocr(FILE *stream,const char *str)
|
||||
{
|
||||
while(*str)
|
||||
{
|
||||
if(*str!='\r')
|
||||
fputc(*str,stream);
|
||||
str++;
|
||||
}
|
||||
}
|
||||
|
||||
enum ks_search_type
|
||||
classify_ks_search(const char **search)
|
||||
{
|
||||
switch(**search)
|
||||
{
|
||||
case '*':
|
||||
(*search)++;
|
||||
return KS_SEARCH_SUBSTR;
|
||||
case '=':
|
||||
(*search)++;
|
||||
return KS_SEARCH_EXACT;
|
||||
case '<':
|
||||
(*search)++;
|
||||
return KS_SEARCH_MAIL;
|
||||
case '@':
|
||||
(*search)++;
|
||||
return KS_SEARCH_MAILSUB;
|
||||
case '0':
|
||||
if((*search)[1]=='x')
|
||||
{
|
||||
if(strlen(*search)==10
|
||||
&& strspn(*search,"abcdefABCDEF1234567890x")==10)
|
||||
{
|
||||
(*search)+=2;
|
||||
return KS_SEARCH_KEYID_SHORT;
|
||||
}
|
||||
else if(strlen(*search)==18
|
||||
&& strspn(*search,"abcdefABCDEF1234567890x")==18)
|
||||
{
|
||||
(*search)+=2;
|
||||
return KS_SEARCH_KEYID_LONG;
|
||||
}
|
||||
}
|
||||
/* fall through */
|
||||
default:
|
||||
return KS_SEARCH_SUBSTR;
|
||||
}
|
||||
}
|
||||
|
||||
int
|
||||
curl_err_to_gpg_err(CURLcode error)
|
||||
{
|
||||
switch(error)
|
||||
{
|
||||
case CURLE_OK: return KEYSERVER_OK;
|
||||
case CURLE_UNSUPPORTED_PROTOCOL: return KEYSERVER_SCHEME_NOT_FOUND;
|
||||
case CURLE_COULDNT_CONNECT: return KEYSERVER_UNREACHABLE;
|
||||
case CURLE_FTP_COULDNT_RETR_FILE: return KEYSERVER_KEY_NOT_FOUND;
|
||||
default: return KEYSERVER_INTERNAL_ERROR;
|
||||
}
|
||||
}
|
||||
|
||||
#define B64 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
|
||||
|
||||
static void
|
||||
curl_armor_writer(const unsigned char *buf,size_t size,void *cw_ctx)
|
||||
{
|
||||
struct curl_writer_ctx *ctx=cw_ctx;
|
||||
size_t idx=0;
|
||||
|
||||
while(idx<size)
|
||||
{
|
||||
for(;ctx->armor_remaining<3 && idx<size;ctx->armor_remaining++,idx++)
|
||||
ctx->armor_ctx[ctx->armor_remaining]=buf[idx];
|
||||
|
||||
if(ctx->armor_remaining==3)
|
||||
{
|
||||
/* Top 6 bytes of ctx->armor_ctx[0] */
|
||||
fputc(B64[(ctx->armor_ctx[0]>>2)&0x3F],ctx->stream);
|
||||
/* Bottom 2 bytes of ctx->armor_ctx[0] and top 4 bytes of
|
||||
ctx->armor_ctx[1] */
|
||||
fputc(B64[(((ctx->armor_ctx[0]<<4)&0x30)
|
||||
|((ctx->armor_ctx[1]>>4)&0x0F))&0x3F],ctx->stream);
|
||||
/* Bottom 4 bytes of ctx->armor_ctx[1] and top 2 bytes of
|
||||
ctx->armor_ctx[2] */
|
||||
fputc(B64[(((ctx->armor_ctx[1]<<2)&0x3C)
|
||||
|((ctx->armor_ctx[2]>>6)&0x03))&0x3F],ctx->stream);
|
||||
/* Bottom 6 bytes of ctx->armor_ctx[2] */
|
||||
fputc(B64[(ctx->armor_ctx[2]&0x3F)],ctx->stream);
|
||||
|
||||
ctx->linelen+=4;
|
||||
if(ctx->linelen>=70)
|
||||
{
|
||||
fputc('\n',ctx->stream);
|
||||
ctx->linelen=0;
|
||||
}
|
||||
|
||||
ctx->armor_remaining=0;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
size_t
|
||||
curl_writer(const void *ptr,size_t size,size_t nmemb,void *cw_ctx)
|
||||
{
|
||||
struct curl_writer_ctx *ctx=cw_ctx;
|
||||
const char *buf=ptr;
|
||||
size_t i;
|
||||
|
||||
if(!ctx->flags.initialized)
|
||||
{
|
||||
if(size*nmemb==0)
|
||||
return 0;
|
||||
|
||||
/* The object we're fetching is in binary form */
|
||||
if(*buf&0x80)
|
||||
{
|
||||
ctx->flags.armor=1;
|
||||
fprintf(ctx->stream,BEGIN"\n\n");
|
||||
}
|
||||
else
|
||||
ctx->marker=BEGIN;
|
||||
|
||||
ctx->flags.initialized=1;
|
||||
}
|
||||
|
||||
if(ctx->flags.armor)
|
||||
curl_armor_writer(ptr,size*nmemb,cw_ctx);
|
||||
else
|
||||
{
|
||||
/* scan the incoming data for our marker */
|
||||
for(i=0;!ctx->flags.done && i<(size*nmemb);i++)
|
||||
{
|
||||
if(buf[i]==ctx->marker[ctx->markeridx])
|
||||
{
|
||||
ctx->markeridx++;
|
||||
if(ctx->marker[ctx->markeridx]=='\0')
|
||||
{
|
||||
if(ctx->flags.begun)
|
||||
ctx->flags.done=1;
|
||||
else
|
||||
{
|
||||
/* We've found the BEGIN marker, so now we're
|
||||
looking for the END marker. */
|
||||
ctx->flags.begun=1;
|
||||
ctx->marker=END;
|
||||
ctx->markeridx=0;
|
||||
fprintf(ctx->stream,BEGIN);
|
||||
continue;
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
ctx->markeridx=0;
|
||||
|
||||
if(ctx->flags.begun)
|
||||
{
|
||||
/* Canonicalize CRLF to just LF by stripping CRs. This
|
||||
actually makes sense, since on Unix-like machines LF
|
||||
is correct, and on win32-like machines, our output
|
||||
buffer is opened in textmode and will re-canonicalize
|
||||
line endings back to CRLF. Since this code is just
|
||||
for handling armored keys, we don't have to worry
|
||||
about odd cases like CRCRCR and the like. */
|
||||
|
||||
if(buf[i]!='\r')
|
||||
fputc(buf[i],ctx->stream);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return size*nmemb;
|
||||
}
|
||||
|
||||
void
|
||||
curl_writer_finalize(struct curl_writer_ctx *ctx)
|
||||
{
|
||||
if(ctx->flags.armor)
|
||||
{
|
||||
if(ctx->armor_remaining==2)
|
||||
{
|
||||
/* Top 6 bytes of ctx->armorctx[0] */
|
||||
fputc(B64[(ctx->armor_ctx[0]>>2)&0x3F],ctx->stream);
|
||||
/* Bottom 2 bytes of ctx->armor_ctx[0] and top 4 bytes of
|
||||
ctx->armor_ctx[1] */
|
||||
fputc(B64[(((ctx->armor_ctx[0]<<4)&0x30)
|
||||
|((ctx->armor_ctx[1]>>4)&0x0F))&0x3F],ctx->stream);
|
||||
/* Bottom 4 bytes of ctx->armor_ctx[1] */
|
||||
fputc(B64[((ctx->armor_ctx[1]<<2)&0x3C)],ctx->stream);
|
||||
/* Pad */
|
||||
fputc('=',ctx->stream);
|
||||
}
|
||||
else if(ctx->armor_remaining==1)
|
||||
{
|
||||
/* Top 6 bytes of ctx->armor_ctx[0] */
|
||||
fputc(B64[(ctx->armor_ctx[0]>>2)&0x3F],ctx->stream);
|
||||
/* Bottom 2 bytes of ctx->armor_ctx[0] */
|
||||
fputc(B64[((ctx->armor_ctx[0]<<4)&0x30)],ctx->stream);
|
||||
/* Pad */
|
||||
fputc('=',ctx->stream);
|
||||
/* Pad */
|
||||
fputc('=',ctx->stream);
|
||||
}
|
||||
|
||||
fprintf(ctx->stream,"\n"END);
|
||||
ctx->flags.done=1;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
ks_hextobyte (const char *s)
|
||||
{
|
||||
int c;
|
||||
|
||||
if ( *s >= '0' && *s <= '9' )
|
||||
c = 16 * (*s - '0');
|
||||
else if ( *s >= 'A' && *s <= 'F' )
|
||||
c = 16 * (10 + *s - 'A');
|
||||
else if ( *s >= 'a' && *s <= 'f' )
|
||||
c = 16 * (10 + *s - 'a');
|
||||
else
|
||||
return -1;
|
||||
s++;
|
||||
if ( *s >= '0' && *s <= '9' )
|
||||
c += *s - '0';
|
||||
else if ( *s >= 'A' && *s <= 'F' )
|
||||
c += 10 + *s - 'A';
|
||||
else if ( *s >= 'a' && *s <= 'f' )
|
||||
c += 10 + *s - 'a';
|
||||
else
|
||||
return -1;
|
||||
return c;
|
||||
}
|
||||
|
||||
|
||||
/* Non localized version of toupper. */
|
||||
int
|
||||
ks_toupper (int c)
|
||||
{
|
||||
if (c >= 'a' && c <= 'z')
|
||||
c &= ~0x20;
|
||||
return c;
|
||||
}
|
||||
|
||||
|
||||
/* Non localized version of strcasecmp. */
|
||||
int
|
||||
ks_strcasecmp (const char *a, const char *b)
|
||||
{
|
||||
if (a == b)
|
||||
return 0;
|
||||
|
||||
for (; *a && *b; a++, b++)
|
||||
{
|
||||
if (*a != *b && ks_toupper (*a) != ks_toupper (*b))
|
||||
break;
|
||||
}
|
||||
return *a == *b? 0 : (ks_toupper (*a) - ks_toupper (*b));
|
||||
}
|
@ -1,149 +0,0 @@
|
||||
/* ksutil.h
|
||||
* Copyright (C) 2004, 2005, 2006 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
* GnuPG is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GnuPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
* In addition, as a special exception, the Free Software Foundation
|
||||
* gives permission to link the code of the keyserver helper tools:
|
||||
* gpgkeys_ldap, gpgkeys_curl and gpgkeys_hkp with the OpenSSL
|
||||
* project's "OpenSSL" library (or with modified versions of it that
|
||||
* use the same license as the "OpenSSL" library), and distribute the
|
||||
* linked executables. You must obey the GNU General Public License
|
||||
* in all respects for all of the code used other than "OpenSSL". If
|
||||
* you modify this file, you may extend this exception to your version
|
||||
* of the file, but you are not obligated to do so. If you do not
|
||||
* wish to do so, delete this exception statement from your version.
|
||||
*/
|
||||
|
||||
#ifndef _KSUTIL_H_
|
||||
#define _KSUTIL_H_
|
||||
|
||||
#ifdef HAVE_LIBCURL
|
||||
#include <curl/curl.h>
|
||||
#else
|
||||
#include "curl-shim.h"
|
||||
#endif
|
||||
|
||||
/* MAX_LINE must be at least 1 larger than the largest item we expect
|
||||
to receive, including the name tag ("COMMAND", "PORT", etc) and
|
||||
space between. In practice, that means it should be
|
||||
strlen("OPAQUE")+1+sizeof_opaque+1 */
|
||||
#define MAX_LINE (6+1+1024+1)
|
||||
|
||||
#define MAX_COMMAND 7
|
||||
#define MAX_OPTION 256
|
||||
#define MAX_SCHEME 20
|
||||
#define MAX_OPAQUE 1024
|
||||
#define MAX_AUTH 128
|
||||
#define MAX_HOST 80
|
||||
#define MAX_PORT 10
|
||||
#define URLMAX_PATH 1024
|
||||
#define MAX_PROXY 128
|
||||
#define MAX_URL (MAX_SCHEME+1+3+MAX_AUTH+1+1+MAX_HOST+1+1 \
|
||||
+MAX_PORT+1+1+URLMAX_PATH+1+50)
|
||||
|
||||
#define STRINGIFY(x) #x
|
||||
#define MKSTRING(x) STRINGIFY(x)
|
||||
|
||||
#define BEGIN "-----BEGIN PGP PUBLIC KEY BLOCK-----"
|
||||
#define END "-----END PGP PUBLIC KEY BLOCK-----"
|
||||
|
||||
#ifdef __riscos__
|
||||
#define HTTP_PROXY_ENV "GnuPG$HttpProxy"
|
||||
#else
|
||||
#define HTTP_PROXY_ENV "http_proxy"
|
||||
#endif
|
||||
|
||||
struct keylist
|
||||
{
|
||||
char str[MAX_LINE];
|
||||
struct keylist *next;
|
||||
};
|
||||
|
||||
/* 2 minutes seems reasonable */
|
||||
#define DEFAULT_KEYSERVER_TIMEOUT 120
|
||||
|
||||
unsigned int set_timeout(unsigned int seconds);
|
||||
int register_timeout(void);
|
||||
|
||||
#ifdef HAVE_W32_SYSTEM
|
||||
void w32_init_sockets (void);
|
||||
#endif
|
||||
|
||||
|
||||
enum ks_action {KS_UNKNOWN=0,KS_GET,KS_GETNAME,KS_SEND,KS_SEARCH};
|
||||
|
||||
enum ks_search_type {KS_SEARCH_SUBSTR,KS_SEARCH_EXACT,
|
||||
KS_SEARCH_MAIL,KS_SEARCH_MAILSUB,
|
||||
KS_SEARCH_KEYID_LONG,KS_SEARCH_KEYID_SHORT};
|
||||
|
||||
struct ks_options
|
||||
{
|
||||
enum ks_action action;
|
||||
char *host;
|
||||
char *port;
|
||||
char *scheme;
|
||||
char *auth;
|
||||
char *path;
|
||||
char *opaque;
|
||||
struct
|
||||
{
|
||||
unsigned int include_disabled:1;
|
||||
unsigned int include_revoked:1;
|
||||
unsigned int include_subkeys:1;
|
||||
unsigned int check_cert:1;
|
||||
} flags;
|
||||
unsigned int verbose;
|
||||
unsigned int debug;
|
||||
unsigned int timeout;
|
||||
char *ca_cert_file;
|
||||
};
|
||||
|
||||
struct ks_options *init_ks_options(void);
|
||||
void free_ks_options(struct ks_options *opt);
|
||||
int parse_ks_options(char *line,struct ks_options *opt);
|
||||
const char *ks_action_to_string(enum ks_action action);
|
||||
void print_nocr(FILE *stream,const char *str);
|
||||
enum ks_search_type classify_ks_search(const char **search);
|
||||
|
||||
int curl_err_to_gpg_err(CURLcode error);
|
||||
|
||||
struct curl_writer_ctx
|
||||
{
|
||||
struct
|
||||
{
|
||||
unsigned int initialized:1;
|
||||
unsigned int begun:1;
|
||||
unsigned int done:1;
|
||||
unsigned int armor:1;
|
||||
} flags;
|
||||
|
||||
int armor_remaining;
|
||||
unsigned char armor_ctx[3];
|
||||
int markeridx,linelen;
|
||||
const char *marker;
|
||||
FILE *stream;
|
||||
};
|
||||
|
||||
size_t curl_writer(const void *ptr,size_t size,size_t nmemb,void *cw_ctx);
|
||||
void curl_writer_finalize(struct curl_writer_ctx *ctx);
|
||||
|
||||
int ks_hextobyte (const char *s);
|
||||
int ks_toupper (int c);
|
||||
int ks_strcasecmp (const char *a, const char *b);
|
||||
|
||||
|
||||
#endif /* !_KSUTIL_H_ */
|
@ -1,107 +0,0 @@
|
||||
/* no-libgcrypt.c - Replacement functions for libgcrypt.
|
||||
* Copyright (C) 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is free software; as a special exception the author gives
|
||||
* unlimited permission to copy and/or distribute it, with or without
|
||||
* modifications, as long as this notice is preserved.
|
||||
*
|
||||
* This file is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
|
||||
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
*/
|
||||
|
||||
#include <config.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <errno.h>
|
||||
|
||||
#include "../common/util.h"
|
||||
#include "i18n.h"
|
||||
|
||||
|
||||
/* Replace libgcrypt's malloc functions which are used by
|
||||
../jnlib/libjnlib.a . ../common/util.h defines macros to map them
|
||||
to xmalloc etc. */
|
||||
static void
|
||||
out_of_memory (void)
|
||||
{
|
||||
fprintf (stderr, "error allocating enough memory: %s\n", strerror (errno));
|
||||
exit (2);
|
||||
}
|
||||
|
||||
|
||||
void *
|
||||
gcry_malloc (size_t n)
|
||||
{
|
||||
return malloc (n);
|
||||
}
|
||||
|
||||
void *
|
||||
gcry_xmalloc (size_t n)
|
||||
{
|
||||
void *p = malloc (n);
|
||||
if (!p)
|
||||
out_of_memory ();
|
||||
return p;
|
||||
}
|
||||
|
||||
char *
|
||||
gcry_strdup (const char *string)
|
||||
{
|
||||
char *p = malloc (strlen (string)+1);
|
||||
if (p)
|
||||
strcpy (p, string);
|
||||
return p;
|
||||
}
|
||||
|
||||
|
||||
void *
|
||||
gcry_realloc (void *a, size_t n)
|
||||
{
|
||||
return realloc (a, n);
|
||||
}
|
||||
|
||||
void *
|
||||
gcry_xrealloc (void *a, size_t n)
|
||||
{
|
||||
void *p = realloc (a, n);
|
||||
if (!p)
|
||||
out_of_memory ();
|
||||
return p;
|
||||
}
|
||||
|
||||
|
||||
|
||||
void *
|
||||
gcry_calloc (size_t n, size_t m)
|
||||
{
|
||||
return calloc (n, m);
|
||||
}
|
||||
|
||||
void *
|
||||
gcry_xcalloc (size_t n, size_t m)
|
||||
{
|
||||
void *p = calloc (n, m);
|
||||
if (!p)
|
||||
out_of_memory ();
|
||||
return p;
|
||||
}
|
||||
|
||||
|
||||
char *
|
||||
gcry_xstrdup (const char *string)
|
||||
{
|
||||
void *p = malloc (strlen (string)+1);
|
||||
if (!p)
|
||||
out_of_memory ();
|
||||
strcpy( p, string );
|
||||
return p;
|
||||
}
|
||||
|
||||
void
|
||||
gcry_free (void *a)
|
||||
{
|
||||
if (a)
|
||||
free (a);
|
||||
}
|
Loading…
x
Reference in New Issue
Block a user