1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

31 Commits

Author SHA1 Message Date
NIIBE Yutaka
598884699d
dirmngr: Fix for USE_LDAP.
* dirmngr/ks-action.c [USE_LDAP] (ks_action_help): Recover variables.
* dirmngr/server.c [USE_LDAP] (dirmngr/server.c): Likewise.

--

Fixes-commit: 3d7dbf16618db4d0dc602daadbde098d4a14b528
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-09-14 16:45:22 +09:00
NIIBE Yutaka
3d7dbf1661
agent,dirmngr,gpg,scd: Clean up for modern compiler.
* agent/protect.c (agent_get_shadow_info_type): It's a write only
variable, useful for debugging.
* g10/key-check.c (key_check_all_keysigs): Likewise.
* g10/keyedit.c (show_basic_key_info, menu_expire): Likewise.
* scd/app-sc-hsm.c (read_ef_prkd): Likewise.
* dirmngr/crlfetch.c (fetch_next_ksba_cert): Initialize the vars.
* dirmngr/ks-action.c (ks_action_help): Remove unused variables.
* dirmngr/server.c (make_keyserver_item): Likewise.
* dirmngr/validate.c (check_cert_sig): Initialize the variable.
* scd/app-p15.c (select_and_read_record): Likewise.
* tests/gpgscm/scheme.c (scheme_init_new): A function with no args.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-09-14 12:08:58 +09:00
Werner Koch
eb3a629154
dirmngr: Allow for non-URL specified ldap keyservers.
* dirmngr/server.c (cmd_ldapserver): Strip an optional prefix.
(make_keyserver_item): Handle non-URL ldap specs.
* dirmngr/dirmngr.h (struct ldap_server_s): Add fields starttls,
ldap_over_tls, and ntds.

* dirmngr/ldapserver.c (ldapserver_parse_one): Add for an empty host
string.  Improve error messages for the non-file case.  Support flags.
* dirmngr/ks-action.c (ks_action_help): Handle non-URL ldap specs.
(ks_action_search, ks_action_get, ks_action_put): Ditto.
* dirmngr/ks-engine-ldap.c: Include ldapserver.h.
(ks_ldap_help): Handle non-URL ldap specs.
(my_ldap_connect): Add args r_host and r_use_tls.  Rewrite to support
URLs and non-URL specified keyservers.
(ks_ldap_get): Adjust for changes in my_ldap_connect.
(ks_ldap_search): Ditto.
(ks_ldap_put): Ditto.
--

The idea here is to unify our use of URLS or colon delimited ldap
keyserver specification.  The requirement for percent escaping, for
example the bindname in an URLs, is cumbersome and prone to errors.
This we allow our classic colon delimited format as an alternative.
That format makes it also easy to specify flags to tell dirmngr
whether to use starttls or ldap-over-tls.  The code is nearly 100%
compatible to existing specification.  There is one ambiguity if the
hostname for CRL/X509 searches is just "ldap"; this can be solved by
prefixing it with "ldap:" (already implemented in gpgsm).

GnuPG-bug-id: 5405, 5452
Ported-from: 2b4cddf9086faaf5b35f64a7db97a5ce8804c05b
2021-06-16 12:25:13 +02:00
Werner Koch
1c96f4d663
dirmngr: Support pseudo URI scheme "opaque".
* dirmngr/http.h (HTTP_PARSE_NO_SCHEME_CHECK): New.
* dirmngr/http.c (http_parse_uri): Use this flag.  Change all callers
to use the new macro for better readability.
(do_parse_uri): Add pseudo scheme "opaque".
(uri_query_value): New.
--

This scheme can be used to convey arbitrary strings in a parsed_uri_t
object.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 72124fadafde153f8ac89a70202006d831829d06)
2021-06-16 11:54:47 +02:00
Werner Koch
d7e707170f
gpg: Lookup a missing public key of the current card via LDAP.
* g10/getkey.c (get_seckey_default_or_card): Lookup a missing public
key from the current card via LDAP.
* g10/call-dirmngr.c: Include keyserver-intetnal.h.
(gpg_dirmngr_ks_get): Rename arg quick into flags.  Take care of the
new LDAP flag.
* g10/keyserver-internal.h (KEYSERVER_IMPORT_FLAG_QUICK): New.
Replace the use of the value 1 for the former quick arg.
(KEYSERVER_IMPORT_FLAG_LDAP): New.
* g10/keyserver.c (keyserver_get_chunk): Increase the reserved line
length.
* dirmngr/ks-action.c (ks_action_get): Add arg ldap_only.
* dirmngr/server.c (cmd_ks_get): Add option --ldap.
--

This change makes it easy to start working with gnupg: Just insert the
smartcard or token provided to you and the first time you sign a
message the public key associated with the current card will be
imported and everything is set without any configuration.

This works only with an LDAP directory because it can be expected that
the public key has been put into the LDAP during card personalization.
Of course an LDAP server needs to be configured; in a Windows AD
domain this can be a mere "keyserver ldap:///" in dirmngr.conf.  Other
configured keyservers are ignored.

Requirements for the card driver: The $SIGNKEYID attribute must exists
and a query for the KEY-FPR attribute needs to return the OpenPGP
fingerprint for that key.  This is currently supported for OpenPGP
cards and certain PKCS#15 cards.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-04-16 20:21:23 +02:00
Werner Koch
cc056eb534
dirmngr: Do not store the useless pgpSignerID in the LDAP.
* dirmngr/ks-engine-ldap.c (extract_attributes): Do not store the
pgpSignerID.
* g10/call-dirmngr.c (ks_put_inq_cb): Do not emit sig records.
--

The pgpSignerID has no use in the LDAP and thus don't store it.
David's idea back in 2004 was
              /* This bit is really for the benefit of people who
                 store their keys in LDAP servers.  It makes it easy
                 to do queries for things like "all keys signed by
                 Isabella".  */
See-commit: 3ddd4410aef928827e1c8d4fb02c1ccd3f8eaea5

I consider this dangerous because such a query is not able to validate
the signature, does not get revocation signatures, and also has no
information about the validity of the signatures.  Further many keys
are spammed tehse days with faked signatures and it does not make
sense to blow up the LDAP with such garbage.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-12-14 19:29:49 +01:00
Daniel Kahn Gillmor
54eb375ff1 all: fix spelling and typos
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2018-10-24 15:56:18 -04:00
Werner Koch
1de4462974
dirmngr: Allow redirection from https to http for CRLs
* dirmngr/ks-engine.h (KS_HTTP_FETCH_NOCACHE): New flag.
(KS_HTTP_FETCH_TRUST_CFG): Ditto.
(KS_HTTP_FETCH_NO_CRL): Ditto.
(KS_HTTP_FETCH_ALLOW_DOWNGRADE): Ditto.
* dirmngr/ks-engine-http.c (ks_http_fetch): Replace args send_no_cache
and extra_http_trust_flags by a new flags arg.  Allow redirectiong
from https to http it KS_HTTP_FETCH_ALLOW_DOWNGRADE is set.
* dirmngr/loadswdb.c (fetch_file): Call with KS_HTTP_FETCH_NOCACHE.
* dirmngr/ks-action.c (ks_action_get): Ditto.
(ks_action_fetch): Ditto.
* dirmngr/crlfetch.c (crl_fetch): Call with the appropriate flags.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-25 12:38:04 +02:00
Werner Koch
705d8e9cf0
dirmngr: Implement CRL fetching via https.
* dirmngr/http.h (HTTP_FLAG_TRUST_CFG): New flag.
* dirmngr/http.c (http_register_cfg_ca): New.
(http_session_new) [HTTP_USE_GNUTLS]: Implement new trust flag.
* dirmngr/certcache.c (load_certs_from_dir): Call new function.
(cert_cache_deinit): Ditto.
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Ditto.
* dirmngr/ks-engine-http.c (ks_http_fetch): Add new args
'send_no_cache' and 'extra_http_trust_flags'.  Change all callers to
provide the default value.
* dirmngr/crlfetch.c (crl_fetch): Rewrite to make use of
ks_http_fetch.
--

The old code simply did not use https for downloading of CRLS.
Instead it rewrote https to http under the assumption that the CRL
service was also available without encryption.  Note that a CRL is
self-standing and thus it does not need to have extra authenticity as
provided by TLS.  These days we should not use any unencrypted content
and thus this patch.

Be aware that cacert.org give a https CRL DP but that currently
redirects to to http!  This is a downgrade attack which we detect and
don't allow.  The outcome is that it is right now not possible to use
CAcert certificates.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-25 12:38:04 +02:00
Werner Koch
20b52be9ca
dirmngr: Check for WKD support at session end
* dirmngr/domaininfo.c (insert_or_update): Copy the name.
* dirmngr/misc.c (copy_stream): Allow arg OUT to be NULL.
* dirmngr/server.c (set_error): Protect CTX.
(dirmngr_status): Protect against missing ASSUAN_CTX.
(dirmngr_status_help): Ditto.
(dirmngr_status_printf): Ditto.
(cmd_wkd_get): Factor code out to ...
(proc_wkd_get): new func.  Support silent operation with no CTX.
(task_check_wkd_support): New.
--

This finalizes the feature to efficiently cache WKD checks.  If a
standard WKD query returns no data, we queue a test to be run after
the end of the session (so that we do not delay the calling client).
This check tests whether the server responsible for the queried
address has WKD at all enabled.  The test is done by checking whether
the "policy" file exists.  We do not check the "submission-address"
file because that is not necessary for the web key operation.  The
policy file is now required.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit d4e2302d8f4a1ff52d56da4f8e3a5d1c6303822d)
2017-12-11 11:31:15 +01:00
Justus Winter
b231959728
dirmngr: Honor http keyserver URLs.
* dirmngr/http.c (parse_uri): Keep an unmodified copy of the URI.
* dirmngr/http.h (struct parsed_uri_s): New field 'original'.
* dirmngr/ks-action.c (ks_action_get): Properly handle http and https
URLs.
--

If a key has a http or https URL as preferred keyserver, fetch the key
from there.  Previously, dirmngr unconditionally interpreted these
URLs as hkp servers.

GnuPG-bug-id: 2924
Signed-off-by: Justus Winter <justus@g10code.com>
2017-07-18 13:56:33 +02:00
Werner Koch
4d7dc432b5
Change all http://www.gnu.org in license notices to https://
--
2016-11-05 12:02:19 +01:00
Justus Winter
71726b627d dirmngr: Initialize http status code.
* dirmngr/ks-action.c (ks_action_search): Initialize 'http_status' as
it is unused if LDAP is used to search for keys.
--
This amends 6ac57a48.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-07 11:21:47 +01:00
Justus Winter
6d64ef869d dirmngr: Stricter handling of http error codes.
* dirmngr/ks-action.c (ks_action_search): Only retry if the keyserver
responded with a '404 Not Found'.
* dirmngr/ks-engine-hkp.c (send_request): Return http status code.
(ks_hkp_search): Likewise.
(ks_hkp_{get,put}): Adapt call to 'send_request'.
* dirmngr/ks-engine.h (ks_hkp_search): Update prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-04 13:02:56 +01:00
Justus Winter
6ac57a482f dirmngr: Really search all keyservers for patterns.
* dirmngr/ks-action.c (ks_action_search): Search all configured
keyservers for the given patterns.

Signed-off-by: Justus Winter <justus@g10code.com>
GnuPG-bug-id: 1038
2015-12-04 13:02:56 +01:00
Neal H. Walfield
5cde5bf373 dirmngr: If LDAP is not enable, don't build the LDAP bits.
* dirmngr/Makefile.am (dirmngr_SOURCES): Only include
ks-engine-ldap.c, ldap-parse-uri.c and ldap-parse-uri.h if USE_LDAP
is TRUE.
(module_tests): Only add t-ldap-parse-uri if USE_LDAP is TRUE.
* dirmngr/ks-action.c: Only include "ldap-parse-uri.h" if USE_LDAP is
TRUE.
(ks_action_help): Don't invoke LDAP functionality if USE_LDAP is not
TRUE.
(ks_action_search): Likewise.
(ks_action_get): Likewise.
(ks_action_put): Likewise.
* dirmngr/server.c: Only include "ldap-parse-uri.h" if USE_LDAP is
TRUE.
(cmd_keyserver): Don't invoke LDAP functionality if USE_LDAP is not
TRUE.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 1949
2015-04-13 12:02:40 +02:00
Neal H. Walfield
348c520040 dirmngr: Better encapsulate the keyservers variable.
* dirmngr/dirmngr.h (struct server_control_s): Move field keyservers
from here...
* dirmngr/server.c (struct server_local_s): ... to here.  Update
users.
* dirmngr/ks-action.h (ks_action_resolve): Add argument keyservers.
(ks_action_search): Likewise.
(ks_action_get): Likewise.
(ks_action_put): Likewise.
* dirmngr/ks-action.c (ks_action_resolve): Add argument keyservers.
Use it instead of ctrl->keyservers.
(ks_action_search): Likewise.
(ks_action_get): Likewise.
(ks_action_put): Likewise.

--

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-03-31 11:58:41 +02:00
Neal H. Walfield
51341badb6 Add support to talking to LDAP key servers.
* g10/call-dirmngr.c (record_output): New function.
(ks_put_inq_cb): Use it here to generate a --with-colons like output
instead of a custom format.
* dirmngr/ks-action.c: Include "ldap-parse-uri.h".
(ks_action_help): If the provided URI is an LDAP URI, then use
ldap_parse_uri to parse.  Call ks_ldap_help.
(ks_action_search): If passed an LDAP URI, then call ks_ldap_search.
(ks_action_get): Likewise.
(ks_action_put): Likewise.  Also, change data from a 'const void *' to
a 'void *' and add info and infolen parameters.  Add note that
function may modify DATA.
* dirmngr/ks-action.h (ks_action_put): Update declaration accordingly.
* dirmngr/server.c: Include "ldap-parse-uri.h".
(cmd_keyserver): If ITEM->URI is an LDAP URI, parse it using
ldap_parse_uri.
(hlp_ks_put): Improve documentation.
(cmd_ks_put): Also pass info and infolen to ks_action_put.  Improve
documentation.
* dirmngr/ks-engine.h (ks_ldap_help): New declaration.
(ks_ldap_search): Likewise.
(ks_ldap_get): Likewise.
(ks_ldap_put): Likewise.
* dirmngr/ks-engine-ldap.c: New file.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add ks-engine-ldap.c,
ldap-parse-uri.c and ldap-parse-uri.h.
(dirmngr_LDADD) [USE_LDAP]: Add $(ldaplibs).

--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
2015-03-23 19:58:29 +01:00
Neal H. Walfield
9e79a15f74 Move copy_stream function to misc.c.
* dirmngr/ks-action.c (copy_stream): Move function from here...
* dirmngr/misc.c (copy_stream): ... to here and drop the static
qualifier.
* dirmngr/misc.h (copy_stream): Add declaration.

--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
2015-03-23 19:58:27 +01:00
Werner Koch
519305feb8 Switch to the libgpg-error provided estream.
* configure.ac (NEED_GPG_ERROR_VERSION): Reguire 1.14.
(GPGRT_ENABLE_ES_MACROS): Define.
(estream_INIT): Remove.
* m4/estream.m4: Remove.
* common/estream-printf.c, common/estream-printf.h: Remove.
* common/estream.c, common/estream.h: Remove.
* common/init.c (_init_common_subsystems): Call gpgrt initialization.
2014-08-26 17:47:54 +02:00
Werner Koch
fb56a273b1 dirmngr: Detect dead keyservers and try another one.
* dirmngr/ks-action.c (ks_action_resolve): Rename var for clarity.
(ks_action_search, ks_action_put): Ditto.
(ks_action_get): Consult only the first server which retruned some
data.

* dirmngr/ks-engine-hkp.c (SEND_REQUEST_RETRIES): New.
(map_host): Add arg CTRL and call dirmngr_tick.
(make_host_part): Add arg CTRL.
(mark_host_dead): Allow the use of an URL.
(handle_send_request_error): New.
(ks_hkp_search, ks_hkp_get, ks_hkp_put): Mark host dead and retry on
error.
2014-03-12 14:33:51 +01:00
Werner Koch
3c35b46a32 dirmngr: Fix HKP host selection code.
* dirmngr/server.c (cmd_keyserver): Add option --resolve and change
--print-hosttable to --hosttable.
* dirmngr/ks-action.c (ks_printf_help): New.
(ks_action_resolve): New.
* dirmngr/ks-engine-hkp.c (select_random_host): Fix selection.
(ks_hkp_print_hosttable): Print to assuan stream.
(map_host): Remove debug code.  Add arg FORCE_SELECT.  Return numeric
IP addr if it can't be resolved.
(make_host_part): Add arg FORCE_SELECT; change callers to pass false.
(ks_hkp_resolve): New.
--

The new options for the keyserver command are useful for debugging.
For example:

  $ tools/gpg-connect-agent -S /usr/local/var/run/gnupg/S.dirmngr \
          'keyserver hkp://keys.gnupg.net' \
          'keyserver http://http-keys.gnupg.net' \
          'keyserver --resolve --hosttable' /bye

yields:

  OK
  OK
  S # http://astrath.net:80
  S # http://2001:41d0:1:e673::1:11371
  S # hosttable (idx, ipv4, ipv6, dead, name):
  S #   0       http-keys.gnupg.net
  S #   .   --> 10 11 12 1 5 8 7 4* 2 9 6 3
  S #   1 4     37.250.168.245.bredband.tre.se
  S #   2 4 6   keys.exosphere.de
  S #   3 4 6   poseidon.muc.drweb-av.de
  S #   4 4     astrath.net
  S #   5 4     79.143.214.216
  S #   6 4     openpgp.andrew.kvalhe.im
  S #   7 4     app.aaiedu.hr
  S #   8 4 6   alita.karotte.org
  S #   9 4 6   keyserver.bau5net.com
  S #  10 4     194.94.127.122
  S #  11   6   2001:4d88:1ffc:477::7
  S #  12   6   2a00:1280:8000:2:1:8:0:1
  S #  13       keys.gnupg.net
  S #   .   --> 23 28* 30 17 22 8 7 27 25 14 21 20 19 29 [...]
  S #  14 4     hufu.ki.iif.hu
  S #  15 4     pks.ms.mff.cuni.cz
  S #  16 4     pgpkeys.co.uk
  S #  17 4     80-239-156-219.customer.teliacarrier.com
  S #  18 4     srv01.secure-u.de
  S #  19 4     mallos.xs4all.nl
  S #  20 4     kronecker.scientia.net
  S #  21 4     keyserver.ut.mephi.ru
  S #  22 4     89-68-150-88.dynamic.chello.pl
  S #  23   6   2001:1608:21:6:84:200:66:125
  S #  24   6   sks.es.net
  S #  25   6   gstueve-1-pt.tunnel.tserv13.ash1.ipv6.he.net
  S #  26   6   sks.mrball.net
  S #  27   6   gozer.rediris.es
  S #  28   6   2001:41d0:1:e673::1
  S #  29   6   oteiza.siccegge.de
  S #  30   6   2403:4200:401:10::13
  S #  31   6   statler.serviz.fr
  OK
2014-03-11 16:30:36 +01:00
Werner Koch
231d27e0fe Make HKP keyserver engine work again.
We had some debug code here which prevented it from working.
The host selection code still needs a review!

	* ks-engine-http.c (ks_http_help): Do not print help for hkp.
	* ks-engine-hkp.c (ks_hkp_help): Print help only for hkp.
	(send_request): Remove test code.
	(map_host): Use xtrymalloc.

	* certcache.c (classify_pattern): Remove unused variable and make
	explicit substring search work.
2011-11-24 16:15:08 +01:00
Werner Koch
f1e9f510ec Add code for explicit selection of pooled A records.
To better cope with round robin pooled A records like keys.gnupg.net
we need to keep some information on unresponsive hosts etc.  What we
do now is to resolve the hostnames, remember them and select a random
one.  If a host is dead it will be marked and a different one
selected.  This is intended to solve the problem of long timeouts due
to unresponsive hosts.

The code is not yet finished but selection works.
2011-04-12 16:30:08 +02:00
Werner Koch
1cdcab6892 Add framework to print keyserver engine information 2011-02-09 18:20:05 +01:00
Werner Koch
f02d972aec Support key fetching using HTTP.
A simple test case is:

  gpg2 --fetch-key http://werner.eifelkommune.de/mykey.asc
2011-02-09 15:42:29 +01:00
Werner Koch
2c79a2832c Add finger support to dirmngr.
The basic network code from http.c is used for finger.  This keeps the
network related code at one place and we are able to use the somewhat
matured code form http.c.  Unfortunately I had to enhance the http
code for more robustness and probably introduced new bugs.

Test this code using

  gpg --fetch-key finger:wk@g10code.com

(I might be the last user of finger ;-)
2011-02-08 21:11:19 +01:00
Werner Koch
b008274afd Nuked almost all trailing white space.
We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces.  In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much.  For future commits the pre-commit scripts
checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Werner Koch
7f32d88ed1 All standard keyserver commands are now using dirmngr. 2011-01-20 14:12:53 +01:00
Werner Koch
357f8d5398 Keyserver search and get basically works again. 2011-01-18 12:51:16 +01:00
Werner Koch
8c8c45725f Initial code checking for backup - not yet working. 2011-01-10 14:30:17 +01:00