~ubuntu-branches/ubuntu/hardy/gnupg/hardy-updates

« back to all changes in this revision

Viewing changes to keyserver/gpgkeys_ldap.c

Committer: Bazaar Package Importer
Author(s): Martin Pitt
Date: 2006-11-03 09:18:26 UTC
mto: This revision was merged to the branch mainline in revision 11.
Revision ID: james.westby@ubuntu.com-20061103091826-89kwl8tk1xypbmtk

Tags: upstream-1.4.5

Import upstream version 1.4.5

files added:
checks/armor.test

m4/noexecstack.m4

po/nb.gmo

po/nb.po

tools/make-dns-cert.c

files removed:
keyserver/gpgkeys_http.c

keyserver/gpgkeys_oldhkp.c

files modified:
AUTHORS

ChangeLog

Makefile.in

NEWS

README

THANKS

TODO

VERSION

acinclude.m4

aclocal.m4

checks/ChangeLog

checks/Makefile.am

checks/Makefile.in

checks/mds.test

checks/sigs.test

cipher/ChangeLog

cipher/Makefile.in

cipher/algorithms.h

cipher/dsa.c

cipher/md.c

cipher/rsa.c

cipher/sha256.c

config.h.in

configure

configure.ac

doc/ChangeLog

doc/DETAILS

doc/Makefile.in

doc/gpg.1

doc/gpg.info

doc/gpg.sgml

doc/gpg.texi

doc/gpgv.info

doc/samplekeys.asc

g10/ChangeLog

g10/Makefile.am

g10/Makefile.in

g10/app-openpgp.c

g10/armor.c

g10/build-packet.c

g10/cardglue.c

g10/decrypt.c

g10/encode.c

g10/encr-data.c

g10/exec.c

g10/getkey.c

g10/gpg.c

g10/import.c

g10/keydb.h

g10/keyedit.c

g10/keygen.c

g10/keyserver.c

g10/main.h

g10/mainproc.c

g10/openfile.c

g10/options.h

g10/options.skel

g10/parse-packet.c

g10/passphrase.c

g10/photoid.c

g10/pkclist.c

g10/plaintext.c

g10/sign.c

g10/verify.c

gnupg.spec

include/ChangeLog

include/cipher.h

include/iobuf.h

keyserver/ChangeLog

keyserver/Makefile.am

keyserver/Makefile.in

keyserver/curl-shim.c

keyserver/gpgkeys_curl.c

keyserver/gpgkeys_hkp.c

keyserver/gpgkeys_ldap.c

keyserver/ksutil.c

keyserver/ksutil.h

m4/ChangeLog

m4/Makefile.am

m4/Makefile.in

m4/libcurl.m4

m4/tar-ustar.m4

mpi/Makefile.in

po/ChangeLog

po/LINGUAS

po/be.gmo

po/be.po

po/ca.gmo

po/ca.po

po/cs.gmo

po/cs.po

po/da.gmo

po/da.po

po/de.gmo

po/de.po

po/el.gmo

po/el.po

po/en@boldquot.gmo

po/en@boldquot.po

po/en@quot.gmo

po/en@quot.po

po/eo.gmo

po/eo.po

po/es.gmo

po/es.po

po/et.gmo

po/et.po

po/fi.gmo

po/fi.po

po/fr.gmo

po/fr.po

po/gl.gmo

po/gl.po

po/gnupg.pot

po/hu.gmo

po/hu.po

po/id.gmo

po/id.po

po/it.gmo

po/it.po

po/ja.gmo

po/ja.po

po/pl.gmo

po/pl.po

po/pt.gmo

po/pt.po

po/pt_BR.gmo

po/pt_BR.po

po/ro.gmo

po/ro.po

po/ru.gmo

po/ru.po

po/sk.gmo

po/sk.po

po/sv.gmo

po/sv.po

po/tr.gmo

po/tr.po

po/zh_CN.gmo

po/zh_CN.po

po/zh_TW.gmo

po/zh_TW.po

scripts/ChangeLog

scripts/w32installer.nsi

tools/ChangeLog

tools/Makefile.am

tools/Makefile.in

util/ChangeLog

util/Makefile.am

util/Makefile.in

util/http.c

util/iobuf.c

util/memory.c

util/miscutil.c

util/secmem.c

zlib/Makefile.in

Show diffs side-by-side

added added

removed removed

keyserver/gpgkeys_ldap.c

567

{

568

int err,begin=0,end=0,keysize=1,ret=KEYSERVER_INTERNAL_ERROR;

569

char *dn=NULL,line[MAX_LINE],*key=NULL;

570

char keyid[17];

570

char keyid[17],state[6];

571

LDAPMod **modlist,**addlist,**ml;

572

573

modlist=malloc(sizeof(LDAPMod *));

608

/* Assemble the INFO stuff into LDAP attributes */

609

610

while(fgets(line,MAX_LINE,input)!=NULL)

611

if(sscanf(line,"INFO %16s BEGIN\n",keyid)==1)

611

if(sscanf(line,"INFO%*[ ]%16s%*[ ]%5s\n",keyid,state)==2

612

&& strcmp(state,"BEGIN")==0)

612

613

{

613

614

begin=1;

614

615

break;

653

654

/* Now parse each line until we see the END */

654

655

656

while(fgets(line,MAX_LINE,input)!=NULL)

656

if(sscanf(line,"INFO %16s END\n",keyid)==1)

657

if(sscanf(line,"INFO%*[ ]%16s%*[ ]%3s\n",keyid,state)==2

658

&& strcmp(state,"END")==0)

657

659

{

658

660

end=1;

659

661

break;

674

676

/* Read and throw away stdin until we see the BEGIN */

675

677

676

678

while(fgets(line,MAX_LINE,input)!=NULL)

677

if(sscanf(line,"KEY %16s BEGIN\n",keyid)==1)

679

if(sscanf(line,"KEY%*[ ]%16s%*[ ]%5s\n",keyid,state)==2

680

&& strcmp(state,"BEGIN")==0)

678

681

{

679

682

begin=1;

680

683

break;

692

695

/* Now slurp up everything until we see the END */

693

696

694

697

while(fgets(line,MAX_LINE,input)!=NULL)

695

if(sscanf(line,"KEY %16s END\n",keyid)==1)

698

if(sscanf(line,"KEY%*[ ]%16s%*[ ]%3s\n",keyid,state)==2

699

&& strcmp(state,"END")==0)

696

700

{

697

701

end=1;

698

702

break;

778

782

{

779

783

int err,begin=0,end=0,keysize=1,ret=KEYSERVER_INTERNAL_ERROR;

780

784

char *dn=NULL,line[MAX_LINE],*key[2]={NULL,NULL};

781

char keyid[17];

785

char keyid[17],state[6];

782

786

LDAPMod mod, *attrs[2];

783

787

784

788

memset(&mod,0,sizeof(mod));

812

816

/* Read and throw away stdin until we see the BEGIN */

813

817

814

818

while(fgets(line,MAX_LINE,input)!=NULL)

815

if(sscanf(line,"KEY %16s BEGIN\n",keyid)==1)

819

if(sscanf(line,"KEY%*[ ]%16s%*[ ]%5s\n",keyid,state)==2

820

&& strcmp(state,"BEGIN")==0)

816

821

{

817

822

begin=1;

818

823

break;

830

835

/* Now slurp up everything until we see the END */

831

836

832

837

while(fgets(line,MAX_LINE,input)!=NULL)

833

if(sscanf(line,"KEY %16s END\n",keyid)==1)

838

if(sscanf(line,"KEY%*[ ]%16s%*[ ]%3s\n",keyid,state)==2

839

&& strcmp(state,"END")==0)

834

840

{

835

841

end=1;

836

842

break;

1121

1127

1122

1128

#define LDAP_ESCAPE_CHARS "*()\\"

1123

1129

1124

static int

1130

/* Append string to buffer in a LDAP-quoted way */

1131

static void

1125

1132

ldap_quote(char *buffer,const char *string)

1126

1133

{

1127

int count=0;

1134

/* Find the end of buffer */

1135

buffer+=strlen(buffer);

1128

1136

1129

1137

for(;*string;string++)

1130

1138

{

1131

1139

if(strchr(LDAP_ESCAPE_CHARS,*string))

1132

1140

{

1133

if(buffer)

1134

{

1135

sprintf(buffer,"\\%02X",*string);

1136

buffer+=3;

1137

}

1138

1139

count+=3;

1141

sprintf(buffer,"\\%02X",*string);

1142

buffer+=3;

1140

1143

}

1141

1144

else

1142

{

1143

if(buffer)

1144

*buffer++=*string;

1145

1146

count++;

1147

}

1145

*buffer++=*string;

1148

1146

}

1149

1147

1150

if(buffer)

1151

*buffer='\0';

1152

1153

return count;

1148

*buffer='\0';

1154

1149

}

1155

1150

1156

1151

/* Note that key-not-found is not a fatal error */

1159

1154

{

1160

1155

LDAPMessage *res,*each;

1161

1156

int ret=KEYSERVER_INTERNAL_ERROR,err,count;

1162

char *expanded_search;

1163

1157

/* The maximum size of the search, including the optional stuff and

1164

1158

the trailing \0 */

1165

char search[2+11+3+MAX_LINE+2+15+14+1+1+20];

1159

char search[2+12+(MAX_LINE*3)+2+15+14+1+1+20];

1166

1160

/* This ordering is significant - specifically, "pgpcertid" needs to

1167

1161

be the second item in the list, since everything after it may be

1168

1162

discarded if the user isn't in verbose mode. */

1172

1166

attrs[0]=pgpkeystr; /* Some compilers don't like using variables as

1173

1167

array initializers. */

1174

1168

1175

expanded_search=malloc(ldap_quote(NULL,getkey)+1);

1176

if(!expanded_search)

1177

{

1178

fprintf(output,"NAME %s FAILED %d\n",getkey,KEYSERVER_NO_MEMORY);

1179

fprintf(console,"Out of memory when quoting LDAP search string\n");

1180

return KEYSERVER_NO_MEMORY;

1181

}

1182

1183

ldap_quote(expanded_search,getkey);

1184

1185

1169

/* Build the search string */

1186

1170

1187

sprintf(search,"%s(pgpuserid=*%s*)%s%s%s",

1188

(!(opt->flags.include_disabled&&opt->flags.include_revoked))?"(&":"",

1189

expanded_search,

1190

opt->flags.include_disabled?"":"(pgpdisabled=0)",

1191

opt->flags.include_revoked?"":"(pgprevoked=0)",

1192

!(opt->flags.include_disabled&&opt->flags.include_revoked)?")":"");

1193

1194

free(expanded_search);

1171

search[0]='\0';

1172

1173

if(!opt->flags.include_disabled || !opt->flags.include_revoked)

1174

strcat(search,"(&");

1175

1176

strcat(search,"(pgpUserID=*");

1177

ldap_quote(search,getkey);

1178

strcat(search,"*)");

1179

1180

if(!opt->flags.include_disabled)

1181

strcat(search,"(pgpDisabled=0)");

1182

1183

if(!opt->flags.include_revoked)

1184

strcat(search,"(pgpRevoked=0)");

1185

1186

if(!opt->flags.include_disabled || !opt->flags.include_revoked)

1187

strcat(search,")");

1195

1188

1196

1189

if(opt->verbose>2)

1197

1190

fprintf(console,"gpgkeys: LDAP fetch for: %s\n",search);

1271

1264

while(*string)

1272

1265

{

1273

1266

if(*string==delim || *string=='%')

1274

fprintf(stream,"%%%02x",*string);

1267

fprintf(stream,"%%%02x",(unsigned char)*string);

1275

1268

else

1276

1269

fputc(*string,stream);

1277

1270

1288

1281

LDAPMessage *res,*each;

1289

1282

int err,count=0;

1290

1283

struct keylist *dupelist=NULL;

1291

char *expanded_search;

1292

1284

/* The maximum size of the search, including the optional stuff and

1293

1285

the trailing \0 */

1294

char search[2+11+3+MAX_LINE+2+15+14+1+1+20];

1286

char search[2+1+9+1+3+(MAX_LINE*3)+3+1+15+14+1+1+20];

1295

1287

char *attrs[]={"pgpcertid","pgpuserid","pgprevoked","pgpdisabled",

1296

1288

"pgpkeycreatetime","pgpkeyexpiretime","modifytimestamp",

1297

1289

"pgpkeysize","pgpkeytype",NULL};

1305

1297

fprintf(console,"search type is %d, and key is \"%s\"\n",

1306

1298

search_type,searchkey);

1307

1299

1308

expanded_search=malloc(ldap_quote(NULL,searchkey)+1);

1309

if(!expanded_search)

1310

{

1311

fprintf(output,"SEARCH %s FAILED %d\n",searchkey,KEYSERVER_NO_MEMORY);

1312

fprintf(console,"Out of memory when quoting LDAP search string\n");

1313

return KEYSERVER_NO_MEMORY;

1314

}

1315

1316

ldap_quote(expanded_search,searchkey);

1317

1318

1300

/* Build the search string */

1319

1301

1320

sprintf(search,"%s(pgpuserid=%s%s%s)%s%s%s",

1321

(!(opt->flags.include_disabled&&opt->flags.include_revoked))?"(&":"",

1322

(search_type==KS_SEARCH_EXACT)?"":

1323

(search_type==KS_SEARCH_MAILSUB)?"*<*":"*",

1324

expanded_search,

1325

(search_type==KS_SEARCH_EXACT

1326

|| search_type==KS_SEARCH_MAIL)?"":

1327

(search_type==KS_SEARCH_MAILSUB)?"*>":"*",

1328

opt->flags.include_disabled?"":"(pgpdisabled=0)",

1329

opt->flags.include_revoked?"":"(pgprevoked=0)",

1330

!(opt->flags.include_disabled&&opt->flags.include_revoked)?")":"");

1331

1332

free(expanded_search);

1302

search[0]='\0';

1303

1304

if(!opt->flags.include_disabled || !opt->flags.include_revoked)

1305

strcat(search,"(&");

1306

1307

strcat(search,"(");

1308

1309

switch(search_type)

1310

{

1311

case KS_SEARCH_KEYID_SHORT:

1312

strcat(search,"pgpKeyID");

1313

break;

1314

1315

case KS_SEARCH_KEYID_LONG:

1316

strcat(search,"pgpCertID");

1317

break;

1318

1319

default:

1320

strcat(search,"pgpUserID");

1321

break;

1322

}

1323

1324

strcat(search,"=");

1325

1326

switch(search_type)

1327

{

1328

case KS_SEARCH_SUBSTR:

1329

strcat(search,"*");

1330

break;

1331

1332

case KS_SEARCH_MAIL:

1333

strcat(search,"*<");

1334

break;

1335

1336

case KS_SEARCH_MAILSUB:

1337

strcat(search,"*<*");

1338

break;

1339

1340

case KS_SEARCH_EXACT:

1341

case KS_SEARCH_KEYID_LONG:

1342

case KS_SEARCH_KEYID_SHORT:

1343

break;

1344

}

1345

1346

ldap_quote(search,searchkey);

1347

1348

switch(search_type)

1349

{

1350

case KS_SEARCH_SUBSTR:

1351

strcat(search,"*");

1352

break;

1353

1354

case KS_SEARCH_MAIL:

1355

strcat(search,">*");

1356

break;

1357

1358

case KS_SEARCH_MAILSUB:

1359

strcat(search,"*>*");

1360

break;

1361

1362

case KS_SEARCH_EXACT:

1363

case KS_SEARCH_KEYID_LONG:

1364

case KS_SEARCH_KEYID_SHORT:

1365

break;

1366

}

1367

1368

strcat(search,")");

1369

1370

if(!opt->flags.include_disabled)

1371

strcat(search,"(pgpDisabled=0)");

1372

1373

if(!opt->flags.include_revoked)

1374

strcat(search,"(pgpRevoked=0)");

1375

1376

if(!opt->flags.include_disabled || !opt->flags.include_revoked)

1377

strcat(search,")");

1333

1378

1334

1379

if(opt->verbose>2)

1335

1380

fprintf(console,"gpgkeys: LDAP search for: %s\n",search);

Older »