static GtkWidget * check_default_keyserver (SettingsDlg *dialog) { keyserver_spec_t kspec; if (dialog->gnupg21) return NULL; /* GnuPG manages the keyservers. */ keyserver_selected_from_list_cb (dialog); if (!dialog->keyserver.url) return NULL; /* No keyserver is just fine. */ kspec = parse_keyserver_uri (dialog->keyserver.url, 0, NULL, 0); if (!kspec) return GTK_WIDGET (dialog->keyserver.combo); if (!kspec->host || (kspec->scheme && !(!strcmp (kspec->scheme, "hkp") || !strcmp (kspec->scheme, "http") || !strcmp (kspec->scheme, "ldap") || !strcmp (kspec->scheme, "finger") || !strcmp (kspec->scheme, "mailto")))) { free_keyserver_spec (kspec); return GTK_WIDGET (dialog->keyserver.combo); } free_keyserver_spec (kspec); return NULL; }
/* Import key pointed to by a PKA record. Return the requested fingerprint in fpr. */ int keyserver_import_pka (ctrl_t ctrl, const char *name,unsigned char **fpr,size_t *fpr_len) { char *uri; int rc = G10ERR_NO_PUBKEY; *fpr = xmalloc (20); *fpr_len = 20; uri = get_pka_info (name, *fpr); if (uri && *uri) { /* An URI is available. Lookup the key. */ struct keyserver_spec *spec; spec = parse_keyserver_uri (uri, 1, NULL, 0); if (spec) { rc = keyserver_import_fprint (ctrl, *fpr, 20, spec); free_keyserver_spec (spec); } xfree (uri); } if (rc) { xfree(*fpr); *fpr = NULL; } return rc; }
SeahorseServerSource* seahorse_server_source_new (const gchar *server) { SeahorseServerSource *ssrc = NULL; const gchar *scheme; const gchar *host; gchar *uri, *t; g_return_val_if_fail (server && server[0], NULL); uri = g_strdup (server); if (!parse_keyserver_uri (uri, &scheme, &host)) { g_warning ("invalid uri passed: %s", server); } else { #ifdef WITH_LDAP /* LDAP Uris */ if (g_ascii_strcasecmp (scheme, "ldap") == 0) ssrc = SEAHORSE_SERVER_SOURCE (seahorse_ldap_source_new (server, host)); else #endif /* WITH_LDAP */ #ifdef WITH_HKP /* HKP Uris */ if (g_ascii_strcasecmp (scheme, "hkp") == 0) { ssrc = SEAHORSE_SERVER_SOURCE (seahorse_hkp_source_new (server, host)); /* HTTP Uris */ } else if (g_ascii_strcasecmp (scheme, "http") == 0 || g_ascii_strcasecmp (scheme, "https") == 0) { /* If already have a port */ if (strchr (host, ':')) ssrc = SEAHORSE_SERVER_SOURCE (seahorse_hkp_source_new (server, host)); /* No port make sure to use defaults */ else { t = g_strdup_printf ("%s:%d", host, (g_ascii_strcasecmp (scheme, "http") == 0) ? 80 : 443); ssrc = SEAHORSE_SERVER_SOURCE (seahorse_hkp_source_new (server, t)); g_free (t); } } else #endif /* WITH_HKP */ g_warning ("unsupported key server uri scheme: %s", scheme); } g_free (uri); return ssrc; }
struct keyserver_spec * parse_preferred_keyserver(PKT_signature *sig) { struct keyserver_spec *spec=NULL; const byte *p; size_t plen; p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&plen); if(p && plen) { byte *dupe=xmalloc(plen+1); memcpy(dupe,p,plen); dupe[plen]='\0'; spec=parse_keyserver_uri(dupe,1,NULL,0); xfree(dupe); } return spec; }
/* Import key in a CERT or pointed to by a CERT */ int keyserver_import_cert (ctrl_t ctrl, const char *name,unsigned char **fpr,size_t *fpr_len) { gpg_error_t err; char *domain,*look,*url; estream_t key; look=xstrdup(name); domain=strrchr(look,'@'); if(domain) *domain='.'; err = get_dns_cert (look, &key, fpr, fpr_len, &url); if (err) ; else if (key) { int armor_status=opt.no_armor; /* CERTs are always in binary format */ opt.no_armor=1; err = import_keys_es_stream (ctrl, key, NULL, fpr, fpr_len, opt.keyserver_options.import_options); opt.no_armor=armor_status; es_fclose (key); key = NULL; } else if (*fpr) { /* We only consider the IPGP type if a fingerprint was provided. This lets us select the right key regardless of what a URL points to, or get the key from a keyserver. */ if(url) { struct keyserver_spec *spec; spec=parse_keyserver_uri(url,1,NULL,0); if(spec) { err = keyserver_import_fprint (ctrl, *fpr,*fpr_len,spec); free_keyserver_spec(spec); } } else if(opt.keyserver) { /* If only a fingerprint is provided, try and fetch it from our --keyserver */ err = keyserver_import_fprint (ctrl, *fpr,*fpr_len,opt.keyserver); } else log_info(_("no keyserver known (use option --keyserver)\n")); /* Give a better string here? "CERT fingerprint for \"%s\" found, but no keyserver" " known (use option --keyserver)\n" ? */ } xfree(url); xfree(look); return err; }
/* Takes a string OPTIONS with the argument as used for gpg'c --auto-key-locate and returns an AKL list or NULL on error. Note that this function may modify OPTIONS. */ akl_t gpg_parse_auto_key_locate (char *options) { char *tok; akl_t result = NULL; while ( (tok = optsep (&options)) ) { akl_t akl, check; akl_t last = NULL; int dupe = 0; if (!tok[0]) continue; akl = xcalloc (1, sizeof (*akl)); if (!g_ascii_strcasecmp (tok, "nodefault")) akl->type = AKL_NODEFAULT; else if (!g_ascii_strcasecmp (tok, "local")) akl->type = AKL_LOCAL; else if (!g_ascii_strcasecmp (tok, "ldap")) akl->type = AKL_LDAP; else if (!g_ascii_strcasecmp (tok, "keyserver")) akl->type = AKL_KEYSERVER; else if (!g_ascii_strcasecmp (tok, "cert")) akl->type = AKL_CERT; else if (!g_ascii_strcasecmp (tok,"pka")) akl->type = AKL_PKA; else if ((akl->spec = parse_keyserver_uri (tok, 1, NULL, 0))) akl->type = AKL_SPEC; else { gpg_free_akl (akl); gpg_release_akl (result); return NULL; } /* Check for duplicates. We must maintain the order the user gave us */ for (check = result; check; last=check, check=check->next) { if(check->type==akl->type && (akl->type!=AKL_SPEC || (akl->type==AKL_SPEC && !strcmp(check->spec->uri,akl->spec->uri)))) { dupe=1; gpg_free_akl(akl); break; } } if (!dupe) { if (last) last->next = akl; else result = akl; } } return result; }