static GtkWidget *
check_default_keyserver (SettingsDlg *dialog)
{
keyserver_spec_t kspec;
if (dialog->gnupg21)
return NULL; /* GnuPG manages the keyservers. */
keyserver_selected_from_list_cb (dialog);
if (!dialog->keyserver.url)
return NULL; /* No keyserver is just fine. */
kspec = parse_keyserver_uri (dialog->keyserver.url, 0, NULL, 0);
if (!kspec)
return GTK_WIDGET (dialog->keyserver.combo);
if (!kspec->host
|| (kspec->scheme && !(!strcmp (kspec->scheme, "hkp")
|| !strcmp (kspec->scheme, "http")
|| !strcmp (kspec->scheme, "ldap")
|| !strcmp (kspec->scheme, "finger")
|| !strcmp (kspec->scheme, "mailto"))))
{
free_keyserver_spec (kspec);
return GTK_WIDGET (dialog->keyserver.combo);
}
free_keyserver_spec (kspec);
return NULL;
}
/* Import key pointed to by a PKA record. Return the requested
fingerprint in fpr. */
int
keyserver_import_pka (ctrl_t ctrl,
const char *name,unsigned char **fpr,size_t *fpr_len)
{
char *uri;
int rc = G10ERR_NO_PUBKEY;
*fpr = xmalloc (20);
*fpr_len = 20;
uri = get_pka_info (name, *fpr);
if (uri && *uri)
{
/* An URI is available. Lookup the key. */
struct keyserver_spec *spec;
spec = parse_keyserver_uri (uri, 1, NULL, 0);
if (spec)
{
rc = keyserver_import_fprint (ctrl, *fpr, 20, spec);
free_keyserver_spec (spec);
}
xfree (uri);
}
if (rc)
{
xfree(*fpr);
*fpr = NULL;
}
return rc;
}
SeahorseServerSource*
seahorse_server_source_new (const gchar *server)
{
SeahorseServerSource *ssrc = NULL;
const gchar *scheme;
const gchar *host;
gchar *uri, *t;
g_return_val_if_fail (server && server[0], NULL);
uri = g_strdup (server);
if (!parse_keyserver_uri (uri, &scheme, &host)) {
g_warning ("invalid uri passed: %s", server);
} else {
#ifdef WITH_LDAP
/* LDAP Uris */
if (g_ascii_strcasecmp (scheme, "ldap") == 0)
ssrc = SEAHORSE_SERVER_SOURCE (seahorse_ldap_source_new (server, host));
else
#endif /* WITH_LDAP */
#ifdef WITH_HKP
/* HKP Uris */
if (g_ascii_strcasecmp (scheme, "hkp") == 0) {
ssrc = SEAHORSE_SERVER_SOURCE (seahorse_hkp_source_new (server, host));
/* HTTP Uris */
} else if (g_ascii_strcasecmp (scheme, "http") == 0 ||
g_ascii_strcasecmp (scheme, "https") == 0) {
/* If already have a port */
if (strchr (host, ':'))
ssrc = SEAHORSE_SERVER_SOURCE (seahorse_hkp_source_new (server, host));
/* No port make sure to use defaults */
else {
t = g_strdup_printf ("%s:%d", host,
(g_ascii_strcasecmp (scheme, "http") == 0) ? 80 : 443);
ssrc = SEAHORSE_SERVER_SOURCE (seahorse_hkp_source_new (server, t));
g_free (t);
}
} else
#endif /* WITH_HKP */
g_warning ("unsupported key server uri scheme: %s", scheme);
}
g_free (uri);
return ssrc;
}
struct keyserver_spec *
parse_preferred_keyserver(PKT_signature *sig)
{
struct keyserver_spec *spec=NULL;
const byte *p;
size_t plen;
p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&plen);
if(p && plen)
{
byte *dupe=xmalloc(plen+1);
memcpy(dupe,p,plen);
dupe[plen]='\0';
spec=parse_keyserver_uri(dupe,1,NULL,0);
xfree(dupe);
}
return spec;
}
/* Import key in a CERT or pointed to by a CERT */
int
keyserver_import_cert (ctrl_t ctrl,
const char *name,unsigned char **fpr,size_t *fpr_len)
{
gpg_error_t err;
char *domain,*look,*url;
estream_t key;
look=xstrdup(name);
domain=strrchr(look,'@');
if(domain)
*domain='.';
err = get_dns_cert (look, &key, fpr, fpr_len, &url);
if (err)
;
else if (key)
{
int armor_status=opt.no_armor;
/* CERTs are always in binary format */
opt.no_armor=1;
err = import_keys_es_stream (ctrl, key, NULL, fpr, fpr_len,
opt.keyserver_options.import_options);
opt.no_armor=armor_status;
es_fclose (key);
key = NULL;
}
else if (*fpr)
{
/* We only consider the IPGP type if a fingerprint was provided.
This lets us select the right key regardless of what a URL
points to, or get the key from a keyserver. */
if(url)
{
struct keyserver_spec *spec;
spec=parse_keyserver_uri(url,1,NULL,0);
if(spec)
{
err = keyserver_import_fprint (ctrl, *fpr,*fpr_len,spec);
free_keyserver_spec(spec);
}
}
else if(opt.keyserver)
{
/* If only a fingerprint is provided, try and fetch it from
our --keyserver */
err = keyserver_import_fprint (ctrl, *fpr,*fpr_len,opt.keyserver);
}
else
log_info(_("no keyserver known (use option --keyserver)\n"));
/* Give a better string here? "CERT fingerprint for \"%s\"
found, but no keyserver" " known (use option
--keyserver)\n" ? */
}
xfree(url);
xfree(look);
return err;
}
/* Takes a string OPTIONS with the argument as used for gpg'c
--auto-key-locate and returns an AKL list or NULL on error. Note
that this function may modify OPTIONS. */
akl_t
gpg_parse_auto_key_locate (char *options)
{
char *tok;
akl_t result = NULL;
while ( (tok = optsep (&options)) )
{
akl_t akl, check;
akl_t last = NULL;
int dupe = 0;
if (!tok[0])
continue;
akl = xcalloc (1, sizeof (*akl));
if (!g_ascii_strcasecmp (tok, "nodefault"))
akl->type = AKL_NODEFAULT;
else if (!g_ascii_strcasecmp (tok, "local"))
akl->type = AKL_LOCAL;
else if (!g_ascii_strcasecmp (tok, "ldap"))
akl->type = AKL_LDAP;
else if (!g_ascii_strcasecmp (tok, "keyserver"))
akl->type = AKL_KEYSERVER;
else if (!g_ascii_strcasecmp (tok, "cert"))
akl->type = AKL_CERT;
else if (!g_ascii_strcasecmp (tok,"pka"))
akl->type = AKL_PKA;
else if ((akl->spec = parse_keyserver_uri (tok, 1, NULL, 0)))
akl->type = AKL_SPEC;
else
{
gpg_free_akl (akl);
gpg_release_akl (result);
return NULL;
}
/* Check for duplicates. We must maintain the order the user
gave us */
for (check = result; check; last=check, check=check->next)
{
if(check->type==akl->type
&& (akl->type!=AKL_SPEC
|| (akl->type==AKL_SPEC
&& !strcmp(check->spec->uri,akl->spec->uri))))
{
dupe=1;
gpg_free_akl(akl);
break;
}
}
if (!dupe)
{
if (last)
last->next = akl;
else
result = akl;
}
}
return result;
}
