Hello all,
I just started to use gpg, and I have to say I am impressed with
it. As I was converting my stuff over from NA's pgp format, I realized a
few keys I used often were missing and tried to import them from
keyservers using URI syntax like NA's pgp has (pgpk -a ). Alas, I
couldn't figure out how to make gpg do it, and it seemed like it wasn't
capable.
Well, now it is. Following is a patch that allows usage like the
following:
% gpg --import hkp://pgpkeys.mit.edu/foo@bar.com
The old syntax remains the same, where --import reads from stdin or a
filename.
I wrote it so that it would be (relatively) easy for someone to add
support for a "finger" URI, and so on. I haven't written any extras yet
myself because I didn't want to suggest a departure from how http.c is
written, and I haven't had enough time to absorb everything fully so as to
make use of what's already there in http.c and iobuf.c.
I also came across some weirdness in the make [dist]clean rule for the
stuff in 'intl/'. I commented out the libintl.h rule and that seemed to
fix it. There was also a potential overflow in the onld hkp_ask_import
when m_alloc()ing the request. This was fixed.
I hope someone finds this useful.
Cheers,
Jordan Ritter
Network Security Engineer
Ring-Zero, Netect, Inc. Boston, MA
"Quis custodiet ipsos custodes?"
-----
diff -u -r gnupg-0.9.2/g10/hkp.c gnupg-0.9.2-jpr5/g10/hkp.c
--- gnupg-0.9.2/g10/hkp.c Wed Jan 20 13:14:58 1999
+++ gnupg-0.9.2-jpr5/g10/hkp.c Tue Jan 26 13:41:02 1999
@@ -46,22 +46,27 @@
* import the key
* or other error codes.
*/
+
int
-hkp_ask_import( u32 *keyid )
+hkp_import( char *src )
{
- struct http_context hd;
+ char *query = "x-hkp://%s:11371/pks/lookup?op=get&search=%s";
char *request;
+ struct http_context hd;
int rc;
if( !opt.keyserver_name )
return -1;
- log_info("requesting key %08lX from %s ...\n", (ulong)keyid[1],
- opt.keyserver_name );
- request = m_alloc( strlen( opt.keyserver_name ) + 100 );
+
+ log_info("requesting key %s from %s ...\n", src,
+ opt.keyserver_name );
+ request = m_alloc( strlen ( query ) +
+ strlen ( src ) + strlen( opt.keyserver_name ) );
+
/* hkp does not accept the long keyid - we should really write a
* nicer one */
- sprintf( request, "x-hkp://%s:11371/pks/lookup?op=get&search=0x%08lX",
- opt.keyserver_name, (ulong)keyid[1] );
+ sprintf( request, query, opt.keyserver_name, src );
+
rc = http_open_document( &hd, request, 0 );
if( rc ) {
log_info("can't get key from keyserver: %s\n", g10_errstr(rc) );
@@ -74,6 +79,24 @@
m_free( request );
return rc;
}
+
+int
+hkp_import_keyid( u32 *k )
+{
+ char keyid[11];
+ sprintf(keyid,"0x%08lX",(u_long)k);
+
+ return hkp_import(keyid);
+}
+
+
+int
+hkp_import_name( char *n )
+{
+ return hkp_import(n);
+}
+
+
int
diff -u -r gnupg-0.9.2/g10/hkp.h gnupg-0.9.2-jpr5/g10/hkp.h
--- gnupg-0.9.2/g10/hkp.h Mon Jan 18 06:50:41 1999
+++ gnupg-0.9.2-jpr5/g10/hkp.h Tue Jan 26 13:29:00 1999
@@ -22,7 +22,9 @@
#define G10_HKP_H 1
-int hkp_ask_import( u32 *keyid );
+int hkp_import_keyid( u32 *keyid );
+int hkp_import_name( char *name );
+
int hkp_export( STRLIST users );
diff -u -r gnupg-0.9.2/g10/import.c gnupg-0.9.2-jpr5/g10/import.c
--- gnupg-0.9.2/g10/import.c Fri Jan 15 02:13:11 1999
+++ gnupg-0.9.2-jpr5/g10/import.c Tue Jan 26 13:47:42 1999
@@ -34,6 +34,7 @@
#include "trustdb.h"
#include "main.h"
#include "i18n.h"
+#include "hkp.h"
static struct {
@@ -104,31 +105,82 @@
* Key revocation certificates have special handling.
*
*/
+
int
-import_keys( const char *fname, int fast )
+import_keys( const char *src, int fast )
{
- IOBUF inp = NULL;
- int rc;
-
- inp = iobuf_open(fname);
- if( !fname )
- fname = "[stdin]";
- if( !inp ) {
- log_error_f(fname, _("can't open file: %s\n"), strerror(errno) );
- return G10ERR_OPEN_FILE;
- }
-
- rc = import( inp, fast, fname );
-
+ IOBUF inp = NULL;
+ int rc;
+
+ if ((inp = iobuf_open(src))) { /* file? */
+ if (!src)
+ src = "[stdin]";
+
+ rc = import( inp, fast, src );
+
iobuf_close(inp);
- return rc;
+
+ } else if (strchr(src,':')) { /* URI? */
+
+ rc = import_keys_uri(src);
+
+ } else {
+
+ log_error_f(src, _("can't open file: %s\n"), strerror(errno) );
+ rc = G10ERR_OPEN_FILE;
+
+ }
+
+ return rc;
}
+
int
import_keys_stream( IOBUF inp, int fast )
{
- return import( inp, fast, "[stream]" );
+ return import( inp, fast, "[stream]" );
}
+
+
+int
+import_keys_uri( const char *uri )
+{
+ char *token, *p = strchr(uri,':');
+ int rc;
+
+ if ((p == uri) || (strlen(p) < 3) || strncmp(p,"://",3))
+ return G10ERR_BAD_URI;
+ else p += 3;
+
+ if (*p == '/' || !(p = strchr(p,'/')))
+ return G10ERR_BAD_URI;
+ else p++;
+
+ if (!strlen(p))
+ return G10ERR_BAD_URI;
+
+ token = (char*)m_alloc(strlen(uri)+1);
+ strcpy(token,uri);
+
+ p = strchr(token,':');
+ *p = '\0';
+
+ opt.keyserver_name = p + 3;
+
+ p = strchr(opt.keyserver_name,'/');
+ *p++ = '\0';
+
+ if (!strcmp(token,"hkp")) {
+
+ rc = hkp_import_name(p);
+
+ /* else if (!strcmp(token,"finger")) { */
+ } else rc = G10ERR_INVALID_URI;
+
+ m_free(token);
+ return rc;
+}
+
static int
import( IOBUF inp, int fast, const char* fname )
diff -u -r gnupg-0.9.2/g10/main.h gnupg-0.9.2-jpr5/g10/main.h
--- gnupg-0.9.2/g10/main.h Mon Jan 18 06:44:08 1999
+++ gnupg-0.9.2-jpr5/g10/main.h Tue Jan 26 13:44:28 1999
@@ -110,6 +110,7 @@
/*-- import.c --*/
int import_keys( const char *filename, int fast );
int import_keys_stream( IOBUF inp, int fast );
+int import_keys_uri( const char *uri );
/*-- export.c --*/
int export_pubkeys( STRLIST users, int onlyrfc );
diff -u -r gnupg-0.9.2/g10/mainproc.c gnupg-0.9.2-jpr5/g10/mainproc.c
--- gnupg-0.9.2/g10/mainproc.c Wed Jan 20 16:44:01 1999
+++ gnupg-0.9.2-jpr5/g10/mainproc.c Mon Jan 25 23:14:41 1999
@@ -842,7 +842,7 @@
rc = do_check_sig(c, node, NULL );
if( rc == G10ERR_NO_PUBKEY && opt.keyserver_name ) {
- if( !hkp_ask_import( sig->keyid ) )
+ if( !hkp_import_keyid( sig->keyid ) )
rc = do_check_sig(c, node, NULL );
}
if( !rc || rc == G10ERR_BAD_SIGN ) {
diff -u -r gnupg-0.9.2/intl/Makefile.in gnupg-0.9.2-jpr5/intl/Makefile.in
--- gnupg-0.9.2/intl/Makefile.in Sat Jan 9 08:44:35 1999
+++ gnupg-0.9.2-jpr5/intl/Makefile.in Tue Jan 26 12:33:29 1999
@@ -168,7 +168,7 @@
mostlyclean:
rm -f *.a *.o *.lo core core.*
-clean: mostlyclean libintl.h
+clean: mostlyclean #libintl.h
distclean: clean
rm -f Makefile ID TAGS po2msg.sed po2tbl.sed
I just started to use gpg, and I have to say I am impressed with
it. As I was converting my stuff over from NA's pgp format, I realized a
few keys I used often were missing and tried to import them from
keyservers using URI syntax like NA's pgp has (pgpk -a ). Alas, I
couldn't figure out how to make gpg do it, and it seemed like it wasn't
capable.
Well, now it is. Following is a patch that allows usage like the
following:
% gpg --import hkp://pgpkeys.mit.edu/foo@bar.com
The old syntax remains the same, where --import reads from stdin or a
filename.
I wrote it so that it would be (relatively) easy for someone to add
support for a "finger" URI, and so on. I haven't written any extras yet
myself because I didn't want to suggest a departure from how http.c is
written, and I haven't had enough time to absorb everything fully so as to
make use of what's already there in http.c and iobuf.c.
I also came across some weirdness in the make [dist]clean rule for the
stuff in 'intl/'. I commented out the libintl.h rule and that seemed to
fix it. There was also a potential overflow in the onld hkp_ask_import
when m_alloc()ing the request. This was fixed.
I hope someone finds this useful.
Cheers,
Jordan Ritter
Network Security Engineer
Ring-Zero, Netect, Inc. Boston, MA
"Quis custodiet ipsos custodes?"
-----
diff -u -r gnupg-0.9.2/g10/hkp.c gnupg-0.9.2-jpr5/g10/hkp.c
--- gnupg-0.9.2/g10/hkp.c Wed Jan 20 13:14:58 1999
+++ gnupg-0.9.2-jpr5/g10/hkp.c Tue Jan 26 13:41:02 1999
@@ -46,22 +46,27 @@
* import the key
* or other error codes.
*/
+
int
-hkp_ask_import( u32 *keyid )
+hkp_import( char *src )
{
- struct http_context hd;
+ char *query = "x-hkp://%s:11371/pks/lookup?op=get&search=%s";
char *request;
+ struct http_context hd;
int rc;
if( !opt.keyserver_name )
return -1;
- log_info("requesting key %08lX from %s ...\n", (ulong)keyid[1],
- opt.keyserver_name );
- request = m_alloc( strlen( opt.keyserver_name ) + 100 );
+
+ log_info("requesting key %s from %s ...\n", src,
+ opt.keyserver_name );
+ request = m_alloc( strlen ( query ) +
+ strlen ( src ) + strlen( opt.keyserver_name ) );
+
/* hkp does not accept the long keyid - we should really write a
* nicer one */
- sprintf( request, "x-hkp://%s:11371/pks/lookup?op=get&search=0x%08lX",
- opt.keyserver_name, (ulong)keyid[1] );
+ sprintf( request, query, opt.keyserver_name, src );
+
rc = http_open_document( &hd, request, 0 );
if( rc ) {
log_info("can't get key from keyserver: %s\n", g10_errstr(rc) );
@@ -74,6 +79,24 @@
m_free( request );
return rc;
}
+
+int
+hkp_import_keyid( u32 *k )
+{
+ char keyid[11];
+ sprintf(keyid,"0x%08lX",(u_long)k);
+
+ return hkp_import(keyid);
+}
+
+
+int
+hkp_import_name( char *n )
+{
+ return hkp_import(n);
+}
+
+
int
diff -u -r gnupg-0.9.2/g10/hkp.h gnupg-0.9.2-jpr5/g10/hkp.h
--- gnupg-0.9.2/g10/hkp.h Mon Jan 18 06:50:41 1999
+++ gnupg-0.9.2-jpr5/g10/hkp.h Tue Jan 26 13:29:00 1999
@@ -22,7 +22,9 @@
#define G10_HKP_H 1
-int hkp_ask_import( u32 *keyid );
+int hkp_import_keyid( u32 *keyid );
+int hkp_import_name( char *name );
+
int hkp_export( STRLIST users );
diff -u -r gnupg-0.9.2/g10/import.c gnupg-0.9.2-jpr5/g10/import.c
--- gnupg-0.9.2/g10/import.c Fri Jan 15 02:13:11 1999
+++ gnupg-0.9.2-jpr5/g10/import.c Tue Jan 26 13:47:42 1999
@@ -34,6 +34,7 @@
#include "trustdb.h"
#include "main.h"
#include "i18n.h"
+#include "hkp.h"
static struct {
@@ -104,31 +105,82 @@
* Key revocation certificates have special handling.
*
*/
+
int
-import_keys( const char *fname, int fast )
+import_keys( const char *src, int fast )
{
- IOBUF inp = NULL;
- int rc;
-
- inp = iobuf_open(fname);
- if( !fname )
- fname = "[stdin]";
- if( !inp ) {
- log_error_f(fname, _("can't open file: %s\n"), strerror(errno) );
- return G10ERR_OPEN_FILE;
- }
-
- rc = import( inp, fast, fname );
-
+ IOBUF inp = NULL;
+ int rc;
+
+ if ((inp = iobuf_open(src))) { /* file? */
+ if (!src)
+ src = "[stdin]";
+
+ rc = import( inp, fast, src );
+
iobuf_close(inp);
- return rc;
+
+ } else if (strchr(src,':')) { /* URI? */
+
+ rc = import_keys_uri(src);
+
+ } else {
+
+ log_error_f(src, _("can't open file: %s\n"), strerror(errno) );
+ rc = G10ERR_OPEN_FILE;
+
+ }
+
+ return rc;
}
+
int
import_keys_stream( IOBUF inp, int fast )
{
- return import( inp, fast, "[stream]" );
+ return import( inp, fast, "[stream]" );
}
+
+
+int
+import_keys_uri( const char *uri )
+{
+ char *token, *p = strchr(uri,':');
+ int rc;
+
+ if ((p == uri) || (strlen(p) < 3) || strncmp(p,"://",3))
+ return G10ERR_BAD_URI;
+ else p += 3;
+
+ if (*p == '/' || !(p = strchr(p,'/')))
+ return G10ERR_BAD_URI;
+ else p++;
+
+ if (!strlen(p))
+ return G10ERR_BAD_URI;
+
+ token = (char*)m_alloc(strlen(uri)+1);
+ strcpy(token,uri);
+
+ p = strchr(token,':');
+ *p = '\0';
+
+ opt.keyserver_name = p + 3;
+
+ p = strchr(opt.keyserver_name,'/');
+ *p++ = '\0';
+
+ if (!strcmp(token,"hkp")) {
+
+ rc = hkp_import_name(p);
+
+ /* else if (!strcmp(token,"finger")) { */
+ } else rc = G10ERR_INVALID_URI;
+
+ m_free(token);
+ return rc;
+}
+
static int
import( IOBUF inp, int fast, const char* fname )
diff -u -r gnupg-0.9.2/g10/main.h gnupg-0.9.2-jpr5/g10/main.h
--- gnupg-0.9.2/g10/main.h Mon Jan 18 06:44:08 1999
+++ gnupg-0.9.2-jpr5/g10/main.h Tue Jan 26 13:44:28 1999
@@ -110,6 +110,7 @@
/*-- import.c --*/
int import_keys( const char *filename, int fast );
int import_keys_stream( IOBUF inp, int fast );
+int import_keys_uri( const char *uri );
/*-- export.c --*/
int export_pubkeys( STRLIST users, int onlyrfc );
diff -u -r gnupg-0.9.2/g10/mainproc.c gnupg-0.9.2-jpr5/g10/mainproc.c
--- gnupg-0.9.2/g10/mainproc.c Wed Jan 20 16:44:01 1999
+++ gnupg-0.9.2-jpr5/g10/mainproc.c Mon Jan 25 23:14:41 1999
@@ -842,7 +842,7 @@
rc = do_check_sig(c, node, NULL );
if( rc == G10ERR_NO_PUBKEY && opt.keyserver_name ) {
- if( !hkp_ask_import( sig->keyid ) )
+ if( !hkp_import_keyid( sig->keyid ) )
rc = do_check_sig(c, node, NULL );
}
if( !rc || rc == G10ERR_BAD_SIGN ) {
diff -u -r gnupg-0.9.2/intl/Makefile.in gnupg-0.9.2-jpr5/intl/Makefile.in
--- gnupg-0.9.2/intl/Makefile.in Sat Jan 9 08:44:35 1999
+++ gnupg-0.9.2-jpr5/intl/Makefile.in Tue Jan 26 12:33:29 1999
@@ -168,7 +168,7 @@
mostlyclean:
rm -f *.a *.o *.lo core core.*
-clean: mostlyclean libintl.h
+clean: mostlyclean #libintl.h
distclean: clean
rm -f Makefile ID TAGS po2msg.sed po2tbl.sed