1 /* ks-engine-ldap.c - talk to a LDAP keyserver
2 * Copyright (C) 2001, 2002, 2004, 2005, 2006
3 * 2007 Free Software Foundation, Inc.
4 * Copyright (C) 2015 g10 Code GmbH
6 * This file is part of GnuPG.
8 * GnuPG is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuPG is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <https://www.gnu.org/licenses/>.
35 # include <winsock2.h>
41 /* For OpenLDAP, to enable the API that we're using. */
42 # define LDAP_DEPRECATED 1
49 #include "ks-engine.h"
50 #include "ldap-parse-uri.h"
53 time_t timegm(struct tm *tm);
56 /* Convert an LDAP error to a GPG error. */
58 ldap_err_to_gpg_err (int code)
64 #ifdef LDAP_X_CONNECTING
65 case LDAP_X_CONNECTING: ec = GPG_ERR_LDAP_X_CONNECTING; break;
68 case LDAP_REFERRAL_LIMIT_EXCEEDED: ec = GPG_ERR_LDAP_REFERRAL_LIMIT; break;
69 case LDAP_CLIENT_LOOP: ec = GPG_ERR_LDAP_CLIENT_LOOP; break;
70 case LDAP_NO_RESULTS_RETURNED: ec = GPG_ERR_LDAP_NO_RESULTS; break;
71 case LDAP_CONTROL_NOT_FOUND: ec = GPG_ERR_LDAP_CONTROL_NOT_FOUND; break;
72 case LDAP_NOT_SUPPORTED: ec = GPG_ERR_LDAP_NOT_SUPPORTED; break;
73 case LDAP_CONNECT_ERROR: ec = GPG_ERR_LDAP_CONNECT; break;
74 case LDAP_NO_MEMORY: ec = GPG_ERR_LDAP_NO_MEMORY; break;
75 case LDAP_PARAM_ERROR: ec = GPG_ERR_LDAP_PARAM; break;
76 case LDAP_USER_CANCELLED: ec = GPG_ERR_LDAP_USER_CANCELLED; break;
77 case LDAP_FILTER_ERROR: ec = GPG_ERR_LDAP_FILTER; break;
78 case LDAP_AUTH_UNKNOWN: ec = GPG_ERR_LDAP_AUTH_UNKNOWN; break;
79 case LDAP_TIMEOUT: ec = GPG_ERR_LDAP_TIMEOUT; break;
80 case LDAP_DECODING_ERROR: ec = GPG_ERR_LDAP_DECODING; break;
81 case LDAP_ENCODING_ERROR: ec = GPG_ERR_LDAP_ENCODING; break;
82 case LDAP_LOCAL_ERROR: ec = GPG_ERR_LDAP_LOCAL; break;
83 case LDAP_SERVER_DOWN: ec = GPG_ERR_LDAP_SERVER_DOWN; break;
85 case LDAP_SUCCESS: ec = GPG_ERR_LDAP_SUCCESS; break;
87 case LDAP_OPERATIONS_ERROR: ec = GPG_ERR_LDAP_OPERATIONS; break;
88 case LDAP_PROTOCOL_ERROR: ec = GPG_ERR_LDAP_PROTOCOL; break;
89 case LDAP_TIMELIMIT_EXCEEDED: ec = GPG_ERR_LDAP_TIMELIMIT; break;
90 case LDAP_SIZELIMIT_EXCEEDED: ec = GPG_ERR_LDAP_SIZELIMIT; break;
91 case LDAP_COMPARE_FALSE: ec = GPG_ERR_LDAP_COMPARE_FALSE; break;
92 case LDAP_COMPARE_TRUE: ec = GPG_ERR_LDAP_COMPARE_TRUE; break;
93 case LDAP_AUTH_METHOD_NOT_SUPPORTED: ec=GPG_ERR_LDAP_UNSUPPORTED_AUTH;break;
94 case LDAP_STRONG_AUTH_REQUIRED: ec = GPG_ERR_LDAP_STRONG_AUTH_RQRD; break;
95 case LDAP_PARTIAL_RESULTS: ec = GPG_ERR_LDAP_PARTIAL_RESULTS; break;
96 case LDAP_REFERRAL: ec = GPG_ERR_LDAP_REFERRAL; break;
98 #ifdef LDAP_ADMINLIMIT_EXCEEDED
99 case LDAP_ADMINLIMIT_EXCEEDED: ec = GPG_ERR_LDAP_ADMINLIMIT; break;
102 #ifdef LDAP_UNAVAILABLE_CRITICAL_EXTENSION
103 case LDAP_UNAVAILABLE_CRITICAL_EXTENSION:
104 ec = GPG_ERR_LDAP_UNAVAIL_CRIT_EXTN; break;
107 case LDAP_CONFIDENTIALITY_REQUIRED: ec = GPG_ERR_LDAP_CONFIDENT_RQRD; break;
108 case LDAP_SASL_BIND_IN_PROGRESS: ec = GPG_ERR_LDAP_SASL_BIND_INPROG; break;
109 case LDAP_NO_SUCH_ATTRIBUTE: ec = GPG_ERR_LDAP_NO_SUCH_ATTRIBUTE; break;
110 case LDAP_UNDEFINED_TYPE: ec = GPG_ERR_LDAP_UNDEFINED_TYPE; break;
111 case LDAP_INAPPROPRIATE_MATCHING: ec = GPG_ERR_LDAP_BAD_MATCHING; break;
112 case LDAP_CONSTRAINT_VIOLATION: ec = GPG_ERR_LDAP_CONST_VIOLATION; break;
114 #ifdef LDAP_TYPE_OR_VALUE_EXISTS
115 case LDAP_TYPE_OR_VALUE_EXISTS: ec = GPG_ERR_LDAP_TYPE_VALUE_EXISTS; break;
118 case LDAP_INVALID_SYNTAX: ec = GPG_ERR_LDAP_INV_SYNTAX; break;
119 case LDAP_NO_SUCH_OBJECT: ec = GPG_ERR_LDAP_NO_SUCH_OBJ; break;
120 case LDAP_ALIAS_PROBLEM: ec = GPG_ERR_LDAP_ALIAS_PROBLEM; break;
121 case LDAP_INVALID_DN_SYNTAX: ec = GPG_ERR_LDAP_INV_DN_SYNTAX; break;
122 case LDAP_IS_LEAF: ec = GPG_ERR_LDAP_IS_LEAF; break;
123 case LDAP_ALIAS_DEREF_PROBLEM: ec = GPG_ERR_LDAP_ALIAS_DEREF; break;
125 #ifdef LDAP_X_PROXY_AUTHZ_FAILURE
126 case LDAP_X_PROXY_AUTHZ_FAILURE: ec = GPG_ERR_LDAP_X_PROXY_AUTH_FAIL; break;
129 case LDAP_INAPPROPRIATE_AUTH: ec = GPG_ERR_LDAP_BAD_AUTH; break;
130 case LDAP_INVALID_CREDENTIALS: ec = GPG_ERR_LDAP_INV_CREDENTIALS; break;
132 #ifdef LDAP_INSUFFICIENT_ACCESS
133 case LDAP_INSUFFICIENT_ACCESS: ec = GPG_ERR_LDAP_INSUFFICIENT_ACC; break;
136 case LDAP_BUSY: ec = GPG_ERR_LDAP_BUSY; break;
137 case LDAP_UNAVAILABLE: ec = GPG_ERR_LDAP_UNAVAILABLE; break;
138 case LDAP_UNWILLING_TO_PERFORM: ec = GPG_ERR_LDAP_UNWILL_TO_PERFORM; break;
139 case LDAP_LOOP_DETECT: ec = GPG_ERR_LDAP_LOOP_DETECT; break;
140 case LDAP_NAMING_VIOLATION: ec = GPG_ERR_LDAP_NAMING_VIOLATION; break;
141 case LDAP_OBJECT_CLASS_VIOLATION: ec = GPG_ERR_LDAP_OBJ_CLS_VIOLATION; break;
142 case LDAP_NOT_ALLOWED_ON_NONLEAF: ec=GPG_ERR_LDAP_NOT_ALLOW_NONLEAF;break;
143 case LDAP_NOT_ALLOWED_ON_RDN: ec = GPG_ERR_LDAP_NOT_ALLOW_ON_RDN; break;
144 case LDAP_ALREADY_EXISTS: ec = GPG_ERR_LDAP_ALREADY_EXISTS; break;
145 case LDAP_NO_OBJECT_CLASS_MODS: ec = GPG_ERR_LDAP_NO_OBJ_CLASS_MODS; break;
146 case LDAP_RESULTS_TOO_LARGE: ec = GPG_ERR_LDAP_RESULTS_TOO_LARGE; break;
147 case LDAP_AFFECTS_MULTIPLE_DSAS: ec = GPG_ERR_LDAP_AFFECTS_MULT_DSAS; break;
149 #ifdef LDAP_VLV_ERROR
150 case LDAP_VLV_ERROR: ec = GPG_ERR_LDAP_VLV; break;
153 case LDAP_OTHER: ec = GPG_ERR_LDAP_OTHER; break;
155 #ifdef LDAP_CUP_RESOURCES_EXHAUSTED
156 case LDAP_CUP_RESOURCES_EXHAUSTED: ec=GPG_ERR_LDAP_CUP_RESOURCE_LIMIT;break;
157 case LDAP_CUP_SECURITY_VIOLATION: ec=GPG_ERR_LDAP_CUP_SEC_VIOLATION; break;
158 case LDAP_CUP_INVALID_DATA: ec = GPG_ERR_LDAP_CUP_INV_DATA; break;
159 case LDAP_CUP_UNSUPPORTED_SCHEME: ec = GPG_ERR_LDAP_CUP_UNSUP_SCHEME; break;
160 case LDAP_CUP_RELOAD_REQUIRED: ec = GPG_ERR_LDAP_CUP_RELOAD; break;
163 #ifdef LDAP_CANCELLED
164 case LDAP_CANCELLED: ec = GPG_ERR_LDAP_CANCELLED; break;
167 #ifdef LDAP_NO_SUCH_OPERATION
168 case LDAP_NO_SUCH_OPERATION: ec = GPG_ERR_LDAP_NO_SUCH_OPERATION; break;
172 case LDAP_TOO_LATE: ec = GPG_ERR_LDAP_TOO_LATE; break;
175 #ifdef LDAP_CANNOT_CANCEL
176 case LDAP_CANNOT_CANCEL: ec = GPG_ERR_LDAP_CANNOT_CANCEL; break;
179 #ifdef LDAP_ASSERTION_FAILED
180 case LDAP_ASSERTION_FAILED: ec = GPG_ERR_LDAP_ASSERTION_FAILED; break;
183 #ifdef LDAP_PROXIED_AUTHORIZATION_DENIED
184 case LDAP_PROXIED_AUTHORIZATION_DENIED:
185 ec = GPG_ERR_LDAP_PROX_AUTH_DENIED; break;
189 #if defined(LDAP_E_ERROR) && defined(LDAP_X_ERROR)
190 if (LDAP_E_ERROR (code))
191 ec = GPG_ERR_LDAP_E_GENERAL;
192 else if (LDAP_X_ERROR (code))
193 ec = GPG_ERR_LDAP_X_GENERAL;
196 ec = GPG_ERR_LDAP_GENERAL;
203 /* Retrieve an LDAP error and return it's GPG equivalent. */
205 ldap_to_gpg_err (LDAP *ld)
207 #if defined(HAVE_LDAP_GET_OPTION) && defined(LDAP_OPT_ERROR_NUMBER)
210 if (ldap_get_option (ld, LDAP_OPT_ERROR_NUMBER, &err) == 0)
211 return ldap_err_to_gpg_err (err);
213 return GPG_ERR_GENERAL;
214 #elif defined(HAVE_LDAP_LD_ERRNO)
215 return ldap_err_to_gpg_err (ld->ld_errno);
217 /* We should never get here since the LDAP library should always
218 have either ldap_get_option or ld_errno, but just in case... */
219 return GPG_ERR_INTERNAL;
224 ldap2epochtime (const char *timestr)
229 memset (&pgptime, 0, sizeof(pgptime));
231 /* YYYYMMDDHHmmssZ */
233 sscanf (timestr, "%4d%2d%2d%2d%2d%2d",
241 pgptime.tm_year -= 1900;
242 pgptime.tm_isdst = -1;
245 /* mktime() takes the timezone into account, so we use timegm() */
247 answer = timegm (&pgptime);
252 /* Caller must free the result. */
254 tm2ldaptime (struct tm *tm)
259 /* YYYYMMDDHHmmssZ */
264 snprintf (buf, sizeof buf, "%04d%02d%02d%02d%02d%02dZ",
272 return xstrdup (buf);
276 /* Caller must free */
278 epoch2ldaptime (time_t stamp)
281 if (gmtime_r (&stamp, &tm))
282 return tm2ldaptime (&tm);
284 return xstrdup ("INVALID TIME");
288 /* Print a help output for the schemata supported by this module. */
290 ks_ldap_help (ctrl_t ctrl, parsed_uri_t uri)
293 "Handler for LDAP URLs:\n"
294 " ldap://host:port/[BASEDN]???[bindname=BINDNAME,password=PASSWORD]\n"
296 "Note: basedn, bindname and password need to be percent escaped. In\n"
297 "particular, spaces need to be replaced with %20 and commas with %2c.\n"
298 "bindname will typically be of the form:\n"
300 " uid=user%2cou=PGP%20Users%2cdc=EXAMPLE%2cdc=ORG\n"
302 "The ldaps:// and ldapi:// schemes are also supported. If ldaps is used\n"
303 "then the server's certificate will be checked. If it is not valid, any\n"
304 "operation will be aborted.\n"
306 "Supported methods: search, get, put\n";
310 err = ks_print_help (ctrl, " ldap");
311 else if (strcmp (uri->scheme, "ldap") == 0
312 || strcmp (uri->scheme, "ldaps") == 0
313 || strcmp (uri->scheme, "ldapi") == 0)
314 err = ks_print_help (ctrl, data);
321 /* Convert a keyspec to a filter. Return an error if the keyspec is
322 bad or is not supported. The filter is escaped and returned in
323 *filter. It is the caller's responsibility to free *filter.
324 *filter is only set if this function returns success (i.e., 0). */
326 keyspec_to_ldap_filter (const char *keyspec, char **filter, int only_exact)
328 /* Remove search type indicator and adjust PATTERN accordingly.
329 Note: don't include a preceding 0x when searching by keyid. */
331 /* XXX: Should we include disabled / revoke options? */
332 KEYDB_SEARCH_DESC desc;
336 gpg_error_t err = classify_user_id (keyspec, &desc, 1);
342 case KEYDB_SEARCH_MODE_EXACT:
343 f = xasprintf ("(pgpUserID=%s)",
344 (freeme = ldap_escape_filter (desc.u.name)));
347 case KEYDB_SEARCH_MODE_SUBSTR:
349 f = xasprintf ("(pgpUserID=*%s*)",
350 (freeme = ldap_escape_filter (desc.u.name)));
353 case KEYDB_SEARCH_MODE_MAIL:
355 f = xasprintf ("(pgpUserID=*<%s>*)",
356 (freeme = ldap_escape_filter (desc.u.name)));
359 case KEYDB_SEARCH_MODE_MAILSUB:
361 f = xasprintf ("(pgpUserID=*<*%s*>*)",
362 (freeme = ldap_escape_filter (desc.u.name)));
365 case KEYDB_SEARCH_MODE_MAILEND:
367 f = xasprintf ("(pgpUserID=*<*%s>*)",
368 (freeme = ldap_escape_filter (desc.u.name)));
371 case KEYDB_SEARCH_MODE_SHORT_KID:
372 f = xasprintf ("(pgpKeyID=%08lX)", (ulong) desc.u.kid[1]);
374 case KEYDB_SEARCH_MODE_LONG_KID:
375 f = xasprintf ("(pgpCertID=%08lX%08lX)",
376 (ulong) desc.u.kid[0], (ulong) desc.u.kid[1]);
379 case KEYDB_SEARCH_MODE_FPR16:
380 case KEYDB_SEARCH_MODE_FPR20:
381 case KEYDB_SEARCH_MODE_FPR:
382 case KEYDB_SEARCH_MODE_ISSUER:
383 case KEYDB_SEARCH_MODE_ISSUER_SN:
384 case KEYDB_SEARCH_MODE_SN:
385 case KEYDB_SEARCH_MODE_SUBJECT:
386 case KEYDB_SEARCH_MODE_KEYGRIP:
387 case KEYDB_SEARCH_MODE_WORDS:
388 case KEYDB_SEARCH_MODE_FIRST:
389 case KEYDB_SEARCH_MODE_NEXT:
398 log_error ("Unsupported search mode.\n");
399 return gpg_error (GPG_ERR_NOT_SUPPORTED);
409 /* Connect to an LDAP server and interrogate it.
411 - uri describes the server to connect to and various options
412 including whether to use TLS and the username and password (see
413 ldap_parse_uri for a description of the various fields).
415 This function returns:
417 - The ldap connection handle in *LDAP_CONNP.
419 - The base DN for the PGP key space by querying the
420 pgpBaseKeySpaceDN attribute (This is normally
421 'ou=PGP Keys,dc=EXAMPLE,dc=ORG').
423 - The attribute to lookup to find the pgp key. This is either
424 'pgpKey' or 'pgpKeyV2'.
426 - Whether this is a real ldap server. (It's unclear what this
429 The values are returned in the passed variables. If you pass NULL,
430 then the value won't be returned. It is the caller's
431 responsibility to release *LDAP_CONNP with ldap_unbind and xfree
432 *BASEDNP and *PGPKEYATTRP.
434 If this function successfully interrogated the server, it returns
435 0. If there was an LDAP error, it returns the LDAP error code. If
436 an error occurred, *basednp, etc., are undefined (and don't need to
439 If no LDAP error occurred, you still need to check that *basednp is
440 valid. If it is NULL, then the server does not appear to be an
441 OpenPGP Keyserver. In this case, you also do not need to xfree
444 my_ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
445 char **basednp, char **pgpkeyattrp, int *real_ldapp)
449 LDAP *ldap_conn = NULL;
451 char *user = uri->auth;
452 struct uri_tuple_s *password_param = uri_query_lookup (uri, "password");
453 char *password = password_param ? password_param->value : NULL;
456 /* Whether to look for the pgpKey or pgpKeyv2 attribute. */
457 char *pgpkeyattr = "pgpKey";
460 log_debug ("my_ldap_connect(%s:%d/%s????%s%s%s%s%s)\n",
461 uri->host, uri->port,
463 uri->auth ? "bindname=" : "", uri->auth ?: "",
464 uri->auth && password ? "," : "",
465 password ? "password=" : "", password ?: "");
467 /* If the uri specifies a secure connection and we don't support
468 TLS, then fail; don't silently revert to an insecure
472 #ifndef HAVE_LDAP_START_TLS_S
473 log_error ("Can't use LDAP to connect to the server: no TLS support.");
474 err = GPG_ERR_LDAP_NOT_SUPPORTED;
479 ldap_conn = ldap_init (uri->host, uri->port);
482 err = gpg_err_code_from_syserror ();
483 log_error ("Failed to open connection to LDAP server (%s://%s:%d)\n",
484 uri->scheme, uri->host, uri->port);
488 #ifdef HAVE_LDAP_SET_OPTION
490 int ver = LDAP_VERSION3;
492 err = ldap_set_option (ldap_conn, LDAP_OPT_PROTOCOL_VERSION, &ver);
493 if (err != LDAP_SUCCESS)
495 log_error ("gpgkeys: unable to go to LDAP 3: %s\n",
496 ldap_err2string (err));
502 /* XXX: It would be nice to have an option to provide the server's
505 #if defined(LDAP_OPT_X_TLS_CACERTFILE) && defined(HAVE_LDAP_SET_OPTION)
506 err = ldap_set_option (NULL, LDAP_OPT_X_TLS_CACERTFILE, ca_cert_file);
509 log_error ("unable to set ca-cert-file to '%s': %s\n",
510 ca_cert_file, ldap_err2string (err));
513 #endif /* LDAP_OPT_X_TLS_CACERTFILE && HAVE_LDAP_SET_OPTION */
516 #ifdef HAVE_LDAP_START_TLS_S
519 /* XXX: We need an option to determine whether to abort if the
520 certificate is bad or not. Right now we conservatively
521 default to checking the certificate and aborting. */
522 #ifndef HAVE_W32_SYSTEM
523 int check_cert = LDAP_OPT_X_TLS_HARD; /* LDAP_OPT_X_TLS_NEVER */
525 err = ldap_set_option (ldap_conn,
526 LDAP_OPT_X_TLS_REQUIRE_CERT, &check_cert);
529 log_error ("Failed to set TLS option on LDAP connection.\n");
533 /* On Windows, the certificates are checked by default. If the
534 option to disable checking mentioned above is ever
535 implemented, the way to do that on Windows is to install a
536 callback routine using ldap_set_option (..,
537 LDAP_OPT_SERVER_CERTIFICATE, ..); */
540 err = ldap_start_tls_s (ldap_conn,
541 #ifdef HAVE_W32_SYSTEM
542 /* ServerReturnValue, result */
545 /* ServerControls, ClientControls */
549 log_error ("Failed to connect to LDAP server with TLS.\n");
555 /* By default we don't bind as there is usually no need to. */
558 log_debug ("LDAP bind to %s, password %s\n",
559 user, password ? ">not shown<" : ">none<");
561 err = ldap_simple_bind_s (ldap_conn, user, password);
562 if (err != LDAP_SUCCESS)
564 log_error ("Internal LDAP bind error: %s\n",
565 ldap_err2string (err));
570 if (uri->path && *uri->path)
571 /* User specified base DN. */
573 basedn = xstrdup (uri->path);
575 /* If the user specifies a base DN, then we know the server is a
581 LDAPMessage *res = NULL;
582 /* Look for namingContexts. */
583 char *attr[] = { "namingContexts", NULL };
585 err = ldap_search_s (ldap_conn, "", LDAP_SCOPE_BASE,
586 "(objectClass=*)", attr, 0, &res);
587 if (err == LDAP_SUCCESS)
589 char **context = ldap_get_values (ldap_conn, res, "namingContexts");
591 /* We found some, so try each namingContext as the search
592 base and look for pgpBaseKeySpaceDN. Because we found
593 this, we know we're talking to a regular-ish LDAP
594 server and not an LDAP keyserver. */
598 { "pgpBaseKeySpaceDN", "pgpVersion", "pgpSoftware", NULL };
602 for (i = 0; context[i] && ! basedn; i++)
608 char *object = xasprintf ("cn=pgpServerInfo,%s",
610 err = ldap_search_s (ldap_conn, object, LDAP_SCOPE_BASE,
611 "(objectClass=*)", attr2, 0, &si_res);
615 if (err == LDAP_SUCCESS)
617 vals = ldap_get_values (ldap_conn, si_res,
618 "pgpBaseKeySpaceDN");
621 basedn = xtrystrdup (vals[0]);
622 ldap_value_free (vals);
625 vals = ldap_get_values (ldap_conn, si_res,
629 log_debug ("Server: \t%s\n", vals[0]);
630 ldap_value_free (vals);
633 vals = ldap_get_values (ldap_conn, si_res,
637 log_debug ("Version:\t%s\n", vals[0]);
638 ldap_value_free (vals);
642 /* From man ldap_search_s: "res parameter of
643 ldap_search_ext_s() and ldap_search_s() should be
644 freed with ldap_msgfree() regardless of return
645 value of these functions. */
646 ldap_msgfree (si_res);
649 ldap_value_free (context);
654 /* We don't have an answer yet, which means the server might
655 be an LDAP keyserver. */
657 LDAPMessage *si_res = NULL;
659 char *attr2[] = { "pgpBaseKeySpaceDN", "version", "software", NULL };
661 err = ldap_search_s (ldap_conn, "cn=pgpServerInfo", LDAP_SCOPE_BASE,
662 "(objectClass=*)", attr2, 0, &si_res);
663 if (err == LDAP_SUCCESS)
665 /* For the LDAP keyserver, this is always
666 "OU=ACTIVE,O=PGP KEYSPACE,C=US", but it might not be
669 vals = ldap_get_values (ldap_conn, si_res, "baseKeySpaceDN");
672 basedn = xtrystrdup (vals[0]);
673 ldap_value_free (vals);
676 vals = ldap_get_values (ldap_conn, si_res, "software");
679 log_debug ("ldap: Server: \t%s\n", vals[0]);
680 ldap_value_free (vals);
683 vals = ldap_get_values (ldap_conn, si_res, "version");
686 log_debug ("ldap: Version:\t%s\n", vals[0]);
688 /* If the version is high enough, use the new
689 pgpKeyV2 attribute. This design is iffy at best,
690 but it matches how PGP does it. I figure the NAI
691 folks assumed that there would never be an LDAP
692 keyserver vendor with a different numbering
694 if (atoi (vals[0]) > 1)
695 pgpkeyattr = "pgpKeyV2";
697 ldap_value_free (vals);
701 ldap_msgfree (si_res);
704 /* From man ldap_search_s: "res parameter of ldap_search_ext_s()
705 and ldap_search_s() should be freed with ldap_msgfree()
706 regardless of return value of these functions. */
713 log_debug ("ldap_conn: %p\n", ldap_conn);
714 log_debug ("real_ldap: %d\n", real_ldap);
715 log_debug ("basedn: %s\n", basedn);
716 log_debug ("pgpkeyattr: %s\n", pgpkeyattr);
719 if (! err && real_ldapp)
720 *real_ldapp = real_ldap;
729 *pgpkeyattrp = xstrdup (pgpkeyattr);
743 ldap_unbind (ldap_conn);
746 *ldap_connp = ldap_conn;
751 /* Extract keys from an LDAP reply and write them out to the output
752 stream OUTPUT in a format GnuPG can import (either the OpenPGP
753 binary format or armored format). */
755 extract_keys (estream_t output,
756 LDAP *ldap_conn, const char *certid, LDAPMessage *message)
760 es_fprintf (output, "INFO %s BEGIN\n", certid);
761 es_fprintf (output, "pub:%s:", certid);
763 /* Note: ldap_get_values returns a NULL terminates array of
765 vals = ldap_get_values (ldap_conn, message, "pgpkeytype");
768 if (strcmp (vals[0], "RSA") == 0)
769 es_fprintf (output, "1");
770 else if (strcmp (vals[0],"DSS/DH") == 0)
771 es_fprintf (output, "17");
772 ldap_value_free (vals);
775 es_fprintf (output, ":");
777 vals = ldap_get_values (ldap_conn, message, "pgpkeysize");
780 int v = atoi (vals[0]);
782 es_fprintf (output, "%d", v);
783 ldap_value_free (vals);
786 es_fprintf (output, ":");
788 vals = ldap_get_values (ldap_conn, message, "pgpkeycreatetime");
791 if (strlen (vals[0]) == 15)
792 es_fprintf (output, "%u", (unsigned int) ldap2epochtime (vals[0]));
793 ldap_value_free (vals);
796 es_fprintf (output, ":");
798 vals = ldap_get_values (ldap_conn, message, "pgpkeyexpiretime");
801 if (strlen (vals[0]) == 15)
802 es_fprintf (output, "%u", (unsigned int) ldap2epochtime (vals[0]));
803 ldap_value_free (vals);
806 es_fprintf (output, ":");
808 vals = ldap_get_values (ldap_conn, message, "pgprevoked");
811 if (atoi (vals[0]) == 1)
812 es_fprintf (output, "r");
813 ldap_value_free (vals);
816 es_fprintf (output, "\n");
818 vals = ldap_get_values (ldap_conn, message, "pgpuserid");
822 for (i = 0; vals[i]; i++)
823 es_fprintf (output, "uid:%s\n", vals[i]);
824 ldap_value_free (vals);
827 es_fprintf (output, "INFO %s END\n", certid);
830 /* Get the key described key the KEYSPEC string from the keyserver
831 identified by URI. On success R_FP has an open stream to read the
834 ks_ldap_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec,
842 LDAP *ldap_conn = NULL;
845 char *pgpkeyattr = NULL;
849 LDAPMessage *message = NULL;
855 /* For now we do not support LDAP over Tor. */
856 log_error (_("LDAP access not possible due to Tor mode\n"));
857 return gpg_error (GPG_ERR_NOT_SUPPORTED);
860 /* Before connecting to the server, make sure we have a sane
861 keyspec. If not, there is no need to establish a network
863 err = keyspec_to_ldap_filter (keyspec, &filter, 1);
867 /* Make sure we are talking to an OpenPGP LDAP server. */
868 ldap_err = my_ldap_connect (uri, &ldap_conn, &basedn, &pgpkeyattr, NULL);
869 if (ldap_err || !basedn)
872 err = ldap_err_to_gpg_err (ldap_err);
874 err = GPG_ERR_GENERAL;
879 /* The ordering is significant. Specifically, "pgpcertid" needs
880 to be the second item in the list, since everything after it
881 may be discarded we aren't in verbose mode. */
885 "pgpcertid", "pgpuserid", "pgpkeyid", "pgprevoked", "pgpdisabled",
886 "pgpkeycreatetime", "modifytimestamp", "pgpkeysize", "pgpkeytype",
889 /* 1 if we want just attribute types; 0 if we want both attribute
895 ldap_err = ldap_search_s (ldap_conn, basedn, LDAP_SCOPE_SUBTREE,
896 filter, attrs, attrsonly, &message);
899 err = ldap_err_to_gpg_err (ldap_err);
901 log_error ("gpgkeys: LDAP search error: %s\n",
902 ldap_err2string (ldap_err));
906 count = ldap_count_entries (ldap_conn, message);
909 log_error ("gpgkeys: key %s not found on keyserver\n", keyspec);
912 err = ldap_to_gpg_err (ldap_conn);
914 err = gpg_error (GPG_ERR_NO_DATA);
920 /* There may be more than one unique result for a given keyID,
921 so we should fetch them all (test this by fetching short key
924 /* The set of entries that we've seen. */
925 strlist_t seen = NULL;
928 for (each = ldap_first_entry (ldap_conn, message);
930 each = ldap_next_entry (ldap_conn, each))
935 /* Use the long keyid to remove duplicates. The LDAP
936 server returns the same keyid more than once if there
937 are multiple user IDs on the key. Note that this does
938 NOT mean that a keyid that exists multiple times on the
939 keyserver will not be fetched. It means that each KEY,
940 no matter how many user IDs share its keyid, will be
941 fetched only once. If a keyid that belongs to more
942 than one key is fetched, the server quite properly
943 responds with all matching keys. -ds */
945 certid = ldap_get_values (ldap_conn, each, "pgpcertid");
946 if (certid && certid[0])
948 if (! strlist_find (seen, certid[0]))
950 /* It's not a duplicate, add it */
952 add_to_strlist (&seen, certid[0]);
955 fp = es_fopenmem(0, "rw");
957 extract_keys (fp, ldap_conn, certid[0], each);
959 vals = ldap_get_values (ldap_conn, each, pgpkeyattr);
962 err = ldap_to_gpg_err (ldap_conn);
963 log_error("gpgkeys: unable to retrieve key %s "
964 "from keyserver\n", certid[0]);
969 /* We should strip the new lines. */
970 es_fprintf (fp, "KEY 0x%s BEGIN\n", certid[0]);
971 es_fputs (vals[0], fp);
972 es_fprintf (fp, "\nKEY 0x%s END\n", certid[0]);
974 ldap_value_free (vals);
979 ldap_value_free (certid);
985 err = gpg_error (GPG_ERR_NO_DATA);
991 ldap_msgfree (message);
1001 es_fseek (fp, 0, SEEK_SET);
1010 ldap_unbind (ldap_conn);
1017 /* Search the keyserver identified by URI for keys matching PATTERN.
1018 On success R_FP has an open stream to read the data. */
1020 ks_ldap_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
1026 char *filter = NULL;
1028 LDAP *ldap_conn = NULL;
1030 char *basedn = NULL;
1032 estream_t fp = NULL;
1038 /* For now we do not support LDAP over Tor. */
1039 log_error (_("LDAP access not possible due to Tor mode\n"));
1040 return gpg_error (GPG_ERR_NOT_SUPPORTED);
1043 /* Before connecting to the server, make sure we have a sane
1044 keyspec. If not, there is no need to establish a network
1046 err = keyspec_to_ldap_filter (pattern, &filter, 0);
1049 log_error ("Bad search pattern: '%s'\n", pattern);
1053 /* Make sure we are talking to an OpenPGP LDAP server. */
1054 ldap_err = my_ldap_connect (uri, &ldap_conn, &basedn, NULL, NULL);
1055 if (ldap_err || !basedn)
1058 err = ldap_err_to_gpg_err (ldap_err);
1060 err = GPG_ERR_GENERAL;
1064 /* Even if we have no results, we want to return a stream. */
1065 fp = es_fopenmem(0, "rw");
1068 err = gpg_error_from_syserror ();
1074 LDAPMessage *res, *each;
1076 strlist_t dupelist = NULL;
1078 /* The maximum size of the search, including the optional stuff
1079 and the trailing \0 */
1082 "pgpcertid", "pgpuserid", "pgprevoked", "pgpdisabled",
1083 "pgpkeycreatetime", "pgpkeyexpiretime", "modifytimestamp",
1084 "pgpkeysize", "pgpkeytype", NULL
1087 log_debug ("SEARCH '%s' => '%s' BEGIN\n", pattern, filter);
1089 ldap_err = ldap_search_s (ldap_conn, basedn,
1090 LDAP_SCOPE_SUBTREE, filter, attrs, 0, &res);
1095 if (ldap_err != LDAP_SUCCESS && ldap_err != LDAP_SIZELIMIT_EXCEEDED)
1097 err = ldap_err_to_gpg_err (ldap_err);
1099 log_error ("SEARCH %s FAILED %d\n", pattern, err);
1100 log_error ("gpgkeys: LDAP search error: %s\n",
1101 ldap_err2string (err));
1105 /* The LDAP server doesn't return a real count of unique keys, so we
1106 can't use ldap_count_entries here. */
1107 for (each = ldap_first_entry (ldap_conn, res);
1109 each = ldap_next_entry (ldap_conn, each))
1111 char **certid = ldap_get_values (ldap_conn, each, "pgpcertid");
1112 if (certid && certid[0] && ! strlist_find (dupelist, certid[0]))
1114 add_to_strlist (&dupelist, certid[0]);
1119 if (ldap_err == LDAP_SIZELIMIT_EXCEEDED)
1122 log_error ("gpgkeys: search results exceeded server limit."
1123 " First 1 result shown.\n");
1125 log_error ("gpgkeys: search results exceeded server limit."
1126 " First %d results shown.\n", count);
1129 free_strlist (dupelist);
1133 es_fputs ("info:1:0\n", fp);
1136 es_fprintf (fp, "info:1:%d\n", count);
1138 for (each = ldap_first_entry (ldap_conn, res);
1140 each = ldap_next_entry (ldap_conn, each))
1145 certid = ldap_get_values (ldap_conn, each, "pgpcertid");
1146 if (! certid || ! certid[0])
1149 /* Have we seen this certid before? */
1150 if (! strlist_find (dupelist, certid[0]))
1152 add_to_strlist (&dupelist, certid[0]);
1154 es_fprintf (fp, "pub:%s:",certid[0]);
1156 vals = ldap_get_values (ldap_conn, each, "pgpkeytype");
1159 /* The LDAP server doesn't exactly handle this
1161 if (strcasecmp (vals[0], "RSA") == 0)
1163 else if (strcasecmp (vals[0], "DSS/DH") == 0)
1164 es_fputs ("17", fp);
1165 ldap_value_free (vals);
1170 vals = ldap_get_values (ldap_conn, each, "pgpkeysize");
1173 /* Not sure why, but some keys are listed with a
1174 key size of 0. Treat that like an unknown. */
1175 if (atoi (vals[0]) > 0)
1176 es_fprintf (fp, "%d", atoi (vals[0]));
1177 ldap_value_free (vals);
1182 /* YYYYMMDDHHmmssZ */
1184 vals = ldap_get_values (ldap_conn, each, "pgpkeycreatetime");
1185 if(vals && strlen (vals[0]) == 15)
1187 es_fprintf (fp, "%u",
1188 (unsigned int) ldap2epochtime(vals[0]));
1189 ldap_value_free (vals);
1194 vals = ldap_get_values (ldap_conn, each, "pgpkeyexpiretime");
1195 if (vals && strlen (vals[0]) == 15)
1197 es_fprintf (fp, "%u",
1198 (unsigned int) ldap2epochtime (vals[0]));
1199 ldap_value_free (vals);
1204 vals = ldap_get_values (ldap_conn, each, "pgprevoked");
1207 if (atoi (vals[0]) == 1)
1208 es_fprintf (fp, "r");
1209 ldap_value_free (vals);
1212 vals = ldap_get_values (ldap_conn, each, "pgpdisabled");
1215 if (atoi (vals[0]) ==1)
1216 es_fprintf (fp, "d");
1217 ldap_value_free (vals);
1221 /* This is not yet specified in the keyserver
1222 protocol, but may be someday. */
1225 vals = ldap_get_values (ldap_conn, each, "modifytimestamp");
1226 if(vals && strlen (vals[0]) == 15)
1228 es_fprintf (fp, "%u",
1229 (unsigned int) ldap2epochtime (vals[0]));
1230 ldap_value_free (vals);
1234 es_fprintf (fp, "\n");
1236 /* Now print all the uids that have this certid */
1237 for (uids = ldap_first_entry (ldap_conn, res);
1239 uids = ldap_next_entry (ldap_conn, uids))
1241 vals = ldap_get_values (ldap_conn, uids, "pgpcertid");
1245 if (strcasecmp (certid[0], vals[0]) == 0)
1249 es_fprintf (fp, "uid:");
1251 uidvals = ldap_get_values (ldap_conn,
1255 /* Need to escape any colons */
1256 char *quoted = percent_escape (uidvals[0], NULL);
1257 es_fputs (quoted, fp);
1259 ldap_value_free (uidvals);
1262 es_fprintf (fp, "\n");
1265 ldap_value_free(vals);
1269 ldap_value_free (certid);
1274 free_strlist (dupelist);
1277 log_debug ("SEARCH %s END\n", pattern);
1287 /* Return the read stream. */
1289 es_fseek (fp, 0, SEEK_SET);
1297 ldap_unbind (ldap_conn);
1306 /* A modlist describes a set of changes to an LDAP entry. (An entry
1307 consists of 1 or more attributes. Attributes are <name, value>
1308 pairs. Note: an attribute may be multi-valued in which case
1309 multiple values are associated with a single name.)
1311 A modlist is a NULL terminated array of struct LDAPMod's.
1321 Is the ith modification.
1323 Each LDAPMod describes a change to a single attribute. Further,
1324 there is one modification for each attribute that we want to
1325 change. The attribute's new value is stored in LDAPMod.mod_values.
1326 If the attribute is multi-valued, we still only use a single
1327 LDAPMod structure: mod_values is a NULL-terminated array of
1328 strings. To delete an attribute from an entry, we set mod_values
1333 modlist[i]->mod_values == NULL
1335 then we remove the attribute.
1337 (Using LDAP_MOD_DELETE doesn't work here as we don't know if the
1338 attribute in question exists or not.)
1340 Note: this function does NOT copy or free ATTR. It does copy
1343 modlist_add (LDAPMod ***modlistp, char *attr, const char *value)
1345 LDAPMod **modlist = *modlistp;
1350 /* Search modlist for the attribute we're playing with. If modlist
1351 is NULL, then the list is empty. Recall: modlist is a NULL
1352 terminated array. */
1353 for (m = modlist; m && *m; m++, nummods ++)
1355 /* The attribute is already on the list. */
1359 if (strcasecmp ((*m)->mod_type, attr) != 0)
1362 /* We have this attribute already, so when the REPLACE happens,
1363 the server attributes will be replaced anyway. */
1367 /* Attributes can be multi-valued. See if the value is already
1368 present. mod_values is a NULL terminated array of pointers.
1369 Note: mod_values can be NULL. */
1370 for (ptr = (*m)->mod_values; ptr && *ptr; ptr++)
1372 if (strcmp (*ptr, value) == 0)
1373 /* Duplicate value, we're done. */
1378 /* Append the value. */
1379 ptr = xrealloc ((*m)->mod_values, sizeof (char *) * (numvalues + 2));
1381 (*m)->mod_values = ptr;
1382 ptr[numvalues] = xstrdup (value);
1384 ptr[numvalues + 1] = NULL;
1389 /* We didn't find the attr, so make one and add it to the end */
1391 /* Like attribute values, the list of attributes is NULL terminated
1392 array of pointers. */
1393 modlist = xrealloc (modlist, sizeof (LDAPMod *) * (nummods + 2));
1395 *modlistp = modlist;
1396 modlist[nummods] = xmalloc (sizeof (LDAPMod));
1398 modlist[nummods]->mod_op = LDAP_MOD_REPLACE;
1399 modlist[nummods]->mod_type = attr;
1402 modlist[nummods]->mod_values = xmalloc (sizeof(char *) * 2);
1404 modlist[nummods]->mod_values[0] = xstrdup (value);
1405 modlist[nummods]->mod_values[1] = NULL;
1408 modlist[nummods]->mod_values = NULL;
1410 modlist[nummods + 1] = NULL;
1415 /* Look up the value of an attribute in the specified modlist. If the
1416 attribute is not on the mod list, returns NULL. The result is a
1417 NULL-terminated array of strings. Don't change it. */
1419 modlist_lookup (LDAPMod **modlist, const char *attr)
1422 for (m = modlist; m && *m; m++)
1424 if (strcasecmp ((*m)->mod_type, attr) != 0)
1427 return (*m)->mod_values;
1433 /* Dump a modlist to a file. This is useful for debugging. */
1434 static estream_t modlist_dump (LDAPMod **modlist, estream_t output)
1438 modlist_dump (LDAPMod **modlist, estream_t output)
1446 output = es_fopenmem (0, "rw");
1452 for (m = modlist; m && *m; m++)
1454 es_fprintf (output, " %s:", (*m)->mod_type);
1456 if (! (*m)->mod_values)
1457 es_fprintf(output, " delete.\n");
1464 if ((*m)->mod_values[0] && (*m)->mod_values[1])
1465 /* Have at least 2. */
1469 es_fprintf (output, "\n");
1471 for ((ptr = (*m)->mod_values), (i = 1); ptr && *ptr; ptr++, i ++)
1473 /* Assuming terminals are about 80 characters wide,
1474 display at most most about 10 lines of debugging
1475 output. If we do trim the buffer, append '...' to
1477 const int max_len = 10 * 70;
1478 size_t value_len = strlen (*ptr);
1479 int elide = value_len > max_len;
1482 es_fprintf (output, " %d. ", i);
1483 es_fprintf (output, "`%.*s", max_len, *ptr);
1485 es_fprintf (output, "...' (%zd bytes elided)",
1486 value_len - max_len);
1488 es_fprintf (output, "'");
1489 es_fprintf (output, "\n");
1495 es_fseek (output, 0, SEEK_SET);
1500 /* Free all of the memory allocated by the mod list. This assumes
1501 that the attribute names don't have to be freed, but the attributes
1502 values do. (Which is what modlist_add does.) */
1504 modlist_free (LDAPMod **modlist)
1511 /* Unwind and free the whole modlist structure */
1513 /* The modlist is a NULL terminated array of pointers. */
1514 for (ml = modlist; *ml; ml++)
1519 /* The list of values is a NULL termianted array of pointers.
1520 If the list is NULL, there are no values. */
1522 if (mod->mod_values)
1524 for (ptr = mod->mod_values; *ptr; ptr++)
1527 xfree (mod->mod_values);
1535 /* Append two onto the end of one. Two is not freed, but its pointers
1536 are now part of one. Make sure you don't free them both!
1538 As long as you don't add anything to ONE, TWO is still valid.
1539 After that all bets are off. */
1541 modlists_join (LDAPMod ***one, LDAPMod **two)
1543 int i, one_count = 0, two_count = 0;
1547 /* two is empty. Nothing to do. */
1551 /* one is empty. Just set it equal to *two. */
1557 for (grow = *one; *grow; grow++)
1560 for (grow = two; *grow; grow++)
1563 grow = xrealloc (*one, sizeof(LDAPMod *) * (one_count + two_count + 1));
1565 for (i = 0; i < two_count; i++)
1566 grow[one_count + i] = two[i];
1568 grow[one_count + i] = NULL;
1573 /* Given a string, unescape C escapes. In particular, \xXX. This
1574 modifies the string in place. */
1576 uncescape (char *str)
1581 char *first = strchr (str, '\\');
1583 /* No backslashes => no escaping. We're done. */
1586 /* Start at the first '\\'. */
1587 r = w = (uintptr_t) first - (uintptr_t) str;
1591 /* XXX: What to do about bad escapes?
1592 XXX: hextobyte already checks the string thus the hexdigitp
1593 could be removed. */
1594 if (str[r] == '\\' && str[r + 1] == 'x'
1595 && str[r+2] && str[r+3]
1596 && hexdigitp (str + r + 2)
1597 && hexdigitp (str + r + 3))
1599 int x = hextobyte (&str[r + 2]);
1600 assert (0 <= x && x <= 0xff);
1604 /* We consumed 4 characters and wrote 1. */
1609 str[w ++] = str[r ++];
1615 /* Given one line from an info block (`gpg --list-{keys,sigs}
1616 --with-colons KEYID'), pull it apart and fill in the modlist with
1617 the relevant (for the LDAP schema) attributes. */
1619 extract_attributes (LDAPMod ***modlist, char *line)
1626 int is_pub, is_sub, is_uid, is_sig;
1628 /* Remove trailing whitespace */
1629 trim_trailing_spaces (line);
1631 fields = strsplit (line, ':', '\0', &field_count);
1632 if (field_count == 1)
1633 /* We only have a single field. There is definitely nothing to
1637 if (field_count < 7)
1640 is_pub = strcasecmp ("pub", fields[0]) == 0;
1641 is_sub = strcasecmp ("sub", fields[0]) == 0;
1642 is_uid = strcasecmp ("uid", fields[0]) == 0;
1643 is_sig = strcasecmp ("sig", fields[0]) == 0;
1645 if (!is_pub && !is_sub && !is_uid && !is_sig)
1646 /* Not a relevant line. */
1651 if (is_uid && strlen (keyid) == 0)
1652 /* The uid record type can have an empty keyid. */
1654 else if (strlen (keyid) == 16
1655 && strspn (keyid, "0123456789aAbBcCdDeEfF") == 16)
1656 /* Otherwise, we expect exactly 16 hex characters. */
1660 log_error ("malformed record!\n");
1669 for (flags = fields[1]; *flags; flags ++)
1683 /* Note: we always create the pgpDisabled and pgpRevoked
1684 attributes, regardless of whether the key is disabled/revoked
1685 or not. This is because a very common search is like
1686 "(&(pgpUserID=*isabella*)(pgpDisabled=0))" */
1690 modlist_add (modlist,"pgpDisabled", disabled ? "1" : "0");
1691 modlist_add (modlist,"pgpRevoked", revoked ? "1" : "0");
1695 if (is_pub || is_sub)
1697 char *size = fields[2];
1698 int val = atoi (size);
1703 /* We zero pad this on the left to make PGP happy. */
1705 if (val < 99999 && val > 0)
1707 snprintf (padded, sizeof padded, "%05u", val);
1714 if (is_pub || is_sub)
1715 modlist_add (modlist, "pgpKeySize", size);
1721 char *algo = fields[3];
1722 int val = atoi (algo);
1741 modlist_add (modlist, "pgpKeyType", algo);
1745 if (is_pub || is_sub || is_sig)
1749 modlist_add (modlist, "pgpCertID", keyid);
1750 modlist_add (modlist, "pgpKeyID", &keyid[8]);
1754 modlist_add (modlist, "pgpSubKeyID", keyid);
1757 modlist_add (modlist, "pgpSignerID", keyid);
1762 char *create_time = fields[5];
1764 if (strlen (create_time) == 0)
1768 char *create_time_orig = create_time;
1773 memset (&tm, 0, sizeof (tm));
1775 /* parse_timestamp handles both seconds fromt he epoch and
1776 ISO 8601 format. We also need to handle YYYY-MM-DD
1777 format (as generated by gpg1 --with-colons --list-key).
1778 Check that first and then if it fails, then try
1781 if (!isodate_human_to_tm (create_time, &tm))
1782 create_time = tm2ldaptime (&tm);
1783 else if ((t = parse_timestamp (create_time, &end)) != (time_t) -1
1787 if (!gnupg_gmtime (&t, &tm))
1790 create_time = tm2ldaptime (&tm);
1796 /* Failed to parse string. */
1797 log_error ("Failed to parse creation time ('%s')",
1803 modlist_add (modlist, "pgpKeyCreateTime", create_time);
1804 xfree (create_time);
1810 char *expire_time = fields[6];
1812 if (strlen (expire_time) == 0)
1816 char *expire_time_orig = expire_time;
1821 memset (&tm, 0, sizeof (tm));
1823 /* parse_timestamp handles both seconds fromt he epoch and
1824 ISO 8601 format. We also need to handle YYYY-MM-DD
1825 format (as generated by gpg1 --with-colons --list-key).
1826 Check that first and then if it fails, then try
1829 if (!isodate_human_to_tm (expire_time, &tm))
1830 expire_time = tm2ldaptime (&tm);
1831 else if ((t = parse_timestamp (expire_time, &end)) != (time_t) -1
1834 if (!gnupg_gmtime (&t, &tm))
1837 expire_time = tm2ldaptime (&tm);
1843 /* Failed to parse string. */
1844 log_error ("Failed to parse creation time ('%s')",
1850 modlist_add (modlist, "pgpKeyExpireTime", expire_time);
1851 xfree (expire_time);
1855 if ((is_uid || is_pub) && field_count >= 10)
1857 char *uid = fields[9];
1859 if (is_pub && strlen (uid) == 0)
1860 /* When using gpg --list-keys, the uid is included. When
1861 passed via gpg, it is not. It is important to process it
1862 when it is present, because gpg 1 won't print a UID record
1863 if there is only one key. */
1868 modlist_add (modlist, "pgpUserID", uid);
1876 /* Send the key in {KEY,KEYLEN} with the metadata {INFO,INFOLEN} to
1877 the keyserver identified by URI. See server.c:cmd_ks_put for the
1878 format of the data and metadata. */
1880 ks_ldap_put (ctrl_t ctrl, parsed_uri_t uri,
1881 void *data, size_t datalen,
1882 void *info, size_t infolen)
1884 gpg_error_t err = 0;
1887 LDAP *ldap_conn = NULL;
1888 char *basedn = NULL;
1889 char *pgpkeyattr = NULL;
1892 LDAPMod **modlist = NULL;
1893 LDAPMod **addlist = NULL;
1895 char *data_armored = NULL;
1897 /* The last byte of the info block. */
1898 const char *infoend = (const char *) info + infolen - 1;
1900 /* Enable this code to dump the modlist to /tmp/modlist.txt. */
1902 # warning Disable debug code before checking in.
1903 const int dump_modlist = 1;
1905 const int dump_modlist = 0;
1907 estream_t dump = NULL;
1909 /* Elide a warning. */
1914 /* For now we do not support LDAP over Tor. */
1915 log_error (_("LDAP access not possible due to Tor mode\n"));
1916 return gpg_error (GPG_ERR_NOT_SUPPORTED);
1919 ldap_err = my_ldap_connect (uri,
1920 &ldap_conn, &basedn, &pgpkeyattr, &real_ldap);
1921 if (ldap_err || !basedn)
1924 err = ldap_err_to_gpg_err (ldap_err);
1926 err = GPG_ERR_GENERAL;
1931 /* We appear to have an OpenPGP Keyserver, which can unpack the key
1932 on its own (not just a dumb LDAP server). */
1934 LDAPMod mod, *attrs[2];
1935 char *key[] = { data, NULL };
1938 memset (&mod, 0, sizeof (mod));
1939 mod.mod_op = LDAP_MOD_ADD;
1940 mod.mod_type = pgpkeyattr;
1941 mod.mod_values = key;
1945 dn = xasprintf ("pgpCertid=virtual,%s", basedn);
1946 ldap_err = ldap_add_s (ldap_conn, dn, attrs);
1949 if (ldap_err != LDAP_SUCCESS)
1951 err = ldap_err_to_gpg_err (err);
1958 modlist = xmalloc (sizeof (LDAPMod *));
1963 dump = es_fopen("/tmp/modlist.txt", "w");
1965 log_error ("Failed to open /tmp/modlist.txt: %s\n",
1970 es_fprintf(dump, "data (%zd bytes)\n", datalen);
1971 es_fprintf(dump, "info (%zd bytes): '\n", infolen);
1972 es_fwrite(info, infolen, 1, dump);
1973 es_fprintf(dump, "'\n");
1977 /* Start by nulling out all attributes. We try and do a modify
1978 operation first, so this ensures that we don't leave old
1979 attributes lying around. */
1980 modlist_add (&modlist, "pgpDisabled", NULL);
1981 modlist_add (&modlist, "pgpKeyID", NULL);
1982 modlist_add (&modlist, "pgpKeyType", NULL);
1983 modlist_add (&modlist, "pgpUserID", NULL);
1984 modlist_add (&modlist, "pgpKeyCreateTime", NULL);
1985 modlist_add (&modlist, "pgpSignerID", NULL);
1986 modlist_add (&modlist, "pgpRevoked", NULL);
1987 modlist_add (&modlist, "pgpSubKeyID", NULL);
1988 modlist_add (&modlist, "pgpKeySize", NULL);
1989 modlist_add (&modlist, "pgpKeyExpireTime", NULL);
1990 modlist_add (&modlist, "pgpCertID", NULL);
1992 /* Assemble the INFO stuff into LDAP attributes */
1998 char *newline = memchr (info, '\n', infolen);
2000 /* The last line is not \n terminated! Make a copy so we can
2001 add a NUL terminator. */
2003 temp = xmalloc (infolen + 1);
2004 memcpy (temp, info, infolen);
2006 newline = (char *) info + infolen;
2011 extract_attributes (&modlist, info);
2013 infolen = infolen - ((uintptr_t) newline - (uintptr_t) info + 1);
2018 assert ((char *) info + infolen - 1 == infoend);
2021 assert (infolen == -1);
2026 modlist_add (&addlist, "objectClass", "pgpKeyInfo");
2028 err = armor_data (&data_armored, data, datalen);
2032 modlist_add (&addlist, pgpkeyattr, data_armored);
2034 /* Now append addlist onto modlist. */
2035 modlists_join (&modlist, addlist);
2039 estream_t input = modlist_dump (modlist, NULL);
2042 copy_stream (input, dump);
2047 /* Going on the assumption that modify operations are more frequent
2048 than adds, we try a modify first. If it's not there, we just
2049 turn around and send an add command for the same key. Otherwise,
2050 the modify brings the server copy into compliance with our copy.
2051 Note that unlike the LDAP keyserver (and really, any other
2052 keyserver) this does NOT merge signatures, but replaces the whole
2053 key. This should make some people very happy. */
2058 certid = modlist_lookup (modlist, "pgpCertID");
2059 if (/* We should have a value. */
2062 || !(certid[0] && !certid[1]))
2064 log_error ("Bad certid.\n");
2065 err = GPG_ERR_GENERAL;
2069 dn = xasprintf ("pgpCertID=%s,%s", certid[0], basedn);
2071 err = ldap_modify_s (ldap_conn, dn, modlist);
2072 if (err == LDAP_NO_SUCH_OBJECT)
2073 err = ldap_add_s (ldap_conn, dn, addlist);
2077 if (err != LDAP_SUCCESS)
2079 log_error ("gpgkeys: error adding key to keyserver: %s\n",
2080 ldap_err2string (err));
2081 err = ldap_err_to_gpg_err (err);
2090 ldap_unbind (ldap_conn);
2095 modlist_free (modlist);
2098 xfree (data_armored);