2 * onak.c - An OpenPGP keyserver.
4 * This is the main swiss army knife binary.
6 * Copyright 2002 Jonathan McDowell <noodles@earth.li>
8 * This program is free software: you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the Free
10 * Software Foundation; version 2 of the License.
12 * This program is distributed in the hope that it will be useful, but WITHOUT
13 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
17 * You should have received a copy of the GNU General Public License along with
18 * this program. If not, see <https://www.gnu.org/licenses/>.
26 #include <sys/types.h>
30 #include "build-config.h"
33 #include "charfuncs.h"
39 #include "keystructs.h"
43 #include "onak-conf.h"
47 void find_keys(struct onak_dbctx *dbctx,
48 char *search, uint64_t keyid,
49 struct openpgp_fingerprint *fingerprint,
50 bool ishex, bool isfp, bool dispfp, bool skshash,
51 bool exact, bool verbose)
53 struct openpgp_publickey *publickey = NULL;
57 count = dbctx->fetch_key_id(dbctx, keyid, &publickey,
59 } else if (isfp && exact) {
60 count = dbctx->fetch_key(dbctx, fingerprint,
62 } else if (isfp && !exact) {
63 count = dbctx->fetch_key_fp(dbctx, fingerprint,
66 count = dbctx->fetch_key_text(dbctx, search, &publickey);
68 if (publickey != NULL) {
69 key_index(dbctx, publickey, verbose, dispfp, skshash,
71 free_publickey(publickey);
72 } else if (count == 0) {
73 puts("Key not found.");
75 printf("Found %d keys, but maximum number to return is %d.\n",
78 puts("Try again with a more specific search.");
83 * @brief Context for the keyserver dumping function
86 /** Keys we've dumped so far to this file */
88 /** Maximum keys to dump per file */
90 /** File descriptor for the current dump file */
92 /** Number of the current dump file */
94 /** Base filename to use for dump files */
98 void dump_func(void *ctx, struct openpgp_publickey *key)
100 struct openpgp_packet_list *packets = NULL;
101 struct openpgp_packet_list *list_end = NULL;
102 struct dump_ctx *state;
105 state = (struct dump_ctx *) ctx;
107 if (state->fd == -1 || state->count++ > state->maxcount) {
108 if (state->fd != -1) {
112 snprintf(filename, 1023, state->filebase, state->filenum);
113 state->fd = open(filename, O_CREAT | O_WRONLY | O_TRUNC, 0640);
117 flatten_publickey(key, &packets, &list_end);
118 write_openpgp_stream(file_putchar, &state->fd, packets);
119 free_packet_list(packets);
120 packets = list_end = NULL;
125 static uint8_t hex2bin(char c)
127 if (c >= '0' && c <= '9') {
129 } else if (c >= 'a' && c <= 'f') {
130 return (c - 'a' + 10);
131 } else if (c >= 'A' && c <= 'F') {
132 return (c - 'A' + 10);
139 puts("onak " ONAK_VERSION " - an OpenPGP keyserver.\n");
141 puts("\tonak [options] <command> <parameters>\n");
142 puts("\tCommands:\n");
143 puts("\tadd - read armored OpenPGP keys from stdin and add to the"
145 puts("\tclean - read armored OpenPGP keys from stdin, run the"
146 " cleaning\n\t routines against them and dump to"
148 puts("\tdelete - delete a given key from the keyserver");
149 puts("\tdump - dump all the keys from the keyserver to a file or"
150 " files\n\t starting keydump*");
151 puts("\tget - retrieves the key requested from the keyserver");
152 puts("\tgetphoto - retrieves the first photoid on the given key and"
153 " dumps to\n\t stdout");
154 puts("\tindex - search for a key and list it");
155 puts("\treindex - retrieve and re-store a key in the backend db");
156 puts("\tvindex - search for a key and list it and its signatures");
159 int main(int argc, char *argv[])
161 struct openpgp_packet_list *packets = NULL;
162 struct openpgp_packet_list *list_end = NULL;
163 struct openpgp_publickey *keys = NULL;
164 char *configfile = NULL;
165 int rc = EXIT_SUCCESS;
177 bool skshash = false;
179 struct dump_ctx dumpstate;
181 struct onak_dbctx *dbctx;
182 struct openpgp_fingerprint fingerprint;
184 while ((optchar = getopt(argc, argv, "bc:efsuv")) != -1 ) {
190 if (configfile != NULL) {
193 configfile = strdup(optarg);
208 setlogthreshold(LOGTHING_INFO);
213 readconfig(configfile);
214 initlogthing("onak", config.logfile);
217 if ((argc - optind) < 1) {
219 } else if (!strcmp("dump", argv[optind])) {
220 dbctx = config.dbinit(config.backend, true);
222 logthing(LOGTHING_ERROR,
223 "Failed to open key database.");
227 dumpstate.count = dumpstate.filenum = 0;
228 dumpstate.maxcount = 100000;
230 dumpstate.filebase = "keydump.%d.pgp";
231 dbctx->iterate_keys(dbctx, dump_func, &dumpstate);
232 if (dumpstate.fd != -1) {
236 dbctx->cleanupdb(dbctx);
237 } else if (!strcmp("add", argv[optind])) {
239 result = read_openpgp_stream(stdin_getchar, NULL,
241 logthing(LOGTHING_INFO,
242 "read_openpgp_stream: %d", result);
244 dearmor_openpgp_stream(stdin_getchar, NULL, &packets);
246 if (packets != NULL) {
247 result = parse_keys(packets, &keys);
248 free_packet_list(packets);
250 logthing(LOGTHING_INFO, "Finished reading %d keys.",
253 dbctx = config.dbinit(config.backend, false);
255 logthing(LOGTHING_ERROR,
256 "Failed to open key database.");
260 result = cleankeys(dbctx, &keys,
261 config.clean_policies);
262 logthing(LOGTHING_INFO, "%d keys cleaned.",
265 logthing(LOGTHING_NOTICE, "Got %d new keys.",
266 dbctx->update_keys(dbctx, &keys,
268 (config.clean_policies &
269 ONAK_CLEAN_UPDATE_ONLY),
271 if (keys != NULL && update) {
272 flatten_publickey(keys,
276 write_openpgp_stream(stdout_putchar,
280 armor_openpgp_stream(stdout_putchar,
284 free_packet_list(packets);
287 dbctx->cleanupdb(dbctx);
290 logthing(LOGTHING_NOTICE, "No keys read.");
294 free_publickey(keys);
298 logthing(LOGTHING_NOTICE, "No changes.");
300 } else if (!strcmp("clean", argv[optind])) {
301 dbctx = config.dbinit(config.backend, true);
303 logthing(LOGTHING_ERROR,
304 "Failed to open key database.");
309 result = read_openpgp_stream(stdin_getchar, NULL,
311 logthing(LOGTHING_INFO,
312 "read_openpgp_stream: %d", result);
314 dearmor_openpgp_stream(stdin_getchar, NULL, &packets);
317 if (packets != NULL) {
318 result = parse_keys(packets, &keys);
319 free_packet_list(packets);
321 logthing(LOGTHING_INFO, "Finished reading %d keys.",
325 result = cleankeys(dbctx, &keys,
326 config.clean_policies);
327 logthing(LOGTHING_INFO, "%d keys cleaned.",
330 flatten_publickey(keys,
335 write_openpgp_stream(stdout_putchar,
339 armor_openpgp_stream(stdout_putchar,
343 free_packet_list(packets);
348 logthing(LOGTHING_NOTICE, "No keys read.");
352 free_publickey(keys);
355 dbctx->cleanupdb(dbctx);
356 } else if (!strcmp("dumpconfig", argv[optind])) {
357 if ((argc - optind) == 2) {
358 writeconfig(argv[optind + 1]);
360 /* Dump config to stdout */
363 } else if ((argc - optind) == 2) {
364 search = argv[optind+1];
365 if (search != NULL && strlen(search) == 42 &&
366 search[0] == '0' && search[1] == 'x') {
368 fingerprint.length = 20;
369 for (i = 0; i < 20; i++) {
371 (hex2bin(search[2 + i * 2]) << 4) +
372 hex2bin(search[3 + i * 2]);
375 } else if (search != NULL && strlen(search) == 66 &&
376 search[0] == '0' && search[1] == 'x') {
378 fingerprint.length = 32;
379 for (i = 0; i < 32; i++) {
381 (hex2bin(search[2 + i * 2]) << 4) +
382 hex2bin(search[3 + i * 2]);
385 } else if (search != NULL) {
386 keyid = strtouq(search, &end, 16);
393 dbctx = config.dbinit(config.backend, false);
395 logthing(LOGTHING_ERROR,
396 "Failed to open key database.");
400 if (!strcmp("index", argv[optind])) {
401 find_keys(dbctx, search, keyid, &fingerprint, ishex,
402 isfp, dispfp, skshash,
404 } else if (!strcmp("vindex", argv[optind])) {
405 find_keys(dbctx, search, keyid, &fingerprint, ishex,
406 isfp, dispfp, skshash,
408 } else if (!strcmp("getphoto", argv[optind])) {
410 puts("Can't get a key on uid text."
411 " You must supply a keyid.");
412 } else if (dbctx->fetch_key_id(dbctx, keyid, &keys,
414 unsigned char *photo = NULL;
417 if (getphoto(keys, 0, &photo,
418 &length) == ONAK_E_OK) {
424 free_publickey(keys);
427 puts("Key not found");
429 } else if (!strcmp("delete", argv[optind])) {
431 if (dbctx->fetch_key_id(dbctx, keyid, &keys,
433 get_fingerprint(keys->publickey,
435 dbctx->delete_key(dbctx, &fingerprint,
437 free_publickey(keys);
441 dbctx->delete_key(dbctx, &fingerprint, false);
442 } else if (!strcmp("get", argv[optind])) {
443 if (!(ishex || isfp)) {
444 puts("Can't get a key on uid text."
445 " You must supply a keyid / "
448 dbctx->fetch_key_fp(dbctx,
452 dbctx->fetch_key_id(dbctx, keyid,
454 logthing(LOGTHING_INFO, "Got key.");
455 flatten_publickey(keys,
458 free_publickey(keys);
460 write_openpgp_stream(stdout_putchar,
464 armor_openpgp_stream(stdout_putchar,
468 free_packet_list(packets);
471 puts("Key not found");
473 } else if (!strcmp("hget", argv[optind])) {
474 if (!parse_skshash(search, &hash)) {
475 puts("Couldn't parse sks hash.");
476 } else if (dbctx->fetch_key_skshash(dbctx, &hash,
478 logthing(LOGTHING_INFO, "Got key.");
479 flatten_publickey(keys,
482 free_publickey(keys);
484 write_openpgp_stream(stdout_putchar,
488 armor_openpgp_stream(stdout_putchar,
492 free_packet_list(packets);
495 puts("Key not found");
497 } else if (!strcmp("reindex", argv[optind])) {
498 dbctx->starttrans(dbctx);
499 if (dbctx->fetch_key_id(dbctx, keyid, &keys, true)) {
500 get_fingerprint(keys->publickey, &fingerprint);
501 dbctx->delete_key(dbctx, &fingerprint, true);
502 cleankeys(dbctx, &keys, config.clean_policies);
503 dbctx->store_key(dbctx, keys, true, false);
505 puts("Key not found");
507 dbctx->endtrans(dbctx);
509 dbctx->cleanupdb(dbctx);