📄 clserver.c
字号:
/*____________________________________________________________________________
Copyright (C) 1998 Network Associates, Inc.
All rights reserved.
CLserver.c - handle those types of communication with keyserver
which are not handled by SDKuiLib
$Id: CLserver.c,v 1.69 1999/03/27 00:05:41 pbj Exp $
____________________________________________________________________________*/
#include "pgpPFLConfig.h"
// project header files
#include "pgpclx.h"
#include "pgpkmx.h"
#include "pgpKeyServer.h"
// constant definitions
#define MAX_AV 10
#define LEDTIMER 111L
#define LEDTIMERPERIOD 100L
#define NUMLEDS 10
#define LEDSPACING 2
#define SENDGROUPS 1
#define GETGROUPS 2
#define SENDKEY 3
#define DISABLEKEY 4
#define DELETEKEY 5
#define UPDATEREVOCATIONS 1
#define REQUESTCERTIFICATE 2
#define RETRIEVECERTIFICATE 3
// external globals
extern HINSTANCE g_hInst;
// typedefs
typedef struct {
PGPContextRef context;
PGPtlsContextRef tlsContext;
HWND hwnd;
LPTHREAD_START_ROUTINE lpThread;
BOOL bSearchInProgress;
BOOL bCancel;
BOOL bThreadFree;
INT iStatusValue;
INT iStatusDirection;
UINT uOperation;
PGPError err;
PGPKeyRef keyIn;
PGPKeySetRef keysetIn;
PGPKeySetRef keysetOut;
PGPKeySetRef keysetMain;
PGPKeyServerKeySpace space;
PGPKeyServerEntry ksentry;
PGPKeyServerRef server;
PGPGroupSetRef groupset;
PGPAttributeValue* pAVlist;
PGPUInt32 numAVs;
LPSTR pszPassPhrase;
} SERVERTHREADSTRUCT, *PSERVERTHREADSTRUCT;
// ___________________________________________________
//
// update keyserver entry info in prefs
PGPError PGPclExport
PGPclSyncKeyserverPrefs (
PGPContextRef context,
PGPKeyServerEntry* keyserver)
{
PGPKeyServerEntry* keyserverList = NULL;
PGPPrefRef prefRef;
PGPUInt32 keyserverCount;
PGPError err;
// load keyserverprefs
err = PGPclOpenClientPrefs (
PGPGetContextMemoryMgr (context),
&prefRef);
if (IsntPGPError (err)) {
err = PGPGetKeyServerPrefs (prefRef,
&keyserverList,
&keyserverCount);
if (IsntPGPError (err)) {
PGPUInt32 index;
for (index = 0; index < keyserverCount; index++) {
if (KeyServersAreEqual (keyserverList[index], *keyserver))
{
keyserverList[index].authAlg = keyserver->authAlg;
lstrcpy (keyserverList[index].authKeyIDString,
keyserver->authKeyIDString);
break;
}
}
err = PGPSetKeyServerPrefs (prefRef,
keyserverList,
keyserverCount);
}
PGPclCloseClientPrefs (prefRef, TRUE);
}
if (keyserverList)
PGPDisposePrefData (prefRef, keyserverList);
return err;
}
// ___________________________________________________
//
// event handler for keyserver functions
static PGPError
sServerEventHandler(
PGPContextRef context,
PGPEvent* pevent,
PGPUserValue userValue)
{
PSERVERTHREADSTRUCT psts = (PSERVERTHREADSTRUCT)userValue;
PGPError err = kPGPError_NoErr;
BOOL bUserCancel = FALSE;
BOOL bSecure = FALSE;
if (psts->bCancel) {
return kPGPError_UserAbort;
}
switch (pevent->type) {
case kPGPEvent_KeyServerEvent:
{
INT ids = 0;
PGPEventKeyServerData data = pevent->data.keyServerData;
PGPclSERVEREVENT serverevent;
memset(&serverevent, 0x00, sizeof(PGPclSERVEREVENT));
serverevent.nmhdr.hwndFrom = (HWND)psts->hwnd;
serverevent.nmhdr.idFrom = 0;
serverevent.nmhdr.code = PGPCL_SERVERPROGRESS;
serverevent.cancel = FALSE;
serverevent.step = PGPCL_SERVERINFINITE;
serverevent.total = PGPCL_SERVERINFINITE;
switch (data.state) {
case kPGPKeyServerState_Opening :
ids = IDS_CONNECTING; break;
case kPGPKeyServerState_Querying :
ids = IDS_QUERYING; break;
case kPGPKeyServerState_ReceivingResults :
ids = IDS_RECEIVING; break;
case kPGPKeyServerState_ProcessingResults :
ids = IDS_PROCESSING; break;
case kPGPKeyServerState_Uploading :
ids = IDS_EXCHANGING; break;
case kPGPKeyServerState_Deleting :
ids = IDS_DELETING; break;
case kPGPKeyServerState_Disabling :
ids = IDS_DISABLING; break;
case kPGPKeyServerState_Closing :
ids = IDS_CLOSING; break;
}
if (ids) {
LoadString (g_hInst, ids, serverevent.szmessage,
sizeof(serverevent.szmessage));
lstrcat (serverevent.szmessage, psts->ksentry.serverDNS);
}
SendMessage (psts->hwnd, WM_NOTIFY,
(WPARAM)(psts->hwnd), (LPARAM)&serverevent);
bUserCancel = serverevent.cancel;
break;
}
case kPGPEvent_KeyServerSignEvent:
{
PGPKeyRef keySigning = kInvalidPGPKeyRef;
PGPByte* pPasskey = NULL;
PGPSize sizePasskey;
CHAR sz[64];
if (!psts->bCancel) {
LoadString (g_hInst, IDS_PHRASEPROMPT, sz, sizeof(sz));
err = KMGetSigningKeyPhrase (
psts->context, // in context
NULL, // in tlscontext
psts->hwnd, // in hwnd of parent
sz, // in prompt
psts->keysetMain, // in keyset
FALSE, // in reject split keys
&keySigning, // in/out signing key
NULL, // out phrase
&pPasskey, // out passkey buffer
&sizePasskey); // out passkey length
if (IsntPGPError(err)) {
err = PGPAddJobOptions (pevent->job,
PGPOSignWithKey (
psts->context,
keySigning,
(pPasskey) ?
PGPOPasskeyBuffer (psts->context,
pPasskey, sizePasskey) :
PGPONullOption (psts->context),
PGPOLastOption (psts->context)),
PGPOClearSign (psts->context, TRUE),
PGPOLastOption (psts->context));
}
// burn and free passkey
if (pPasskey)
PGPFreeData (pPasskey);
}
break;
}
case kPGPEvent_KeyServerTLSEvent:
err = CLHandleTLSEvent (context, pevent, psts->hwnd,
psts->keysetMain, &psts->ksentry, &bSecure);
break;
}
if (psts->bCancel || bUserCancel) {
err = kPGPError_UserAbort;
}
return err;
}
// ___________________________________________________
//
// thread routine to handle all keyserver operations
static DWORD WINAPI
sKeyserverThreadRoutine (LPVOID lpvoid)
{
PSERVERTHREADSTRUCT psts = (PSERVERTHREADSTRUCT)lpvoid;
PGPPrefRef prefref = kPGPInvalidRef;
HWND hwndParent = psts->hwnd;
PGPError err = kPGPError_NoErr;
PGPKeyRef key = kInvalidPGPKeyRef;
PGPKeySetRef keysetFailed = kInvalidPGPKeySetRef;
PGPKeyServerAccessType ksaccess = kPGPKeyServerAccessType_Normal;
PGPclSERVEREVENT event;
BOOL bThreadFree;
PGPKeyServerThreadStorageRef previousStorage;
#if PGP_BUSINESS_SECURITY
if (PGPclIsAdminInstall ())
ksaccess = kPGPKeyServerAccessType_Administrator;
#endif // PGP_BUSINESS_SECURITY
memset (&event, 0x00, sizeof(event));
event.nmhdr.hwndFrom = hwndParent;
event.nmhdr.idFrom = 0;
event.nmhdr.code = PGPCL_SERVERPROGRESS;
event.pData = NULL;
event.cancel = FALSE;
event.step = PGPCL_SERVERINFINITE;
event.total = PGPCL_SERVERINFINITE;
err = PGPKeyServerInit ();
if (IsntPGPError (err)) {
PGPKeyServerCreateThreadStorage(&previousStorage);
// check for cases where we use root server exclusively
if ((psts->uOperation == GETGROUPS) ||
(psts->uOperation == SENDGROUPS) ||
(psts->uOperation == SENDKEY))
{
err = PGPclOpenClientPrefs (
PGPGetContextMemoryMgr (psts->context),
&prefref); CKERR;
err = PGPGetRootKeyServer (prefref, &psts->ksentry);
PGPclCloseClientPrefs (prefref, FALSE);
if (err == kPGPError_ItemNotFound)
{
PGPclMessageBox (hwndParent, IDS_CAPTION,
IDS_NOROOTSERVER, MB_OK|MB_ICONEXCLAMATION);
err = kPGPError_UserAbort;
goto done;
}
}
// send message to update status text
LoadString (g_hInst, IDS_LOOKINGFORSERVER, event.szmessage,
sizeof(event.szmessage));
lstrcat (event.szmessage, psts->ksentry.serverDNS);
SendMessage (hwndParent, WM_NOTIFY, (WPARAM)hwndParent,
(LPARAM)&event);
// we need to set keyserver access type to admin to allow
// users to delete their own keys.
if (psts->uOperation == DELETEKEY)
ksaccess = kPGPKeyServerAccessType_Administrator;
err = PGPNewKeyServerFromHostName (psts->context,
psts->ksentry.serverDNS,
psts->ksentry.serverPort,
psts->ksentry.protocol,
ksaccess,
psts->space,
&psts->server);
if (IsntPGPError (err)) {
PGPtlsSessionRef tls = kInvalidPGPtlsSessionRef;
PGPSetKeyServerEventHandler (psts->server,
sServerEventHandler, psts);
if ((psts->ksentry.protocol ==
kPGPKeyServerType_LDAPS) ||
(psts->ksentry.protocol ==
kPGPKeyServerType_HTTPS))
{
err = PGPNewTLSSession (psts->tlsContext, &tls);
if (IsPGPError (err)) {
// warn beyond the icon?
tls = kInvalidPGPtlsSessionRef;
}
}
// if disabling or deleting using TLS, then get local key
if (((psts->uOperation == DISABLEKEY) ||
(psts->uOperation == DELETEKEY) ||
(psts->uOperation == SENDGROUPS)) &&
PGPtlsSessionRefIsValid (tls))
{
PGPKeyRef keyAuth = kInvalidPGPKeyRef;
PGPByte* pPasskey = NULL;
LPSTR pszPhrase = NULL;
PGPSize sizePasskey;
CHAR sz[64];
LoadString (g_hInst, IDS_PHRASEPROMPT, sz, sizeof(sz));
err = KMGetSigningKeyPhrase (
psts->context, // in context
NULL, // in tlscontext
psts->hwnd, // in hwnd of parent
sz, // in prompt
psts->keysetMain, // in keyset
FALSE, // in reject split keys
&keyAuth, // in/out signing key
&pszPhrase, // out phrase
&pPasskey, // out passkey buffer
&sizePasskey); // out passkey length
if (IsntPGPError (err)) {
if (pszPhrase)
err = PGPtlsSetLocalPrivateKey (tls, keyAuth,
kInvalidPGPSigRef, kInvalidPGPKeySetRef,
PGPOPassphrase (psts->context, pszPhrase),
PGPOLastOption (psts->context));
else
err = PGPtlsSetLocalPrivateKey (tls, keyAuth,
kInvalidPGPSigRef, kInvalidPGPKeySetRef,
(pPasskey) ?
PGPOPasskeyBuffer (psts->context,
pPasskey, sizePasskey) :
PGPONullOption (psts->context),
PGPOLastOption (psts->context));
}
// burn and free phrase
if (IsntNull (pszPhrase))
PGPclFreePhrase (pszPhrase);
if (pPasskey)
PGPFreeData (pPasskey);
}
// perform the keyserver operation
if (IsntPGPError (err)) {
err = PGPKeyServerOpen (psts->server, tls);
if (IsntPGPError (err)) {
switch (psts->uOperation) {
case GETGROUPS :
err = PGPRetrieveGroupsFromServer (psts->server,
&psts->groupset);
break;
case SENDGROUPS :
err = PGPSendGroupsToServer (psts->server,
psts->groupset);
break;
case SENDKEY :
err = PGPUploadToKeyServer (psts->server,
psts->keysetIn,
&keysetFailed);
if (PGPKeySetRefIsValid (keysetFailed))
PGPFreeKeySet (keysetFailed);
break;
case DISABLEKEY :
err = PGPDisableFromKeyServer (psts->server,
psts->keysetIn,
&keysetFailed);
if (PGPKeySetRefIsValid (keysetFailed))
PGPFreeKeySet (keysetFailed);
break;
case DELETEKEY :
err = PGPDeleteFromKeyServer (psts->server,
psts->keysetIn,
&keysetFailed);
if (PGPKeySetRefIsValid (keysetFailed))
PGPFreeKeySet (keysetFailed);
break;
}
PGPKeyServerClose (psts->server);
}
}
PGPFreeKeyServer (psts->server);
psts->server = kInvalidPGPKeyServerRef;
if (PGPtlsSessionRefIsValid (tls))
PGPFreeTLSSession (tls);
}
PGPKeyServerDisposeThreadStorage(previousStorage);
PGPKeyServerCleanup ();
}
done :
// let window know that we're done
psts->err = err;
event.szmessage[0] = '\0';
if (err == kPGPError_UserAbort) {
event.nmhdr.code = PGPCL_SERVERABORT;
LoadString (g_hInst, IDS_SERVERABORT, event.szmessage,
sizeof(event.szmessage));
lstrcat (event.szmessage, psts->ksentry.serverDNS);
}
else if (IsPGPError (err)) {
event.nmhdr.code = PGPCL_SERVERERROR;
LoadString (g_hInst, IDS_SERVERERROR, event.szmessage,
sizeof(event.szmessage));
lstrcat (event.szmessage, psts->ksentry.serverDNS);
}
else {
event.nmhdr.code = PGPCL_SERVERDONE;
LoadString (g_hInst, IDS_SERVEROK, event.szmessage,
sizeof(event.szmessage));
lstrcat (event.szmessage, psts->ksentry.serverDNS);
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -