Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/netpgp/dist/src/hkpd various changes to ...
details: https://anonhg.NetBSD.org/src/rev/7dfa1ee5a2b7
branches: trunk
changeset: 753110:7dfa1ee5a2b7
user: agc <agc%NetBSD.org@localhost>
date: Tue Mar 16 00:22:52 2010 +0000
description:
various changes to the hkpd server
+ add a man page for hkpd(8)
+ add support for ipv6 as well as ipv4. individual families can be specified
on the command line using the -f argument. default to inet4 and inet6.
+ rationalise the process of getting a socket and binding to it for hkpd.
diffstat:
crypto/external/bsd/netpgp/dist/src/hkpd/Makefile | 4 +-
crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.8 | 120 ++++++++++++++++++++++
crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.c | 114 ++++++++++++--------
crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.h | 9 +-
crypto/external/bsd/netpgp/dist/src/hkpd/main.c | 30 +++-
5 files changed, 216 insertions(+), 61 deletions(-)
diffs (truncated from 391 to 300 lines):
diff -r 87c49b06807e -r 7dfa1ee5a2b7 crypto/external/bsd/netpgp/dist/src/hkpd/Makefile
--- a/crypto/external/bsd/netpgp/dist/src/hkpd/Makefile Mon Mar 15 23:21:08 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/hkpd/Makefile Tue Mar 16 00:22:52 2010 +0000
@@ -1,11 +1,11 @@
-# $NetBSD: Makefile,v 1.1 2010/03/01 07:41:56 agc Exp $
+# $NetBSD: Makefile,v 1.2 2010/03/16 00:22:52 agc Exp $
PROG=hkpd
SRCS=hkpd.c main.c
CPPFLAGS+=-g # -DHAVE_CONFIG_H=1
LDFLAGS+=-g
LDADD+= -lnetpgp
-MKMAN=no
+MAN=hkpd.8
WARNS=0 # anything over 0 will fail at the link stage with IDEA errors
.include <bsd.prog.mk>
diff -r 87c49b06807e -r 7dfa1ee5a2b7 crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.8
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.8 Tue Mar 16 00:22:52 2010 +0000
@@ -0,0 +1,120 @@
+.\" $NetBSD: hkpd.8,v 1.1 2010/03/16 00:22:52 agc Exp $
+.\"
+.\" Copyright (c) 2009,2010 The NetBSD Foundation, Inc.
+.\" All rights reserved.
+.\"
+.\" This manual page is derived from software contributed to
+.\" The NetBSD Foundation by Alistair Crooks (agc%NetBSD.org@localhost).
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd March 15, 2010
+.Dt HKPD 8
+.Os
+.Sh NAME
+.Nm hkpd
+.Nd HTTP key protocol daemon
+.Sh SYNOPSIS
+.Nm
+.Op Fl DV
+.Op Fl H homedir
+.Op Fl f families
+.Op Fl h hostname
+.Op Fl p port
+.Op Fl v filename
+.Sh DESCRIPTION
+The
+.Nm
+daemon is used to provide public key information on
+a socket to client programs.
+The client can request the information in two separate ways,
+.Dq human
+and
+.Dq machine readable .
+.Pp
+The following options can be used to modify the behaviour
+of the daemon:
+.Bl -tag -width Ar
+.It Fl D
+do not detach the daemon from the controlling tty, and keep
+the
+.Nm
+process running in the foreground.
+.It Fl H Ar homedir
+use the setting of
+.Dv homedir
+as the directory for the public key keyrings.
+.It Fl V
+display the version number of the daemon and exit.
+.It Fl f Ar protocol-families
+allows the address families for sockets to be selected.
+The argument is the string concatenating the families,
+with
+.Dq 4
+representing
+.Dv INET4 ,
+and
+.Dq 6
+representing
+.Dv INET6 .
+The default value for this parameter is
+.Dq 46
+which means that both INET4 and INET6 protocol
+families are used when setting up the sockets.
+.It Fl h Ar hostname
+set the hostname (for use in binding sockets).
+.It Fl p Ar port
+set the port number (for use in binding sockets).
+The default port number is
+the
+.Dq hkp
+service, defined as port
+.Dv 11371 .
+.It Fl v Ar filename
+produce extra debugging output from the internal
+file named
+.Dv filename .
+.El
+.Pp
+The
+.Nm
+daemon is built on
+.Xr libnetpgp 3
+and returns public key information as held in the
+public keyring of the user running the
+.Nm
+daemon utility by default.
+.Sh RETURN VALUES
+In normal operation, the
+.Nm
+daemon will not return.
+.Sh SEE ALSO
+.Xr netpgpkeys 1 ,
+.Xr ssh 1 ,
+.Xr libnetpgp 3
+.Sh HISTORY
+The
+.Nm
+command first appeared in
+.Nx 6.0 .
+.Sh AUTHOR
+.An Alistair Crooks Aq agc%NetBSD.org@localhost .
diff -r 87c49b06807e -r 7dfa1ee5a2b7 crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.c
--- a/crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.c Mon Mar 15 23:21:08 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.c Tue Mar 16 00:22:52 2010 +0000
@@ -32,6 +32,7 @@
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/param.h>
+#include <sys/select.h>
#include <netinet/in.h>
@@ -121,54 +122,15 @@
return 1;
}
-/**************************************************************************/
-
-/* bind the socket to the server */
-int
-hkpd_sock_bind(int sock, const char *hostname, const int port)
-{
- struct addrinfo hints;
- struct addrinfo *res;
- char portstr[32];
- int rc = 0;
-
- (void) memset(&hints, 0, sizeof(hints));
- hints.ai_family = PF_INET;
- hints.ai_socktype = SOCK_STREAM;
- (void) snprintf(portstr, sizeof(portstr), "%d", port);
- /* Attempt connection */
-#ifdef AI_NUMERICSERV
- hints.ai_flags = AI_NUMERICSERV;
-#endif
- if ((rc = getaddrinfo(hostname, portstr, &hints, &res)) != 0) {
- hints.ai_flags = 0;
- if ((rc = getaddrinfo(hostname, "hkp", &hints, &res)) != 0) {
- (void) fprintf(stderr, "getaddrinfo: %s",
- gai_strerror(rc));
- return -1;
- }
- }
- if ((rc = bind(sock, res->ai_addr, res->ai_addrlen)) < 0) {
- (void) fprintf(stderr, "bind failed %d\n", errno);
- freeaddrinfo(res);
- return -1;
- }
- freeaddrinfo(res);
- if (rc < 0) {
- (void) fprintf(stderr, "bind() to %s:%d failed (rc %d)\n",
- hostname, port, rc);
- }
- return rc;
-}
-
/* get a socket (we'll bind it later) */
-int
-hkpd_sock_get(void)
+static int
+hkpd_sock_get(const int fam)
{
int sock;
int on = 1;
- if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
+ sock = socket((fam == 4) ? AF_INET : AF_INET6, SOCK_STREAM, 0);
+ if (sock < 0) {
(void) fprintf(stderr,"hkpd_sock_get: can't get a socket\n");
return -1;
}
@@ -187,9 +149,55 @@
return sock;
}
+/**************************************************************************/
+
+/* get a socket and bind it to the server */
+int
+hkpd_sock_bind(const char *hostname, const int port, const int fam)
+{
+ struct addrinfo hints;
+ struct addrinfo *res;
+ char portstr[32];
+ int sock;
+ int rc = 0;
+
+ (void) memset(&hints, 0, sizeof(hints));
+ hints.ai_family = (fam == 4) ? PF_INET : PF_INET6;
+ hints.ai_socktype = SOCK_STREAM;
+ (void) snprintf(portstr, sizeof(portstr), "%d", port);
+ /* Attempt connection */
+#ifdef AI_NUMERICSERV
+ hints.ai_flags = AI_NUMERICSERV;
+#endif
+ if ((rc = getaddrinfo(hostname, portstr, &hints, &res)) != 0) {
+ hints.ai_flags = 0;
+ if ((rc = getaddrinfo(hostname, "hkp", &hints, &res)) != 0) {
+ (void) fprintf(stderr, "getaddrinfo: %s",
+ gai_strerror(rc));
+ return -1;
+ }
+ }
+ if ((sock = hkpd_sock_get(fam)) < 0) {
+ (void) fprintf(stderr, "hkpd_sock_get failed %d\n", errno);
+ freeaddrinfo(res);
+ return -1;
+ }
+ if ((rc = bind(sock, res->ai_addr, res->ai_addrlen)) < 0) {
+ (void) fprintf(stderr, "bind failed %d\n", errno);
+ freeaddrinfo(res);
+ return -1;
+ }
+ freeaddrinfo(res);
+ if (rc < 0) {
+ (void) fprintf(stderr, "bind() to %s:%d failed (rc %d)\n",
+ hostname, port, rc);
+ }
+ return sock;
+}
+
/* netpgp key daemon - does not return */
int
-hkpd(netpgp_t *netpgp, int sock)
+hkpd(netpgp_t *netpgp, int sock4, int sock6)
{
struct sockaddr_in from;
regmatch_t searchmatches[10];
@@ -200,10 +208,12 @@
regex_t searchterm;
regex_t opterm;
regex_t get;
+ fd_set sockets;
char search[BUFSIZ];
char buf[BUFSIZ];
char *cp;
int newsock;
+ int sock;
int code;
int mr;
int ok;
@@ -220,8 +230,22 @@
(void) regcomp(&opterm, OPTERM, REG_EXTENDED);
(void) regcomp(&searchterm, SEARCHTERM, REG_EXTENDED);
(void) regcomp(&machreadterm, MACHREAD, REG_EXTENDED);
- listen(sock, 32);
+ listen(sock4, 32);
+ listen(sock6, 32);
for (;;) {
+ /* find out which socket we have data on */
+ FD_ZERO(&sockets);
+ if (sock4 >= 0) {
+ FD_SET(sock4, &sockets);
+ }
+ if (sock6 >= 0) {
+ FD_SET(sock6, &sockets);
+ }
+ if (select(32, &sockets, NULL, NULL, NULL) < 0) {
+ (void) fprintf(stderr, "bad select call\n");
+ continue;
Home |
Main Index |
Thread Index |
Old Index