Remove support for preferred keyserver.

das-labor · Dec 14, 2017 · 44c468d · 44c468d
1 parent 7735b1f
commit 44c468d
Show file tree

Hide file tree

Showing 13 changed files with 14 additions and 399 deletions.
diff --git a/docs/openpgp.md b/docs/openpgp.md
@@ -21,6 +21,20 @@ level.
 
 4.3. Packet Tags
 
+5.2.3.18. Preferred Key Server
+
+* Preferred Key Server Packets MUST not be generatd.
+* Preferred Key Server Packets MUST be ignored.
+
+NOTE: Preferred key servers have not seen wide adoption, and they can
+be used to violate the privacy of the recipient.  The standard allows
+to set multiple preferred key servers on multiple user ids, which is
+ambiguous.  The meaning of the URI in the field is left open to
+interpretation.  Thus, existing preferred key servers in signature and
+in user id signatures must be ignored and new ones must not be
+generated.
+
+
 5.7. Symmetrically Encrypted Data Packet
 
 * Symmetrically Encrypted Data Packets MUST not be generated.

diff --git a/legacy/gnupg/g10/build-packet.cpp b/legacy/gnupg/g10/build-packet.cpp
@@ -821,10 +821,6 @@ void build_sig_subpkt(PKT_signature *sig, sigsubpkttype_t type,
       sig->flags.policy_url = 1;
       break;
 
-    case SIGSUBPKT_PREF_KS:
-      sig->flags.pref_ks = 1;
-      break;
-
     case SIGSUBPKT_EXPORTABLE:
       if (buffer[0])
         sig->flags.exportable = 1;

diff --git a/legacy/gnupg/g10/call-dirmngr.cpp b/legacy/gnupg/g10/call-dirmngr.cpp
@@ -131,22 +131,6 @@ static gpg_error_t create_context(ctrl_t ctrl, assuan_context_t *r_ctx) {
     }
   }
 
-  if (err)
-    ;
-  else if ((opt.keyserver_options.options & KEYSERVER_HONOR_KEYSERVER_URL)) {
-    /* Tell the dirmngr that this possibly privacy invading
-       option is in use.  If Dirmngr is running in Tor mode, it
-       will return an error.  */
-    err = assuan_transact(ctx, "OPTION honor-keyserver-url-used", NULL, NULL,
-                          NULL, NULL, NULL, NULL);
-    if (err == GPG_ERR_FORBIDDEN)
-      log_error(
-          _("keyserver option \"honor-keyserver-url\""
-            " may not be used in Tor mode\n"));
-    else if (err == GPG_ERR_UNKNOWN_OPTION)
-      err = 0; /* Old dirmngr versions do not support this option.  */
-  }
-
   if (err)
     assuan_release(ctx);
   else {

diff --git a/legacy/gnupg/g10/keyedit.cpp b/legacy/gnupg/g10/keyedit.cpp
@@ -72,8 +72,6 @@ static int menu_changeusage(ctrl_t ctrl, kbnode_t keyblock);
 static int menu_backsign(ctrl_t ctrl, kbnode_t pub_keyblock);
 static int menu_set_primary_uid(ctrl_t ctrl, kbnode_t pub_keyblock);
 static int menu_set_preferences(ctrl_t ctrl, kbnode_t pub_keyblock);
-static int menu_set_keyserver_url(ctrl_t ctrl, const char *url,
-                                  kbnode_t pub_keyblock);
 static int menu_set_notation(ctrl_t ctrl, const char *string,
                              kbnode_t pub_keyblock);
 static int menu_select_uid(KBNODE keyblock, int idx);
@@ -249,10 +247,6 @@ int keyedit_print_one_sig(ctrl_t ctrl, int rc, kbnode_t keyblock, kbnode_t node,
           ((opt.list_options & LIST_SHOW_STD_NOTATIONS) ? 1 : 0) +
               ((opt.list_options & LIST_SHOW_USER_NOTATIONS) ? 2 : 0));
 
-    if (sig->flags.pref_ks &&
-        ((opt.list_options & LIST_SHOW_KEYSERVER_URLS) || extended))
-      show_keyserver_url(sig, 3, -1);
-
     if (extended) {
       PKT_public_key *pk = keyblock->pkt->pkt.public_key;
       const unsigned char *s;
@@ -1078,7 +1072,6 @@ enum cmdids {
 #endif /*!NO_TRUST_MODELS*/
   cmdSHOWPREF,
   cmdSETPREF,
-  cmdPREFKS,
   cmdNOTATION,
   cmdINVCMD,
   cmdUPDTRUST,
@@ -1153,8 +1146,6 @@ static struct {
     {"setpref", cmdSETPREF, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
      N_("set preference list for the selected user IDs")},
     {"updpref", cmdSETPREF, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
-    {"keyserver", cmdPREFKS, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
-     N_("set the preferred keyserver URL for the selected user IDs")},
     {"notation", cmdNOTATION, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
      N_("set a notation for the selected user IDs")},
     {"passwd", cmdPASSWD, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
@@ -1804,15 +1795,6 @@ void keyedit_menu(
         }
       } break;
 
-      case cmdPREFKS:
-        if (menu_set_keyserver_url(ctrl, *arg_string ? arg_string : NULL,
-                                   keyblock)) {
-          merge_keys_and_selfsig(ctrl, keyblock);
-          modified = 1;
-          redisplay = 1;
-        }
-        break;
-
       case cmdNOTATION:
         if (menu_set_notation(ctrl, *arg_string ? arg_string : NULL,
                               keyblock)) {
@@ -2607,18 +2589,6 @@ static void show_prefs(PKT_user_id *uid, PKT_signature *selfsig, int verbose) {
     tty_printf("\n");
 
     if (selfsig) {
-      const byte *pref_ks;
-      size_t pref_ks_len;
-
-      pref_ks =
-          parse_sig_subpkt(selfsig->hashed, SIGSUBPKT_PREF_KS, &pref_ks_len);
-      if (pref_ks && pref_ks_len) {
-        tty_printf("     ");
-        tty_printf(_("Preferred keyserver: "));
-        tty_print_utf8_string(pref_ks, pref_ks_len);
-        tty_printf("\n");
-      }
-
       if (selfsig->flags.notation) {
         tty_printf("     ");
         tty_printf(_("Notations: "));
@@ -4065,121 +4035,6 @@ static int menu_set_preferences(ctrl_t ctrl, kbnode_t pub_keyblock) {
   return modified;
 }
 
-static int menu_set_keyserver_url(ctrl_t ctrl, const char *url,
-                                  kbnode_t pub_keyblock) {
-  PKT_public_key *main_pk;
-  PKT_user_id *uid;
-  KBNODE node;
-  u32 keyid[2];
-  int selected, select_all;
-  int modified = 0;
-  char *answer, *uri;
-
-  no_primary_warning(pub_keyblock);
-
-  if (url)
-    answer = xstrdup(url);
-  else {
-    answer = cpr_get_utf8("keyedit.add_keyserver",
-                          _("Enter your preferred keyserver URL: "));
-    if (answer[0] == '\0' || answer[0] == CONTROL_D) {
-      xfree(answer);
-      return 0;
-    }
-  }
-
-  if (ascii_strcasecmp(answer, "none") == 0)
-    uri = NULL;
-  else {
-    struct keyserver_spec *keyserver = NULL;
-    /* Sanity check the format */
-    keyserver = parse_keyserver_uri(answer, 1);
-    xfree(answer);
-    if (!keyserver) {
-      log_info(_("could not parse keyserver URL\n"));
-      return 0;
-    }
-    uri = xstrdup(keyserver->uri);
-    free_keyserver_spec(keyserver);
-  }
-
-  select_all = !count_selected_uids(pub_keyblock);
-
-  /* Now we can actually change the self signature(s) */
-  main_pk = NULL;
-  uid = NULL;
-  selected = 0;
-  for (node = pub_keyblock; node; node = node->next) {
-    if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) break; /* ready */
-
-    if (node->pkt->pkttype == PKT_PUBLIC_KEY) {
-      main_pk = node->pkt->pkt.public_key;
-      keyid_from_pk(main_pk, keyid);
-    } else if (node->pkt->pkttype == PKT_USER_ID) {
-      uid = node->pkt->pkt.user_id;
-      selected = select_all || (node->flag & NODFLG_SELUID);
-    } else if (main_pk && uid && selected &&
-               node->pkt->pkttype == PKT_SIGNATURE) {
-      PKT_signature *sig = node->pkt->pkt.signature;
-      if (keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] &&
-          (uid && (sig->sig_class & ~3) == 0x10) && sig->flags.chosen_selfsig) {
-        std::string user = utf8_to_native(uid->name, strlen(uid->name), 0);
-        if (sig->version < 4)
-          log_info(_("skipping v3 self-signature on user ID \"%s\"\n"),
-                   user.c_str());
-        else {
-          /* This is a selfsignature which is to be replaced
-           * We have to ignore v3 signatures because they are
-           * not able to carry the subpacket. */
-          PKT_signature *newsig;
-          PACKET *newpkt;
-          int rc;
-          const byte *p;
-          size_t plen;
-
-          p = parse_sig_subpkt(sig->hashed, SIGSUBPKT_PREF_KS, &plen);
-          if (p && plen) {
-            tty_printf(
-                "Current preferred keyserver for user"
-                " ID \"%s\": ",
-                user.c_str());
-            tty_print_utf8_string(p, plen);
-            tty_printf("\n");
-            if (!cpr_get_answer_is_yes(
-                    "keyedit.confirm_keyserver",
-                    uri ? _("Are you sure you want to replace it? (y/N) ")
-                        : _("Are you sure you want to delete it? (y/N) ")))
-              continue;
-          } else if (uri == NULL) {
-            /* There is no current keyserver URL, so there
-               is no point in trying to un-set it. */
-            continue;
-          }
-
-          rc = update_keysig_packet(ctrl, &newsig, sig, main_pk, uid, NULL,
-                                    main_pk, keygen_add_keyserver_url, uri);
-          if (rc) {
-            log_error("update_keysig_packet failed: %s\n", gpg_strerror(rc));
-            xfree(uri);
-            return 0;
-          }
-          /* replace the packet */
-          newpkt = (PACKET *)xmalloc_clear(sizeof *newpkt);
-          newpkt->pkttype = PKT_SIGNATURE;
-          newpkt->pkt.signature = newsig;
-          free_packet(node->pkt, NULL);
-          xfree(node->pkt);
-          node->pkt = newpkt;
-          modified = 1;
-        }
-      }
-    }
-  }
-
-  xfree(uri);
-  return modified;
-}
-
 static int menu_set_notation(ctrl_t ctrl, const char *string,
                              KBNODE pub_keyblock) {
   PKT_public_key *main_pk;

diff --git a/legacy/gnupg/g10/keygen.cpp b/legacy/gnupg/g10/keygen.cpp
@@ -86,7 +86,6 @@ enum para_name {
   pSERIALNO,
   pCARDBACKUPKEY,
   pHANDLE,
-  pKEYSERVER,
   pKEYGRIP
 };
 
@@ -574,7 +573,6 @@ int keygen_upd_std_prefs(PKT_signature *sig, void *opaque) {
   /* Make sure that the MDC feature flag is set if needed.  */
   add_feature_mdc(sig, mdc_available);
   add_keyserver_modify(sig, ks_modify);
-  keygen_add_keyserver_url(sig, NULL);
 
   return 0;
 }
@@ -589,20 +587,6 @@ int keygen_add_std_prefs(PKT_signature *sig, void *opaque) {
   do_add_key_flags(sig, pk->pubkey_usage);
   keygen_add_key_expire(sig, opaque);
   keygen_upd_std_prefs(sig, opaque);
-  keygen_add_keyserver_url(sig, NULL);
-
-  return 0;
-}
-
-int keygen_add_keyserver_url(PKT_signature *sig, void *opaque) {
-  const char *url = (const char *)opaque;
-
-  if (!url && opt.def_keyserver_url) url = opt.def_keyserver_url->c_str();
-
-  if (url)
-    build_sig_subpkt(sig, SIGSUBPKT_PREF_KS, (const byte *)(url), strlen(url));
-  else
-    delete_sig_subpkt(sig->hashed, SIGSUBPKT_PREF_KS);
 
   return 0;
 }
@@ -2963,22 +2947,6 @@ static int proc_parameter_file(ctrl_t ctrl, struct para_data_s *para,
   /* Set preferences, if any. */
   keygen_set_std_prefs(get_parameter_value(para, pPREFERENCES), 0);
 
-  /* Set keyserver, if any. */
-  s1 = get_parameter_value(para, pKEYSERVER);
-  if (s1) {
-    struct keyserver_spec *spec;
-
-    spec = parse_keyserver_uri(s1, 1);
-    if (spec) {
-      free_keyserver_spec(spec);
-      opt.def_keyserver_url = s1;
-    } else {
-      r = get_parameter(para, pKEYSERVER);
-      log_error("%s:%d: invalid keyserver url\n", fname, r->lnr);
-      return -1;
-    }
-  }
-
   /* Set revoker, if any. */
   if (parse_revocation_key(fname, para, pREVOKER)) return -1;
 
@@ -3045,7 +3013,6 @@ static void read_parameter_file(ctrl_t ctrl, const char *fname) {
                   {"Preferences", (para_name)pPREFERENCES},
                   {"Revoker", (para_name)pREVOKER},
                   {"Handle", (para_name)pHANDLE},
-                  {"Keyserver", (para_name)pKEYSERVER},
                   {"Keygrip", (para_name)pKEYGRIP},
                   {NULL, (para_name)0}};
   IOBUF fp;

diff --git a/legacy/gnupg/g10/keylist.cpp b/legacy/gnupg/g10/keylist.cpp
@@ -285,42 +285,6 @@ void show_policy_url(PKT_signature *sig, int indent, int mode) {
   }
 }
 
-/* Print a keyserver URL.  Allowed values for MODE are:
- *  -1 - print to the TTY
- *   0 - print to stdout.
- *   1 - use log_info and emit status messages.
- *   2 - emit only status messages.
- */
-void show_keyserver_url(PKT_signature *sig, int indent, int mode) {
-  const byte *p;
-  size_t len;
-  int seq = 0, crit;
-  estream_t fp = mode < 0 ? NULL : mode ? log_get_stream() : es_stdout;
-
-  while ((
-      p = enum_sig_subpkt(sig->hashed, SIGSUBPKT_PREF_KS, &len, &seq, &crit))) {
-    if (mode != 2) {
-      const char *str;
-
-      tty_fprintf(fp, "%*s", indent, "");
-
-      if (crit)
-        str = _("Critical preferred keyserver: ");
-      else
-        str = _("Preferred keyserver: ");
-      if (mode > 0)
-        log_info("%s", str);
-      else
-        tty_fprintf(fp, "%s", str);
-      tty_print_utf8_string2(fp, p, len, 0);
-      tty_fprintf(fp, "\n");
-    }
-
-    if (mode > 0)
-      status_one_subpacket(SIGSUBPKT_PREF_KS, len, (crit ? 0x02 : 0) | 0x01, p);
-  }
-}
-
 /* Print notation data.  Allowed values for MODE are:
  *  -1 - print to the TTY
  *   0 - print to stdout.
@@ -921,9 +885,6 @@ static void list_keyblock_print(ctrl_t ctrl, kbnode_t keyblock, int secret,
             ((opt.list_options & LIST_SHOW_STD_NOTATIONS) ? 1 : 0) +
                 ((opt.list_options & LIST_SHOW_USER_NOTATIONS) ? 2 : 0));
 
-      if (sig->flags.pref_ks && (opt.list_options & LIST_SHOW_KEYSERVER_URLS))
-        show_keyserver_url(sig, 3, 0);
-
       /* fixme: check or list other sigs here */
     }
   }