2018-08-16 18:35:19 +00:00
|
|
|
use rocket;
|
2019-02-07 19:58:31 +00:00
|
|
|
use rocket::fairing::AdHoc;
|
2019-03-07 08:54:55 +00:00
|
|
|
use rocket::http::Header;
|
2018-09-19 20:24:38 +00:00
|
|
|
use rocket::response::status::Custom;
|
2019-02-22 15:25:06 +00:00
|
|
|
use rocket::response::NamedFile;
|
2018-12-25 19:06:28 +00:00
|
|
|
use rocket_contrib::templates::Template;
|
2019-03-05 10:07:59 +00:00
|
|
|
use rocket::request::Form;
|
2019-01-10 13:45:11 +00:00
|
|
|
|
2019-02-22 15:25:06 +00:00
|
|
|
use serde::Serialize;
|
2019-01-10 13:45:11 +00:00
|
|
|
use handlebars::Handlebars;
|
2019-02-22 15:25:06 +00:00
|
|
|
|
2019-03-06 15:19:33 +00:00
|
|
|
use std::path::PathBuf;
|
2018-08-16 18:35:19 +00:00
|
|
|
|
|
|
|
mod upload;
|
2019-03-04 15:43:10 +00:00
|
|
|
use mail;
|
2018-08-16 18:35:19 +00:00
|
|
|
|
2019-03-01 08:55:50 +00:00
|
|
|
use database::{Database, Polymorphic, Query};
|
2019-03-05 16:30:56 +00:00
|
|
|
use database::types::{Email, Fingerprint, KeyID};
|
2019-02-22 20:29:53 +00:00
|
|
|
use Result;
|
2018-09-19 20:24:38 +00:00
|
|
|
use Opt;
|
|
|
|
|
|
|
|
use std::result;
|
2019-02-07 19:58:31 +00:00
|
|
|
use std::str::FromStr;
|
2018-09-19 20:24:38 +00:00
|
|
|
|
|
|
|
mod queries {
|
2019-02-22 15:25:06 +00:00
|
|
|
use std::fmt;
|
2019-03-07 08:54:55 +00:00
|
|
|
use rocket::request::{self, Request, FromRequest};
|
|
|
|
use rocket::http::Status;
|
|
|
|
use rocket::Outcome;
|
2019-03-05 16:30:56 +00:00
|
|
|
use database::types::{Email, Fingerprint, KeyID};
|
2018-09-19 20:24:38 +00:00
|
|
|
|
2018-10-24 17:45:11 +00:00
|
|
|
#[derive(Debug)]
|
|
|
|
pub enum Hkp {
|
2019-02-26 10:19:54 +00:00
|
|
|
Fingerprint { fpr: Fingerprint, index: bool, machine_readable: bool },
|
|
|
|
KeyID { keyid: KeyID, index: bool, machine_readable: bool },
|
2019-03-05 12:35:42 +00:00
|
|
|
Email { email: Email, index: bool, machine_readable: bool },
|
2019-02-22 15:25:06 +00:00
|
|
|
Invalid{ query: String, },
|
|
|
|
}
|
|
|
|
|
|
|
|
impl fmt::Display for Hkp {
|
|
|
|
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
|
|
|
|
match self {
|
2019-03-07 14:14:03 +00:00
|
|
|
Hkp::Fingerprint{ ref fpr,.. } => write!(f, "{}", fpr),
|
|
|
|
Hkp::KeyID{ ref keyid,.. } => write!(f, "{}", keyid),
|
|
|
|
Hkp::Email{ ref email,.. } => write!(f, "{}", email),
|
2019-02-22 15:25:06 +00:00
|
|
|
Hkp::Invalid{ ref query } => write!(f, "{}", query),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2019-03-07 08:54:55 +00:00
|
|
|
|
|
|
|
impl<'a, 'r> FromRequest<'a, 'r> for Hkp {
|
|
|
|
type Error = ();
|
|
|
|
|
|
|
|
fn from_request(request: &'a Request<'r>) -> request::Outcome<Hkp, ()> {
|
|
|
|
use std::str::FromStr;
|
|
|
|
use rocket::request::FormItems;
|
|
|
|
use std::collections::HashMap;
|
|
|
|
|
|
|
|
let query = request.uri().query().unwrap_or("");
|
|
|
|
let fields = FormItems::from(query)
|
|
|
|
.map(|item| {
|
|
|
|
let (k, v) = item.key_value();
|
|
|
|
|
|
|
|
let key = k.url_decode().unwrap_or_default();
|
|
|
|
let value = v.url_decode().unwrap_or_default();
|
|
|
|
(key, value)
|
|
|
|
})
|
|
|
|
.collect::<HashMap<_, _>>();
|
|
|
|
|
|
|
|
if fields.contains_key("search")
|
|
|
|
&& fields
|
|
|
|
.get("op")
|
|
|
|
.map(|x| x == "get" || x == "index")
|
|
|
|
.unwrap_or(false)
|
|
|
|
{
|
|
|
|
let index = fields.get("op").map(|x| x == "index").unwrap_or(false);
|
|
|
|
let machine_readable =
|
|
|
|
fields.get("options").map(|x| x.contains("mr"))
|
|
|
|
.unwrap_or(false);
|
|
|
|
let search = fields.get("search").cloned().unwrap_or_default();
|
|
|
|
let maybe_fpr = Fingerprint::from_str(&search);
|
|
|
|
let maybe_keyid = KeyID::from_str(&search);
|
|
|
|
|
|
|
|
if let Ok(fpr) = maybe_fpr {
|
|
|
|
Outcome::Success(Hkp::Fingerprint {
|
|
|
|
fpr: fpr,
|
|
|
|
index: index,
|
|
|
|
machine_readable: machine_readable,
|
|
|
|
})
|
|
|
|
} else if let Ok(keyid) = maybe_keyid {
|
|
|
|
Outcome::Success(Hkp::KeyID {
|
|
|
|
keyid: keyid,
|
|
|
|
index: index,
|
|
|
|
machine_readable: machine_readable,
|
|
|
|
})
|
|
|
|
} else {
|
|
|
|
match Email::from_str(&search) {
|
|
|
|
Ok(email) => {
|
|
|
|
Outcome::Success(Hkp::Email {
|
|
|
|
email: email,
|
|
|
|
index: index,
|
|
|
|
machine_readable: machine_readable,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
Err(_) => {
|
|
|
|
Outcome::Success(Hkp::Invalid{
|
|
|
|
query: search
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2019-03-07 09:00:55 +00:00
|
|
|
} else if fields.get("op").map(|x| x == "vindex"
|
|
|
|
|| x.starts_with("x-"))
|
|
|
|
.unwrap_or(false)
|
|
|
|
{
|
2019-03-07 08:54:55 +00:00
|
|
|
Outcome::Failure((Status::NotImplemented, ()))
|
|
|
|
} else {
|
|
|
|
Outcome::Failure((Status::BadRequest, ()))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2019-02-22 15:25:06 +00:00
|
|
|
}
|
|
|
|
|
2019-02-26 13:24:29 +00:00
|
|
|
use rocket::http::hyper::header::ContentDisposition;
|
|
|
|
|
2019-02-22 15:25:06 +00:00
|
|
|
#[derive(Responder)]
|
2019-03-05 15:15:03 +00:00
|
|
|
pub enum MyResponse {
|
2019-02-22 15:25:06 +00:00
|
|
|
#[response(status = 200, content_type = "html")]
|
|
|
|
Success(Template),
|
|
|
|
#[response(status = 200, content_type = "plain")]
|
|
|
|
Plain(String),
|
2019-02-26 13:24:29 +00:00
|
|
|
#[response(status = 200, content_type = "application/pgp-keys")]
|
|
|
|
Key(String, ContentDisposition),
|
2019-03-01 11:58:17 +00:00
|
|
|
#[response(status = 200, content_type = "application/pgp-keys")]
|
|
|
|
XAccelRedirect(&'static str, Header<'static>, ContentDisposition),
|
2019-02-22 15:25:06 +00:00
|
|
|
#[response(status = 500, content_type = "html")]
|
|
|
|
ServerError(Template),
|
2019-03-05 10:07:59 +00:00
|
|
|
#[response(status = 404, content_type = "html")]
|
|
|
|
NotFound(Template),
|
2019-02-22 15:25:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
impl MyResponse {
|
|
|
|
pub fn ok<S: Serialize>(tmpl: &'static str, ctx: S) -> Self {
|
|
|
|
MyResponse::Success(Template::render(tmpl, ctx))
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn plain(s: String) -> Self {
|
|
|
|
MyResponse::Plain(s)
|
|
|
|
}
|
|
|
|
|
2019-03-01 08:55:50 +00:00
|
|
|
pub fn key(armored_key: String, fp: &Fingerprint) -> Self {
|
2019-02-26 13:24:29 +00:00
|
|
|
use rocket::http::hyper::header::{ContentDisposition, DispositionType,
|
|
|
|
DispositionParam, Charset};
|
|
|
|
MyResponse::Key(
|
|
|
|
armored_key,
|
|
|
|
ContentDisposition {
|
|
|
|
disposition: DispositionType::Attachment,
|
|
|
|
parameters: vec![
|
|
|
|
DispositionParam::Filename(
|
|
|
|
Charset::Us_Ascii, None,
|
2019-03-01 08:55:50 +00:00
|
|
|
(fp.to_string() + ".asc").into_bytes()),
|
2019-02-26 13:24:29 +00:00
|
|
|
],
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2019-03-01 11:58:17 +00:00
|
|
|
pub fn x_accel_redirect(path: PathBuf, fp: &Fingerprint) -> Self {
|
|
|
|
use rocket::http::hyper::header::{ContentDisposition, DispositionType,
|
|
|
|
DispositionParam, Charset};
|
|
|
|
// The path is relative to our base directory, but we need to
|
|
|
|
// get it relative to base/public.
|
|
|
|
let mut path = path.into_os_string().into_string().expect("valid UTF8");
|
|
|
|
// Drop the first component.
|
|
|
|
assert!(path.starts_with("public/"));
|
|
|
|
path.drain(..6);
|
|
|
|
|
|
|
|
MyResponse::XAccelRedirect(
|
|
|
|
"",
|
|
|
|
Header::new("X-Accel-Redirect", path),
|
|
|
|
ContentDisposition {
|
|
|
|
disposition: DispositionType::Attachment,
|
|
|
|
parameters: vec![
|
|
|
|
DispositionParam::Filename(
|
|
|
|
Charset::Us_Ascii, None,
|
|
|
|
(fp.to_string() + ".asc").into_bytes()),
|
|
|
|
],
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2019-02-22 20:29:53 +00:00
|
|
|
pub fn ise(e: failure::Error) -> Self {
|
2019-02-22 15:25:06 +00:00
|
|
|
let ctx = templates::FiveHundred{
|
2019-02-22 20:29:53 +00:00
|
|
|
error: format!("{}", e),
|
2019-02-22 15:25:06 +00:00
|
|
|
version: env!("VERGEN_SEMVER").to_string(),
|
|
|
|
commit: env!("VERGEN_SHA_SHORT").to_string(),
|
|
|
|
};
|
|
|
|
MyResponse::ServerError(Template::render("500", ctx))
|
|
|
|
}
|
|
|
|
|
2019-03-05 10:07:59 +00:00
|
|
|
pub fn not_found<M>(tmpl: Option<&'static str>, message: M)
|
|
|
|
-> Self
|
|
|
|
where M: Into<Option<String>>,
|
2019-02-26 16:34:48 +00:00
|
|
|
{
|
2019-03-05 10:07:59 +00:00
|
|
|
MyResponse::NotFound(
|
|
|
|
Template::render(
|
|
|
|
tmpl.unwrap_or("index"),
|
|
|
|
templates::Index::new(
|
|
|
|
Some(message.into()
|
|
|
|
.unwrap_or_else(|| "Key not found".to_owned())))))
|
2018-09-19 20:24:38 +00:00
|
|
|
}
|
2018-08-16 18:35:19 +00:00
|
|
|
}
|
|
|
|
|
2018-09-19 20:24:38 +00:00
|
|
|
mod templates {
|
|
|
|
#[derive(Serialize)]
|
|
|
|
pub struct Verify {
|
|
|
|
pub verified: bool,
|
|
|
|
pub userid: String,
|
|
|
|
pub fpr: String,
|
2019-02-22 20:34:48 +00:00
|
|
|
pub domain: String,
|
2019-02-08 18:51:06 +00:00
|
|
|
pub commit: String,
|
|
|
|
pub version: String,
|
2018-09-19 20:24:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[derive(Serialize)]
|
|
|
|
pub struct Delete {
|
|
|
|
pub fpr: String,
|
2019-02-08 18:51:06 +00:00
|
|
|
pub commit: String,
|
|
|
|
pub version: String,
|
2018-09-19 20:24:38 +00:00
|
|
|
}
|
|
|
|
|
2019-02-22 15:25:06 +00:00
|
|
|
#[derive(Serialize)]
|
|
|
|
pub struct Search {
|
|
|
|
pub query: String,
|
2019-03-06 12:25:21 +00:00
|
|
|
pub gpg_options: Option<&'static str>,
|
2019-02-22 15:25:06 +00:00
|
|
|
pub fpr: Option<String>,
|
2019-02-22 19:52:40 +00:00
|
|
|
pub domain: Option<String>,
|
2019-02-22 15:25:06 +00:00
|
|
|
pub commit: String,
|
|
|
|
pub version: String,
|
|
|
|
}
|
|
|
|
|
2018-09-19 20:24:38 +00:00
|
|
|
#[derive(Serialize)]
|
|
|
|
pub struct Confirm {
|
|
|
|
pub deleted: bool,
|
2019-02-08 18:51:06 +00:00
|
|
|
pub commit: String,
|
|
|
|
pub version: String,
|
2018-09-19 20:24:38 +00:00
|
|
|
}
|
2019-02-08 19:09:53 +00:00
|
|
|
|
|
|
|
#[derive(Serialize)]
|
2019-02-22 15:25:06 +00:00
|
|
|
pub struct FiveHundred {
|
|
|
|
pub error: String,
|
|
|
|
pub commit: String,
|
|
|
|
pub version: String,
|
|
|
|
}
|
|
|
|
|
2019-02-22 22:29:54 +00:00
|
|
|
#[derive(Serialize)]
|
|
|
|
pub struct Index {
|
|
|
|
pub error: Option<String>,
|
|
|
|
pub commit: String,
|
|
|
|
pub version: String,
|
|
|
|
}
|
2019-03-05 10:07:59 +00:00
|
|
|
|
|
|
|
impl Index {
|
|
|
|
pub fn new(error: Option<String>) -> Self {
|
|
|
|
Self {
|
|
|
|
error: error,
|
|
|
|
version: env!("VERGEN_SEMVER").to_string(),
|
|
|
|
commit: env!("VERGEN_SHA_SHORT").to_string(),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-02-22 15:25:06 +00:00
|
|
|
#[derive(Serialize)]
|
|
|
|
pub struct General {
|
2019-02-08 19:09:53 +00:00
|
|
|
pub commit: String,
|
|
|
|
pub version: String,
|
|
|
|
}
|
2019-03-05 10:11:23 +00:00
|
|
|
|
|
|
|
impl Default for General {
|
|
|
|
fn default() -> Self {
|
|
|
|
General {
|
|
|
|
version: env!("VERGEN_SEMVER").to_string(),
|
|
|
|
commit: env!("VERGEN_SHA_SHORT").to_string(),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2018-08-16 18:35:19 +00:00
|
|
|
}
|
|
|
|
|
2019-03-06 12:11:49 +00:00
|
|
|
pub struct State {
|
|
|
|
/// The base directory.
|
|
|
|
state_dir: PathBuf,
|
|
|
|
|
|
|
|
/// The public directory.
|
|
|
|
///
|
|
|
|
/// This is what nginx serves.
|
|
|
|
public_dir: PathBuf,
|
|
|
|
|
|
|
|
/// XXX
|
|
|
|
domain: String,
|
|
|
|
|
|
|
|
/// Controls the use of NGINX'es XAccelRedirect feature.
|
|
|
|
x_accel_redirect: bool,
|
|
|
|
}
|
2018-10-18 14:26:25 +00:00
|
|
|
|
2019-03-06 12:11:49 +00:00
|
|
|
fn key_to_response<'a>(state: rocket::State<State>,
|
|
|
|
db: rocket::State<Polymorphic>,
|
|
|
|
query_string: String,
|
2019-03-01 08:55:50 +00:00
|
|
|
query: Query,
|
2019-03-06 12:11:49 +00:00
|
|
|
machine_readable: bool)
|
2019-03-01 11:58:17 +00:00
|
|
|
-> MyResponse {
|
2019-03-01 08:55:50 +00:00
|
|
|
let fp = if let Some(fp) = db.lookup_primary_fingerprint(&query) {
|
|
|
|
fp
|
|
|
|
} else {
|
|
|
|
return MyResponse::not_found(None, None);
|
2019-02-22 15:25:06 +00:00
|
|
|
};
|
2019-02-26 13:24:29 +00:00
|
|
|
|
|
|
|
if machine_readable {
|
2019-03-06 12:11:49 +00:00
|
|
|
if state.x_accel_redirect {
|
2019-03-01 11:58:17 +00:00
|
|
|
if let Some(path) = db.lookup_path(&query) {
|
|
|
|
return MyResponse::x_accel_redirect(path, &fp);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-03-01 08:55:50 +00:00
|
|
|
return match db.by_fpr(&fp) {
|
|
|
|
Some(armored) => MyResponse::key(armored, &fp.into()),
|
|
|
|
None => MyResponse::not_found(None, None),
|
|
|
|
}
|
2019-02-26 13:24:29 +00:00
|
|
|
}
|
|
|
|
|
2019-03-06 12:25:21 +00:00
|
|
|
let has_uids = match key_has_uids(&state, &db, &query) {
|
|
|
|
Ok(x) => x,
|
|
|
|
Err(e) => return MyResponse::ise(e),
|
|
|
|
};
|
|
|
|
|
2019-02-22 15:25:06 +00:00
|
|
|
let context = templates::Search{
|
2019-03-01 08:55:50 +00:00
|
|
|
query: query_string,
|
2019-03-06 12:25:21 +00:00
|
|
|
gpg_options: if has_uids {
|
|
|
|
None
|
|
|
|
} else {
|
|
|
|
Some("--keyserver-options import-drop-uids ")
|
|
|
|
},
|
2019-03-06 12:11:49 +00:00
|
|
|
domain: Some(state.domain.clone()),
|
2019-03-01 08:55:50 +00:00
|
|
|
fpr: fp.to_string().into(),
|
2019-02-22 15:25:06 +00:00
|
|
|
version: env!("VERGEN_SEMVER").to_string(),
|
|
|
|
commit: env!("VERGEN_SHA_SHORT").to_string(),
|
|
|
|
};
|
2018-10-25 15:37:33 +00:00
|
|
|
|
2019-02-22 15:25:06 +00:00
|
|
|
MyResponse::ok("found", context)
|
|
|
|
}
|
|
|
|
|
2019-03-06 12:25:21 +00:00
|
|
|
fn key_has_uids(state: &State, db: &Polymorphic, query: &Query)
|
|
|
|
-> Result<bool> {
|
|
|
|
use sequoia_openpgp::Packet;
|
|
|
|
use sequoia_openpgp::parse::{Parse, PacketParser, PacketParserResult};
|
|
|
|
let mut ppr = match db.lookup_path(query) {
|
|
|
|
Some(path) => PacketParser::from_file(&state.state_dir.join(path))?,
|
|
|
|
None => return Err(failure::err_msg("key vanished")),
|
|
|
|
};
|
|
|
|
|
|
|
|
while let PacketParserResult::Some(pp) = ppr {
|
|
|
|
if let Packet::UserID(_) = pp.packet {
|
|
|
|
return Ok(true);
|
|
|
|
}
|
|
|
|
ppr = pp.recurse()?.1;
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(false)
|
|
|
|
}
|
|
|
|
|
2019-03-01 08:55:50 +00:00
|
|
|
fn key_to_hkp_index<'a>(db: rocket::State<Polymorphic>, query: Query)
|
|
|
|
-> MyResponse {
|
2019-02-22 15:25:06 +00:00
|
|
|
use sequoia_openpgp::RevocationStatus;
|
|
|
|
|
2019-03-01 08:55:50 +00:00
|
|
|
let tpk = match db.lookup(&query) {
|
|
|
|
Ok(Some(tpk)) => tpk,
|
2019-03-05 10:07:59 +00:00
|
|
|
Ok(None) => return MyResponse::not_found(None, None),
|
2019-02-22 20:29:53 +00:00
|
|
|
Err(err) => { return MyResponse::ise(err); }
|
2019-02-22 15:25:06 +00:00
|
|
|
};
|
|
|
|
let mut out = String::default();
|
|
|
|
let p = tpk.primary();
|
|
|
|
|
|
|
|
let ctime = tpk
|
|
|
|
.primary_key_signature()
|
|
|
|
.and_then(|x| x.signature_creation_time())
|
|
|
|
.map(|x| format!("{}", x.to_timespec().sec))
|
|
|
|
.unwrap_or_default();
|
|
|
|
let extime = tpk
|
|
|
|
.primary_key_signature()
|
|
|
|
.and_then(|x| x.signature_expiration_time())
|
|
|
|
.map(|x| format!("{}", x))
|
|
|
|
.unwrap_or_default();
|
|
|
|
let is_exp = tpk
|
|
|
|
.primary_key_signature()
|
|
|
|
.and_then(|x| {
|
|
|
|
if x.signature_expired() { "e" } else { "" }.into()
|
|
|
|
})
|
|
|
|
.unwrap_or_default();
|
|
|
|
let is_rev =
|
|
|
|
if tpk.revoked(None) != RevocationStatus::NotAsFarAsWeKnow {
|
|
|
|
"r"
|
|
|
|
} else {
|
|
|
|
""
|
|
|
|
};
|
|
|
|
let algo: u8 = p.pk_algo().into();
|
|
|
|
|
|
|
|
out.push_str("info:1:1\r\n");
|
|
|
|
out.push_str(&format!(
|
|
|
|
"pub:{}:{}:{}:{}:{}:{}{}\r\n",
|
|
|
|
p.fingerprint().to_string().replace(" ", ""),
|
|
|
|
algo,
|
|
|
|
p.mpis().bits(),
|
|
|
|
ctime,
|
|
|
|
extime,
|
|
|
|
is_exp,
|
|
|
|
is_rev
|
|
|
|
));
|
|
|
|
|
|
|
|
for uid in tpk.userids() {
|
|
|
|
let u =
|
|
|
|
url::form_urlencoded::byte_serialize(uid.userid().userid())
|
|
|
|
.fold(String::default(), |acc, x| acc + x);
|
|
|
|
let ctime = uid
|
|
|
|
.binding_signature()
|
|
|
|
.and_then(|x| x.signature_creation_time())
|
|
|
|
.map(|x| format!("{}", x.to_timespec().sec))
|
|
|
|
.unwrap_or_default();
|
|
|
|
let extime = uid
|
|
|
|
.binding_signature()
|
|
|
|
.and_then(|x| x.signature_expiration_time())
|
|
|
|
.map(|x| format!("{}", x))
|
|
|
|
.unwrap_or_default();
|
|
|
|
let is_exp = uid
|
|
|
|
.binding_signature()
|
|
|
|
.and_then(|x| {
|
|
|
|
if x.signature_expired() { "e" } else { "" }.into()
|
|
|
|
})
|
|
|
|
.unwrap_or_default();
|
|
|
|
let is_rev = if uid.revoked(None)
|
|
|
|
!= RevocationStatus::NotAsFarAsWeKnow
|
|
|
|
{
|
|
|
|
"r"
|
|
|
|
} else {
|
|
|
|
""
|
|
|
|
};
|
|
|
|
|
|
|
|
out.push_str(&format!(
|
|
|
|
"uid:{}:{}:{}:{}{}\r\n",
|
|
|
|
u, ctime, extime, is_exp, is_rev
|
|
|
|
));
|
2018-10-25 15:37:33 +00:00
|
|
|
}
|
2019-02-22 15:25:06 +00:00
|
|
|
|
|
|
|
MyResponse::plain(out)
|
2019-02-22 21:37:01 +00:00
|
|
|
|
2018-10-25 15:37:33 +00:00
|
|
|
}
|
|
|
|
|
2019-03-04 14:23:53 +00:00
|
|
|
#[get("/vks/v1/by-fingerprint/<fpr>")]
|
2019-03-06 12:11:49 +00:00
|
|
|
fn by_fingerprint(state: rocket::State<State>,
|
|
|
|
db: rocket::State<Polymorphic>,
|
2019-03-01 11:58:17 +00:00
|
|
|
fpr: String) -> MyResponse {
|
2019-03-01 08:55:50 +00:00
|
|
|
let query = match Fingerprint::from_str(&fpr) {
|
|
|
|
Ok(fpr) => Query::ByFingerprint(fpr),
|
2019-02-28 17:39:29 +00:00
|
|
|
Err(e) => return MyResponse::ise(e),
|
2018-09-19 20:24:38 +00:00
|
|
|
};
|
|
|
|
|
2019-03-06 12:11:49 +00:00
|
|
|
key_to_response(state, db, fpr, query, true)
|
2018-10-25 15:37:33 +00:00
|
|
|
}
|
2018-09-19 20:24:38 +00:00
|
|
|
|
2019-03-04 14:23:53 +00:00
|
|
|
#[get("/vks/v1/by-email/<email>")]
|
2019-03-06 12:11:49 +00:00
|
|
|
fn by_email(state: rocket::State<State>,
|
|
|
|
db: rocket::State<Polymorphic>,
|
2019-03-01 11:58:17 +00:00
|
|
|
email: String) -> MyResponse {
|
2019-03-01 08:55:50 +00:00
|
|
|
let query = match Email::from_str(&email) {
|
|
|
|
Ok(email) => Query::ByEmail(email),
|
2019-02-28 17:39:29 +00:00
|
|
|
Err(e) => return MyResponse::ise(e),
|
2018-10-25 15:37:33 +00:00
|
|
|
};
|
2018-09-19 20:24:38 +00:00
|
|
|
|
2019-03-06 12:11:49 +00:00
|
|
|
key_to_response(state, db, email, query, true)
|
2018-09-19 20:24:38 +00:00
|
|
|
}
|
|
|
|
|
2019-03-04 14:23:53 +00:00
|
|
|
#[get("/vks/v1/by-keyid/<kid>")]
|
2019-03-06 12:11:49 +00:00
|
|
|
fn by_keyid(state: rocket::State<State>,
|
|
|
|
db: rocket::State<Polymorphic>,
|
2019-03-01 11:58:17 +00:00
|
|
|
kid: String) -> MyResponse {
|
2019-03-01 08:55:50 +00:00
|
|
|
let query = match KeyID::from_str(&kid) {
|
|
|
|
Ok(keyid) => Query::ByKeyID(keyid),
|
2019-02-28 17:39:29 +00:00
|
|
|
Err(e) => return MyResponse::ise(e),
|
2019-01-04 13:07:14 +00:00
|
|
|
};
|
|
|
|
|
2019-03-06 12:11:49 +00:00
|
|
|
key_to_response(state, db, kid, query, true)
|
2019-01-04 13:07:14 +00:00
|
|
|
}
|
|
|
|
|
2019-03-04 14:23:53 +00:00
|
|
|
#[get("/vks/v1/verify/<token>")]
|
2019-03-06 12:11:49 +00:00
|
|
|
fn verify(state: rocket::State<State>,
|
|
|
|
db: rocket::State<Polymorphic>,
|
|
|
|
token: String) -> MyResponse {
|
2018-09-19 20:24:38 +00:00
|
|
|
match db.verify_token(&token) {
|
|
|
|
Ok(Some((userid, fpr))) => {
|
2019-02-07 19:58:31 +00:00
|
|
|
let context = templates::Verify {
|
2018-09-19 20:24:38 +00:00
|
|
|
verified: true,
|
2019-03-06 12:11:49 +00:00
|
|
|
domain: state.domain.clone(),
|
2018-09-19 20:24:38 +00:00
|
|
|
userid: userid.to_string(),
|
|
|
|
fpr: fpr.to_string(),
|
2019-02-08 18:51:06 +00:00
|
|
|
version: env!("VERGEN_SEMVER").to_string(),
|
|
|
|
commit: env!("VERGEN_SHA_SHORT").to_string(),
|
2018-09-19 20:24:38 +00:00
|
|
|
};
|
|
|
|
|
2019-03-05 11:47:19 +00:00
|
|
|
MyResponse::ok("verify", context)
|
2018-08-16 18:35:19 +00:00
|
|
|
}
|
2019-03-05 11:47:19 +00:00
|
|
|
Ok(None) => MyResponse::not_found(Some("generic-error"), None),
|
|
|
|
Err(e) => MyResponse::ise(e),
|
2018-09-19 20:24:38 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-03-04 14:23:53 +00:00
|
|
|
#[get("/vks/v1/manage")]
|
2019-03-05 10:07:59 +00:00
|
|
|
fn manage() -> result::Result<Template, Custom<String>> {
|
|
|
|
Ok(Template::render("manage", templates::Index::new(None)))
|
2019-02-26 16:35:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[derive(FromForm)]
|
|
|
|
struct ManageRequest {
|
|
|
|
search_term: String,
|
|
|
|
}
|
|
|
|
|
2019-03-04 14:23:53 +00:00
|
|
|
#[post("/vks/v1/manage", data="<request>")]
|
2019-03-06 12:11:49 +00:00
|
|
|
fn manage_post(state: rocket::State<State>,
|
|
|
|
db: rocket::State<Polymorphic>,
|
|
|
|
mail_service: rocket::State<mail::Service>,
|
|
|
|
request: Form<ManageRequest>) -> MyResponse {
|
2019-02-26 16:35:57 +00:00
|
|
|
use std::convert::TryInto;
|
2018-11-02 10:50:57 +00:00
|
|
|
|
2019-02-28 16:16:26 +00:00
|
|
|
let query = match request.search_term.parse() {
|
|
|
|
Ok(query) => query,
|
|
|
|
Err(e) => return MyResponse::ise(e),
|
|
|
|
};
|
|
|
|
let tpk = match db.lookup(&query) {
|
2019-02-26 16:35:57 +00:00
|
|
|
Ok(Some(tpk)) => tpk,
|
|
|
|
Ok(None) => return MyResponse::not_found(
|
2019-03-05 10:07:59 +00:00
|
|
|
Some("manage"),
|
2019-02-26 16:35:57 +00:00
|
|
|
Some(format!("No such key found for {:?}", request.search_term))),
|
|
|
|
Err(e) => return MyResponse::ise(e),
|
2018-09-19 20:24:38 +00:00
|
|
|
};
|
|
|
|
|
2019-02-26 16:35:57 +00:00
|
|
|
match db.request_deletion(tpk.fingerprint().try_into().unwrap()) {
|
2019-02-07 19:58:31 +00:00
|
|
|
Ok((token, uids)) => {
|
|
|
|
let context = templates::Delete {
|
2019-02-26 16:35:57 +00:00
|
|
|
fpr: tpk.fingerprint().to_string(),
|
2019-02-08 18:51:06 +00:00
|
|
|
version: env!("VERGEN_SEMVER").to_string(),
|
|
|
|
commit: env!("VERGEN_SHA_SHORT").to_string(),
|
2018-09-19 20:24:38 +00:00
|
|
|
};
|
|
|
|
|
2019-03-05 13:09:23 +00:00
|
|
|
if let Err(e) = mail_service.send_confirmation(
|
2019-03-06 12:11:49 +00:00
|
|
|
&uids, &token, &state.domain) {
|
2019-03-05 13:09:23 +00:00
|
|
|
return MyResponse::ise(e);
|
2018-11-02 10:53:49 +00:00
|
|
|
}
|
|
|
|
|
2019-02-26 16:35:57 +00:00
|
|
|
MyResponse::ok("delete", context)
|
2018-09-19 20:24:38 +00:00
|
|
|
}
|
2019-02-26 16:35:57 +00:00
|
|
|
Err(e) => MyResponse::ise(e),
|
2018-09-19 20:24:38 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-03-04 14:23:53 +00:00
|
|
|
#[get("/vks/v1/confirm/<token>")]
|
2019-02-07 19:58:31 +00:00
|
|
|
fn confirm(
|
|
|
|
db: rocket::State<Polymorphic>, token: String,
|
|
|
|
) -> result::Result<Template, Custom<String>> {
|
2018-09-19 20:24:38 +00:00
|
|
|
match db.confirm_deletion(&token) {
|
|
|
|
Ok(true) => {
|
2019-02-08 18:51:06 +00:00
|
|
|
let context = templates::Confirm {
|
|
|
|
deleted: true,
|
|
|
|
version: env!("VERGEN_SEMVER").to_string(),
|
|
|
|
commit: env!("VERGEN_SHA_SHORT").to_string(),
|
|
|
|
};
|
2018-09-19 20:24:38 +00:00
|
|
|
|
|
|
|
Ok(Template::render("confirm", context))
|
|
|
|
}
|
|
|
|
Ok(false) | Err(_) => {
|
2019-02-08 18:51:06 +00:00
|
|
|
let context = templates::Confirm {
|
|
|
|
deleted: false,
|
|
|
|
version: env!("VERGEN_SEMVER").to_string(),
|
|
|
|
commit: env!("VERGEN_SHA_SHORT").to_string(),
|
|
|
|
};
|
2018-09-19 20:24:38 +00:00
|
|
|
|
|
|
|
Ok(Template::render("confirm", context))
|
|
|
|
}
|
|
|
|
}
|
2018-08-16 18:35:19 +00:00
|
|
|
}
|
|
|
|
|
2018-11-02 10:48:02 +00:00
|
|
|
#[get("/assets/<file..>")]
|
2019-03-06 12:11:49 +00:00
|
|
|
fn files(file: PathBuf, state: rocket::State<State>) -> Option<NamedFile> {
|
|
|
|
NamedFile::open(state.public_dir.join("assets").join(file)).ok()
|
2018-10-18 14:26:25 +00:00
|
|
|
}
|
|
|
|
|
2018-10-24 17:44:36 +00:00
|
|
|
#[get("/pks/lookup")]
|
2019-03-06 12:11:49 +00:00
|
|
|
fn lookup(state: rocket::State<State>,
|
|
|
|
db: rocket::State<Polymorphic>,
|
2019-03-06 15:35:53 +00:00
|
|
|
key: queries::Hkp) -> MyResponse {
|
|
|
|
let query_string = key.to_string();
|
2019-03-01 08:55:50 +00:00
|
|
|
let (query, index, machine_readable) = match key {
|
2019-03-06 15:35:53 +00:00
|
|
|
queries::Hkp::Fingerprint { fpr, index, machine_readable } =>
|
2019-03-01 08:55:50 +00:00
|
|
|
(Query::ByFingerprint(fpr), index, machine_readable),
|
2019-03-06 15:35:53 +00:00
|
|
|
queries::Hkp::KeyID { keyid, index, machine_readable } =>
|
2019-03-01 08:55:50 +00:00
|
|
|
(Query::ByKeyID(keyid), index, machine_readable),
|
2019-03-06 15:35:53 +00:00
|
|
|
queries::Hkp::Email { email, index, machine_readable } => {
|
2019-03-05 12:35:42 +00:00
|
|
|
(Query::ByEmail(email), index, machine_readable)
|
2019-01-08 18:01:45 +00:00
|
|
|
}
|
2019-03-06 15:35:53 +00:00
|
|
|
queries::Hkp::Invalid { query: _ } => {
|
2019-02-26 16:35:57 +00:00
|
|
|
return MyResponse::not_found(None, None);
|
2019-01-08 18:01:45 +00:00
|
|
|
}
|
2018-10-24 17:44:36 +00:00
|
|
|
};
|
|
|
|
|
2019-03-01 08:55:50 +00:00
|
|
|
if index {
|
|
|
|
key_to_hkp_index(db, query)
|
|
|
|
} else {
|
2019-03-06 15:35:53 +00:00
|
|
|
key_to_response(state, db, query_string, query, machine_readable)
|
2018-10-24 17:44:36 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-08-16 18:35:19 +00:00
|
|
|
#[get("/")]
|
2019-03-05 10:07:59 +00:00
|
|
|
fn root() -> Template {
|
|
|
|
Template::render("index", templates::Index::new(None))
|
2018-08-16 18:35:19 +00:00
|
|
|
}
|
|
|
|
|
2019-02-22 20:15:06 +00:00
|
|
|
#[get("/about")]
|
|
|
|
fn about() -> Template {
|
2019-03-05 10:11:23 +00:00
|
|
|
Template::render("about", templates::General::default())
|
2019-02-22 20:15:06 +00:00
|
|
|
}
|
|
|
|
|
2019-03-06 15:39:52 +00:00
|
|
|
#[get("/apidoc")]
|
|
|
|
fn apidoc() -> Template {
|
|
|
|
Template::render("apidoc", templates::General::default())
|
|
|
|
}
|
|
|
|
|
2018-09-19 20:24:38 +00:00
|
|
|
pub fn serve(opt: &Opt, db: Polymorphic) -> Result<()> {
|
|
|
|
use rocket::config::{Config, Environment};
|
|
|
|
use std::str::FromStr;
|
|
|
|
|
|
|
|
let (addr, port) = match opt.listen.find(':') {
|
|
|
|
Some(p) => {
|
|
|
|
let addr = opt.listen[0..p].to_string();
|
|
|
|
let port = if p < opt.listen.len() - 1 {
|
2019-02-07 19:58:31 +00:00
|
|
|
u16::from_str(&opt.listen[p + 1..]).ok().unwrap_or(8080)
|
2018-09-19 20:24:38 +00:00
|
|
|
} else {
|
|
|
|
8080
|
|
|
|
};
|
|
|
|
|
|
|
|
(addr, port)
|
|
|
|
}
|
2019-02-07 19:58:31 +00:00
|
|
|
None => (opt.listen.to_string(), 8080),
|
2018-09-19 20:24:38 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
let config = Config::build(Environment::Staging)
|
|
|
|
.address(addr)
|
|
|
|
.port(port)
|
|
|
|
.workers(2)
|
2018-11-02 10:48:02 +00:00
|
|
|
.root(opt.base.clone())
|
2019-02-07 19:58:31 +00:00
|
|
|
.extra(
|
|
|
|
"template_dir",
|
|
|
|
opt.base
|
|
|
|
.join("templates")
|
|
|
|
.to_str()
|
2019-02-22 20:29:53 +00:00
|
|
|
.ok_or(failure::err_msg("Template path invalid"))?,
|
2019-02-07 19:58:31 +00:00
|
|
|
)
|
|
|
|
.extra(
|
2019-03-06 12:11:49 +00:00
|
|
|
"state_dir",
|
|
|
|
opt.base.to_str()
|
2019-02-22 20:29:53 +00:00
|
|
|
.ok_or(failure::err_msg("Static path invalid"))?,
|
2019-02-07 19:58:31 +00:00
|
|
|
)
|
2018-11-02 10:50:57 +00:00
|
|
|
.extra("domain", opt.domain.clone())
|
2019-01-09 12:35:47 +00:00
|
|
|
.extra("from", opt.from.clone())
|
2019-03-01 11:58:17 +00:00
|
|
|
.extra("x-accel-redirect", opt.x_accel_redirect)
|
2018-09-19 20:24:38 +00:00
|
|
|
.finalize()?;
|
2019-02-25 17:11:43 +00:00
|
|
|
|
|
|
|
rocket_factory(rocket::custom(config), db).launch();
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
|
|
|
fn rocket_factory(rocket: rocket::Rocket, db: Polymorphic) -> rocket::Rocket {
|
2018-09-19 20:24:38 +00:00
|
|
|
let routes = routes![
|
2018-11-02 10:48:02 +00:00
|
|
|
// infra
|
|
|
|
root,
|
2019-02-22 15:25:06 +00:00
|
|
|
manage,
|
2019-02-26 16:35:57 +00:00
|
|
|
manage_post,
|
2018-11-02 10:48:02 +00:00
|
|
|
files,
|
|
|
|
// nginx-supported lookup
|
2018-10-25 15:37:33 +00:00
|
|
|
by_email,
|
2019-02-21 20:26:02 +00:00
|
|
|
by_fingerprint,
|
|
|
|
by_keyid,
|
2018-11-02 10:48:02 +00:00
|
|
|
// HKP
|
|
|
|
lookup,
|
2019-03-05 15:15:03 +00:00
|
|
|
upload::pks_add,
|
2019-02-22 20:38:38 +00:00
|
|
|
upload::vks_publish,
|
|
|
|
upload::vks_publish_submit,
|
2018-11-02 10:48:02 +00:00
|
|
|
// verification & deletion
|
2018-09-19 20:24:38 +00:00
|
|
|
verify,
|
|
|
|
confirm,
|
2019-02-22 20:15:06 +00:00
|
|
|
// about
|
|
|
|
about,
|
2019-03-06 15:39:52 +00:00
|
|
|
apidoc,
|
2018-09-19 20:24:38 +00:00
|
|
|
];
|
|
|
|
|
2019-02-25 17:11:43 +00:00
|
|
|
rocket
|
2018-09-19 20:24:38 +00:00
|
|
|
.attach(Template::fairing())
|
2019-03-06 12:11:49 +00:00
|
|
|
.attach(AdHoc::on_attach("state", |rocket| {
|
|
|
|
let state_dir: PathBuf = rocket.config().get_str("state_dir")
|
|
|
|
.unwrap().into();
|
|
|
|
let public_dir = state_dir.join("public");
|
2019-02-07 19:58:31 +00:00
|
|
|
let domain = rocket.config().get_str("domain").unwrap().to_string();
|
2019-03-01 11:58:17 +00:00
|
|
|
let x_accel_redirect =
|
|
|
|
rocket.config().get_bool("x-accel-redirect").unwrap();
|
2019-03-06 12:11:49 +00:00
|
|
|
Ok(rocket.manage(State {
|
|
|
|
state_dir: state_dir,
|
|
|
|
public_dir: public_dir,
|
|
|
|
domain: domain,
|
|
|
|
x_accel_redirect: x_accel_redirect,
|
|
|
|
}))
|
2019-03-01 11:58:17 +00:00
|
|
|
}))
|
2019-03-04 15:43:10 +00:00
|
|
|
.attach(AdHoc::on_attach("mail-service", |rocket| {
|
2019-02-07 19:58:31 +00:00
|
|
|
let dir: PathBuf = rocket
|
|
|
|
.config()
|
2019-01-10 13:45:11 +00:00
|
|
|
.get_str("template_dir")
|
|
|
|
.unwrap()
|
|
|
|
.to_string()
|
|
|
|
.into();
|
2019-03-04 15:43:10 +00:00
|
|
|
let from = rocket.config().get_str("from").unwrap().to_string();
|
|
|
|
|
2019-01-10 13:45:11 +00:00
|
|
|
let confirm_html = dir.join("confirm-email-html.hbs");
|
|
|
|
let confirm_txt = dir.join("confirm-email-txt.hbs");
|
|
|
|
let verify_html = dir.join("verify-email-html.hbs");
|
|
|
|
let verify_txt = dir.join("verify-email-txt.hbs");
|
2019-02-07 19:58:31 +00:00
|
|
|
let mut handlebars = Handlebars::new();
|
|
|
|
|
|
|
|
handlebars
|
|
|
|
.register_template_file("confirm-html", confirm_html)
|
|
|
|
.unwrap();
|
|
|
|
handlebars
|
|
|
|
.register_template_file("confirm-txt", confirm_txt)
|
|
|
|
.unwrap();
|
|
|
|
handlebars
|
|
|
|
.register_template_file("verify-html", verify_html)
|
|
|
|
.unwrap();
|
|
|
|
handlebars
|
|
|
|
.register_template_file("verify-txt", verify_txt)
|
|
|
|
.unwrap();
|
2019-01-10 13:45:11 +00:00
|
|
|
|
2019-03-04 16:57:36 +00:00
|
|
|
let filemail_into = rocket.config().get_str("filemail_into")
|
|
|
|
.ok().map(|p| PathBuf::from(p));
|
|
|
|
Ok(rocket.manage(if let Some(path) = filemail_into {
|
|
|
|
mail::Service::filemail(from, handlebars, path)
|
|
|
|
} else {
|
|
|
|
mail::Service::sendmail(from, handlebars)
|
|
|
|
}))
|
2019-01-10 13:45:11 +00:00
|
|
|
}))
|
2018-09-19 20:24:38 +00:00
|
|
|
.mount("/", routes)
|
|
|
|
.manage(db)
|
2018-08-16 18:35:19 +00:00
|
|
|
}
|
2019-02-25 17:34:07 +00:00
|
|
|
|
|
|
|
#[cfg(test)]
|
|
|
|
mod tests {
|
|
|
|
use fs_extra;
|
2019-03-04 16:57:36 +00:00
|
|
|
use regex;
|
|
|
|
use std::fs;
|
2019-03-06 15:19:33 +00:00
|
|
|
use std::path::Path;
|
2019-02-25 17:34:07 +00:00
|
|
|
use tempfile::{tempdir, TempDir};
|
|
|
|
use super::rocket;
|
|
|
|
use rocket::local::Client;
|
|
|
|
use rocket::http::Status;
|
|
|
|
use rocket::http::ContentType;
|
2019-03-04 16:57:36 +00:00
|
|
|
use lettre::{SendableEmail, SimpleSendableEmail};
|
2019-02-25 17:34:07 +00:00
|
|
|
|
2019-02-26 10:34:53 +00:00
|
|
|
use sequoia_openpgp::TPK;
|
|
|
|
use sequoia_openpgp::tpk::TPKBuilder;
|
|
|
|
use sequoia_openpgp::parse::Parse;
|
|
|
|
use sequoia_openpgp::serialize::Serialize;
|
|
|
|
|
2019-02-25 17:34:07 +00:00
|
|
|
use database::*;
|
|
|
|
use super::*;
|
|
|
|
|
|
|
|
/// Creates a configuration and empty state dir for testing purposes.
|
|
|
|
///
|
|
|
|
/// Note that you need to keep the returned TempDir alive for the
|
|
|
|
/// duration of your test. To debug the test, mem::forget it to
|
|
|
|
/// prevent cleanup.
|
|
|
|
fn configuration() -> Result<(TempDir, rocket::Config)> {
|
|
|
|
use rocket::config::{Config, Environment};
|
|
|
|
|
|
|
|
let root = tempdir()?;
|
|
|
|
fs_extra::copy_items(&vec!["dist/templates"], &root,
|
|
|
|
&fs_extra::dir::CopyOptions::new())?;
|
2019-03-04 16:57:36 +00:00
|
|
|
let filemail = root.path().join("filemail");
|
|
|
|
::std::fs::create_dir_all(&filemail)?;
|
2019-02-25 17:34:07 +00:00
|
|
|
|
|
|
|
let config = Config::build(Environment::Staging)
|
|
|
|
.root(root.path().to_path_buf())
|
|
|
|
.extra(
|
|
|
|
"template_dir",
|
|
|
|
root.path().join("templates").to_str()
|
|
|
|
.ok_or(failure::err_msg("Template path invalid"))?,
|
|
|
|
)
|
|
|
|
.extra(
|
2019-03-06 12:11:49 +00:00
|
|
|
"state_dir",
|
|
|
|
root.path().to_str()
|
2019-02-25 17:34:07 +00:00
|
|
|
.ok_or(failure::err_msg("Static path invalid"))?,
|
|
|
|
)
|
|
|
|
.extra("domain", "domain")
|
|
|
|
.extra("from", "from")
|
2019-03-04 16:57:36 +00:00
|
|
|
.extra("filemail_into", filemail.into_os_string().into_string()
|
|
|
|
.expect("path is valid UTF8"))
|
2019-03-01 11:58:17 +00:00
|
|
|
.extra("x-accel-redirect", false)
|
2019-02-25 17:34:07 +00:00
|
|
|
.finalize()?;
|
|
|
|
Ok((root, config))
|
|
|
|
}
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
fn basics() {
|
|
|
|
let (_tmpdir, config) = configuration().unwrap();
|
|
|
|
|
|
|
|
let db = Polymorphic::Filesystem(
|
|
|
|
Filesystem::new(config.root().unwrap().to_path_buf()).unwrap());
|
|
|
|
let rocket = rocket_factory(rocket::custom(config), db);
|
|
|
|
let client = Client::new(rocket).expect("valid rocket instance");
|
|
|
|
|
|
|
|
// Check that we see the landing page.
|
|
|
|
let mut response = client.get("/").dispatch();
|
|
|
|
assert_eq!(response.status(), Status::Ok);
|
|
|
|
assert_eq!(response.content_type(), Some(ContentType::HTML));
|
|
|
|
assert!(response.body_string().unwrap().contains("Hagrid"));
|
|
|
|
|
|
|
|
// Check that we see the privacy policy.
|
|
|
|
let mut response = client.get("/about").dispatch();
|
|
|
|
assert_eq!(response.status(), Status::Ok);
|
|
|
|
assert_eq!(response.content_type(), Some(ContentType::HTML));
|
|
|
|
assert!(response.body_string().unwrap().contains("Public Key Data"));
|
2019-03-07 11:58:03 +00:00
|
|
|
|
|
|
|
// Check that we see the API docs.
|
|
|
|
let mut response = client.get("/apidoc").dispatch();
|
|
|
|
assert_eq!(response.status(), Status::Ok);
|
|
|
|
assert_eq!(response.content_type(), Some(ContentType::HTML));
|
|
|
|
assert!(response.body_string().unwrap().contains("/vks/v1/by-keyid"));
|
2019-02-25 17:34:07 +00:00
|
|
|
}
|
2019-02-26 10:34:53 +00:00
|
|
|
|
|
|
|
#[test]
|
|
|
|
fn upload() {
|
2019-03-04 16:57:36 +00:00
|
|
|
let (tmpdir, config) = configuration().unwrap();
|
|
|
|
let filemail_into = tmpdir.path().join("filemail");
|
2019-02-26 10:34:53 +00:00
|
|
|
|
2019-03-04 16:57:36 +00:00
|
|
|
// eprintln!("LEAKING: {:?}", tmpdir);
|
2019-02-26 10:34:53 +00:00
|
|
|
// ::std::mem::forget(_tmpdir);
|
|
|
|
|
|
|
|
let db = Polymorphic::Filesystem(
|
|
|
|
Filesystem::new(config.root().unwrap().to_path_buf()).unwrap());
|
|
|
|
let rocket = rocket_factory(rocket::custom(config), db);
|
|
|
|
let client = Client::new(rocket).expect("valid rocket instance");
|
|
|
|
|
|
|
|
// Generate a key and upload it.
|
|
|
|
let (tpk, _) = TPKBuilder::autocrypt(
|
|
|
|
None, Some("foo@invalid.example.com".into()))
|
|
|
|
.generate().unwrap();
|
|
|
|
|
|
|
|
let mut tpk_serialized = Vec::new();
|
|
|
|
tpk.serialize(&mut tpk_serialized).unwrap();
|
|
|
|
let response = vks_publish_submit(&client, &tpk_serialized);
|
|
|
|
assert_eq!(response.status(), Status::SeeOther);
|
|
|
|
assert_eq!(response.headers().get_one("Location"),
|
2019-03-04 14:23:53 +00:00
|
|
|
Some("/vks/v1/publish?ok"));
|
2019-02-26 10:34:53 +00:00
|
|
|
|
2019-03-04 16:45:50 +00:00
|
|
|
// Prior to email confirmation, we should not be able to look
|
|
|
|
// it up by email address.
|
2019-03-05 15:14:26 +00:00
|
|
|
check_null_responses_by_email(&client, "foo@invalid.example.com");
|
|
|
|
|
|
|
|
// And check that we can get it back via the machine readable
|
|
|
|
// interface.
|
|
|
|
check_mr_responses_by_fingerprint(&client, &tpk, 0);
|
|
|
|
|
|
|
|
// And check that we can see the human-readable result page.
|
|
|
|
check_hr_responses_by_fingerprint(&client, &tpk);
|
|
|
|
|
|
|
|
// Now check for the confirmation mail.
|
2019-03-11 11:06:44 +00:00
|
|
|
check_mails_and_confirm(&client, filemail_into.as_path());
|
2019-03-05 15:14:26 +00:00
|
|
|
|
|
|
|
// Now lookups using the mail address should work.
|
|
|
|
check_mr_response(
|
|
|
|
&client,
|
|
|
|
"/vks/v1/by-email/foo@invalid.example.com",
|
|
|
|
&tpk, 1);
|
|
|
|
check_mr_response(
|
|
|
|
&client,
|
|
|
|
"/vks/v1/by-email/foo%40invalid.example.com",
|
|
|
|
&tpk, 1);
|
|
|
|
check_mr_response(
|
|
|
|
&client,
|
|
|
|
"/pks/lookup?op=get&options=mr&search=foo@invalid.example.com",
|
|
|
|
&tpk, 1);
|
|
|
|
check_hr_response(
|
|
|
|
&client,
|
|
|
|
"/pks/lookup?op=get&search=foo@invalid.example.com",
|
|
|
|
&tpk);
|
|
|
|
}
|
2019-03-04 16:45:50 +00:00
|
|
|
|
2019-03-05 15:14:26 +00:00
|
|
|
/// Asserts that the given URI 404s.
|
|
|
|
fn check_null_response(client: &Client, uri: &str) {
|
|
|
|
let response = client.get(uri).dispatch();
|
|
|
|
assert_eq!(response.status(), Status::NotFound);
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Asserts that lookups by the given address 404.
|
|
|
|
fn check_null_responses_by_email(client: &Client, addr: &str) {
|
2019-03-04 16:45:50 +00:00
|
|
|
check_null_response(
|
2019-03-05 15:14:26 +00:00
|
|
|
&client, &format!("/vks/v1/by-email/{}", addr));
|
2019-03-04 16:45:50 +00:00
|
|
|
check_null_response(
|
2019-03-05 15:14:26 +00:00
|
|
|
&client, &format!("/pks/lookup?op=get&search={}", addr));
|
2019-03-04 16:45:50 +00:00
|
|
|
check_null_response(
|
2019-03-05 15:14:26 +00:00
|
|
|
&client, &format!("/pks/lookup?op=get&options=mr&search={}",
|
|
|
|
addr));
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Asserts that the given URI returns a TPK matching the given
|
|
|
|
/// one, with the given number of userids.
|
|
|
|
fn check_mr_response(client: &Client, uri: &str, tpk: &TPK,
|
|
|
|
nr_uids: usize) {
|
|
|
|
let mut response = client.get(uri).dispatch();
|
|
|
|
assert_eq!(response.status(), Status::Ok);
|
|
|
|
assert_eq!(response.content_type(),
|
|
|
|
Some(ContentType::new("application", "pgp-keys")));
|
|
|
|
let body = response.body_string().unwrap();
|
|
|
|
assert!(body.contains("END PGP PUBLIC KEY BLOCK"));
|
|
|
|
let tpk_ = TPK::from_bytes(body.as_bytes()).unwrap();
|
|
|
|
assert_eq!(tpk.fingerprint(), tpk_.fingerprint());
|
|
|
|
assert_eq!(tpk.subkeys().map(|skb| skb.subkey().fingerprint())
|
|
|
|
.collect::<Vec<_>>(),
|
|
|
|
tpk_.subkeys().map(|skb| skb.subkey().fingerprint())
|
|
|
|
.collect::<Vec<_>>());
|
|
|
|
assert_eq!(tpk_.userids().count(), nr_uids);
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Asserts that we can get the given TPK back using the various
|
|
|
|
/// by-fingerprint or by-keyid lookup mechanisms.
|
|
|
|
fn check_mr_responses_by_fingerprint(client: &Client, tpk: &TPK,
|
|
|
|
nr_uids: usize) {
|
|
|
|
let fp = tpk.fingerprint().to_hex();
|
|
|
|
let keyid = tpk.fingerprint().to_keyid().to_hex();
|
2019-02-26 10:34:53 +00:00
|
|
|
|
2019-03-05 12:36:26 +00:00
|
|
|
check_mr_response(
|
2019-03-05 15:14:26 +00:00
|
|
|
&client, &format!("/vks/v1/by-keyid/{}", keyid), &tpk, nr_uids);
|
2019-03-05 12:36:26 +00:00
|
|
|
check_mr_response(
|
2019-03-05 15:14:26 +00:00
|
|
|
&client, &format!("/vks/v1/by-fingerprint/{}", fp), &tpk, nr_uids);
|
2019-02-26 10:34:53 +00:00
|
|
|
check_mr_response(
|
|
|
|
&client,
|
|
|
|
&format!("/pks/lookup?op=get&options=mr&search={}", fp),
|
2019-03-05 15:14:26 +00:00
|
|
|
&tpk, nr_uids);
|
2019-02-26 10:34:53 +00:00
|
|
|
check_mr_response(
|
|
|
|
&client,
|
|
|
|
&format!("/pks/lookup?op=get&options=mr&search=0x{}", fp),
|
2019-03-05 15:14:26 +00:00
|
|
|
&tpk, nr_uids);
|
2019-02-26 10:34:53 +00:00
|
|
|
check_mr_response(
|
|
|
|
&client,
|
|
|
|
&format!("/pks/lookup?op=get&options=mr&search={}", keyid),
|
2019-03-05 15:14:26 +00:00
|
|
|
&tpk, nr_uids);
|
2019-02-26 10:34:53 +00:00
|
|
|
check_mr_response(
|
|
|
|
&client,
|
|
|
|
&format!("/pks/lookup?op=get&options=mr&search=0x{}", keyid),
|
2019-03-05 15:14:26 +00:00
|
|
|
&tpk, nr_uids);
|
|
|
|
}
|
2019-02-26 10:34:53 +00:00
|
|
|
|
2019-03-05 15:14:26 +00:00
|
|
|
/// Asserts that the given URI returns human readable response
|
|
|
|
/// page.
|
|
|
|
fn check_hr_response(client: &Client, uri: &str, tpk: &TPK) {
|
|
|
|
let mut response = client.get(uri).dispatch();
|
|
|
|
assert_eq!(response.status(), Status::Ok);
|
|
|
|
assert_eq!(response.content_type(), Some(ContentType::HTML));
|
|
|
|
let body = response.body_string().unwrap();
|
|
|
|
assert!(body.contains("found"));
|
|
|
|
assert!(body.contains(&tpk.fingerprint().to_hex()));
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Asserts that we can get the given TPK back using the various
|
|
|
|
/// by-fingerprint or by-keyid lookup mechanisms.
|
|
|
|
fn check_hr_responses_by_fingerprint(client: &Client, tpk: &TPK) {
|
|
|
|
let fp = tpk.fingerprint().to_hex();
|
|
|
|
let keyid = tpk.fingerprint().to_keyid().to_hex();
|
2019-02-26 10:34:53 +00:00
|
|
|
|
|
|
|
check_hr_response(
|
|
|
|
&client,
|
|
|
|
&format!("/pks/lookup?op=get&search={}", fp),
|
|
|
|
&tpk);
|
|
|
|
check_hr_response(
|
|
|
|
&client,
|
|
|
|
&format!("/pks/lookup?op=get&search=0x{}", fp),
|
|
|
|
&tpk);
|
|
|
|
check_hr_response(
|
|
|
|
&client,
|
|
|
|
&format!("/pks/lookup?op=get&search={}", keyid),
|
|
|
|
&tpk);
|
|
|
|
check_hr_response(
|
|
|
|
&client,
|
|
|
|
&format!("/pks/lookup?op=get&search=0x{}", keyid),
|
|
|
|
&tpk);
|
2019-03-04 16:57:36 +00:00
|
|
|
}
|
|
|
|
|
2019-03-11 11:06:44 +00:00
|
|
|
fn check_mails_and_confirm(client: &Client, filemail_path: &Path) {
|
|
|
|
let confirm_re =
|
|
|
|
regex::bytes::Regex::new("https://domain(/vks/v1/verify[^ \t]*)")
|
|
|
|
.unwrap();
|
|
|
|
let confirm_mail = pop_mail(filemail_path).unwrap().unwrap();
|
|
|
|
let confirm_bytes = confirm_mail.message();
|
|
|
|
// eprintln!("{}", String::from_utf8_lossy(&confirm_bytes));
|
|
|
|
let confirm_link =
|
|
|
|
confirm_re.captures(&confirm_bytes).unwrap()
|
|
|
|
.get(1).unwrap().as_bytes();
|
|
|
|
let confirm_uri = String::from_utf8_lossy(confirm_link).to_string();
|
|
|
|
let response = client.get(&confirm_uri).dispatch();
|
|
|
|
assert_eq!(response.status(), Status::Ok);
|
|
|
|
}
|
|
|
|
|
2019-03-05 15:15:03 +00:00
|
|
|
#[test]
|
|
|
|
fn hkp() {
|
|
|
|
let (tmpdir, config) = configuration().unwrap();
|
|
|
|
let filemail_into = tmpdir.path().join("filemail");
|
|
|
|
|
|
|
|
// eprintln!("LEAKING: {:?}", tmpdir);
|
|
|
|
// ::std::mem::forget(tmpdir);
|
|
|
|
|
|
|
|
let db = Polymorphic::Filesystem(
|
|
|
|
Filesystem::new(config.root().unwrap().to_path_buf()).unwrap());
|
|
|
|
let rocket = rocket_factory(rocket::custom(config), db);
|
|
|
|
let client = Client::new(rocket).expect("valid rocket instance");
|
|
|
|
|
|
|
|
// Generate a key and upload it.
|
|
|
|
let (tpk, _) = TPKBuilder::autocrypt(
|
|
|
|
None, Some("foo@invalid.example.com".into()))
|
|
|
|
.generate().unwrap();
|
|
|
|
|
|
|
|
// Prepare to /pks/add
|
|
|
|
let mut armored = Vec::new();
|
|
|
|
{
|
|
|
|
use sequoia_openpgp::armor::{Writer, Kind};
|
|
|
|
let mut w = Writer::new(&mut armored, Kind::PublicKey, &[])
|
|
|
|
.unwrap();
|
|
|
|
tpk.serialize(&mut w).unwrap();
|
|
|
|
}
|
|
|
|
let mut post_data = String::from("keytext=");
|
|
|
|
for enc in url::form_urlencoded::byte_serialize(&armored) {
|
|
|
|
post_data.push_str(enc);
|
|
|
|
}
|
|
|
|
|
|
|
|
// Add!
|
|
|
|
let mut response = client.post("/pks/add")
|
|
|
|
.body(post_data.as_bytes())
|
|
|
|
.header(ContentType::Form)
|
|
|
|
.dispatch();
|
|
|
|
assert_eq!(response.status(), Status::Ok);
|
|
|
|
let body = response.body_string().unwrap();
|
|
|
|
eprintln!("response: {}", body);
|
|
|
|
|
|
|
|
// Check that we do not get a confirmation mail.
|
|
|
|
let confirm_mail = pop_mail(filemail_into.as_path()).unwrap();
|
|
|
|
assert!(confirm_mail.is_none());
|
|
|
|
|
|
|
|
// We should not be able to look it up by email address.
|
|
|
|
check_null_responses_by_email(&client, "foo@invalid.example.com");
|
|
|
|
|
|
|
|
// And check that we can get it back via the machine readable
|
|
|
|
// interface.
|
|
|
|
check_mr_responses_by_fingerprint(&client, &tpk, 0);
|
|
|
|
|
|
|
|
// And check that we can see the human-readable result page.
|
|
|
|
check_hr_responses_by_fingerprint(&client, &tpk);
|
|
|
|
}
|
|
|
|
|
2019-03-04 16:57:36 +00:00
|
|
|
/// Returns and removes the first mail it finds from the given
|
|
|
|
/// directory.
|
|
|
|
fn pop_mail(dir: &Path) -> Result<Option<SimpleSendableEmail>> {
|
|
|
|
for entry in fs::read_dir(dir)? {
|
|
|
|
let entry = entry?;
|
|
|
|
if entry.file_type()?.is_file() {
|
|
|
|
let fh = fs::File::open(entry.path())?;
|
|
|
|
fs::remove_file(entry.path())?;
|
|
|
|
let mail: SimpleSendableEmail =
|
|
|
|
::serde_json::from_reader(fh)?;
|
|
|
|
return Ok(Some(mail));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
Ok(None)
|
2019-02-26 10:34:53 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
fn vks_publish_submit<'a>(client: &'a Client, data: &[u8])
|
|
|
|
-> rocket::local::LocalResponse<'a> {
|
|
|
|
let ct = ContentType::with_params(
|
|
|
|
"multipart", "form-data",
|
|
|
|
("boundary", "---------------------------14733842173518794281682249499"));
|
|
|
|
|
|
|
|
let header =
|
|
|
|
b"-----------------------------14733842173518794281682249499\r\n\
|
|
|
|
Content-Disposition: form-data; name=\"csrf\"\r\n\
|
|
|
|
\r\n\
|
|
|
|
\r\n\
|
|
|
|
-----------------------------14733842173518794281682249499\r\n\
|
|
|
|
Content-Disposition: form-data; name=\"keytext\"; filename=\".k\"\r\n\
|
|
|
|
Content-Type: application/octet-stream\r\n\
|
|
|
|
\r\n";
|
|
|
|
let footer = b"\r\n-----------------------------14733842173518794281682249499--";
|
|
|
|
|
|
|
|
let mut body = Vec::new();
|
|
|
|
body.extend_from_slice(header);
|
|
|
|
body.extend_from_slice(data);
|
|
|
|
body.extend_from_slice(footer);
|
2019-03-04 14:23:53 +00:00
|
|
|
client.post("/vks/v1/publish/submit")
|
2019-02-26 10:34:53 +00:00
|
|
|
.header(ct)
|
|
|
|
.body(&body[..])
|
|
|
|
.dispatch()
|
|
|
|
}
|
2019-02-25 17:34:07 +00:00
|
|
|
}
|