#!/usr/bin/perl -w # $Id: kserver-all,v 1.26 2005/03/25 19:42:06 jason Exp jason $ # This prints HTTP URLs to get a key (or keys) from multiple keyservers # via the HKP protocol. $exact = ""; # don't request exact matches $shorten = 0; # don't shorten long keyids $hexify = 0; # don't prepend 0x to all arguments $list = 0; # don't list servers $fresolve = 0; # don't print IPs of servers, forward lookups $rresolve = 0; # don't print names of servers, reverse lookups $hget = 0; # don't search for a hash (from SKS servers) $stats = 0; # don't request stats page (from SKS servers) @strings = (); &usage ("no arguments given") if (!defined(@ARGV)); while ($#ARGV >= 0) { $_ = shift @ARGV; if (/^-e/) { $exact = "&exact=on"; } elsif (/^-s/) { $shorten = 1; } elsif (/^-x/) { $hexify = 1; } elsif (/^-l/) { $list = 1; } elsif (/^-f/) { $fresolve = 1; $list = 1; } elsif (/^-r/) { $rresolve = 1; $list = 1; } elsif (/^-h/) { $hget = 1; } elsif (/-t/) { $stats = 1; } else { if ($hexify) { s/^/0x/ if (! /^0x/); } if ($shorten) { s/^0x......../0x/ if (length == 18); } push @strings, $_; } } # while args &usage("no search strings given") if (!defined(@strings) && !$list && !$stats); # see http://keyserver.kjsl.com/~jharris/keyserver.html for more keyserver info. @servers = ( # pgp.net hosts 'pks:skylane.kjsl.com:11371', # aka wwwkeys.{2,kjsl}.us.pgp.net 'pks:wwwkeys.ch.pgp.net:11371', 'pks:wwwkeys.cz.pgp.net:11371', 'pks:wwwkeys.de.pgp.net:11371', #down 'pks:wwwkeys.dk.pgp.net:11371', 'pks:wwwkeys.es.pgp.net:11371', #'pks:wwwkeys.nl.pgp.net:11371', # old IP, use next name... #gone 'pks:horowitz.surfnet.nl:11371', 'onak:wwwkeys.uk.pgp.net:11371', # aka the.earth.li 'pks:wwwkeys.1.us.pgp.net:11371',# aka wwwkeys.{1,dtype}.us.pgp.net 'SKS:stinkfoot.org:11371', # aka wwwkeys.{3,stinkfoot}.us.pgp.net # SKS, testing 'SKS:keyserver.kjsl.com:21371', #gone 'pks:pgp.mainframe.cx:11371', # more keyservers 'pks:pgp.mit.edu:11371', #down 'pks:pgp.cc.gatech.edu:11371', 'pks:pgp.es.net:11371', 'pks:pgp.rediris.es:11371', 'pks:pgp.nic.ad.jp:11371', 'pks:pgp.uk.demon.net:11371', 'pks:pgp.upb.de:11371', 'pks:keys.iif.hu:11371', 'pks:pgp.escomposlinux.org:11371', 'pks:pgp.eteo.mondragon.edu:11371', #gone 'OKS:www.notwise.net:11371', #gone 'pks:pks.pgp.cz:11371', 'pks:keyserv.nic-se.se:11371', 'pks:pgp.demonserver.de:11371', # pks -> SKS 'SKS:pgp.ael.be:11371', 'SKS:pgp.hpc.unm.edu:11371', 'SKS:ds.carnet.hr:11371', 'SKS:pgp.zdv.uni-mainz.de:11371', 'SKS:keyserver.linux.it:11371', # SKS keyservers 'SKS:sks.dnsalias.net:11371', #down 'SKS:ensemble02.cs.cornell.edu:11371', #down 'SKS:keyserver.bu.edu:11371', 'SKS:sks.keyserver.penguin.de:11371',# aka pgpkeys.tu-bs.de, dupe 'SKS:thedungeon.dnsalias.net:11371', 'SKS:pks.gpg.cz:11371', # aka sks.*.muni.cz 'SKS:polo.dyn.aarg.net:11371', # aka polo.pc.ashlandfiber.net #dupe 'SKS:pgpkeys.tu-bs.de:11371', # aka calvin.lk.etc.tu-bs.de, dupe 'SKS:keys.se.linux.org:11371', 'SKS:keyserver.wetnet.net:11371', 'SKS:keyserver.noreply.org:11371', #gone 'SKS:seppia.noreply.org:21371', # keyserver.noreply.org, 2nd #gone 'SKS:keyserver-old.noreply.org:11371', # old/backup... 'SKS:dannyj.dynip.com:11371', 'SKS:thor.chguernsey.com:11371', 'SKS:pgp.sjbcom.com:11371', 'SKS:keyserver.fabbione.net:11371', 'SKS:keyserver.sane.net:11371', 'SKS:keyserver.hadiko.de:11371', 'SKS:pgp.srv.ualberta.ca:11371', # was pgp.cns.ualberta.ca #'SKS:pyxis.cns.ualberta.ca:21371', # pgp.cns.ualberta.ca, 2nd 'SKS:pgpkeys.telering.at:11371', 'SKS:pgpkeys.pca.dfn.de:11371', 'SKS:misterl.net:11371', 'SKS:keyserver.gurski.org:11371', 'SKS:gpg-keyserver.de:11371', # was sks.nerdcamp.net #gone 'SKS:dafuer.nerdcamp.net:11371', # old/backup... 'SKS:ice.mudshark.org:11371', 'SKS:turing.conostix.com:11371', # aka pgp.lu.gnu.org, dupe 'SKS:www.linux-geeks.de:11371', 'SKS:sks.novasec.es:11371', # aka sks.asociacion-aecsi.es 'SKS:sks.uni-paderborn.de:11371', # experimental #dupe 'SKS:pgp.lu.gnu.org:11371', # aka turing.conostix.com, dupe 'SKS:keyserver.mine.nu:11371', 'SKS:keys.kadath.com.ar:11371', #dupe 'SKS:linux.kadath.com.ar:11371', # now same IP as keys.kadath.com.ar, dupe 'SKS:sks.aculei.net:11371', 'SKS:minsky.surfnet.nl:11371', # aka pgp.surfnet.nl 'SKS:elephant.finux.org:11371', 'SKS:keyserver.afoyi.com:11371', #gone 'SKS:ks.nextgenerationclubs.com.au:11371', # afoyi #2 'SKS:keyserver.stack.nl:11371', # aka 'SKS:keyserver.gletsjer.net:11371', 'SKS:keyserver.rootbash.com:11371', 'SKS:keyserver.sascha.silbe.org:11371', # keyserver.net hosts 'oks:www.keyserver.net:11371', #down 'oks:france.keyserver.net:11371', # aka keyserver.linuxmotor.com #down 'oks:usa.keyserver.net:11371', # aka keyserver2.linuxmotor.com # former keyserver.net hosts 'pks:keyserver.mcbone.net:11371', # aka keyserver.topnet.de, was germany.keyserver.net 'oks:pgp.loxinfo.co.th:11371', # was thailand.keyserver.net # unsynchronized servers 'pks:pgpserv.indstate.edu:11371', # loaded old keydump, no sync address? #down 'unk:pgp.icm.edu.pl:11371', # almost no keys in db, no sync address # curiosities #down 'onak:hell.on.earth.li:11371', 'openpksd:openpksd.org:11371', 'unk:www.keyserver.de:11371', 'unk:pgp.ndlug.nd.edu:11371' # RIP... #down 'keys.pgp.com' # aka keyserver.pgp.com # aka keys.nai.com # aka pgpkeys.mit.edu # aka certserver.pgp.com #down 'ashton.weg.net', # was seattle.keyserver.net ); # if first string is a keyid, assume they all are and add some cryptnet.net/ # cks servers for testing purposes... (they don't support non-keyid, non-get # HKP requests). if ($hexify || (defined $strings[0]) && ($strings[0] =~ /^0x/)) { #down! push @servers, 'CKS:gnv.us.ks.cryptnet.net:11371'; # push @servers, 'www.dtype.org'; # CKS, discontinued # push @servers, 'www.mandrakesecure.net'; # no /pks/ path, no port 11371, only /cks/ path } list(), exit() if $list; $get = "get"; $get = "hget" if ($hget); if ($stats) { $get = "stats"; @strings = ("") if ($#strings == -1); } $search = "&search="; if ($stats) { $search = ""; } foreach $tuple (@servers) { ($type, $server, $port) = split (":", $tuple); die "bad entry: $tuple" if (!defined $type || !defined $server || !defined $port); if ($hget || $stats || ($strings[0] =~ /^0x/)) { next if (($hget || $stats) && ($type ne "SKS")); foreach $string (@strings) { print "http://$server:$port/pks/lookup?op=$get$search$string\n"; } } else { $string = join "%20", @strings; print "http://$server:$port/pks/lookup?op=$get$search$string$exact\n"; } } # foreach server ############################################################################### sub list { $f = ""; $r = ""; foreach $tuple (@servers) { ($type, $server, $port) = split (":", $tuple); die "bad entry: $tuple" if (!defined $type || !defined $server || !defined $port); next if ($stats && ($type ne "SKS")); print $server; $f = `dnsip $server`, chomp $f if ($fresolve || $rresolve); if ($fresolve) { print "\t$f"; } if ($rresolve) { $r = `dnsname $f`; chomp $r; $r = "none" if $r eq ""; print "\t$r"; } print "\n"; } } # list() ############################################################################### sub usage () { local ($msg) = @_; print "usage: $0 [-l] [-f] [-r] || [[-e] [-h] [-s] [-x] ]\n"; print " where: -e == request exact match\n"; print " where: -h == search for a hash (SKS servers only)\n"; print " where: -s == shorten args from long keyids to short keyids\n"; print " where: -t == request stats from SKS servers, or use only SKS servers\n"; print " where: -x == prepend 0x to all arguments\n"; print " where: -l == list server names only\n"; print " where: -f == resolve server names to IP addresses (requires djbdns, implies -l)\n"; print " where: -r == resolve server IP addresses back to names (requires djbdns, implies -l -f)\n"; print "error: $msg\n"; exit (1); } # usage() ###############################################################################