[git] GnuPG - branch, master, updated. gnupg-2.1.15-202-g8ce800d

by Werner Koch cvs at cvs.gnupg.org
Wed Oct 5 14:42:02 CEST 2016 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  8ce800d21919eaaba7ed4f04f712292be310fd66 (commit)
      from  e514a5b725f0c997cef4362808b2778a3faa9cf8 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 8ce800d21919eaaba7ed4f04f712292be310fd66
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Oct 5 14:38:37 2016 +0200

    wks: Send key encrypted as required by draft -02
    
    * tools/gpg-wks-client.c (get_key): Encrypt.
    (encrypt_response): Take care of --fake-submission-addr.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/tools/gpg-wks-client.c b/tools/gpg-wks-client.c
index 4df54cc..7630953 100644
--- a/tools/gpg-wks-client.c
+++ b/tools/gpg-wks-client.c
@@ -112,6 +112,8 @@ const char *fake_submission_addr;
 static void wrong_args (const char *text) GPGRT_ATTR_NORETURN;
 static gpg_error_t command_supported (char *userid);
 static gpg_error_t command_send (const char *fingerprint, char *userid);
+static gpg_error_t encrypt_response (estream_t *r_output, estream_t input,
+                                     const char *addrspec);
 static gpg_error_t read_confirmation_request (estream_t msg);
 static gpg_error_t command_receive_cb (void *opaque,
                                        const char *mediatype, estream_t fp,
@@ -346,6 +348,9 @@ get_key (estream_t *r_key, const char *fingerprint, const char *addrspec)
       log_error ("error allocating memory buffer: %s\n", gpg_strerror (err));
       goto leave;
     }
+  /* Prefix the key with the MIME content type.  */
+  es_fputs ("Content-Type: application/pgp-keys\n"
+            "\n", key);
 
   filterexp = es_bsprintf ("keep-uid=mbox = %s", addrspec);
   if (!filterexp)
@@ -535,6 +540,7 @@ command_send (const char *fingerprint, char *userid)
   KEYDB_SEARCH_DESC desc;
   char *addrspec = NULL;
   estream_t key = NULL;
+  estream_t keyenc = NULL;
   char *submission_to = NULL;
   mime_maker_t mime = NULL;
   struct policy_flags_s policy;
@@ -596,6 +602,15 @@ command_send (const char *fingerprint, char *userid)
   if (policy.auth_submit)
     log_info ("no confirmation required for '%s'\n", addrspec);
 
+  /* Encrypt the key part.  */
+  es_rewind (key);
+  err = encrypt_response (&keyenc, key, submission_to);
+  if (err)
+    goto leave;
+  es_fclose (key);
+  key = NULL;
+
+
   /* Send the key.  */
   err = mime_maker_new (&mime, NULL);
   if (err)
@@ -610,16 +625,33 @@ command_send (const char *fingerprint, char *userid)
   if (err)
     goto leave;
 
-  err = mime_maker_add_header (mime, "Content-type", "application/pgp-keys");
+  /* Tell server that we support draft version 3.  */
+  err = mime_maker_add_header (mime, "Wks-Draft-Version", "3");
   if (err)
     goto leave;
 
-  /* Tell server that we support draft version 3.  */
-  err = mime_maker_add_header (mime, "Wks-Draft-Version", "3");
+  err = mime_maker_add_header (mime, "Content-Type",
+                               "multipart/encrypted; "
+                               "protocol=\"application/pgp-encrypted\"");
+  if (err)
+    goto leave;
+  err = mime_maker_add_container (mime);
   if (err)
     goto leave;
 
-  err = mime_maker_add_stream (mime, &key);
+  err = mime_maker_add_header (mime, "Content-Type",
+                               "application/pgp-encrypted");
+  if (err)
+    goto leave;
+  err = mime_maker_add_body (mime, "Version: 1\n");
+  if (err)
+    goto leave;
+  err = mime_maker_add_header (mime, "Content-Type",
+                               "application/octet-stream");
+  if (err)
+    goto leave;
+
+  err = mime_maker_add_stream (mime, &keyenc);
   if (err)
     goto leave;
 
@@ -628,6 +660,7 @@ command_send (const char *fingerprint, char *userid)
  leave:
   mime_maker_release (mime);
   xfree (submission_to);
+  es_fclose (keyenc);
   es_fclose (key);
   xfree (addrspec);
   return err;
@@ -691,7 +724,10 @@ encrypt_response (estream_t *r_output, estream_t input, const char *addrspec)
   ccparray_put (&ccp, "--status-fd=2");
   ccparray_put (&ccp, "--always-trust");
   ccparray_put (&ccp, "--armor");
-  ccparray_put (&ccp, "--auto-key-locate=clear,wkd,dane,local");
+  if (fake_submission_addr)
+    ccparray_put (&ccp, "--auto-key-locate=clear,local");
+  else
+    ccparray_put (&ccp, "--auto-key-locate=clear,wkd,dane,local");
   ccparray_put (&ccp, "--recipient");
   ccparray_put (&ccp, addrspec);
   ccparray_put (&ccp, "--encrypt");

-----------------------------------------------------------------------

Summary of changes:
 tools/gpg-wks-client.c | 46 +++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 41 insertions(+), 5 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list