[git] GnuPG - branch, master, updated. gnupg-2.1.15-35-g04c042f

by Werner Koch cvs at cvs.gnupg.org
Wed Aug 31 19:16:15 CEST 2016 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  04c042f3f2a631bc6e772c33f8da5e7aa7b1902a (commit)
       via  e4eac16330449f3893c11820c15e07d58fb807ff (commit)
      from  edfb6934caf16c6afcfd82d684d8ae9c79674d10 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 04c042f3f2a631bc6e772c33f8da5e7aa7b1902a
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Aug 31 18:54:09 2016 +0200

    wks: Send a final message to the user.
    
    * tools/gpg-wks-server.c (send_congratulation_message): New.
    (check_and_publish): Call it.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/tools/gpg-wks-server.c b/tools/gpg-wks-server.c
index b4d96b5..221db05 100644
--- a/tools/gpg-wks-server.c
+++ b/tools/gpg-wks-server.c
@@ -1065,6 +1065,124 @@ process_new_key (server_ctx_t ctx, estream_t key)
 
 
 

+/* Send a message to tell the user at MBOX that their key has been
+ * published.  FNAME the name of the file with the key.  */
+static gpg_error_t
+send_congratulation_message (const char *mbox, const char *keyfile)
+{
+  gpg_error_t err;
+  estream_t body = NULL;
+  estream_t bodyenc = NULL;
+  mime_maker_t mime = NULL;
+  char *from_buffer = NULL;
+  const char *from;
+  strlist_t sl;
+
+  from = from_buffer = get_submission_address (mbox);
+  if (!from)
+    {
+      from = opt.default_from;
+      if (!from)
+        {
+          log_error ("no sender address found for '%s'\n", mbox);
+          err = gpg_error (GPG_ERR_CONFIGURATION);
+          goto leave;
+        }
+      log_info ("Note: using default sender address '%s'\n", from);
+    }
+
+  body = es_fopenmem (0, "w+b");
+  if (!body)
+    {
+      err = gpg_error_from_syserror ();
+      log_error ("error allocating memory buffer: %s\n", gpg_strerror (err));
+      goto leave;
+    }
+  /* It is fine to use 8 bit encoding because that is encrypted and
+   * only our client will see it.  */
+  es_fputs ("Content-Type: text/plain; charset=utf-8\n"
+            "Content-Transfer-Encoding: 8bit\n"
+            "\n",
+            body);
+
+  es_fprintf (body,
+              "Hello!\n\n"
+              "The key for your address '%s' has been published\n"
+              "and can now be retrieved from the Web Key Directory.\n"
+              "\n"
+              "For more information on this system see:\n"
+              "\n"
+              "  https://gnupg.org/faq/wkd.html\n"
+              "\n"
+              "Best regards\n"
+              "\n"
+              "  Gnu Key Publisher\n\n\n"
+              "-- \n"
+              "The GnuPG Project welcomes donations: %s\n",
+              mbox, "https://gnupg.org/donate");
+
+  es_rewind (body);
+  err = encrypt_stream (&bodyenc, body, keyfile);
+  if (err)
+    goto leave;
+  es_fclose (body);
+  body = NULL;
+
+  err = mime_maker_new (&mime, NULL);
+  if (err)
+    goto leave;
+  err = mime_maker_add_header (mime, "From", from);
+  if (err)
+    goto leave;
+  err = mime_maker_add_header (mime, "To", mbox);
+  if (err)
+    goto leave;
+  err = mime_maker_add_header (mime, "Subject", "Your key has been published");
+  if (err)
+    goto leave;
+  for (sl = opt.extra_headers; sl; sl = sl->next)
+    {
+      err = mime_maker_add_header (mime, sl->d, NULL);
+      if (err)
+        goto leave;
+    }
+
+  err = mime_maker_add_header (mime, "Content-Type",
+                               "multipart/encrypted; "
+                               "protocol=\"application/pgp-encrypted\"");
+  if (err)
+    goto leave;
+  err = mime_maker_add_container (mime, "multipart/encrypted");
+  if (err)
+    goto leave;
+
+  err = mime_maker_add_header (mime, "Content-Type",
+                               "application/pgp-encrypted");
+  if (err)
+    goto leave;
+  err = mime_maker_add_body (mime, "Version: 1\n");
+  if (err)
+    goto leave;
+  err = mime_maker_add_header (mime, "Content-Type",
+                               "application/octet-stream");
+  if (err)
+    goto leave;
+
+  err = mime_maker_add_stream (mime, &bodyenc);
+  if (err)
+    goto leave;
+
+  err = wks_send_mime (mime);
+
+ leave:
+  mime_maker_release (mime);
+  es_fclose (bodyenc);
+  es_fclose (body);
+  xfree (from_buffer);
+  return err;
+}
+
+
 /* Check that we have send a request with NONCE and publish the key.  */
 static gpg_error_t
 check_and_publish (server_ctx_t ctx, const char *address, const char *nonce)
@@ -1170,7 +1288,7 @@ check_and_publish (server_ctx_t ctx, const char *address, const char *nonce)
     }
 
   log_info ("key %s published for '%s'\n", ctx->fpr, address);
-
+  send_congratulation_message (address, fnewname);
 
   /* Try to publish as DANE record if the DANE directory exists.  */
   xfree (fname);
@@ -1207,7 +1325,6 @@ check_and_publish (server_ctx_t ctx, const char *address, const char *nonce)
       log_info ("key %s published for '%s' (DANE record)\n", ctx->fpr, address);
     }
 
-
  leave:
   es_fclose (key);
   xfree (hash);

commit e4eac16330449f3893c11820c15e07d58fb807ff
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Aug 31 16:39:55 2016 +0200

    wks: Relax permission check for the top directory.
    
    * tools/gpg-wks-server.c: Allow S_IXOTH for the top directory.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/tools/gpg-wks-server.c b/tools/gpg-wks-server.c
index e872824..b4d96b5 100644
--- a/tools/gpg-wks-server.c
+++ b/tools/gpg-wks-server.c
@@ -17,7 +17,7 @@
  * along with this program; if not, see <http://www.gnu.org/licenses/>.
  */
 
-/* The Web Key Service I-D defines an update protocol to stpre a
+/* The Web Key Service I-D defines an update protocol to store a
  * public key in the Web Key Directory.  The current specification is
  * draft-koch-openpgp-webkey-service-01.txt.
  */
@@ -302,7 +302,7 @@ main (int argc, char **argv)
         log_error ("directory '%s' not owned by user\n", opt.directory);
         exit (2);
       }
-    if ((sb.st_mode & S_IRWXO))
+    if ((sb.st_mode & (S_IROTH|S_IWOTH)))
       {
         log_error ("directory '%s' has too relaxed permissions\n",
                    opt.directory);
@@ -878,7 +878,7 @@ store_key_as_pending (const char *dir, estream_t key,
 }
 
 
-/* Send a confirmation rewqyest.  DIR is the directory used for the
+/* Send a confirmation request.  DIR is the directory used for the
  * address MBOX.  NONCE is the nonce we want to see in the response to
  * this mail.  FNAME the name of the file with the key.  */
 static gpg_error_t

-----------------------------------------------------------------------

Summary of changes:
 tools/gpg-wks-server.c | 127 +++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 122 insertions(+), 5 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list