[git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.0-7-g8b5a247
by Werner Koch
cvs at cvs.gnupg.org
Tue Sep 12 14:45:26 CEST 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via 8b5a2474f21dd4f1aa2a283e2f57d75e42742af5 (commit)
via c65a7bba7331975d20910f90cf648b6ecc5410f0 (commit)
via 7d15ee88980f88ca62fc7de9492dd08e54d0f0f1 (commit)
from a172759b5088ae086c0caa2e7d4d0ea346b28a90 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 8b5a2474f21dd4f1aa2a283e2f57d75e42742af5
Author: Werner Koch <wk at gnupg.org>
Date: Tue Sep 12 14:38:44 2017 +0200
gpg: Fix "Fix key generation with only an email part".
* g10/keygen.c (proc_parameter_file): Don't check the result of
stpcpy.
--
Fixes-commit: 7089dcc54099a4909ce7d386c07ab87e1398e2eb
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/keygen.c b/g10/keygen.c
index 08bc621..2b17a1e 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -3533,7 +3533,7 @@ proc_parameter_file (ctrl_t ctrl, struct para_data_s *para, const char *fname,
{
/* If we have only the email part, do not add the space
* and the angle brackets. */
- if (*p)
+ if (*r->u.value)
p = stpcpy(stpcpy(stpcpy(p," <"), s3 ),">");
else
p = stpcpy (p, s3);
commit c65a7bba7331975d20910f90cf648b6ecc5410f0
Author: Werner Koch <wk at gnupg.org>
Date: Tue Sep 12 14:32:29 2017 +0200
wks: Use unencrypted draft-1 mode for posteo.de
* tools/gpg-wks-client.c (command_send): Allow sending in draft-1
mode.
--
Obviously Posteo did not implement the current draft and thus it was
not possible to send a request to them. This hack uses the old method
for posteo.de. Not sending it encrypted is okay here because they use
authenticated sending anyway.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/tools/gpg-wks-client.c b/tools/gpg-wks-client.c
index 594f28a..5b98de4 100644
--- a/tools/gpg-wks-client.c
+++ b/tools/gpg-wks-client.c
@@ -349,10 +349,7 @@ get_key_status_cb (void *opaque, const char *keyword, char *args)
/* Get a key by fingerprint from gpg's keyring and make sure that the
* mail address ADDRSPEC is included in the key. The key is returned
- * as a new memory stream at R_KEY.
- *
- * Fixme: After we have implemented import and export filters for gpg
- * this function shall only return a key with just this user id. */
+ * as a new memory stream at R_KEY. */
static gpg_error_t
get_key (estream_t *r_key, const char *fingerprint, const char *addrspec)
{
@@ -695,6 +692,8 @@ command_send (const char *fingerprint, char *userid)
char *submission_to = NULL;
mime_maker_t mime = NULL;
struct policy_flags_s policy;
+ int no_encrypt = 0;
+ const char *domain;
memset (&policy, 0, sizeof policy);
@@ -717,6 +716,10 @@ command_send (const char *fingerprint, char *userid)
if (err)
goto leave;
+ domain = strchr (addrspec, '@');
+ log_assert (domain);
+ domain++;
+
/* Get the submission address. */
if (fake_submission_addr)
{
@@ -727,11 +730,8 @@ command_send (const char *fingerprint, char *userid)
err = wkd_get_submission_address (addrspec, &submission_to);
if (err)
{
- char *domain = strchr (addrspec, '@');
- if (domain)
- domain = domain + 1;
- log_error (_("looking up WKS submission address for %s: %s\n"),
- domain ? domain : addrspec, gpg_strerror (err));
+ log_error (_("error looking up submission address for domain '%s': %s\n"),
+ domain, gpg_strerror (err));
if (gpg_err_code (err) == GPG_ERR_NO_DATA)
log_error (_("this domain probably doesn't support WKS.\n"));
goto leave;
@@ -762,14 +762,23 @@ command_send (const char *fingerprint, char *userid)
if (policy.auth_submit)
log_info ("no confirmation required for '%s'\n", addrspec);
- /* Encrypt the key part. */
- es_rewind (key);
- err = encrypt_response (&keyenc, key, submission_to, fingerprint);
- if (err)
- goto leave;
- es_fclose (key);
- key = NULL;
+ /* Hack to support old providers. */
+ if (policy.auth_submit && !ascii_strcasecmp (domain, "posteo.de"))
+ {
+ log_info ("Warning: Using draft-1 method for domain '%s'\n", domain);
+ no_encrypt = 1;
+ }
+ /* Encrypt the key part. */
+ if (!no_encrypt)
+ {
+ es_rewind (key);
+ err = encrypt_response (&keyenc, key, submission_to, fingerprint);
+ if (err)
+ goto leave;
+ es_fclose (key);
+ key = NULL;
+ }
/* Send the key. */
err = mime_maker_new (&mime, NULL);
@@ -787,34 +796,67 @@ command_send (const char *fingerprint, char *userid)
/* Tell server which draft we support. */
err = mime_maker_add_header (mime, "Wks-Draft-Version",
- STR2(WKS_DRAFT_VERSION));
+ STR2(WKS_DRAFT_VERSION));
if (err)
goto leave;
- err = mime_maker_add_header (mime, "Content-Type",
- "multipart/encrypted; "
- "protocol=\"application/pgp-encrypted\"");
- if (err)
- goto leave;
- err = mime_maker_add_container (mime);
- if (err)
- goto leave;
+ if (no_encrypt)
+ {
+ void *data;
+ size_t datalen, n;
- err = mime_maker_add_header (mime, "Content-Type",
- "application/pgp-encrypted");
- if (err)
- goto leave;
- err = mime_maker_add_body (mime, "Version: 1\n");
- if (err)
- goto leave;
- err = mime_maker_add_header (mime, "Content-Type",
- "application/octet-stream");
- if (err)
- goto leave;
+ err = mime_maker_add_header (mime, "Content-type",
+ "application/pgp-keys");
+ if (err)
+ goto leave;
- err = mime_maker_add_stream (mime, &keyenc);
- if (err)
- goto leave;
+ if (es_fclose_snatch (key, &data, &datalen))
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+ key = NULL;
+ /* We need to skip over the first line which has a content-type
+ * header not needed here. */
+ for (n=0; n < datalen ; n++)
+ if (((const char *)data)[n] == '\n')
+ {
+ n++;
+ break;
+ }
+
+ err = mime_maker_add_body_data (mime, (char*)data + n, datalen - n);
+ xfree (data);
+ if (err)
+ goto leave;
+ }
+ else
+ {
+ err = mime_maker_add_header (mime, "Content-Type",
+ "multipart/encrypted; "
+ "protocol=\"application/pgp-encrypted\"");
+ if (err)
+ goto leave;
+ err = mime_maker_add_container (mime);
+ if (err)
+ goto leave;
+
+ err = mime_maker_add_header (mime, "Content-Type",
+ "application/pgp-encrypted");
+ if (err)
+ goto leave;
+ err = mime_maker_add_body (mime, "Version: 1\n");
+ if (err)
+ goto leave;
+ err = mime_maker_add_header (mime, "Content-Type",
+ "application/octet-stream");
+ if (err)
+ goto leave;
+
+ err = mime_maker_add_stream (mime, &keyenc);
+ if (err)
+ goto leave;
+ }
err = wks_send_mime (mime);
commit 7d15ee88980f88ca62fc7de9492dd08e54d0f0f1
Author: Werner Koch <wk at gnupg.org>
Date: Tue Sep 12 14:29:04 2017 +0200
tools: New function mime_maker_add_body_data.
* tools/mime-maker.c (mime_maker_add_body_data): New.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/tools/mime-maker.c b/tools/mime-maker.c
index d1241f3..0edc14d 100644
--- a/tools/mime-maker.c
+++ b/tools/mime-maker.c
@@ -478,7 +478,8 @@ add_body (mime_maker_t ctx, const void *data, size_t datalen)
/* Add STRING as body to the mail or the current MIME container. A
- * second call to this function is not allowed.
+ * second call to this function or mime_make_add_body_data is not
+ * allowed.
*
* FIXME: We may want to have an append_body to add more data to a body.
*/
@@ -489,6 +490,16 @@ mime_maker_add_body (mime_maker_t ctx, const char *string)
}
+/* Add (DATA,DATALEN) as body to the mail or the current MIME
+ * container. Note that a second call to this function or to
+ * mime_make_add_body is not allowed. */
+gpg_error_t
+mime_maker_add_body_data (mime_maker_t ctx, const void *data, size_t datalen)
+{
+ return add_body (ctx, data, datalen);
+}
+
+
/* This is the same as mime_maker_add_body but takes a stream as
* argument. As of now the stream is copied to the MIME object but
* eventually we may delay that and read the stream only at the time
diff --git a/tools/mime-maker.h b/tools/mime-maker.h
index f2a76cd..c0ddaea 100644
--- a/tools/mime-maker.h
+++ b/tools/mime-maker.h
@@ -34,6 +34,8 @@ void mime_maker_dump_tree (mime_maker_t ctx);
gpg_error_t mime_maker_add_header (mime_maker_t ctx,
const char *name, const char *value);
gpg_error_t mime_maker_add_body (mime_maker_t ctx, const char *string);
+gpg_error_t mime_maker_add_body_data (mime_maker_t ctx,
+ const void *data, size_t datalen);
gpg_error_t mime_maker_add_stream (mime_maker_t ctx, estream_t *stream_addr);
gpg_error_t mime_maker_add_container (mime_maker_t ctx);
gpg_error_t mime_maker_end_container (mime_maker_t ctx);
-----------------------------------------------------------------------
Summary of changes:
g10/keygen.c | 2 +-
tools/gpg-wks-client.c | 120 +++++++++++++++++++++++++++++++++----------------
tools/mime-maker.c | 13 +++++-
tools/mime-maker.h | 2 +
4 files changed, 96 insertions(+), 41 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list