[git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.4-30-g1877603

by Werner Koch cvs at cvs.gnupg.org
Tue Feb 20 09:05:53 CET 2018


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, STABLE-BRANCH-2-2 has been updated
       via  1877603761911ea5b1c15f4aef11a2cf86a8682c (commit)
       via  fffefd3c98dfcd2c75c7572c4e6fb32b73de5978 (commit)
      from  7b928c256426c4ff3d2d883c163a9ff2afa221a6 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 1877603761911ea5b1c15f4aef11a2cf86a8682c
Author: Werner Koch <wk at gnupg.org>
Date:   Tue Feb 20 09:00:00 2018 +0100

    wks: Support alternative submission address.
    
    * tools/gpg-wks.h (policy_flags_s): Add field 'submission_address'.
    * tools/wks-util.c (wks_parse_policy): Parse that field.
    (wks_free_policy): New.
    * tools/gpg-wks-client.c (command_send): Also try to take the
    submission-address from the policy file.  Free POLICY.
    * tools/gpg-wks-server.c (process_new_key): Free POLICYBUF.
    (command_list_domains): Free POLICY.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/tools/gpg-wks-client.c b/tools/gpg-wks-client.c
index 73a8a1f..b86491e 100644
--- a/tools/gpg-wks-client.c
+++ b/tools/gpg-wks-client.c
@@ -782,27 +782,19 @@ command_send (const char *fingerprint, const char *userid)
       err = 0;
     }
   else
-    err = wkd_get_submission_address (addrspec, &submission_to);
-  if (err)
-    {
-      log_error (_("error looking up submission address for domain '%s': %s\n"),
-                 domain, gpg_strerror (err));
-      if (gpg_err_code (err) == GPG_ERR_NO_DATA)
-        log_error (_("this domain probably doesn't support WKS.\n"));
-      goto leave;
-    }
-  log_info ("submitting request to '%s'\n", submission_to);
-
-  /* Get the policy flags.  */
-  if (!fake_submission_addr)
     {
+      /* We first try to get the submission address from the policy
+       * file (this is the new method).  If both are available we
+       * check that they match and print a warning if not.  In the
+       * latter case we keep on using the one from the
+       * submission-address file.  */
       estream_t mbuf;
 
       err = wkd_get_policy_flags (addrspec, &mbuf);
       if (err && gpg_err_code (err) != GPG_ERR_NO_DATA)
         {
           log_error ("error reading policy flags for '%s': %s\n",
-                     submission_to, gpg_strerror (err));
+                     domain, gpg_strerror (err));
           goto leave;
         }
       if (mbuf)
@@ -812,8 +804,35 @@ command_send (const char *fingerprint, const char *userid)
           if (err)
             goto leave;
         }
+
+      err = wkd_get_submission_address (addrspec, &submission_to);
+      if (err && !policy.submission_address)
+        {
+          log_error (_("error looking up submission address for domain '%s'"
+                       ": %s\n"), domain, gpg_strerror (err));
+          if (gpg_err_code (err) == GPG_ERR_NO_DATA)
+            log_error (_("this domain probably doesn't support WKS.\n"));
+          goto leave;
+        }
+
+      if (submission_to && policy.submission_address
+          && ascii_strcasecmp (submission_to, policy.submission_address))
+        log_info ("Warning: different submission addresses (sa=%s, po=%s)\n",
+                  submission_to, policy.submission_address);
+
+      if (!submission_to)
+        {
+          submission_to = xtrystrdup (policy.submission_address);
+          if (!submission_to)
+            {
+              err = gpg_error_from_syserror ();
+              goto leave;
+            }
+        }
     }
 
+  log_info ("submitting request to '%s'\n", submission_to);
+
   if (policy.auth_submit)
     log_info ("no confirmation required for '%s'\n", addrspec);
 
@@ -1002,6 +1021,7 @@ command_send (const char *fingerprint, const char *userid)
   free_uidinfo_list (uidlist);
   es_fclose (keyenc);
   es_fclose (key);
+  wks_free_policy (&policy);
   xfree (addrspec);
   return err;
 }
diff --git a/tools/gpg-wks-server.c b/tools/gpg-wks-server.c
index 0b1d642..008c266 100644
--- a/tools/gpg-wks-server.c
+++ b/tools/gpg-wks-server.c
@@ -1135,6 +1135,8 @@ process_new_key (server_ctx_t ctx, estream_t key)
   char *fname = NULL;
   struct policy_flags_s policybuf;
 
+  memset (&policybuf, 0, sizeof policybuf);
+
   /* First figure out the user id from the key.  */
   xfree (ctx->fpr);
   free_uidinfo_list (ctx->mboxes);
@@ -1206,6 +1208,7 @@ process_new_key (server_ctx_t ctx, estream_t key)
   xfree (nonce);
   xfree (fname);
   xfree (dname);
+  wks_free_policy (&policybuf);
   return err;
 }
 
@@ -1897,6 +1900,7 @@ command_list_domains (void)
               if (!memcmp (&empty_policy, &policy, sizeof policy))
                 log_error ("domain %s: empty policy file\n", domain);
             }
+          wks_free_policy (&policy);
         }
 
 
diff --git a/tools/gpg-wks.h b/tools/gpg-wks.h
index ece7add..1522b72 100644
--- a/tools/gpg-wks.h
+++ b/tools/gpg-wks.h
@@ -60,6 +60,7 @@ struct
 /* The parsed policy flags. */
 struct policy_flags_s
 {
+  char *submission_address;
   unsigned int mailbox_only : 1;
   unsigned int dane_only : 1;
   unsigned int auth_submit : 1;
@@ -92,6 +93,7 @@ gpg_error_t wks_filter_uid (estream_t *r_newkey, estream_t key,
 gpg_error_t wks_send_mime (mime_maker_t mime);
 gpg_error_t wks_parse_policy (policy_flags_t flags, estream_t stream,
                               int ignore_unknown);
+void wks_free_policy (policy_flags_t policy);
 
 /*-- wks-receive.c --*/
 
diff --git a/tools/wks-util.c b/tools/wks-util.c
index 889ca36..9c0f489 100644
--- a/tools/wks-util.c
+++ b/tools/wks-util.c
@@ -443,6 +443,7 @@ gpg_error_t
 wks_parse_policy (policy_flags_t flags, estream_t stream, int ignore_unknown)
 {
   enum tokens {
+    TOK_SUBMISSION_ADDRESS,
     TOK_MAILBOX_ONLY,
     TOK_DANE_ONLY,
     TOK_AUTH_SUBMIT,
@@ -453,6 +454,7 @@ wks_parse_policy (policy_flags_t flags, estream_t stream, int ignore_unknown)
     const char *name;
     enum tokens token;
   } keywords[] = {
+    { "submission-address", TOK_SUBMISSION_ADDRESS },
     { "mailbox-only", TOK_MAILBOX_ONLY },
     { "dane-only",    TOK_DANE_ONLY    },
     { "auth-submit",  TOK_AUTH_SUBMIT  },
@@ -519,6 +521,20 @@ wks_parse_policy (policy_flags_t flags, estream_t stream, int ignore_unknown)
 
       switch (keywords[i].token)
         {
+        case TOK_SUBMISSION_ADDRESS:
+          if (!value || !*value)
+            {
+              err = gpg_error (GPG_ERR_SYNTAX);
+              goto leave;
+            }
+          xfree (flags->submission_address);
+          flags->submission_address = xtrystrdup (value);
+          if (!flags->submission_address)
+            {
+              err = gpg_error_from_syserror ();
+              goto leave;
+            }
+          break;
         case TOK_MAILBOX_ONLY: flags->mailbox_only = 1; break;
         case TOK_DANE_ONLY:    flags->dane_only = 1;    break;
         case TOK_AUTH_SUBMIT:  flags->auth_submit = 1;  break;
@@ -553,3 +569,14 @@ wks_parse_policy (policy_flags_t flags, estream_t stream, int ignore_unknown)
 
   return err;
 }
+
+
+void
+wks_free_policy (policy_flags_t policy)
+{
+  if (policy)
+    {
+      xfree (policy->submission_address);
+      memset (policy, 0, sizeof *policy);
+    }
+}

commit fffefd3c98dfcd2c75c7572c4e6fb32b73de5978
Author: Werner Koch <wk at gnupg.org>
Date:   Tue Feb 20 08:57:28 2018 +0100

    speedo: Use --enable-wks-tools for non-W32 builds.
    
    --
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/build-aux/speedo.mk b/build-aux/speedo.mk
index ce338dd..320d440 100644
--- a/build-aux/speedo.mk
+++ b/build-aux/speedo.mk
@@ -502,7 +502,7 @@ speedo_pkg_gnupg_configure = \
         --disable-g13 --enable-ntbtls \
         --enable-build-timestamp
 else
-speedo_pkg_gnupg_configure = --disable-g13
+speedo_pkg_gnupg_configure = --disable-g13 --enable-wks-tools
 endif
 speedo_pkg_gnupg_extracflags = -g
 

-----------------------------------------------------------------------

Summary of changes:
 build-aux/speedo.mk    |  2 +-
 tools/gpg-wks-client.c | 48 ++++++++++++++++++++++++++++++++++--------------
 tools/gpg-wks-server.c |  4 ++++
 tools/gpg-wks.h        |  2 ++
 tools/wks-util.c       | 27 +++++++++++++++++++++++++++
 5 files changed, 68 insertions(+), 15 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org




More information about the Gnupg-commits mailing list