aboutsummaryrefslogtreecommitdiffstats
path: root/tools/gpg-wks-server.c
diff options
context:
space:
mode:
Diffstat (limited to 'tools/gpg-wks-server.c')
-rw-r--r--tools/gpg-wks-server.c351
1 files changed, 29 insertions, 322 deletions
diff --git a/tools/gpg-wks-server.c b/tools/gpg-wks-server.c
index a5881557f..f83ef6528 100644
--- a/tools/gpg-wks-server.c
+++ b/tools/gpg-wks-server.c
@@ -58,6 +58,7 @@ enum cmd_and_opt_values
oQuiet = 'q',
oVerbose = 'v',
oOutput = 'o',
+ oDirectory = 'C',
oDebug = 500,
@@ -108,6 +109,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oGpgProgram, "gpg", "@"),
ARGPARSE_s_n (oSend, "send", "send the mail using sendmail"),
ARGPARSE_s_s (oOutput, "output", "|FILE|write the mail to FILE"),
+ ARGPARSE_s_s (oDirectory, "directory", "|DIR|use DIR as top directory"),
ARGPARSE_s_s (oFrom, "from", "|ADDR|use ADDR as the default sender"),
ARGPARSE_s_s (oHeader, "header" ,
"|NAME=VALUE|add \"NAME: VALUE\" as header to all mails"),
@@ -155,8 +157,6 @@ static gpg_error_t command_receive_cb (void *opaque,
const char *mediatype, estream_t fp,
unsigned int flags);
static gpg_error_t command_list_domains (void);
-static gpg_error_t command_install_key (const char *fname, const char *userid);
-static gpg_error_t command_remove_key (const char *mailaddr);
static gpg_error_t command_revoke_key (const char *mailaddr);
static gpg_error_t command_check_key (const char *mailaddr);
static gpg_error_t command_cron (void);
@@ -225,6 +225,9 @@ parse_arguments (ARGPARSE_ARGS *pargs, ARGPARSE_OPTS *popts)
case oGpgProgram:
opt.gpg_program = pargs->r.ret_str;
break;
+ case oDirectory:
+ opt.directory = pargs->r.ret_str;
+ break;
case oFrom:
opt.default_from = pargs->r.ret_str;
break;
@@ -350,6 +353,7 @@ main (int argc, char **argv)
{
log_error ("directory '%s' has too relaxed permissions\n",
opt.directory);
+ log_info ("Fix by running: chmod o-rw '%s'\n", opt.directory);
exit (2);
}
}
@@ -377,15 +381,18 @@ main (int argc, char **argv)
break;
case aInstallKey:
- if (argc != 2)
- wrong_args ("--install-key FILE USER-ID");
- err = command_install_key (*argv, argv[1]);
+ if (!argc)
+ err = wks_cmd_install_key (NULL, NULL);
+ else if (argc == 2)
+ err = wks_cmd_install_key (*argv, argv[1]);
+ else
+ wrong_args ("--install-key [FILE|FINGERPRINT USER-ID]");
break;
case aRemoveKey:
if (argc != 1)
wrong_args ("--remove-key USER-ID");
- err = command_remove_key (*argv);
+ err = wks_cmd_remove_key (*argv);
break;
case aRevokeKey:
@@ -579,6 +586,7 @@ encrypt_stream (estream_t *r_output, estream_t input, const char *keyfile)
ccparray_put (&ccp, "--always-trust");
ccparray_put (&ccp, "--no-keyring");
ccparray_put (&ccp, "--armor");
+ ccparray_put (&ccp, "-z0"); /* No compression for improved robustness. */
ccparray_put (&ccp, "--recipient-file");
ccparray_put (&ccp, keyfile);
ccparray_put (&ccp, "--encrypt");
@@ -1340,81 +1348,6 @@ send_congratulation_message (const char *mbox, const char *keyfile)
}
-/* Write the content of SRC to the new file FNAME. */
-static gpg_error_t
-write_to_file (estream_t src, const char *fname)
-{
- gpg_error_t err;
- estream_t dst;
- char buffer[4096];
- size_t nread, written;
-
- dst = es_fopen (fname, "wb");
- if (!dst)
- return gpg_error_from_syserror ();
-
- do
- {
- nread = es_fread (buffer, 1, sizeof buffer, src);
- if (!nread)
- break;
- written = es_fwrite (buffer, 1, nread, dst);
- if (written != nread)
- break;
- }
- while (!es_feof (src) && !es_ferror (src) && !es_ferror (dst));
- if (!es_feof (src) || es_ferror (src) || es_ferror (dst))
- {
- err = gpg_error_from_syserror ();
- es_fclose (dst);
- gnupg_remove (fname);
- return err;
- }
-
- if (es_fclose (dst))
- {
- err = gpg_error_from_syserror ();
- log_error ("error closing '%s': %s\n", fname, gpg_strerror (err));
- return err;
- }
-
- return 0;
-}
-
-
-/* Compute the the full file name for the key with ADDRSPEC and return
- * it at R_FNAME. */
-static gpg_error_t
-compute_hu_fname (char **r_fname, const char *addrspec)
-{
- gpg_error_t err;
- char *hash;
- const char *domain;
- char sha1buf[20];
-
- *r_fname = NULL;
-
- domain = strchr (addrspec, '@');
- if (!domain || !domain[1] || domain == addrspec)
- return gpg_error (GPG_ERR_INV_ARG);
- domain++;
-
- gcry_md_hash_buffer (GCRY_MD_SHA1, sha1buf, addrspec, domain - addrspec - 1);
- hash = zb32_encode (sha1buf, 8*20);
- if (!hash)
- return gpg_error_from_syserror ();
-
- *r_fname = make_filename_try (opt.directory, domain, "hu", hash, NULL);
- if (!*r_fname)
- err = gpg_error_from_syserror ();
- else
- err = 0;
-
- xfree (hash);
- return err;
-}
-
-
/* Check that we have send a request with NONCE and publish the key. */
static gpg_error_t
check_and_publish (server_ctx_t ctx, const char *address, const char *nonce)
@@ -1489,7 +1422,7 @@ check_and_publish (server_ctx_t ctx, const char *address, const char *nonce)
}
/* Hash user ID and create filename. */
- err = compute_hu_fname (&fnewname, address);
+ err = wks_compute_hu_fname (&fnewname, address);
if (err)
goto leave;
@@ -1667,7 +1600,7 @@ command_receive_cb (void *opaque, const char *mediatype,
-/* Return a list of all configured domains. ECh list element is the
+/* Return a list of all configured domains. Each list element is the
* top directory for the domain. To figure out the actual domain
* name strrchr(name, '/') can be used. */
static gpg_error_t
@@ -1946,7 +1879,17 @@ command_list_domains (void)
if (!fp)
{
err = gpg_error_from_syserror ();
- if (gpg_err_code (err) != GPG_ERR_ENOENT)
+ if (gpg_err_code (err) == GPG_ERR_ENOENT)
+ {
+ fp = es_fopen (fname, "w");
+ if (!fp)
+ log_error ("domain %s: can't create policy file: %s\n",
+ domain, gpg_strerror (err));
+ else
+ es_fclose (fp);
+ fp = NULL;
+ }
+ else
log_error ("domain %s: error in policy file: %s\n",
domain, gpg_strerror (err));
}
@@ -1955,17 +1898,8 @@ command_list_domains (void)
struct policy_flags_s policy;
err = wks_parse_policy (&policy, fp, 0);
es_fclose (fp);
- if (!err)
- {
- struct policy_flags_s empty_policy;
- memset (&empty_policy, 0, sizeof empty_policy);
- if (!memcmp (&empty_policy, &policy, sizeof policy))
- log_error ("domain %s: empty policy file\n", domain);
- }
wks_free_policy (&policy);
}
-
-
}
err = 0;
@@ -1997,195 +1931,6 @@ command_cron (void)
}
-/* Install a single key into the WKD by reading FNAME and extracting
- * USERID. */
-static gpg_error_t
-command_install_key (const char *fname, const char *userid)
-{
- gpg_error_t err;
- KEYDB_SEARCH_DESC desc;
- estream_t fp = NULL;
- char *addrspec = NULL;
- char *fpr = NULL;
- uidinfo_list_t uidlist = NULL;
- uidinfo_list_t uid, thisuid;
- time_t thistime;
- char *huname = NULL;
- int any;
-
- addrspec = mailbox_from_userid (userid);
- if (!addrspec)
- {
- log_error ("\"%s\" is not a proper mail address\n", userid);
- err = gpg_error (GPG_ERR_INV_USER_ID);
- goto leave;
- }
-
- if (!classify_user_id (fname, &desc, 1)
- && (desc.mode == KEYDB_SEARCH_MODE_FPR
- || desc.mode == KEYDB_SEARCH_MODE_FPR20))
- {
- /* FNAME looks like a fingerprint. Get the key from the
- * standard keyring. */
- err = wks_get_key (&fp, fname, addrspec, 0);
- if (err)
- {
- log_error ("error getting key '%s' (uid='%s'): %s\n",
- fname, addrspec, gpg_strerror (err));
- goto leave;
- }
- }
- else /* Take it from the file */
- {
- fp = es_fopen (fname, "rb");
- if (!fp)
- {
- err = gpg_error_from_syserror ();
- log_error ("error reading '%s': %s\n", fname, gpg_strerror (err));
- goto leave;
- }
- }
-
- /* List the key so that we can figure out the newest UID with the
- * requested addrspec. */
- err = wks_list_key (fp, &fpr, &uidlist);
- if (err)
- {
- log_error ("error parsing key: %s\n", gpg_strerror (err));
- err = gpg_error (GPG_ERR_NO_PUBKEY);
- goto leave;
- }
- thistime = 0;
- thisuid = NULL;
- any = 0;
- for (uid = uidlist; uid; uid = uid->next)
- {
- if (!uid->mbox)
- continue; /* Should not happen anyway. */
- if (ascii_strcasecmp (uid->mbox, addrspec))
- continue; /* Not the requested addrspec. */
- any = 1;
- if (uid->created > thistime)
- {
- thistime = uid->created;
- thisuid = uid;
- }
- }
- if (!thisuid)
- thisuid = uidlist; /* This is the case for a missing timestamp. */
- if (!any)
- {
- log_error ("public key in '%s' has no mail address '%s'\n",
- fname, addrspec);
- err = gpg_error (GPG_ERR_INV_USER_ID);
- goto leave;
- }
-
- if (opt.verbose)
- log_info ("using key with user id '%s'\n", thisuid->uid);
-
- {
- estream_t fp2;
-
- es_rewind (fp);
- err = wks_filter_uid (&fp2, fp, thisuid->uid, 1);
- if (err)
- {
- log_error ("error filtering key: %s\n", gpg_strerror (err));
- err = gpg_error (GPG_ERR_NO_PUBKEY);
- goto leave;
- }
- es_fclose (fp);
- fp = fp2;
- }
-
- /* Hash user ID and create filename. */
- err = compute_hu_fname (&huname, addrspec);
- if (err)
- goto leave;
-
- /* Publish. */
- err = write_to_file (fp, huname);
- if (err)
- {
- log_error ("copying key to '%s' failed: %s\n", huname,gpg_strerror (err));
- goto leave;
- }
-
- /* Make sure it is world readable. */
- if (gnupg_chmod (huname, "-rwxr--r--"))
- log_error ("can't set permissions of '%s': %s\n",
- huname, gpg_strerror (gpg_err_code_from_syserror()));
-
- if (!opt.quiet)
- log_info ("key %s published for '%s'\n", fpr, addrspec);
-
- leave:
- xfree (huname);
- free_uidinfo_list (uidlist);
- xfree (fpr);
- xfree (addrspec);
- es_fclose (fp);
- return err;
-}
-
-
-/* Return the filename and optionally the addrspec for USERID at
- * R_FNAME and R_ADDRSPEC. R_ADDRSPEC might also be set on error. */
-static gpg_error_t
-fname_from_userid (const char *userid, char **r_fname, char **r_addrspec)
-{
- gpg_error_t err;
- char *addrspec = NULL;
- const char *domain;
- char *hash = NULL;
- const char *s;
- char shaxbuf[32]; /* Used for SHA-1 and SHA-256 */
-
- *r_fname = NULL;
- if (r_addrspec)
- *r_addrspec = NULL;
-
- addrspec = mailbox_from_userid (userid);
- if (!addrspec)
- {
- if (opt.verbose)
- log_info ("\"%s\" is not a proper mail address\n", userid);
- err = gpg_error (GPG_ERR_INV_USER_ID);
- goto leave;
- }
-
- domain = strchr (addrspec, '@');
- log_assert (domain);
- domain++;
-
- /* Hash user ID and create filename. */
- s = strchr (addrspec, '@');
- log_assert (s);
- gcry_md_hash_buffer (GCRY_MD_SHA1, shaxbuf, addrspec, s - addrspec);
- hash = zb32_encode (shaxbuf, 8*20);
- if (!hash)
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
-
- *r_fname = make_filename_try (opt.directory, domain, "hu", hash, NULL);
- if (!*r_fname)
- err = gpg_error_from_syserror ();
- else
- err = 0;
-
- leave:
- if (r_addrspec && addrspec)
- *r_addrspec = addrspec;
- else
- xfree (addrspec);
- xfree (hash);
- return err;
-}
-
-
/* Check whether the key with USER_ID is installed. */
static gpg_error_t
command_check_key (const char *userid)
@@ -2194,7 +1939,7 @@ command_check_key (const char *userid)
char *addrspec = NULL;
char *fname = NULL;
- err = fname_from_userid (userid, &fname, &addrspec);
+ err = wks_fname_from_userid (userid, &fname, &addrspec);
if (err)
goto leave;
@@ -2229,49 +1974,11 @@ command_check_key (const char *userid)
}
-/* Remove the key with mail address in USERID. */
-static gpg_error_t
-command_remove_key (const char *userid)
-{
- gpg_error_t err;
- char *addrspec = NULL;
- char *fname = NULL;
-
- err = fname_from_userid (userid, &fname, &addrspec);
- if (err)
- goto leave;
-
- if (gnupg_remove (fname))
- {
- err = gpg_error_from_syserror ();
- if (gpg_err_code (err) == GPG_ERR_ENOENT)
- {
- if (!opt.quiet)
- log_info ("key for '%s' is not installed\n", addrspec);
- log_inc_errorcount ();
- err = 0;
- }
- else
- log_error ("error removing '%s': %s\n", fname, gpg_strerror (err));
- goto leave;
- }
-
- if (opt.verbose)
- log_info ("key for '%s' removed\n", addrspec);
- err = 0;
-
- leave:
- xfree (fname);
- xfree (addrspec);
- return err;
-}
-
-
/* Revoke the key with mail address MAILADDR. */
static gpg_error_t
command_revoke_key (const char *mailaddr)
{
/* Remove should be different from removing but we have not yet
* defined a suitable way to do this. */
- return command_remove_key (mailaddr);
+ return wks_cmd_remove_key (mailaddr);
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-27 05:55:51 +0000