aboutsummaryrefslogtreecommitdiffstats
path: root/tools/wks-util.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* wkd: Do not send/install/mirror expired user ids.Werner Koch2022-12-061-6/+46
| | | | | | | | | | | | | | | | | | | * tools/gpg-wks.h (struct uidinfo_list_s): Add fields expired and revoked. * tools/wks-util.c (append_to_uidinfo_list): Add args expired and revoked. (set_expired_revoked): New. (wks_list_key): Set expired and revoked. (wks_cmd_install_key): Skip expired uids. * tools/gpg-wks-client.c (command_check): Print flags. (command_send): Ignore expired keys. (mirror_one_key): Ditto. * g10/export.c (do_export_stream): Silence warning. -- GnuPG-bug-id: 6292 Backported-from-master: 278f85d1bc6cd012b3b2e87536e50954b21d2d91
* wkd: New option --add-revocs and some fixes.Werner Koch2022-11-301-6/+145
| | | | | | | | | | | | | | | | | | | | | | | * tools/gpg-wks.h (opt): Add add_revocs. * tools/wks-util.c (wks_get_key): Add arg 'binary'. (wks_armor_key): New. (wks_find_add_revocs): New. (wks_cmd_install_key): Get key in binary mode and add revocations if enabled. * tools/gpg-wks-client.c (oAddRevocs): New. (opts): Add --add-revocs. (parse_arguments): Set option, (command_send): Get key in binary mode, add revocations if enabled, and explictly armor key. Remove kludge to skip the Content-type line in no_encrypt mode. (mirror_one_keys_userid): Always filter the key to get rid of the armor as received from dirmngr. Add revocations from the local keyring. -- Note that this also fixes an oddity of the new mirror command which used to store the keys armored as received from dirmngr.
* wkd: Make use of --debug extprog.Werner Koch2022-11-301-1/+20
| | | | | | | | * tools/wks-util.c (debug_gpg_invocation): New. (get_key_status_cb): Enable debug output. (wks_get_key): Show gpg invocation. (wks_list_key): Ditto. (wks_filter_uid): Ditto.
* wkd: Silence gpg-wks-client diagnostics from gpg.Werner Koch2022-10-071-6/+6
| | | | | | | | | | | | | * tools/gpg-wks-client.c (add_user_id): PAss --quiet to gpg unless we are running in double verbose mode. (decrypt_stream): Ditto (encrypt_response): Ditto. (mirror_one_keys_userid): Ditto. * tools/wks-util.c (wks_get_key): Ditto. (wks_list_key): Ditto. (wks_filter_uid): Ditto. (cherry picked from commit 4364283f757fceab454d48d461a9f88c31247a07)
* wkd: New command --mirror for gpg-wks-client.Werner Koch2022-10-071-26/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * tools/gpg-wks-client.c (aMirror,oBlacklist,oNoAutostart): New. (opts): Add --mirror, --no-autostart, and --blacklist. (parse_arguments): Parse new options. (main): Implement aMirror. (mirror_one_key_parm): New. (mirror_one_keys_userid, mirror_one_key): New. (command_mirror): New. * tools/gpg-wks.h (struct uidinfo_list_s): Add fields flags. * tools/wks-util.c (wks_cmd_install_key): Factor some code out to ... (wks_install_key_core): new. * tools/call-dirmngr.c (wkd_dirmngr_ks_get): New. -- This implements the basic LDAP to WKD mirroring. The blacklist option and domain restrictions are not yet fully implemented. Take care: In OpenLDAP you may need to increase the paged result limit by using a configuration like: dn: olcDatabase={1}mdb,cn=config changetype: modify replace: olcLimits olcLimits: dn.subtree="dc=example,dc=org" size.prtotal=unlimited GnuPG-bug-id: 6224 Backported-from-master: 7ccd489aa2e5c5ef6c4554c9f04dd74394b43409
* wkd: Fix path traversal attack on gpg-wks-server.Werner Koch2022-07-251-0/+16
| | | | | | | | * tools/gpg-wks-server.c (check_and_publish): Check for invalid characters in sender controlled data. * tools/wks-util.c (wks_fname_from_userid): Ditto. (wks_compute_hu_fname): Ditto. (ensure_policy_file): Ditto.
* wks: Allow access to newly created dirsBernhard M. Wiedemann2021-11-091-2/+2
|
* wkd: Properly unescape the user-id from a key listing.Werner Koch2021-08-201-6/+16
| | | | * tools/wks-util.c (append_to_uidinfo_list): Unescape UID.
* wkd: Fix client issue with leading or trailing spaces in user-ids.Werner Koch2021-08-201-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/recsel.c (recsel_parse_expr): Add flag -t. * common/stringhelp.c (strtokenize): Factor code out to do_strtokenize. (strtokenize_nt): New. (do_strtokenize): Add arg trim to support the strtokenize_nt. * common/t-stringhelp.c (test_strtokenize_nt): New test cases. * tools/wks-util.c (wks_list_key): Use strtokenize_nt and the recsel flag -t. -- This fixes a bug with user ids with leading spaces because: wks-client lists all mail addresses from the key and matches them to the requested mail address. If there are several user-ids all with the same mail address wks-client picks one of them and then extracts exactly that user id. However, here it does not match by the mail address but by the full user-id so that we can be sure that there will be only one user-id in the final key. The filter built expression unfortunately strips leading blanks but requires a verbatim match. Thus it won't find the user id again and errors out. The new -t flag and a non-trimming strtokenize solves the problem. Signed-off-by: Werner Koch <[email protected]>
* wkd: Minor permission fix for created files.Werner Koch2020-12-301-2/+2
| | | | | | | | | | | | * tools/wks-util.c (wks_cmd_install_key): Don't set u+x on the file. (ensure_policy_file): No need to make the policy file group writable. -- The policy file is rarely changed thus no need to g+w. Setting +x on a plain file does not make sense at all. GnuPG-bug-id: 5214 (cherry picked from commit c008e8d20e12c8845403ad7dad499f6a196ecc6a)
* Replace all calls to stat by gnupg_stat.Werner Koch2020-10-231-2/+2
| | | | | | | | | | | | * common/sysutils.c (gnupg_stat): New. * common/sysutils.h: Include sys/stat.h. -- Yet another wrapper for Unicode support on Windows. GnuPG-bug-id: 5098 Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 18e5dd7b03ced51611c9ba1345cf498a0aaf14a6)
* Replace most of the remaining stdio calls by estream calls.Werner Koch2020-10-211-1/+1
| | | | | | | | | | | | | -- We need to use es_fopen on Windows to cope with non-ascii file names. This is quite a large but fortunately straightforward change. At a very few places we keep using stdio (for example due to the use of popen). GnuPG-bug-id: 5098 Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 390497ea115e1aca93feec297a5bd6ae7b1ba6dd
* Replace all calls to access by gnupg_accessWerner Koch2020-10-211-2/+3
| | | | | | | | | | | | | | | | | * common/sysutils.c (gnupg_access): New. Replace all calls to access by this wrapper. * common/homedir.c (w32_shgetfolderpath): Change to return UTF-8 directory name. (standard_homedir): Adjust for change. (w32_commondir, gnupg_cachedir): Ditto. -- Also use SHGetFolderPathW instead of SHGetFolderPathA on Windows. This is required to correctly handle non-ascii filenames on Windows. GnuPG-bug-id: 5098 (cherry picked from commit c94ee1386e0d5cdac51086c4d5b92de59c09c9b5)
* wkd: Let --install-key write a template policy file.Werner Koch2019-11-231-0/+83
| | | | | | | | | | * tools/wks-util.c (ensure_policy_file): New. (wks_cmd_install_key): Call it. -- GnuPG-bug-id: 4753 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 50cd1a58f3a612704a0056386e1d5cd7cb28d57d)
* wkd: New command --print-wkd-url for gpg-wks-client.Werner Koch2019-03-251-1/+26
| | | | | | | | | * tools/gpg-wks-client.c (aPrintWKDURL): New. (opts): Add option. (main): Implement. * tools/wks-util.c (wks_cmd_print_wkd_url): New. Signed-off-by: Werner Koch <[email protected]>
* wkd: New command --print-wkd-hash for gpg-wks-client.Werner Koch2019-03-251-8/+39
| | | | | | | | | | | | | * tools/gpg-wks-client.c (aPrintWKDHash): New. (opts) : Add "--print-wkd-hash". (main): Implement that command. (proc_userid_from_stdin): New. * tools/wks-util.c (wks_fname_from_userid): Add option HASH_ONLY. (wks_cmd_print_wkd_hash): New. -- GnuPG-bug-id: 4418 Signed-off-by: Werner Koch <[email protected]>
* wks: Fix filter expression syntax flaw.Werner Koch2018-12-051-4/+10
| | | | | | | | | | | | | | * tools/wks-util.c (wks_get_key, wks_filter_uid): The filter expression needs a space before the value. (install_key_from_spec_file): Replace es_getline by es_read_line and remove debug output. -- A value of starting with '<' was considered an invalid operator due to our tokenization method. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 0c36ec241d285545f286069843de4f663cd274a3)
* wks: Allow reading of --install-key arguments from stdin.Werner Koch2018-12-051-1/+61
| | | | | | | | | | * tools/wks-util.c (install_key_from_spec_file): New. (wks_cmd_install_key): Call it. * tools/gpg-wks-client.c (main): Allow --install-key w/o arguments. * tools/gpg-wks-server.c (main): Ditto. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit ba46a359b9d6549b74ec8401ea39bad434d87564)
* wks: Create sub-directoriesWerner Koch2018-12-051-5/+25
| | | | | | | | * tools/wks-util.c (wks_compute_hu_fname): Stat and create directory if needed. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 73e5b0ec9b9ba5e04e55f8c42d81e23df7c3afe0)
* wks: Move a few server functions to wks-util.Werner Koch2018-12-051-0/+305
| | | | | | | | | | | | | | | | * tools/gpg-wks-server.c (write_to_file): Move to ... * tools/wks-util.c: here. * tools/gpg-wks-server.c (compute_hu_fname): Move to ... * tools/wks-util.c (wks_compute_hu_fname): here. * tools/gpg-wks-server.c (fname_from_userid): Move to ... * tools/wks-util.c (wks_fname_from_userid): here. * tools/gpg-wks-server.c (command_install_key): Move to ... * tools/wks-util.c (wks_cmd_install_key): here and change caller. * tools/gpg-wks-server.c (command_remove_key): Move to ... * tools/wks-util.c (wks_cmd_remove_key): here and change callers. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 99094c992c20dd22971beb3527cfda109cd1df89)
* wks: New option --with-colons for gpg-wks-client.Werner Koch2018-11-051-1/+1
| | | | | | | | | | | | | | | | | | | | * tools/gpg-wks.h (opt): Add field with_colons. * tools/gpg-wks-client.c (oWithColons): New const. (opts, parse_arguments): Add option --with-colons. (main): Change aSupported to take several domains in --with-colons mode. (command_send): Factor policy getting code out to ... (get_policy_and_sa): New function. (command_supported): Make use of new function. -- In addition to this the --create command now also supports a submission address only in the policy file. That means the submission-address file is not anymore required and can be replaced by the policy file. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit e3a1e80d13487c9336640a99b2f6d385d7d6f55c)
* wks: Add special mode to --install-key.Werner Koch2018-02-201-0/+114
| | | | | | | | | | | * tools/gpg-wks-client.c (get_key_status_parm_s) (get_key_status_cb, get_key): Move to ... * tools/wks-util.c: ...here. (get_key): Rename to wks_get_key. * tools/gpg-wks-server.c: Include userids.h. (command_install_key): Allow use of a fingerprint. Signed-off-by: Werner Koch <[email protected]>
* wks: Implement server command --install-key.Werner Koch2018-02-201-6/+11
| | | | | | | | | | | * tools/wks-util.c (wks_filter_uid): Add arg 'binary'. * tools/gpg-wks-server.c (main): Expect 2 args for --install-key. (write_to_file): New. (check_and_publish): Factor some code out to ... (compute_hu_fname): ... new. (command_install_key): Implement. Signed-off-by: Werner Koch <[email protected]>
* wks: Support alternative submission address.Werner Koch2018-02-201-0/+27
| | | | | | | | | | | | * tools/gpg-wks.h (policy_flags_s): Add field 'submission_address'. * tools/wks-util.c (wks_parse_policy): Parse that field. (wks_free_policy): New. * tools/gpg-wks-client.c (command_send): Also try to take the submission-address from the policy file. Free POLICY. * tools/gpg-wks-server.c (process_new_key): Free POLICYBUF. (command_list_domains): Free POLICY. Signed-off-by: Werner Koch <[email protected]>
* wks: Send only the newest UID to the server.Werner Koch2017-09-181-7/+97
| | | | | | | | | | | | | | | | | | | * tools/wks-util.c (list_key_status_cb): Rename to key_status_cb. (wks_filter_uid): New. (wks_list_key): Allow FPR to be NULL. Return an error if no fingerprint was found. * tools/gpg-wks-server.c (process_new_key) (check_and_publish): Remove now useless extra check for FPR. * tools/gpg-wks-client.c (command_check): Ditto. (command_send): Filter out the newest uid. -- This fixes the case of having several userids with all the the same mailbox. Now we use the latest user id created. This patch is also a prerequisite to automatically create a new user id for providers with the mailbox-only policy. Signed-off-by: Werner Koch <[email protected]>
* wks: Print the UID creation time with gpg-wks-client --check.Werner Koch2017-09-181-2/+4
| | | | | | | | | * tools/gpg-wks.h (uidinfo_list_s): Add field 'created'. * tools/wks-util.c (append_to_uidinfo_list): Add arf 'created'. (wks_list_key): Pass timestamp to append_to_uidinfo_list. * tools/gpg-wks-client.c (command_check): Print UID creation time. Signed-off-by: Werner Koch <[email protected]>
* wks: Use dedicated type to convey user ids.Werner Koch2017-09-181-8/+46
| | | | | | | | | | | | | | | | | * tools/gpg-wks.h (uidinfo_list_s, uidinfo_list_t): New. * tools/wks-util.c (append_to_uidinfo_list): New. (free_uidinfo_list): New. (wks_list_key): Change arg r_mboxes to uidinfo_list_t. Use append_to_uidinfo_list. * tools/gpg-wks-server.c (sserver_ctx_s): Replace strlist_t by uidinfo_list_t. (process_new_key): Ditto. (check_and_publish): Ditto. (command_receive_cb): Replace free_strlist by free_uidinfo_list. * tools/gpg-wks-client.c (command_check): Replace strlist_t by uidinfo_list_t. Also print user id in verbose mode. Signed-off-by: Werner Koch <[email protected]>
* wks: Add new policy flag protocol-versionWerner Koch2017-09-121-2/+12
| | | | | | | * tools/gpg-wks.h (policy_flags_s): Add field protocol_version. * tools/wks-util.c (wks_parse_policy): Add new policy flag. Signed-off-by: Werner Koch <[email protected]>
* Change license of some files to LGPLv2.1.Werner Koch2017-06-191-9/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * COPYING.LIB: Rename to COPYING.LGPL3. * COPYING.LGPL21: New. * COPYING.GPL2: New. * Makefile.am: Distribute them. * AUTHORS: Update license pointers. Add BSI as copyright holder. * common/compliance.c, common/compliance.h: Add BSI copyright notice. Break overlong lines. * dirmngr/loadswdb.c: Add BSI copyright notices. * dirmngr/server.c: Ditto. * tools/call-dirmngr.c: Change license to LGPLv2.1. Add BSI copyright notice. * tools/call-dirmngr.h: Ditto. * tools/gpg-wks-client.c: Ditto. * tools/gpg-wks-server.c: Ditto. * tools/gpg-wks.h: Ditto. * tools/mime-maker.c: Ditto. * tools/mime-maker.h: Ditto. * tools/mime-parser.c: Ditto. * tools/mime-parser.h: Ditto. * tools/send-mail.c: Ditto. * tools/send-mail.h: Ditto. * tools/wks-receive.c: Ditto. * tools/wks-util.c: Ditto. * tools/rfc822parse.c, tools/rfc822parse.h: Change license to LGPLv2.1. -- For better deployment it seems to be better to make the Web Key Directory code more easily available. Some code was been developed under contract of the BSI. Signed-off-by: Werner Koch <[email protected]>
* Spelling fixes in docs and comments.NIIBE Yutaka2017-04-281-1/+1
| | | | | | | | | | -- In addition, fix trailing spaces in tests/inittests. GnuPG-bug-id: 3121 Reported-by: ka7 (klemens) Signed-off-by: NIIBE Yutaka <[email protected]>
* wks: Put stdout into binary mode for Windows at another place.Werner Koch2017-03-081-1/+5
| | | | | | * tools/wks-util.c (wks_send_mime): Set stdout to binary. Signed-off-by: Werner Koch <[email protected]>
* Remove -I option to common.NIIBE Yutaka2017-03-071-5/+5
| | | | | | | | | | | | | * dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common. * g10/Makefile.am (AM_CPPFLAGS): Ditto. * g13/Makefile.am (AM_CPPFLAGS): Ditto. * kbx/Makefile.am (AM_CPPFLAGS): Ditto. * scd/Makefile.am (AM_CPPFLAGS): Ditto. * sm/Makefile.am (AM_CPPFLAGS): Ditto. * tools/Makefile.am (AM_CPPFLAGS): Ditto. * Throughout: Follow the change. Signed-off-by: NIIBE Yutaka <[email protected]>
* wks: New option --status-fd for gpg-wks-client.Werner Koch2016-12-081-0/+60
| | | | | | | | | | | | | | | | | | * tools/wks-util.c: Include status.h. (statusfp): New global var. (wks_set_status_fd): New func. (wks_write_status): New func. * tools/gpg-wks-client.c: Include status.h. (oStatusFD): New constant. (opts): New option --status-fd. (parse_arguments): Handle that option. (main): Return STATUS_SUCCESS or STATUS_FAILURE. -- This option is useful in case gpg-wks-client is spawed using a double fork approach which does not allow to return the exit code. Signed-off-by: Werner Koch <[email protected]>
* tools: Move a function from gpg-wks-server to wks-util.c.Werner Koch2016-12-081-0/+179
| | | | | | | | | | | | | | * tools/gpg-wks-server.c (list_key_status_cb): Remove. (list_key): Move to ... * tools/wks-util.c (wks_list_key): here and rename. Add new args R_FPR and R_MBOXES and remove the CTX. (list_key_status_cb): New. * tools/wks-util.c: Include ccparray.h, exectool.h, and mbox-util.h. * tools/gpg-wks-server.c (process_new_key): Replace list_key by wks_list_key. (check_and_publish): Ditto. Signed-off-by: Werner Koch <[email protected]>
* tools: Fix use of uninitialized var in mime-maker.Werner Koch2016-12-081-1/+2
| | | | | | | | | | * tools/mime-maker.c (ensure_part): Make sure to set R_PARENT on error. (add_missing_headers): Ensure that ERR is set on success. * tools/wks-util.c (wks_parse_policy): Fix indentation. Signed-off-by: Werner Koch <[email protected]>
* Change all http://www.gnu.org in license notices to https://Werner Koch2016-11-051-1/+1
| | | | --
* wks: Add framework for policy flags.Werner Koch2016-09-021-0/+108
| | | | | | | | | | | | | * tools/call-dirmngr.c (wkd_get_policy_flags): New. * tools/gpg-wks.h (struct policy_flags_s, policy_flags_t): New. * tools/wks-util.c (wks_parse_policy): New. * tools/gpg-wks-client.c (command_send): Get the policy flags to show a new info line. * tools/gpg-wks-server.c (get_policy_flags): New. (process_new_key): get policy flag and add a stub for "auth-submit". (command_list_domains): Check policy flags. Signed-off-by: Werner Koch <[email protected]>
* tools: Call sendmail directly from the wks tools.Werner Koch2016-07-021-0/+65
* tools/send-mail.c, tools/send-mail.h: New. * tools/wks-util.c: New. * tools/Makefile.am (gpg_wks_server_SOURCES): Add them. (gpg_wks_client_SOURCES): Ditto. * tools/gpg-wks.h (opt): Add fields use_sendmail and output. * tools/gpg-wks-client.c: Add options --send and --output. Rename command --send to --create. (command_send, send_confirmation_response): Output via wks_send_mime. * tools/gpg-wks-server.c: Add options --send and --output. (send_confirmation_request): Output via wks_send_mime. (check_and_publish): Add hack for name-value bug. -- With this code, a dedicated user on the server along with a procmail script, it was possible to run a basic test. Signed-off-by: Werner Koch <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-17 16:49:28 +0000