dirmngr: Prepare for updated WKD specs with ?l= param

* dirmngr/server.c (proc_wkd_get): Tack the raw local address to the request. -- We append the raw non-canonicalized local address part to the hash. Servers who serve the requests from static files will ignore the parameters and a test with posteo shows that also services using a database ignore the parameter. The general idea is that service providers may use their own canonicalization rules. The problem is that we currently filter the returned key for the full mail address and thus we will never see a key if the service did a different canonicalization than we. So consider this to be an experiment. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 256a280c51f9ea862e4bfb0bb530c2a96f9088f9)
author: Werner Koch <[email protected]> 2018-10-22 18:13:08 +0000
committer: Werner Koch <[email protected]> 2018-10-22 18:13:58 +0000
commit: a2bd4a64e5b057f291a60a9499f881dd47745e2f (patch)
tree: 52da781c58f24993cd0cd68dbac5c56e521b70ba /dirmngr/server.c
parent: gpg: Fix extra check for sign usage of a data signature. (diff)
download: gnupg-a2bd4a64e5b057f291a60a9499f881dd47745e2f.tar.gz
gnupg-a2bd4a64e5b057f291a60a9499f881dd47745e2f.zip
1 files changed, 21 insertions, 12 deletions
diff --git a/dirmngr/server.c b/dirmngr/server.c
index fcf0c1aaf..d414c0e62 100644
--- a/dirmngr/server.c
+++ b/dirmngr/server.c
@@ -957,19 +957,28 @@ proc_wkd_get (ctrl_t ctrl, assuan_context_t ctx, char *line)
     }
   else
     {
-      uri = strconcat ("https://",
-                       domain,
-                       portstr,
-                       "/.well-known/openpgpkey/hu/",
-                       encodedhash,
-                       NULL);
-      no_log = 1;
-      if (uri)
+      char *escapedmbox;
+
+      escapedmbox = http_escape_string (mbox, "%;?&=");
+      if (escapedmbox)
         {
-          err = dirmngr_status_printf (ctrl, "SOURCE", "https://%s%s",
-                                       domain, portstr);
-          if (err)
-            goto leave;
+          uri = strconcat ("https://",
+                           domain,
+                           portstr,
+                           "/.well-known/openpgpkey/hu/",
+                           encodedhash,
+                           "?l=",
+                           escapedmbox,
+                           NULL);
+          xfree (escapedmbox);
+          no_log = 1;
+          if (uri)
+            {
+              err = dirmngr_status_printf (ctrl, "SOURCE", "https://%s%s",
+                                           domain, portstr);
+              if (err)
+                goto leave;
+            }
         }
     }
   if (!uri)
author	Werner Koch <[email protected]>	2018-10-22 18:13:08 +0000
committer	Werner Koch <[email protected]>	2018-10-22 18:13:58 +0000
commit	a2bd4a64e5b057f291a60a9499f881dd47745e2f (patch)
tree	52da781c58f24993cd0cd68dbac5c56e521b70ba /dirmngr/server.c
parent	gpg: Fix extra check for sign usage of a data signature. (diff)
download	gnupg-a2bd4a64e5b057f291a60a9499f881dd47745e2f.tar.gz gnupg-a2bd4a64e5b057f291a60a9499f881dd47745e2f.zip