wks: Support alternative submission address.

* tools/gpg-wks.h (policy_flags_s): Add field 'submission_address'. * tools/wks-util.c (wks_parse_policy): Parse that field. (wks_free_policy): New. * tools/gpg-wks-client.c (command_send): Also try to take the submission-address from the policy file. Free POLICY. * tools/gpg-wks-server.c (process_new_key): Free POLICYBUF. (command_list_domains): Free POLICY. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-05-24 16:43:28 +02:00 · 2018-02-20 09:00:00 +01:00 · 2018-02-20 09:00:00 +01:00 · 1877603761
commit 1877603761
parent fffefd3c98
4 changed files with 67 additions and 14 deletions
--- a/tools/gpg-wks-client.c
+++ b/tools/gpg-wks-client.c
@ -782,27 +782,19 @@ command_send (const char *fingerprint, const char *userid)
      err = 0;
    }
  else
    err = wkd_get_submission_address (addrspec, &submission_to);
  if (err)
    {
      log_error (_("error looking up submission address for domain '%s': %s\n"),
                 domain, gpg_strerror (err));
      if (gpg_err_code (err) == GPG_ERR_NO_DATA)
        log_error (_("this domain probably doesn't support WKS.\n"));
      goto leave;
    }
  log_info ("submitting request to '%s'\n", submission_to);
  /* Get the policy flags.  */
  if (!fake_submission_addr)
    {
      /* We first try to get the submission address from the policy
       * file (this is the new method).  If both are available we
       * check that they match and print a warning if not.  In the
       * latter case we keep on using the one from the
       * submission-address file.  */
      estream_t mbuf;
      err = wkd_get_policy_flags (addrspec, &mbuf);
      if (err && gpg_err_code (err) != GPG_ERR_NO_DATA)
        {
          log_error ("error reading policy flags for '%s': %s\n",
-                     submission_to, gpg_strerror (err));
+                     domain, gpg_strerror (err));
          goto leave;
        }
      if (mbuf)
@ -812,8 +804,35 @@ command_send (const char *fingerprint, const char *userid)
          if (err)
            goto leave;
        }
      err = wkd_get_submission_address (addrspec, &submission_to);
      if (err && !policy.submission_address)
        {
          log_error (_("error looking up submission address for domain '%s'"
                       ": %s\n"), domain, gpg_strerror (err));
          if (gpg_err_code (err) == GPG_ERR_NO_DATA)
            log_error (_("this domain probably doesn't support WKS.\n"));
          goto leave;
        }
      if (submission_to && policy.submission_address
          && ascii_strcasecmp (submission_to, policy.submission_address))
        log_info ("Warning: different submission addresses (sa=%s, po=%s)\n",
                  submission_to, policy.submission_address);
      if (!submission_to)
        {
          submission_to = xtrystrdup (policy.submission_address);
          if (!submission_to)
            {
              err = gpg_error_from_syserror ();
              goto leave;
            }
        }
    }
  log_info ("submitting request to '%s'\n", submission_to);
  if (policy.auth_submit)
    log_info ("no confirmation required for '%s'\n", addrspec);
@ -1002,6 +1021,7 @@ command_send (const char *fingerprint, const char *userid)
  free_uidinfo_list (uidlist);
  es_fclose (keyenc);
  es_fclose (key);
  wks_free_policy (&policy);
  xfree (addrspec);
  return err;
 }
--- a/tools/gpg-wks-server.c
+++ b/tools/gpg-wks-server.c
@ -1135,6 +1135,8 @@ process_new_key (server_ctx_t ctx, estream_t key)
  char *fname = NULL;
  struct policy_flags_s policybuf;
  memset (&policybuf, 0, sizeof policybuf);
  /* First figure out the user id from the key.  */
  xfree (ctx->fpr);
  free_uidinfo_list (ctx->mboxes);
@ -1206,6 +1208,7 @@ process_new_key (server_ctx_t ctx, estream_t key)
  xfree (nonce);
  xfree (fname);
  xfree (dname);
  wks_free_policy (&policybuf);
  return err;
 }
@ -1897,6 +1900,7 @@ command_list_domains (void)
              if (!memcmp (&empty_policy, &policy, sizeof policy))
                log_error ("domain %s: empty policy file\n", domain);
            }
          wks_free_policy (&policy);
        }
--- a/tools/gpg-wks.h
+++ b/tools/gpg-wks.h
@ -60,6 +60,7 @@ struct
 /* The parsed policy flags. */
 struct policy_flags_s
 {
  char *submission_address;
  unsigned int mailbox_only : 1;
  unsigned int dane_only : 1;
  unsigned int auth_submit : 1;
@ -92,6 +93,7 @@ gpg_error_t wks_filter_uid (estream_t *r_newkey, estream_t key,
 gpg_error_t wks_send_mime (mime_maker_t mime);
 gpg_error_t wks_parse_policy (policy_flags_t flags, estream_t stream,
                              int ignore_unknown);
 void wks_free_policy (policy_flags_t policy);
 /*-- wks-receive.c --*/
--- a/tools/wks-util.c
+++ b/tools/wks-util.c
@ -443,6 +443,7 @@ gpg_error_t
 wks_parse_policy (policy_flags_t flags, estream_t stream, int ignore_unknown)
 {
  enum tokens {
    TOK_SUBMISSION_ADDRESS,
    TOK_MAILBOX_ONLY,
    TOK_DANE_ONLY,
    TOK_AUTH_SUBMIT,
@ -453,6 +454,7 @@ wks_parse_policy (policy_flags_t flags, estream_t stream, int ignore_unknown)
    const char *name;
    enum tokens token;
  } keywords[] = {
    { "submission-address", TOK_SUBMISSION_ADDRESS },
    { "mailbox-only", TOK_MAILBOX_ONLY },
    { "dane-only",    TOK_DANE_ONLY    },
    { "auth-submit",  TOK_AUTH_SUBMIT  },
@ -519,6 +521,20 @@ wks_parse_policy (policy_flags_t flags, estream_t stream, int ignore_unknown)
      switch (keywords[i].token)
        {
        case TOK_SUBMISSION_ADDRESS:
          if (!value || !*value)
            {
              err = gpg_error (GPG_ERR_SYNTAX);
              goto leave;
            }
          xfree (flags->submission_address);
          flags->submission_address = xtrystrdup (value);
          if (!flags->submission_address)
            {
              err = gpg_error_from_syserror ();
              goto leave;
            }
          break;
        case TOK_MAILBOX_ONLY: flags->mailbox_only = 1; break;
        case TOK_DANE_ONLY:    flags->dane_only = 1;    break;
        case TOK_AUTH_SUBMIT:  flags->auth_submit = 1;  break;
@ -553,3 +569,14 @@ wks_parse_policy (policy_flags_t flags, estream_t stream, int ignore_unknown)
  return err;
 }
 void
 wks_free_policy (policy_flags_t policy)
 {
  if (policy)
    {
      xfree (policy->submission_address);
      memset (policy, 0, sizeof *policy);
    }
 }