From 1bfed0bbc5ec9d60d4fb3a0f5c865923ed3563e7 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Sun, 3 Jul 2016 10:27:39 +0200
Subject: [PATCH] wks: Let the client only export the requested UID.

* tools/gpg-wks-client.c (get_key): Export only the requested uid.

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 doc/HACKING            |  2 ++
 tools/gpg-wks-client.c | 21 +++++++++++++++------
 2 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/doc/HACKING b/doc/HACKING
index d2168d65b..94e65d83b 100644
--- a/doc/HACKING
+++ b/doc/HACKING
@@ -46,6 +46,8 @@ are
  - scd     :: The scdaemon component
  - ccid    :: The CCID driver in scdaemon
  - dirmngr :: The dirmngr component
+ - wks     :: The web key service tools
+ - tools   :: Other code in tools
  - w32     :: Windows related code
  - po      :: Translations
  - build   :: Changes to the build system
diff --git a/tools/gpg-wks-client.c b/tools/gpg-wks-client.c
index 25ee43f2e..312f58bc1 100644
--- a/tools/gpg-wks-client.c
+++ b/tools/gpg-wks-client.c
@@ -291,11 +291,10 @@ get_key (estream_t *r_key, const char *fingerprint, const char *addrspec)
 {
   gpg_error_t err;
   ccparray_t ccp;
-  const char **argv;
-  estream_t key;
+  const char **argv = NULL;
+  estream_t key = NULL;
   struct get_key_status_parm_s parm;
-
-  (void)addrspec;  /* FIXME - need to use it.  */
+  char *filterexp = NULL;
 
   memset (&parm, 0, sizeof parm);
 
@@ -306,7 +305,15 @@ get_key (estream_t *r_key, const char *fingerprint, const char *addrspec)
     {
       err = gpg_error_from_syserror ();
       log_error ("error allocating memory buffer: %s\n", gpg_strerror (err));
-      return err;
+      goto leave;
+    }
+
+  filterexp = es_bsprintf ("keep-uid=mbox = %s", addrspec);
+  if (!filterexp)
+    {
+      err = gpg_error_from_syserror ();
+      log_error ("error allocating memory buffer: %s\n", gpg_strerror (err));
+      goto leave;
     }
 
   ccparray_init (&ccp, 0);
@@ -321,6 +328,8 @@ get_key (estream_t *r_key, const char *fingerprint, const char *addrspec)
   ccparray_put (&ccp, "--always-trust");
   ccparray_put (&ccp, "--armor");
   ccparray_put (&ccp, "--export-options=export-minimal");
+  ccparray_put (&ccp, "--export-filter");
+  ccparray_put (&ccp, filterexp);
   ccparray_put (&ccp, "--export");
   ccparray_put (&ccp, "--");
   ccparray_put (&ccp, fingerprint);
@@ -353,6 +362,7 @@ get_key (estream_t *r_key, const char *fingerprint, const char *addrspec)
  leave:
   es_fclose (key);
   xfree (argv);
+  xfree (filterexp);
   return err;
 }
 
@@ -388,7 +398,6 @@ command_send (const char *fingerprint, char *userid)
   err = get_key (&key, fingerprint, addrspec);
   if (err)
     goto leave;
-  log_debug ("fixme: Check that the key has the requested user-id.\n");
 
   /* Get the submission address.  */
   err = wkd_get_submission_address (addrspec, &submission_to);