From 256a280c51f9ea862e4bfb0bb530c2a96f9088f9 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 22 Oct 2018 20:13:08 +0200 Subject: [PATCH] dirmngr: Prepare for updated WKD specs with ?l= param * dirmngr/server.c (proc_wkd_get): Tack the raw local address to the request. -- We append the raw non-canonicalized local address part to the hash. Servers who serve the requests from static files will ignore the parameters and a test with posteo shows that also services using a database ignore the parameter. The general idea is that service providers may use their own canonicalization rules. The problem is that we currently filter the returned key for the full mail address and thus we will never see a key if the service did a different canonicalization than we. So consider this to be an experiment. Signed-off-by: Werner Koch --- dirmngr/server.c | 33 +++++++++++++++++++++------------ 1 file changed, 21 insertions(+), 12 deletions(-) diff --git a/dirmngr/server.c b/dirmngr/server.c index 2519fd601..05a530bce 100644 --- a/dirmngr/server.c +++ b/dirmngr/server.c @@ -957,19 +957,28 @@ proc_wkd_get (ctrl_t ctrl, assuan_context_t ctx, char *line) } else { - uri = strconcat ("https://", - domain, - portstr, - "/.well-known/openpgpkey/hu/", - encodedhash, - NULL); - no_log = 1; - if (uri) + char *escapedmbox; + + escapedmbox = http_escape_string (mbox, "%;?&="); + if (escapedmbox) { - err = dirmngr_status_printf (ctrl, "SOURCE", "https://%s%s", - domain, portstr); - if (err) - goto leave; + uri = strconcat ("https://", + domain, + portstr, + "/.well-known/openpgpkey/hu/", + encodedhash, + "?l=", + escapedmbox, + NULL); + xfree (escapedmbox); + no_log = 1; + if (uri) + { + err = dirmngr_status_printf (ctrl, "SOURCE", "https://%s%s", + domain, portstr); + if (err) + goto leave; + } } } if (!uri)