security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-04-17 15:44:34 +02:00
Code Activity

wks: New server options --check, --with-dir, with-file.

Browse Source 
* tools/gpg-wks-server.c (aCheck, oWithDir, oWithFile): New const.
(opts): New options --check, --with-dir, and --with-file.
(main): Call command_check_key.
(command_list_domains): Implement option --with-dir.
(fname_from_userid): New.
(command_check_key): New.
(command_remove_key): Implement existsing command.
(command_revoke_key): Call command_remove_key as a simple
implementation.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2017-12-19 17:42:10 +01:00
parent faecaf80f0
commit 7449063b1a
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 215 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
doc/wks.texi
View File

@ -174,18 +174,23 @@ Display a brief help page and exit.
.br .br
.B gpg-wks-server .B gpg-wks-server
.RI [ options ] .RI [ options ]
.B \-\-check-key
.I user-id
.br
.B gpg-wks-server
.RI [ options ]
.B \-\-install-key .B \-\-install-key
.I file .I file
.br .br
.B gpg-wks-server .B gpg-wks-server
.RI [ options ] .RI [ options ]
.B \-\-remove-key .B \-\-remove-key
.I mailaddr .I user-id
.br .br
.B gpg-wks-server .B gpg-wks-server
.RI [ options ] .RI [ options ]
.B \-\-revoke-key .B \-\-revoke-key
.I mailaddr .I user-id
@end ifset @end ifset
@mansect description @mansect description
@ -208,8 +213,22 @@ The command @option{--list-domains} prints all configured domains.
Further it creates missing directories for the configuration and Further it creates missing directories for the configuration and
prints warnings pertaining to problems in the configuration. prints warnings pertaining to problems in the configuration.
The commands @option{--install-key}, @option{--remove-key}, and The command @option{--check-key} (or just @option{--check}) checks
@option{--revoke-key} are not yet functional. whether a key with the given user-id is installed. The process return
success in this case; to also print a diagnostic, use option
@option{-v}. If the key is not installed a diagnostics is printed and
the process returns failure; to suppress the diagnostic, use option
@option{-q}. More than one user-id can be given; see also option
@option{with-file}.
The command @option{--remove-key} uninstalls a key from the WKD. The
process return success in this case; to also print a diagnostic, use
option @option{-v}. If the key is not installed a diagnostics is
printed and the process returns failure; to suppress the diagnostic,
use option @option{-q}.
The commands @option{--install-key} and @option{--revoke-key} are not
yet functional.
@mansect options @mansect options
@ -237,6 +256,16 @@ Requires installation of that command.
Write the created mail also to @var{file}. Note that the value Write the created mail also to @var{file}. Note that the value
@code{-} for @var{file} would write it to stdout. @code{-} for @var{file} would write it to stdout.
@item --with-dir
@opindex with-dir
Also print the directory name for each domain listed by command
@option{--list-domains}.
@item --with-file
@opindex with-file
With command @option{--check-key} print for each user-id, the address,
'i' for installed key or 'n' for not installed key, and the filename.
@item --verbose @item --verbose
@opindex verbose @opindex verbose
Enable extra informational output. Enable extra informational output.

193
tools/gpg-wks-server.c
View File

@ -66,11 +66,14 @@ enum cmd_and_opt_values
aInstallKey, aInstallKey,
aRevokeKey, aRevokeKey,
aRemoveKey, aRemoveKey,
aCheck,
oGpgProgram, oGpgProgram,
oSend, oSend,
oFrom, oFrom,
oHeader, oHeader,
oWithDir,
oWithFile,
oDummy oDummy
}; };
@ -86,12 +89,15 @@ static ARGPARSE_OPTS opts[] = {
("run regular jobs")), ("run regular jobs")),
ARGPARSE_c (aListDomains, "list-domains", ARGPARSE_c (aListDomains, "list-domains",
("list configured domains")), ("list configured domains")),
ARGPARSE_c (aCheck, "check",
("check whether a key is installed")),
ARGPARSE_c (aCheck, "check-key", "@"),
ARGPARSE_c (aInstallKey, "install-key", ARGPARSE_c (aInstallKey, "install-key",
"|FILE|install a key from FILE into the WKD"), "install a key from FILE into the WKD"),
ARGPARSE_c (aRemoveKey, "remove-key", ARGPARSE_c (aRemoveKey, "remove-key",
"|ADDR|remove the key ADDR from the WKD"), "remove a key from the WKD"),
ARGPARSE_c (aRevokeKey, "revoke-key", ARGPARSE_c (aRevokeKey, "revoke-key",
"|ADDR|mark the key ADDR in the WKD as revoked"), "mark a key as revoked"),
ARGPARSE_group (301, ("@\nOptions:\n ")), ARGPARSE_group (301, ("@\nOptions:\n ")),
@ -104,6 +110,8 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oFrom, "from", "|ADDR|use ADDR as the default sender"), ARGPARSE_s_s (oFrom, "from", "|ADDR|use ADDR as the default sender"),
ARGPARSE_s_s (oHeader, "header" , ARGPARSE_s_s (oHeader, "header" ,
"|NAME=VALUE|add \"NAME: VALUE\" as header to all mails"), "|NAME=VALUE|add \"NAME: VALUE\" as header to all mails"),
ARGPARSE_s_n (oWithDir, "with-dir", "@"),
ARGPARSE_s_n (oWithFile, "with-file", "@"),
ARGPARSE_end () ARGPARSE_end ()
}; };
@ -132,6 +140,13 @@ struct server_ctx_s
}; };
typedef struct server_ctx_s *server_ctx_t; typedef struct server_ctx_s *server_ctx_t;
/* Flag for --with-dir. */
static int opt_with_dir;
/* Flag for --with-file. */
static int opt_with_file;
/* Prototypes. */ /* Prototypes. */
static gpg_error_t get_domain_list (strlist_t *r_list); static gpg_error_t get_domain_list (strlist_t *r_list);
@ -142,6 +157,7 @@ static gpg_error_t command_list_domains (void);
static gpg_error_t command_install_key (const char *fname); static gpg_error_t command_install_key (const char *fname);
static gpg_error_t command_remove_key (const char *mailaddr); static gpg_error_t command_remove_key (const char *mailaddr);
static gpg_error_t command_revoke_key (const char *mailaddr); static gpg_error_t command_revoke_key (const char *mailaddr);
static gpg_error_t command_check_key (const char *mailaddr);
static gpg_error_t command_cron (void); static gpg_error_t command_cron (void);
@ -220,10 +236,17 @@ parse_arguments (ARGPARSE_ARGS *pargs, ARGPARSE_OPTS *popts)
case oOutput: case oOutput:
opt.output = pargs->r.ret_str; opt.output = pargs->r.ret_str;
break; break;
case oWithDir:
opt_with_dir = 1;
break;
case oWithFile:
opt_with_file = 1;
break;
case aReceive: case aReceive:
case aCron: case aCron:
case aListDomains: case aListDomains:
case aCheck:
case aInstallKey: case aInstallKey:
case aRemoveKey: case aRemoveKey:
case aRevokeKey: case aRevokeKey:
@ -243,7 +266,7 @@ parse_arguments (ARGPARSE_ARGS *pargs, ARGPARSE_OPTS *popts)
int int
main (int argc, char **argv) main (int argc, char **argv)
{ {
gpg_error_t err; gpg_error_t err, firsterr;
ARGPARSE_ARGS pargs; ARGPARSE_ARGS pargs;
enum cmd_and_opt_values cmd; enum cmd_and_opt_values cmd;
@ -360,16 +383,29 @@ main (int argc, char **argv)
case aRemoveKey: case aRemoveKey:
if (argc != 1) if (argc != 1)
wrong_args ("--remove-key MAILADDR"); wrong_args ("--remove-key USER-ID");
err = command_remove_key (*argv); err = command_remove_key (*argv);
break; break;
case aRevokeKey: case aRevokeKey:
if (argc != 1) if (argc != 1)
wrong_args ("--revoke-key MAILADDR"); wrong_args ("--revoke-key USER-ID");
err = command_revoke_key (*argv); err = command_revoke_key (*argv);
break; break;
case aCheck:
if (!argc)
wrong_args ("--check USER-IDs");
firsterr = 0;
for (; argc; argc--, argv++)
{
err = command_check_key (*argv);
if (!firsterr)
firsterr = err;
}
err = firsterr;
break;
default: default:
usage (1); usage (1);
err = gpg_error (GPG_ERR_BUG); err = gpg_error (GPG_ERR_BUG);
@ -1776,8 +1812,12 @@ command_list_domains (void)
domain = strrchr (sl->d, '/'); domain = strrchr (sl->d, '/');
log_assert (domain); log_assert (domain);
domain++; domain++;
if (opt_with_dir)
es_printf ("%s %s\n", domain, sl->d);
else
es_printf ("%s\n", domain); es_printf ("%s\n", domain);
/* Check that the required directories are there. */ /* Check that the required directories are there. */
for (i=0; i < DIM (requireddirs); i++) for (i=0; i < DIM (requireddirs); i++)
{ {
@ -1900,12 +1940,140 @@ command_install_key (const char *fname)
} }
/* Remove the key with mail address MAILADDR. */ /* Return the filename and optioanlly the addrspec for USERID at
* R_FNAME and R_ADDRSPEC. R_ADDRSPEC might also be set on error. */
static gpg_error_t static gpg_error_t
command_remove_key (const char *mailaddr) fname_from_userid (const char *userid, char **r_fname, char **r_addrspec)
{ {
(void)mailaddr; gpg_error_t err;
return gpg_error (GPG_ERR_NOT_IMPLEMENTED); char *addrspec = NULL;
const char *domain;
char *hash = NULL;
const char *s;
char shaxbuf[32]; /* Used for SHA-1 and SHA-256 */
*r_fname = NULL;
if (r_addrspec)
*r_addrspec = NULL;
addrspec = mailbox_from_userid (userid);
if (!addrspec)
{
if (opt.verbose)
log_info ("\"%s\" is not a proper mail address\n", userid);
err = gpg_error (GPG_ERR_INV_USER_ID);
goto leave;
}
domain = strchr (addrspec, '@');
log_assert (domain);
domain++;
/* Hash user ID and create filename. */
s = strchr (addrspec, '@');
log_assert (s);
gcry_md_hash_buffer (GCRY_MD_SHA1, shaxbuf, addrspec, s - addrspec);
hash = zb32_encode (shaxbuf, 8*20);
if (!hash)
{
err = gpg_error_from_syserror ();
goto leave;
}
*r_fname = make_filename_try (opt.directory, domain, "hu", hash, NULL);
if (!*r_fname)
err = gpg_error_from_syserror ();
else
err = 0;
leave:
if (r_addrspec && addrspec)
*r_addrspec = addrspec;
else
xfree (addrspec);
xfree (hash);
return err;
}
/* Check whether the key with USER_ID is installed. */
static gpg_error_t
command_check_key (const char *userid)
{
gpg_error_t err;
char *addrspec = NULL;
char *fname = NULL;
err = fname_from_userid (userid, &fname, &addrspec);
if (err)
goto leave;
if (access (fname, R_OK))
{
err = gpg_error_from_syserror ();
if (opt_with_file)
es_printf ("%s n %s\n", addrspec, fname);
if (gpg_err_code (err) == GPG_ERR_ENOENT)
{
if (!opt.quiet)
log_info ("key for '%s' is NOT installed\n", addrspec);
log_inc_errorcount ();
err = 0;
}
else
log_error ("error stating '%s': %s\n", fname, gpg_strerror (err));
goto leave;
}
if (opt_with_file)
es_printf ("%s i %s\n", addrspec, fname);
if (opt.verbose)
log_info ("key for '%s' is installed\n", addrspec);
err = 0;
leave:
xfree (fname);
xfree (addrspec);
return err;
}
/* Remove the key with mail address in USERID. */
static gpg_error_t
command_remove_key (const char *userid)
{
gpg_error_t err;
char *addrspec = NULL;
char *fname = NULL;
err = fname_from_userid (userid, &fname, &addrspec);
if (err)
goto leave;
if (gnupg_remove (fname))
{
err = gpg_error_from_syserror ();
if (gpg_err_code (err) == GPG_ERR_ENOENT)
{
if (!opt.quiet)
log_info ("key for '%s' is not installed\n", addrspec);
log_inc_errorcount ();
err = 0;
}
else
log_error ("error removing '%s': %s\n", fname, gpg_strerror (err));
goto leave;
}
if (opt.verbose)
log_info ("key for '%s' removed\n", addrspec);
err = 0;
leave:
xfree (fname);
xfree (addrspec);
return err;
} }
@ -1913,6 +2081,7 @@ command_remove_key (const char *mailaddr)
static gpg_error_t static gpg_error_t
command_revoke_key (const char *mailaddr) command_revoke_key (const char *mailaddr)
{ {
(void)mailaddr; /* Remove should be different from removing but we have not yet
return gpg_error (GPG_ERR_NOT_IMPLEMENTED); * defined a suitable way to do this. */
return command_remove_key (mailaddr);
} }