mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-31 11:41:32 +01:00
wkd: Add option --directory to the server.
* tools/gpg-wks-server.c (opts): Add '--directory', (main): Explain how to set correct permissions. (command_list_domains): Create an empty policy file and remove the warning for an empty policy file. -- Note that a policy file is meanwhile required and thus is is useful to create it. Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit f248416bc9792e80bb0785302058131de49d7639)
This commit is contained in:
parent
04604e6cb9
commit
839426104a
29
doc/wks.texi
29
doc/wks.texi
@ -215,9 +215,9 @@ Further it creates missing directories for the configuration and
|
||||
prints warnings pertaining to problems in the configuration.
|
||||
|
||||
The command @option{--check-key} (or just @option{--check}) checks
|
||||
whether a key with the given user-id is installed. The process return
|
||||
success in this case; to also print a diagnostic, use option
|
||||
@option{-v}. If the key is not installed a diagnostics is printed and
|
||||
whether a key with the given user-id is installed. The process returns
|
||||
success in this case; to also print a diagnostic use the option
|
||||
@option{-v}. If the key is not installed a diagnostic is printed and
|
||||
the process returns failure; to suppress the diagnostic, use option
|
||||
@option{-q}. More than one user-id can be given; see also option
|
||||
@option{with-file}.
|
||||
@ -243,6 +243,12 @@ The command @option{--revoke-key} is not yet functional.
|
||||
|
||||
@table @gnupgtabopt
|
||||
|
||||
@item -C @var{dir}
|
||||
@itemx --directory @var{dir}
|
||||
@opindex directory
|
||||
Use @var{dir} as top level directory for domains. The default is
|
||||
@file{/var/lib/gnupg/wks}.
|
||||
|
||||
@item --from @var{mailaddr}
|
||||
@opindex from
|
||||
Use @var{mailaddr} as the default sender address.
|
||||
@ -256,21 +262,22 @@ Add the mail header "@var{name}: @var{value}" to all outgoing mails.
|
||||
Directly send created mails using the @command{sendmail} command.
|
||||
Requires installation of that command.
|
||||
|
||||
@item --output @var{file}
|
||||
@itemx -o
|
||||
@item -o @var{file}
|
||||
@itemx --output @var{file}
|
||||
@opindex output
|
||||
Write the created mail also to @var{file}. Note that the value
|
||||
@code{-} for @var{file} would write it to stdout.
|
||||
|
||||
@item --with-dir
|
||||
@opindex with-dir
|
||||
Also print the directory name for each domain listed by command
|
||||
@option{--list-domains}.
|
||||
When used with the command @option{--list-domains} print for each
|
||||
installed domain the domain name and its directory name.
|
||||
|
||||
@item --with-file
|
||||
@opindex with-file
|
||||
With command @option{--check-key} print for each user-id, the address,
|
||||
'i' for installed key or 'n' for not installed key, and the filename.
|
||||
When used with the command @option{--check-key} print for each user-id,
|
||||
the address, 'i' for installed key or 'n' for not installed key, and
|
||||
the filename.
|
||||
|
||||
@item --verbose
|
||||
@opindex verbose
|
||||
@ -316,7 +323,7 @@ Finally run
|
||||
$ gpg-wks-server --list-domains
|
||||
@end example
|
||||
|
||||
to create the required sub-directories with the permission set
|
||||
to create the required sub-directories with the permissions set
|
||||
correctly. For each domain a submission address needs to be
|
||||
configured. All service mails are directed to that address. It can
|
||||
be the same address for all configured domains, for example:
|
||||
@ -326,7 +333,7 @@ be the same address for all configured domains, for example:
|
||||
$ echo key-submission@@example.net >submission-address
|
||||
@end example
|
||||
|
||||
The protocol requires that the key to be published is sent with an
|
||||
The protocol requires that the key to be published is send with an
|
||||
encrypted mail to the service. Thus you need to create a key for
|
||||
the submission address:
|
||||
|
||||
|
@ -58,6 +58,7 @@ enum cmd_and_opt_values
|
||||
oQuiet = 'q',
|
||||
oVerbose = 'v',
|
||||
oOutput = 'o',
|
||||
oDirectory = 'C',
|
||||
|
||||
oDebug = 500,
|
||||
|
||||
@ -108,6 +109,7 @@ static ARGPARSE_OPTS opts[] = {
|
||||
ARGPARSE_s_s (oGpgProgram, "gpg", "@"),
|
||||
ARGPARSE_s_n (oSend, "send", "send the mail using sendmail"),
|
||||
ARGPARSE_s_s (oOutput, "output", "|FILE|write the mail to FILE"),
|
||||
ARGPARSE_s_s (oDirectory, "directory", "|DIR|use DIR as top directory"),
|
||||
ARGPARSE_s_s (oFrom, "from", "|ADDR|use ADDR as the default sender"),
|
||||
ARGPARSE_s_s (oHeader, "header" ,
|
||||
"|NAME=VALUE|add \"NAME: VALUE\" as header to all mails"),
|
||||
@ -225,6 +227,9 @@ parse_arguments (ARGPARSE_ARGS *pargs, ARGPARSE_OPTS *popts)
|
||||
case oGpgProgram:
|
||||
opt.gpg_program = pargs->r.ret_str;
|
||||
break;
|
||||
case oDirectory:
|
||||
opt.directory = pargs->r.ret_str;
|
||||
break;
|
||||
case oFrom:
|
||||
opt.default_from = pargs->r.ret_str;
|
||||
break;
|
||||
@ -350,6 +355,7 @@ main (int argc, char **argv)
|
||||
{
|
||||
log_error ("directory '%s' has too relaxed permissions\n",
|
||||
opt.directory);
|
||||
log_info ("Fix by running: chmod o-rw '%s'\n", opt.directory);
|
||||
exit (2);
|
||||
}
|
||||
}
|
||||
@ -1667,7 +1673,7 @@ command_receive_cb (void *opaque, const char *mediatype,
|
||||
|
||||
|
||||
|
||||
/* Return a list of all configured domains. ECh list element is the
|
||||
/* Return a list of all configured domains. Each list element is the
|
||||
* top directory for the domain. To figure out the actual domain
|
||||
* name strrchr(name, '/') can be used. */
|
||||
static gpg_error_t
|
||||
@ -1946,7 +1952,17 @@ command_list_domains (void)
|
||||
if (!fp)
|
||||
{
|
||||
err = gpg_error_from_syserror ();
|
||||
if (gpg_err_code (err) != GPG_ERR_ENOENT)
|
||||
if (gpg_err_code (err) == GPG_ERR_ENOENT)
|
||||
{
|
||||
fp = es_fopen (fname, "w");
|
||||
if (!fp)
|
||||
log_error ("domain %s: can't create policy file: %s\n",
|
||||
domain, gpg_strerror (err));
|
||||
else
|
||||
es_fclose (fp);
|
||||
fp = NULL;
|
||||
}
|
||||
else
|
||||
log_error ("domain %s: error in policy file: %s\n",
|
||||
domain, gpg_strerror (err));
|
||||
}
|
||||
@ -1955,17 +1971,8 @@ command_list_domains (void)
|
||||
struct policy_flags_s policy;
|
||||
err = wks_parse_policy (&policy, fp, 0);
|
||||
es_fclose (fp);
|
||||
if (!err)
|
||||
{
|
||||
struct policy_flags_s empty_policy;
|
||||
memset (&empty_policy, 0, sizeof empty_policy);
|
||||
if (!memcmp (&empty_policy, &policy, sizeof policy))
|
||||
log_error ("domain %s: empty policy file\n", domain);
|
||||
}
|
||||
wks_free_policy (&policy);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
err = 0;
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user