diff options
author | Werner Koch <wk@gnupg.org> | 2017-02-23 20:10:59 +0100 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2017-02-23 20:10:59 +0100 |
commit | d30e17ac62dea8913b7f353971d546b6b1a09bd5 (patch) | |
tree | dc02a3538c98f3ae5ce32f7147800d2d9a386937 /tools/gpg-wks-server.c | |
parent | wks: New callback for the mime parser. (diff) | |
download | gnupg2-d30e17ac62dea8913b7f353971d546b6b1a09bd5.tar.xz gnupg2-d30e17ac62dea8913b7f353971d546b6b1a09bd5.zip |
wks: Make sure that the draft 2 request is correctly detected.
* tools/gpg-wks.h (WKS_DRAFT_VERSION): New.
* tools/wks-receive.c (new_part): Move test wks draft version to ...
(t2body): new callback.
(wks_receive): Register this callback.
* tools/gpg-wks-server.c (send_confirmation_request): Emit draft
version header.
(send_congratulation_message): Ditto.
* tools/gpg-wks-client.c (decrypt_stream_parm_s): New.
(decrypt_stream_status_cb): Check DECRYTPION_KEY status.
(decrypt_stream): Get infor from new callback.
(process_confirmation_request): New arg 'mainfpr'. Check that it
matches the decryption key.
(read_confirmation_request): Check that the decryption key has been
generated by us.
(command_send): Use macro from draft version header.
(send_confirmation_response): Emit draft version header.
--
This patch also adds a check to only send a confirmation when the
decryption has been done by an ultimately trusted (self-generated)
key.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'tools/gpg-wks-server.c')
-rw-r--r-- | tools/gpg-wks-server.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/tools/gpg-wks-server.c b/tools/gpg-wks-server.c index c17c1cf2e..0376cce8f 100644 --- a/tools/gpg-wks-server.c +++ b/tools/gpg-wks-server.c @@ -916,7 +916,12 @@ send_confirmation_request (server_ctx_t ctx, if (err) goto leave; - /* Help Enigmail to identify messages. Note that this is on no way + err = mime_maker_add_header (mime, "Wks-Draft-Version", + STR2(WKS_DRAFT_VERSION)); + if (err) + goto leave; + + /* Help Enigmail to identify messages. Note that this is in no way * secured. */ err = mime_maker_add_header (mime, "WKS-Phase", "confirm"); if (err) @@ -1015,7 +1020,7 @@ send_confirmation_request (server_ctx_t ctx, if (err) goto leave; - mime_maker_dump_tree (mime); + /* mime_maker_dump_tree (mime); */ err = mime_maker_get_part (mime, partid, &signeddata); if (err) goto leave; @@ -1213,6 +1218,10 @@ send_congratulation_message (const char *mbox, const char *keyfile) err = mime_maker_add_header (mime, "Subject", "Your key has been published"); if (err) goto leave; + err = mime_maker_add_header (mime, "Wks-Draft-Version", + STR2(WKS_DRAFT_VERSION)); + if (err) + goto leave; err = mime_maker_add_header (mime, "WKS-Phase", "done"); if (err) goto leave; |