diff options
| author | Werner Koch <wk@gnupg.org> | 2016-11-07 14:04:47 +0100 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2016-11-07 14:04:47 +0100 |
| commit | 56e1864aa337f36317534db521fd4434d70e0784 (patch) | |
| tree | 12209f397c61c12163162042f5d6602e211176dd /tools/gpg-wks-client.c | |
| parent | tests,tools: Reimplement 'mk-tdata' in Scheme. (diff) | |
| download | gnupg2-56e1864aa337f36317534db521fd4434d70e0784.tar.xz gnupg2-56e1864aa337f36317534db521fd4434d70e0784.zip | |
wks: Encrypt all client mails also the target key,
* tools/gpg-wks-client.c (encrypt_response): Add arg FINGERPRINT.
(send_confirmation_response): Ditto.
(process_confirmation_request): Parse out fingerprint and pass
send_confirmation_response.
--
This is useful for debugging the protocol and to avoid surprises when
the sender tries to open a message from the Sent folder.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'tools/gpg-wks-client.c')
| -rw-r--r-- | tools/gpg-wks-client.c | 46 |
1 files changed, 32 insertions, 14 deletions
diff --git a/tools/gpg-wks-client.c b/tools/gpg-wks-client.c index cc0c0a57e..9bf5403b0 100644 --- a/tools/gpg-wks-client.c +++ b/tools/gpg-wks-client.c @@ -113,7 +113,8 @@ static void wrong_args (const char *text) GPGRT_ATTR_NORETURN; static gpg_error_t command_supported (char *userid); static gpg_error_t command_send (const char *fingerprint, char *userid); static gpg_error_t encrypt_response (estream_t *r_output, estream_t input, - const char *addrspec); + const char *addrspec, + const char *fingerprint); static gpg_error_t read_confirmation_request (estream_t msg); static gpg_error_t command_receive_cb (void *opaque, const char *mediatype, estream_t fp, @@ -604,7 +605,7 @@ command_send (const char *fingerprint, char *userid) /* Encrypt the key part. */ es_rewind (key); - err = encrypt_response (&keyenc, key, submission_to); + err = encrypt_response (&keyenc, key, submission_to, fingerprint); if (err) goto leave; es_fclose (key); @@ -688,14 +689,16 @@ encrypt_response_status_cb (void *opaque, const char *keyword, char *args) /* Encrypt the INPUT stream to a new stream which is stored at success - * at R_OUTPUT. Encryption is done for ADDRSPEC. We currently - * retrieve that key from the WKD, DANE, or from "local". "local" is - * last to prefer the latest key version but use a local copy in case - * we are working offline. It might be useful for the server to send - * the fingerprint of its encryption key - or even the entire key - * back. */ + * at R_OUTPUT. Encryption is done for ADDRSPEC and for FINGERPRINT + * (so that the sent message may later be inspected by the user). We + * currently retrieve that key from the WKD, DANE, or from "local". + * "local" is last to prefer the latest key version but use a local + * copy in case we are working offline. It might be useful for the + * server to send the fingerprint of its encryption key - or even the + * entire key back. */ static gpg_error_t -encrypt_response (estream_t *r_output, estream_t input, const char *addrspec) +encrypt_response (estream_t *r_output, estream_t input, const char *addrspec, + const char *fingerprint) { gpg_error_t err; ccparray_t ccp; @@ -730,6 +733,8 @@ encrypt_response (estream_t *r_output, estream_t input, const char *addrspec) ccparray_put (&ccp, "--auto-key-locate=clear,wkd,dane,local"); ccparray_put (&ccp, "--recipient"); ccparray_put (&ccp, addrspec); + ccparray_put (&ccp, "--recipient"); + ccparray_put (&ccp, fingerprint); ccparray_put (&ccp, "--encrypt"); ccparray_put (&ccp, "--"); @@ -764,7 +769,8 @@ encrypt_response (estream_t *r_output, estream_t input, const char *addrspec) static gpg_error_t send_confirmation_response (const char *sender, const char *address, - const char *nonce, int encrypt) + const char *nonce, int encrypt, + const char *fingerprint) { gpg_error_t err; estream_t body = NULL; @@ -800,7 +806,7 @@ send_confirmation_response (const char *sender, const char *address, es_rewind (body); if (encrypt) { - err = encrypt_response (&bodyenc, body, sender); + err = encrypt_response (&bodyenc, body, sender, fingerprint); if (err) goto leave; es_fclose (body); @@ -876,7 +882,7 @@ process_confirmation_request (estream_t msg) gpg_error_t err; nvc_t nvc; nve_t item; - const char *value, *sender, *address, *nonce; + const char *value, *sender, *address, *fingerprint, *nonce; err = nvc_parse (&nvc, NULL, msg); if (err) @@ -903,6 +909,18 @@ process_confirmation_request (estream_t msg) goto leave; } + /* Get the fingerprint. */ + if (!((item = nvc_lookup (nvc, "fingerprint:")) + && (value = nve_value (item)) + && strlen (value) >= 40)) + { + log_error ("received invalid wks message: %s\n", + "'fingerprint' missing or invalid"); + err = gpg_error (GPG_ERR_INV_DATA); + goto leave; + } + fingerprint = value; + /* FIXME: Check that the fingerprint matches the key used to decrypt the * message. */ @@ -947,11 +965,11 @@ process_confirmation_request (estream_t msg) /* Send the confirmation. If no key was found, try again without * encryption. */ - err = send_confirmation_response (sender, address, nonce, 1); + err = send_confirmation_response (sender, address, nonce, 1, fingerprint); if (gpg_err_code (err) == GPG_ERR_NO_PUBKEY) { log_info ("no encryption key found - sending response in the clear\n"); - err = send_confirmation_response (sender, address, nonce, 0); + err = send_confirmation_response (sender, address, nonce, 0, NULL); } leave: |