dirmngr: Prepare for updated WKD specs with ?l= param
authorWerner Koch <wk@gnupg.org>
Mon, 22 Oct 2018 18:13:08 +0000 (20:13 +0200)
committerWerner Koch <wk@gnupg.org>
Mon, 22 Oct 2018 18:13:08 +0000 (20:13 +0200)
* dirmngr/server.c (proc_wkd_get): Tack the raw local address to the
request.
--

We append the raw non-canonicalized local address part to the hash.
Servers who serve the requests from static files will ignore the
parameters and a test with posteo shows that also services using a
database ignore the parameter.  The general idea is that service
providers may use their own canonicalization rules.  The problem is
that we currently filter the returned key for the full mail address
and thus we will never see a key if the service did a different
canonicalization than we.  So consider this to be an experiment.

Signed-off-by: Werner Koch <wk@gnupg.org>
dirmngr/server.c

index 2519fd6..05a530b 100644 (file)
@@ -957,19 +957,28 @@ proc_wkd_get (ctrl_t ctrl, assuan_context_t ctx, char *line)
     }
   else
     {
-      uri = strconcat ("https://",
-                       domain,
-                       portstr,
-                       "/.well-known/openpgpkey/hu/",
-                       encodedhash,
-                       NULL);
-      no_log = 1;
-      if (uri)
+      char *escapedmbox;
+
+      escapedmbox = http_escape_string (mbox, "%;?&=");
+      if (escapedmbox)
         {
-          err = dirmngr_status_printf (ctrl, "SOURCE", "https://%s%s",
-                                       domain, portstr);
-          if (err)
-            goto leave;
+          uri = strconcat ("https://",
+                           domain,
+                           portstr,
+                           "/.well-known/openpgpkey/hu/",
+                           encodedhash,
+                           "?l=",
+                           escapedmbox,
+                           NULL);
+          xfree (escapedmbox);
+          no_log = 1;
+          if (uri)
+            {
+              err = dirmngr_status_printf (ctrl, "SOURCE", "https://%s%s",
+                                           domain, portstr);
+              if (err)
+                goto leave;
+            }
         }
     }
   if (!uri)