This commit is contained in:
31
main.go
31
main.go
@@ -13,7 +13,7 @@
|
||||
//
|
||||
// Notes
|
||||
// - This server publishes PUBLIC keys only.
|
||||
// - WKD uses z-base-32(SHA1(strings.ToLower(addr-spec))) per spec.
|
||||
// - WKD uses z-base-32(SHA1(strings.ToLower(local-part))) per spec.
|
||||
// - HKP here is minimal: /pks/lookup?op=get|index&search=<term> (email/fpr/substring).
|
||||
// - Protect /upload behind auth in production.
|
||||
package main
|
||||
@@ -362,7 +362,7 @@ func main() {
|
||||
http.Error(w, err.Error(), 500)
|
||||
}
|
||||
})
|
||||
apiToken := getenv("KEYSERVER_API_TOKEN", "")
|
||||
apiToken := getenv("KEYSERVER_API_TOKEN", "12345678")
|
||||
mux.HandleFunc("/api/v1/keys", func(w http.ResponseWriter, r *http.Request) {
|
||||
if r.Method != http.MethodPost {
|
||||
http.Error(w, "method not allowed", http.StatusMethodNotAllowed)
|
||||
@@ -413,22 +413,31 @@ func main() {
|
||||
return
|
||||
}
|
||||
|
||||
// filename
|
||||
fn := strings.TrimSpace(req.Filename)
|
||||
// filename: prefer fingerprint (unique) -> <FPR>.asc
|
||||
fn := normalizeFPR(fpr)
|
||||
if fn == "" {
|
||||
fn = sanitizeFilename(req.Email)
|
||||
fn = sanitizeFilename(req.Email) // fallback (shouldn't happen)
|
||||
} else {
|
||||
fn = sanitizeFilename(fn)
|
||||
fn = fn + ".asc"
|
||||
}
|
||||
fn = sanitizeFilename(fn) // keeps it safe, but doesn't mangle hex
|
||||
|
||||
path := filepath.Join(keysDir, fn)
|
||||
|
||||
oldID := genID(req.Email, fpr)
|
||||
if old, ok := st.get(oldID); ok {
|
||||
if old.Filename != "" && old.Filename != fn {
|
||||
_ = os.Remove(filepath.Join(keysDir, old.Filename))
|
||||
}
|
||||
}
|
||||
|
||||
if err := os.WriteFile(path, b, 0o644); err != nil {
|
||||
http.Error(w, "save error", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
rec := KeyRecord{
|
||||
ID: genID(req.Email, fpr),
|
||||
ID: oldID,
|
||||
Name: req.Name,
|
||||
Email: req.Email,
|
||||
Fingerprint: fpr,
|
||||
@@ -479,7 +488,7 @@ func main() {
|
||||
name := strings.TrimSpace(r.FormValue("name"))
|
||||
email := strings.TrimSpace(r.FormValue("email"))
|
||||
userFPR := strings.TrimSpace(r.FormValue("fingerprint")) // optional override
|
||||
file, hdr, err := r.FormFile("file")
|
||||
file, _, err := r.FormFile("file")
|
||||
if err != nil {
|
||||
http.Error(w, "missing file", http.StatusBadRequest)
|
||||
return
|
||||
@@ -508,10 +517,8 @@ func main() {
|
||||
}
|
||||
fpr = strings.ToUpper(strings.ReplaceAll(fpr, " ", ""))
|
||||
|
||||
base := sanitizeFilename(hdr.Filename)
|
||||
if base == ".asc" || base == "" {
|
||||
base = sanitizeFilename(email)
|
||||
}
|
||||
base := normalizeFPR(fpr) + ".asc"
|
||||
base = sanitizeFilename(base)
|
||||
path := filepath.Join(keysDir, base)
|
||||
if err := os.WriteFile(path, b, 0o644); err != nil {
|
||||
http.Error(w, "save error", 500)
|
||||
|
||||
Reference in New Issue
Block a user