On Sat, Aug 20, 2005 at 07:00:30AM -0400, Yaron Minsky wrote:
> On 8/19/05, David Shaw <address@hidden> wrote:
> >
> > I just tried it. It does not work.
>
>
> Harumph. So I'm just confused. Here's the code in the current version:
>
> match request with
> "/pks/add" ->
> let keytext = Scanf.sscanf (Wserver.decode body) "keytext=%s" (fun s -> s)
> in
> let keys = Armor.decode_pubkey keytext in
>
> This looks right to me. It handles "keytext=<some string>" as well as
> "keytext%3D<some string>". Jason's first patch seemed to handle the cases
> "keytext=<some string>" and "keytext%<some string>". Jason later proposed
> the following patch:
>
> let keytext = Wserver.decode body in
> let tosser = Scanf.sscanf
keytext "keytext=" (fun s -> s) in
> let keytext = Str.string_after keytext 8 in
>
> Which seems like the same thing as my most recent patch. So what's the right
> behavior? Can someone explain to me what I'm doing wrong?
Handling "keytext%<some string> is definitely incorrect. The % is
just to escape the = sign as %3D.
I'm not the best at reading ocaml, but it doesn't seem that your code
will handle arbitrary %-escaping elsewhere in <some string>. The HTTP
spec allows any character to be escaped. Some clients (like libcurl)
are a little more agressive about escaping. For example, the actual
stream that is sent from curl during the HTTP POST begins:
keytext%3D%2D%2D%2D%2D%2DBEGIN%20PGP%20PUBLIC%20KEY%20BLOCK%2D%2D%2D%2D%2D%0AVersion%3A%20GnuPG
(etc)
Why don't you think I handle that case correctly? I apply a
Wserver.decode to the whole string, and then do sscanf on it to extract
the keytext. Like this:
# Wserver.decode "keytext%3D%2D%2D%2D%2D%2DBEGIN%20PGP%20PUBLIC%20KEY%20BLOCK%2D%2D%2D%2D%2D%0AVersion%3A%20GnuPG";;
- : string = "keytext=-----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG"
Actually, now I think I understand the bug. The %s in the sscanf
doesn't capture everything, just the next word (as broken by
spaces). That's why Jason's patch does the right thing but mine
is wrong.
I'll fix that right up.
y
David
_______________________________________________
Sks-devel mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/sks-devel