| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* common/dns-cert.h: Move to ../dirmngr/.
* common/dns-cert.c: Move to ../dirmngr/. Change args to return the
key as a buffer.
* common/t-dns-cert.c: Move to ../dirmngr/.
* common/pka.c, common/pka.h, common/t-pka.c: Remove.
* dirmngr/server.c (data_line_cookie_write): Factor code out to
data_line_write and make it a wrapper for that.
(data_line_write): New.
(cmd_dns_cert): New.
(register_commands): Register new command.
* g10/Makefile.am (LDADD): Remove DNSLIBS.
* g10/call-dirmngr.c (dns_cert_parm_s): New.
(dns_cert_data_cb, dns_cert_status_cb): New.
(gpg_dirmngr_dns_cert): New.
(gpg_dirmngr_get_pka): New.
* g10/gpgv.c (gpg_dirmngr_get_pka): New dummy function.
* g10/keyserver.c (keyserver_import_cert): Replace get_dns_cert by
gpg_dirmngr_dns_cert.
(keyserver_import_pka): Replace get_pka_info by gpg_dirmngr_get_pka.
* g10/mainproc.c: Include call-dirmngr.h.
(pka_uri_from_sig): Add CTX arg. Replace get_pka_info by
gpg_dirmngr_get_pka.
--
With this patch gpg does not do any network access itself but uses
dirmngr for that. Note that we need to keep linking to NETLIBS due to
the logging code and because we need TCP for our socket emulation
under Windows. Probably also required for Solaris etc.
Signed-off-by: Werner Koch <[email protected]>
|
|
--
|
|
* common/dns-cert.c (get_dns_cert): Make r_key optional.
* common/pka.c: Rewrite for the new hash based lookup.
* common/t-pka.c: New.
* configure.ac: Remove option --disable-dns-pka.
(USE_DNS_PKA): Remove ac_define.
* g10/getkey.c (parse_auto_key_locate): Always include PKA.
--
Note that although PKA is now always build, it will only work if
support for looking up via DNS has not been disabled.
The new PKA only works with the IPGP DNS certtype and shall be used
only to retrieve the fingerprint and optional the key for the first
time. Due to the security problems with DNSSEC the former assumption
to validate the key using DNSSEC is not anymore justified. Instead an
additional layer (e.g. Trust-On-First-Use) needs to be implemented to
track change to the key. Having a solid way of getting a key matching
a mail address is however a must have.
More work needs to go into a redefinition of the --verify-options
pka-lookups and pka-trust-increase. The auto-key-locate mechanism
should also be able to continue key fetching with another methods once
the fingerprint has been retrieved with PKA.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/host2net.h (buf16_to_ulong, buf16_to_uint): New.
(buf16_to_ushort, buf16_to_u16): New.
(buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New.
--
Commit 91b826a38880fd8a989318585eb502582636ddd8 was not enough to
avoid all sign extension on shift problems. Hanno Böck found a case
with an invalid read due to this problem. To fix that once and for
all almost all uses of "<< 24" and "<< 8" are changed by this patch to
use an inline function from host2net.h.
Signed-off-by: Werner Koch <[email protected]>
|
|
* configure.ac <adns>: Use adns_free as probe function for libadns.
(HAVE_ADNS_FREE): Remove bogus tests to set this and remove the macro.
(ADNSLIBS): Do not ac_subst - it is only used within configure.
--
adns_free is required on Windows anyway (for robustness reasons) and
it has been around for so long now that we do not need a separate
test. An upstream adns 1.5 has meanwhile been release but I doubt that
this has the required Windows code - and it is not libtool based
anyway.
|
|
|
|
Having the LGPL on the common GnuPG code helps to share code
between GnuPG and related projects (like GPGME and Libassuan). This
is good for interoperability and to reduces bugs.
* common/asshelp.c, common/asshelp.h, common/asshelp2.c, common/b64dec.c
* common/b64enc.c, common/convert.c, common/dns-cert.c
* common/dns-cert.h common/exechelp-posix.c, common/exechelp-w32.c
* common/exechelp-w32ce.c, common/exechelp.h, common/get-passphrase.c
* common/get-passphrase.h, common/gettime.c, common/gpgrlhelp.c
* common/helpfile.c, common/homedir.c, common/http.c, common/http.h
* common/i18n.c, common/init.c, common/init.h, common/iobuf.c
* common/iobuf.h, common/localename.c, common/membuf.c, common/membuf.h
* common/miscellaneous.c, common/openpgp-oid.c, common/openpgpdefs.h
* common/percent.c, common/pka.c, common/pka.h, common/session-env.c
* common/session-env.h, common/sexp-parse.h, common/sexputil.c
* common/signal.c, common/srv.c, common/srv.h, common/ssh-utils.c
* common/ssh-utils.h, common/sysutils.c, common/sysutils.h
* common/tlv.c, common/tlv.h, common/ttyio.c, common/ttyio.h
* common/userids.c, common/userids.h, common/xasprintf.c: Change
license to LGPLv3+/GPLv2+/
|
|
|
|
We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces. In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much. For future commits the pre-commit scripts
checks that this won't happen again.
|
|
2010-04-20 Marcus Brinkmann <[email protected]>
* logging.c (do_log_ignore_arg): New helper function.
(log_string): Use it to remove ugly volatile hack that causes gcc
warning.
(log_flush): Likewise.
* sysutils.c (gnupg_unsetenv) [!HAVE_W32CE_SYSTEM]: Return something.
(gnupg_setenv) [!HAVE_W32CE_SYSTEM]: Likewise.
* pka.c (get_pka_info): Solve strict aliasing rule violation.
* t-exechelp.c (test_close_all_fds): Use dummy variables to
silence gcc warning.
kbx/
2010-04-20 Marcus Brinkmann <[email protected]>
* keybox-update.c [!HAVE_DOSISH_SYSTEM]: Include
../common/sysutils.h even then to silence gcc warning about
missing declaration of gnupg_remove.
tools/
2010-04-20 Marcus Brinkmann <[email protected]>
* gpgconf-comp.c (option_check_validity): Use dummy variables to
silence gcc warning.
|
|
descriptors.
|
|
|
|
|
|
Implemented key helper kdns
|
|
Convey the new envvars when using simple-pwquery.
|
|
Removed intl/.
|
|
|
