diff options
| author | Werner Koch <[email protected]> | 2016-08-18 09:23:40 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2016-08-18 09:23:40 +0000 |
| commit | d83ba4897bf217d1045c58d1b99e52bd31c58812 (patch) | |
| tree | 1eaf4c2976175b8dcedd5d3c3a721c3015fbf68a /common/asshelp.c | |
| parent | gpg: New option --sender (diff) | |
| download | gnupg-d83ba4897bf217d1045c58d1b99e52bd31c58812.tar.gz gnupg-d83ba4897bf217d1045c58d1b99e52bd31c58812.zip | |
dirmngr: Remove all system daemon features.
* dirmngr/dirmngr.h (opts): Remove fields 'system_service' and
'system_daemon'.
* common/homedir.c (dirmngr_sys_socket_name): Remove.
(dirmngr_user_socket_name): Rename to ...
(dirmngr_socket_name): this. Change call callers.
* common/asshelp.c (start_new_dirmngr): Remove the system socket
feature.
* tools/gpgconf.c (list_dirs): Do not print "dirmngr-sys-socket".
* sm/server.c (gpgsm_server): Adjust for removed system socket feature.
* dirmngr/server.c (cmd_getinfo): Ditto.
(cmd_killdirmngr): Remove check for system daemon.
(cmd_reloaddirmngr): Ditto.
* dirmngr/dirmngr.c (USE_W32_SERVICE): Remove macro.
(aService): Remove.
(opts): Remove --service.
(w32_service_control): Remove.
(real_main, call_real_main) [W32]: Remove wrapper.
(main): Remove Windows system service feature. Remove system dameon
feature. Use only the "~/.gnupg/dirmngr_ldapservers.conf" file.
* dirmngr/certcache.c (load_certs_from_dir): Remove warning in the
system dameon case.
* dirmngr/crlcache.c (DBDIR_D): Always use "~/.gnupg/crls.d".
* dirmngr/ocsp.c (validate_responder_cert): Do not call
validate_cert_chain which was used only in system daemon mode.
* dirmngr/validate.c (validate_cert_chain): Always use the code.
--
We are now starting dirmngr as needed as a user daemon. The
deprecated system daemon mode does not anymore make sense. In case a
system wide daemon is required, it is better to setup a dedicated
account to run dirmngr and tweak socket permissions accordingly.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'common/asshelp.c')
| -rw-r--r-- | common/asshelp.c | 47 |
1 files changed, 7 insertions, 40 deletions
diff --git a/common/asshelp.c b/common/asshelp.c index 5c32c6ed3..c03e67bff 100644 --- a/common/asshelp.c +++ b/common/asshelp.c @@ -564,18 +564,7 @@ start_new_dirmngr (assuan_context_t *r_ctx, return err; } - sockname = dirmngr_user_socket_name (); - if (sockname) - { - /* First try the local socket name and only if that fails try - the system socket. */ - err = assuan_socket_connect (ctx, sockname, 0, 0); - if (err) - sockname = dirmngr_sys_socket_name (); - } - else - sockname = dirmngr_sys_socket_name (); - + sockname = dirmngr_socket_name (); err = assuan_socket_connect (ctx, sockname, 0, 0); #ifdef USE_DIRMNGR_AUTO_START @@ -583,22 +572,9 @@ start_new_dirmngr (assuan_context_t *r_ctx, { lock_spawn_t lock; const char *argv[4]; - int try_system_daemon = 0; char *abs_homedir; - /* No connection: Try start a new Dirmngr. On Windows this will - fail because the Dirmngr is expected to be a system service. - However on WinCE we don't distinguish users and thus we can - start it. */ - - /* We prefer to start it as a user daemon. */ - sockname = dirmngr_user_socket_name (); - if (!sockname) - { - sockname = dirmngr_sys_socket_name (); - try_system_daemon = 1; - } - + /* No connection: Try start a new Dirmngr. */ if (!dirmngr_program || !*dirmngr_program) dirmngr_program = gnupg_module_name (GNUPG_MODULE_NAME_DIRMNGR); @@ -631,20 +607,11 @@ start_new_dirmngr (assuan_context_t *r_ctx, } argv[0] = "--daemon"; - if (try_system_daemon) - argv[1] = NULL; - else - { /* Try starting as user daemon - dirmngr does this if the - home directory is given on the command line. */ - argv[1] = "--homedir"; - argv[2] = abs_homedir; - argv[3] = NULL; - } - - /* On the use of HOMEDIR for locking: Under Windows HOMEDIR is - not used thus it does not matter. Under Unix we should - TRY_SYSTEM_DAEMON should never be true because - dirmngr_user_socket_name() won't return NULL. */ + /* Try starting the daemon. Versions of dirmngr < 2.1.15 do + * this only if the home directory is given on the command line. */ + argv[1] = "--homedir"; + argv[2] = abs_homedir; + argv[3] = NULL; if (!(err = lock_spawning (&lock, gnupg_homedir (), "dirmngr", verbose)) && assuan_socket_connect (ctx, sockname, 0, 0)) |