4 files changed, 105 insertions, 45 deletions

diff --git a/sm/ChangeLog b/sm/ChangeLog
index 6da8abe5b..b93f81452 100644
--- a/sm/ChangeLog
+++ b/sm/ChangeLog
@@ -1,3 +1,10 @@
+2002-01-21  Werner Koch  <[email protected]>
+
+	* gpgsm.c: Add option --enable-crl-checks.
+
+	* call-agent.c (start_agent): Implemented socket based access.
+	* call-dirmngr.c (start_dirmngr): Ditto.
+
 2002-01-20  Werner Koch  <[email protected]>
 
 	* server.c (option_handler): New.
diff --git a/sm/call-agent.c b/sm/call-agent.c
index e7ecbd4c2..8efa539ea 100644
--- a/sm/call-agent.c
+++ b/sm/call-agent.c
@@ -35,6 +35,7 @@
 
 
 static ASSUAN_CONTEXT agent_ctx = NULL;
+static int force_pipe_server = 0;
 
 struct cipher_parm_s {
   ASSUAN_CONTEXT ctx;
@@ -126,17 +127,17 @@ start_agent (void)
 {
   int rc;
   char *infostr, *p;
+  ASSUAN_CONTEXT ctx;
 
   if (agent_ctx)
     return 0; /* fixme: We need a context for each thread or serialize
                  the access to the agent (which is suitable given that
                  the agent is not MT */
 
-  infostr = getenv ("GPG_AGENT_INFO");
+  infostr = force_pipe_server? NULL : getenv ("GPG_AGENT_INFO");
   if (!infostr)
     {
       const char *pgmname;
-      ASSUAN_CONTEXT ctx;
       const char *argv[3];
 
       log_info (_("no running gpg-agent - starting one\n"));
@@ -160,27 +161,51 @@ start_agent (void)
 
       /* connect to the agent and perform initial handshaking */
       rc = assuan_pipe_connect (&ctx, opt.agent_program, (char**)argv, 0);
-      if (rc)
-        {
-          log_error ("can't connect to the agent: %s\n", assuan_strerror (rc));
-          return seterr (No_Agent);
-        }
-      agent_ctx = ctx;
     }
   else
     {
+      int prot;
+      int pid;
+
       infostr = xstrdup (infostr);
-      if ( !(p = strchr (infostr, ':')) || p == infostr
-           /* || (p-infostr)+1 >= sizeof client_addr.sun_path */)
+      if ( !(p = strchr (infostr, ':')) || p == infostr)
         {
           log_error (_("malformed GPG_AGENT_INFO environment variable\n"));
           xfree (infostr);
-          return seterr (General_Error);
+          force_pipe_server = 1;
+          return start_agent ();
         }
-      *p = 0;
-      log_error (_("socket based agent communication not yet implemented\n"));
-      return seterr (Not_Implemented);
+      *p++ = 0;
+      pid = atoi (p);
+      while (*p && *p != ':')
+        p++;
+      prot = *p? atoi (p+1) : 0;
+      if (prot != 1)
+        {
+          log_error (_("gpg-agent protocol version %d is not supported\n"),
+                     prot);
+          xfree (infostr);
+          force_pipe_server = 1;
+          return start_agent ();
+        }
+
+      rc = assuan_socket_connect (&ctx, infostr, pid);
+      xfree (infostr);
+      if (rc == ASSUAN_Connect_Failed)
+        {
+          log_error (_("can't connect to the agent - trying fall back\n"));
+          force_pipe_server = 1;
+          return start_agent ();
+        }
+    }
+
+
+  if (rc)
+    {
+      log_error ("can't connect to the agent: %s\n", assuan_strerror (rc));
+      return seterr (No_Agent);
     }
+  agent_ctx = ctx;
 
   if (DBG_AGENT)
     log_debug ("connection to agent established\n");
diff --git a/sm/call-dirmngr.c b/sm/call-dirmngr.c
index 2323e761c..ee41eb4ff 100644
--- a/sm/call-dirmngr.c
+++ b/sm/call-dirmngr.c
@@ -34,6 +34,7 @@
 #include "i18n.h"
 
 static ASSUAN_CONTEXT dirmngr_ctx = NULL;
+static int force_pipe_server = 0;
 
 struct inq_certificate_parm_s {
   ASSUAN_CONTEXT ctx;
@@ -57,17 +58,16 @@ start_dirmngr (void)
 {
   int rc;
   char *infostr, *p;
+  ASSUAN_CONTEXT ctx;
 
   if (dirmngr_ctx)
     return 0; /* fixme: We need a context for each thread or serialize
-                 the access to the agent (which is suitable given that
-                 the agent is not MT */
+                 the access to the dirmngr */
 
-  infostr = getenv ("DIRMNGR_INFO");
+  infostr = force_pipe_server? NULL : getenv ("DIRMNGR_INFO");
   if (!infostr)
     {
       const char *pgmname;
-      ASSUAN_CONTEXT ctx;
       const char *argv[3];
 
       log_info (_("no running dirmngr - starting one\n"));
@@ -91,27 +91,50 @@ start_dirmngr (void)
 
       /* connect to the agent and perform initial handshaking */
       rc = assuan_pipe_connect (&ctx, opt.dirmngr_program, (char**)argv, 0);
-      if (rc)
-        {
-          log_error ("can't connect to the dirmngr: %s\n", assuan_strerror (rc));
-          return seterr (No_Dirmngr);
-        }
-      dirmngr_ctx = ctx;
     }
   else
     {
+      int prot;
+      int pid;
+
       infostr = xstrdup (infostr);
-      if ( !(p = strchr (infostr, ':')) || p == infostr
-           /* || (p-infostr)+1 >= sizeof client_addr.sun_path */)
+      if ( !(p = strchr (infostr, ':')) || p == infostr)
         {
           log_error (_("malformed DIRMNGR_INFO environment variable\n"));
           xfree (infostr);
-          return seterr (General_Error);
+          force_pipe_server = 1;
+          return start_dirmngr ();
+        }
+      *p++ = 0;
+      pid = atoi (p);
+      while (*p && *p != ':')
+        p++;
+      prot = *p? atoi (p+1) : 0;
+      if (prot != 1)
+        {
+          log_error (_("dirmngr protocol version %d is not supported\n"),
+                     prot);
+          xfree (infostr);
+          force_pipe_server = 1;
+          return start_dirmngr ();
         }
-      *p = 0;
-      log_error (_("socket based dirmngr communication not yet implemented\n"));
-      return seterr (Not_Implemented);
+
+      rc = assuan_socket_connect (&ctx, infostr, pid);
+      xfree (infostr);
+      if (rc == ASSUAN_Connect_Failed)
+        {
+          log_error (_("can't connect to the dirmngr - trying fall back\n"));
+          force_pipe_server = 1;
+          return start_dirmngr ();
+        }
+    }
+
+  if (rc)
+    {
+      log_error ("can't connect to the dirmngr: %s\n", assuan_strerror (rc));
+      return seterr (No_Dirmngr);
     }
+  dirmngr_ctx = ctx;
 
   if (DBG_AGENT)
     log_debug ("connection to dirmngr established\n");
diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index bdbde7938..d9b9e27b9 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -36,24 +36,24 @@
 
 enum cmd_and_opt_values {
   aNull = 0,
-  oArmor	  = 'a',
+  oArmor        = 'a',
   aDetachedSign = 'b',
-  aSym	  = 'c',
-  aDecrypt	  = 'd',
-  aEncr	  = 'e',
+  aSym	        = 'c',
+  aDecrypt	= 'd',
+  aEncr	        = 'e',
   oInteractive  = 'i',
-  oKOption	  = 'k',
-  oDryRun	  = 'n',
-  oOutput	  = 'o',
-  oQuiet	  = 'q',
-  oRecipient	  = 'r',
-  aSign	  = 's',
+  oKOption	= 'k',
+  oDryRun	= 'n',
+  oOutput	= 'o',
+  oQuiet	= 'q',
+  oRecipient	= 'r',
+  aSign	        = 's',
   oTextmodeShort= 't',
-  oUser	  = 'u',
-  oVerbose	  = 'v',
-  oCompress	  = 'z',
-  oNotation	  = 'N',
-  oBatch	  = 500,
+  oUser	        = 'u',
+  oVerbose	= 'v',
+  oCompress	= 'z',
+  oNotation	= 'N',
+  oBatch	= 500,
   aClearsign,
   aStore,
   aKeygen,
@@ -96,6 +96,7 @@ enum cmd_and_opt_values {
   oNoArmor,
 
   oDisableCRLChecks,
+  oEnableCRLChecks,
 
   oTextmode,
   oFingerprint,
@@ -226,6 +227,7 @@ static ARGPARSE_OPTS opts[] = {
 
 
     { oDisableCRLChecks, "disable-crl-checks", 0, N_("never consult a CRL")},
+    { oEnableCRLChecks, "enable-crl-checks", 0, "@"},
 
 
 #if 0
@@ -736,6 +738,9 @@ main ( int argc, char **argv)
         case oDisableCRLChecks:
           opt.no_crl_check = 1;
           break;
+        case oEnableCRLChecks:
+          opt.no_crl_check = 0;
+          break;
           
 
         case oOutput: opt.outfile = pargs.r.ret_str; break;