aboutsummaryrefslogtreecommitdiffstats
path: root/dirmngr/dirmngr.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* dirmngr: Do not implement --supervised in Windows.Werner Koch2016-10-271-3/+7
| | | | | | | * dirmngr/dirmngr.c (opts) [W32]: Remove --supervised. (main) [W32]: Ditto. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Implement --supervised command (for systemd, etc).Daniel Kahn Gillmor2016-10-271-0/+40
| | | | | | | | | | | | | | | | | | | | | | | * dirmngr/dirmngr.c (main): Add new --supervised command, which is a mode designed for running under a process supervision system like systemd or runit. * doc/dirmngr.texi: document --supervised option. -- "dirmngr --supervised" is a way to invoke dirmngr such that a system supervisor like systemd can provide socket-activated startup, log management, and scheduled shutdown. When running in this mode, dirmngr: * Does not open its own listening socket; rather, it expects to be given a listening socket on file descriptor 3. * Does not detach from the invoking process, staying in the foreground instead. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* dirmngr: report actual socket name.Daniel Kahn Gillmor2016-10-271-0/+9
| | | | | | | | | | | | | | * dirmngr/dirmngr.[ch] (dirmngr_get_current_socket_name): new function to report known socket name. * dirmngr/server.c (cmd_getinfo): use dirmngr_get_current_socket_name to report correct socket name. -- This fixes the output of 'getinfo socket_name' when dirmngr is invoked with --socket-name. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* dirmngr: Fix hang due to deferred thread initialization.Werner Koch2016-10-261-13/+12
| | | | | | | | | * dirmngr/dirmngr.c (main): Call ldap_wrapper_launch_thread after thread_init. -- Fixes-commit: eda17649f8bd3b8ce7bfc00a3c11cbcae63c845d Signed-off-by: Werner Koch <[email protected]>
* Fix use cases of snprintf.NIIBE Yutaka2016-10-211-2/+1
| | | | | | | | | | | * agent/call-pinentry.c, agent/call-scd.c, agent/command.c, build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c, dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c, g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c, sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* agent, dirmngr, scd: Fix init_common_subsystems.NIIBE Yutaka2016-10-071-0/+1
| | | | | | | | | | | * common/init.c (_init_common_subsystems): Don't call gpgrt_set_syscall_clamp in this function. * agent/gpg-agent.c, dirmngr/dirmngr.c, scd/scdaemon.c: Call gpgrt_set_syscall_clamp after npth_init. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* agent, dirmngr, scd: npth_init must be after fork.NIIBE Yutaka2016-10-041-11/+20
| | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (thread_init_once, initialize_modules): New. (main): Make sure no daemonizing-fork call after npth_init, and no npth calls before npth_init, with care of npth calls by assuan hooks. * dirmngr/dirmngr.c (thread_init): New. (main): Make sure npth_init must not be called before daemonizing fork. * scd/scdaemon.c (main): Likewise. -- It is simply the best for nPth not to allow the daemonizing fork after npth_init, because semantics and implementations of forked child process in a threaded application is a difficult corner case. GnuPG-bug-id: 1779 Signed-off-by: NIIBE Yutaka <[email protected]>
* dirmngr: Silence diagnostics about starting housekeeping.Werner Koch2016-09-191-2/+2
| | | | | | | * dirmngr/dirmngr.c (housekeeping_thread): Print info only in very verbose mode. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Terminate on deletion of the socket file (Linux only).Werner Koch2016-09-071-4/+99
| | | | | | | | | | | | * dirmngr/dirmngr.c [HAVE_INOTIFY_INIT]: Include sys/inotify.h. (oDisableCheckOwnSocket): New. (opts): Add --disable-check-own-socket. (disable_check_own_socket): New var. (parse_rereadable_options): Set that var. (my_inotify_is_name) [HAVE_INOTIFY_INIT]: New. (handle_connections) [HAVE_INOTIFY_INIT]: New. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Exclude D lines from the IPC debug output.Werner Koch2016-09-051-1/+1
| | | | | | | | | | | | | | | | * dirmngr/dirmngr.h: Include asshelp.h. * dirmngr/server.c (server_local_s): Add inhibit_dara_logging fields. (data_line_write): Implement logging inhibit. (data_line_cookie_close): Print non-logged D lines. (cmd_wkd_get, cmd_ks_get, cmd_ks_fetch): Do not log D lines. (dirmngr_assuan_log_monitor): New. * dirmngr/dirmngr.c (main): Register monitor function. -- In particular with large keys the D lines clutter the log output and make it unusable. Signed-off-by: Werner Koch <[email protected]>
* common: Add an assuan logging monitor.Werner Koch2016-09-051-1/+1
| | | | | | | | | * common/asshelp.c (my_log_monitor): New var. (my_libassuan_log_handler): Run that monitor. (setup_libassuan_logging): Add arg to set a log monitor and change all callers. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Remove all system daemon features.Werner Koch2016-08-181-176/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * dirmngr/dirmngr.h (opts): Remove fields 'system_service' and 'system_daemon'. * common/homedir.c (dirmngr_sys_socket_name): Remove. (dirmngr_user_socket_name): Rename to ... (dirmngr_socket_name): this. Change call callers. * common/asshelp.c (start_new_dirmngr): Remove the system socket feature. * tools/gpgconf.c (list_dirs): Do not print "dirmngr-sys-socket". * sm/server.c (gpgsm_server): Adjust for removed system socket feature. * dirmngr/server.c (cmd_getinfo): Ditto. (cmd_killdirmngr): Remove check for system daemon. (cmd_reloaddirmngr): Ditto. * dirmngr/dirmngr.c (USE_W32_SERVICE): Remove macro. (aService): Remove. (opts): Remove --service. (w32_service_control): Remove. (real_main, call_real_main) [W32]: Remove wrapper. (main): Remove Windows system service feature. Remove system dameon feature. Use only the "~/.gnupg/dirmngr_ldapservers.conf" file. * dirmngr/certcache.c (load_certs_from_dir): Remove warning in the system dameon case. * dirmngr/crlcache.c (DBDIR_D): Always use "~/.gnupg/crls.d". * dirmngr/ocsp.c (validate_responder_cert): Do not call validate_cert_chain which was used only in system daemon mode. * dirmngr/validate.c (validate_cert_chain): Always use the code. -- We are now starting dirmngr as needed as a user daemon. The deprecated system daemon mode does not anymore make sense. In case a system wide daemon is required, it is better to setup a dedicated account to run dirmngr and tweak socket permissions accordingly. Signed-off-by: Werner Koch <[email protected]>
* Call log_set_prefix() with human-readable labels.Daniel Kahn Gillmor2016-08-121-2/+2
| | | | | | | | | | | | | | | | | | * agent/preset-passphrase.c, agent/protect-tool.c, dirmngr/dirmngr.c * dirmngr/t-http.c, g10/gpg.c, g10/gpgv.c, g13/g13-syshelp.c * g13/g13.c, kbx/kbxutil.c, scd/scdaemon.c, sm/gpgsm.c * tests/gpgscm/main.c, tools/gpg-check-pattern.c * tools/gpg-connect-agent.c, tools/gpgconf.c, tools/gpgtar.c * tools/symcryptrun.c: Invoke log_set_prefix() with human-readable labels. -- Some invocations of log_set_prefix() were done with raw numeric values instead of values that humans can understand. Use symbolic representations instead of numeric for better readability. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* Cleanup initialization of libgcrypt.Ben Kibbey2016-08-091-4/+0
| | | | | | | | | | | | * common/init.c (init_common_subsystems): Initialize libgcrypt. * dirmngr/Makefile.am (dirmngr_ldap): Link with libgcrypt. -- Most other modules already call gcry_check_version() after init_common_subsystems() so may as well move initialization of libgcrypt to here. Also fixes a warning in the system log from gpgconf --homedir. Signed-off-by: Ben Kibbey <[email protected]>
* Explicitly restrict socket permissions.Werner Koch2016-06-081-0/+4
| | | | | | | | | | * agent/gpg-agent.c (create_server_socket): Call chmod before listen. * scd/scdaemon.c (create_server_socket): Ditto. * dirmngr/dirmngr.c (main): Ditto. -- This is just in case of a improperly set umask. Note that a connect requires a write permissions.
* Replace use of opt.homedir by accessor functions.Werner Koch2016-06-071-13/+12
| | | | | | | | | | | | | | | | | | | * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <[email protected]>
* build: Require at least Libassuan 2.4.1.Werner Koch2015-12-021-13/+0
| | | | | | | | | | | | | | | * configure.ac (NEED_LIBASSUAN_VERSION): Set to 2.4.1. * agent/gpg-agent.c (create_server_socket): Remove check for libassuan >= 2.3.0 and >= 2.1.4. (main): Remove check for libassuan >= 2.1.4. * scd/scdaemon.c (create_server_socket): Remove check for libassuan >= 2.1.4. * dirmngr/dirmngr.c (set_tor_mode): Remove check for libassuan >= 2.3.0. * dirmngr/http.c (http_raw_connect, send_request): Remove checks for libassuan >= 2.3.0. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Switch to an onion address if Tor is running.Werner Koch2015-12-021-4/+3
| | | | | | | | | | | | | | | | | | | | | | | | * dirmngr/dirmngr.h (opt): Turn field 'keyserver' into an strlist. * dirmngr/dirmngr.c (parse_rereadable_options): Allow multiple --keyserver options. * dirmngr/server.c (server_local_s): Add field 'tor_state'. (release_uri_item_list): New. (release_ctrl_keyservers): Use it. (start_command_handler): Release list of keyservers. (is_tor_running): New. (cmd_getinfo): Re-implement "tor" subcommand using new fucntion. (ensure_keyserver): Rewrite. * g10/dirmngr-conf.skel: Add two keyserver options. -- This feature is independent of --use-tor and automagically uses Tor if available. The dirmngr.conf file needs to specify two keyservers to make this work. For new installations this is done using the skeleton file. This feature requires the Libassuan 2.4.2 to work. This patch also fixes a memory leak of opt.keyserver en passant. Signed-off-by: Werner Koch <[email protected]>
* Fix typos found using codespell.Justus Winter2015-11-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/cache.c: Fix typos. * agent/call-pinentry.c: Likewise. * agent/call-scd.c: Likewise. * agent/command-ssh.c: Likewise. * agent/command.c: Likewise. * agent/divert-scd.c: Likewise. * agent/findkey.c: Likewise. * agent/gpg-agent.c: Likewise. * agent/w32main.c: Likewise. * common/argparse.c: Likewise. * common/audit.c: Likewise. * common/audit.h: Likewise. * common/convert.c: Likewise. * common/dotlock.c: Likewise. * common/exechelp-posix.c: Likewise. * common/exechelp-w32.c: Likewise. * common/exechelp-w32ce.c: Likewise. * common/exechelp.h: Likewise. * common/helpfile.c: Likewise. * common/i18n.h: Likewise. * common/iobuf.c: Likewise. * common/iobuf.h: Likewise. * common/localename.c: Likewise. * common/logging.c: Likewise. * common/openpgp-oid.c: Likewise. * common/session-env.c: Likewise. * common/sexputil.c: Likewise. * common/sysutils.c: Likewise. * common/t-sexputil.c: Likewise. * common/ttyio.c: Likewise. * common/util.h: Likewise. * dirmngr/cdblib.c: Likewise. * dirmngr/certcache.c: Likewise. * dirmngr/crlcache.c: Likewise. * dirmngr/dirmngr-client.c: Likewise. * dirmngr/dirmngr.c: Likewise. * dirmngr/dirmngr_ldap.c: Likewise. * dirmngr/dns-stuff.c: Likewise. * dirmngr/http.c: Likewise. * dirmngr/ks-engine-hkp.c: Likewise. * dirmngr/ks-engine-ldap.c: Likewise. * dirmngr/ldap-wrapper.c: Likewise. * dirmngr/ldap.c: Likewise. * dirmngr/misc.c: Likewise. * dirmngr/ocsp.c: Likewise. * dirmngr/validate.c: Likewise. * g10/encrypt.c: Likewise. * g10/getkey.c: Likewise. * g10/gpg.c: Likewise. * g10/gpgv.c: Likewise. * g10/import.c: Likewise. * g10/keydb.c: Likewise. * g10/keydb.h: Likewise. * g10/keygen.c: Likewise. * g10/keyid.c: Likewise. * g10/keylist.c: Likewise. * g10/keyring.c: Likewise. * g10/mainproc.c: Likewise. * g10/misc.c: Likewise. * g10/options.h: Likewise. * g10/packet.h: Likewise. * g10/parse-packet.c: Likewise. * g10/pkclist.c: Likewise. * g10/pkglue.c: Likewise. * g10/plaintext.c: Likewise. * g10/server.c: Likewise. * g10/sig-check.c: Likewise. * g10/sqlite.c: Likewise. * g10/tdbio.c: Likewise. * g10/test-stubs.c: Likewise. * g10/tofu.c: Likewise. * g10/trust.c: Likewise. * g10/trustdb.c: Likewise. * g13/create.c: Likewise. * g13/mountinfo.c: Likewise. * kbx/keybox-blob.c: Likewise. * kbx/keybox-file.c: Likewise. * kbx/keybox-init.c: Likewise. * kbx/keybox-search-desc.h: Likewise. * kbx/keybox-search.c: Likewise. * kbx/keybox-update.c: Likewise. * scd/apdu.c: Likewise. * scd/app-openpgp.c: Likewise. * scd/app-p15.c: Likewise. * scd/app.c: Likewise. * scd/ccid-driver.c: Likewise. * scd/command.c: Likewise. * scd/iso7816.c: Likewise. * sm/base64.c: Likewise. * sm/call-agent.c: Likewise. * sm/call-dirmngr.c: Likewise. * sm/certchain.c: Likewise. * sm/gpgsm.c: Likewise. * sm/import.c: Likewise. * sm/keydb.c: Likewise. * sm/minip12.c: Likewise. * sm/qualified.c: Likewise. * sm/server.c: Likewise. * tools/gpg-check-pattern.c: Likewise. * tools/gpgconf-comp.c: Likewise. * tools/gpgkey2ssh.c: Likewise. * tools/gpgparsemail.c: Likewise. * tools/gpgtar.c: Likewise. * tools/rfc822parse.c: Likewise. * tools/symcryptrun.c: Likewise. Signed-off-by: Justus Winter <[email protected]>
* dirmngr: New option --nameserver.Werner Koch2015-11-121-0/+7
| | | | | | | | | | | | * dirmngr/dirmngr.c (oNameServer): New. (opts): Add --nameserver. (parse_rereadable_options): Act upon oNameServer. * dirmngr/dns-stuff.c (DEFAULT_NAMESERVER): New. (tor_nameserver): New. (set_dns_nameserver): New. (my_adns_init): Make name server configurable. Signed-off-by: Werner Koch <[email protected]>
* Change capitalization of TOR to Tor.Werner Koch2015-10-211-3/+3
| | | | --
* dirmngr: Allow building with libassuan < 2.3.Werner Koch2015-10-191-0/+2
| | | | | | | | | | * dirmngr/dirmngr.c (set_tor_mode): Use newer assuan function only if available. * dirmngr/http.c (http_raw_connect): Ditto. -- Frankly we should require that but we can also wait for 2.4.0 and switch then.
* dirmngr: Make --use-tor work - still leaks DNS.Werner Koch2015-10-191-2/+17
| | | | | | | | | | | | | * dirmngr/dirmngr.c (set_tor_mode): New. (main, reread_configuration): Call it. * dirmngr/http.c (http_raw_connect, send_request): Check whether TOR mode is enabled if the FORCE_TOR flag is given. -- The patch for http.c is a sanity check because tor mode is anyway global as long as the Assuan socket wrappers are used. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Do tilde expansion for --hkp-cacert.Werner Koch2015-10-061-1/+14
| | | | | | | | | * dirmngr/dirmngr.c (parse_rereadable_options): Do tilde expansion and check for cert file existance in option --hkp-cacert. -- GnuPG-bug-id: 2120 Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Add option --keyserver.Werner Koch2015-10-051-1/+12
| | | | | | | | | | | | | | | | | | | | | | * dirmngr/dirmngr.c (oKeyServer): New. (opts): Add "keyserver". (parse_rereadable_options): Parse that options (main): Add option to the gpgconf list. * dirmngr/dirmngr.h (opt): Add field "keyserver". * dirmngr/server.c (ensure_keyserver): New. (make_keyserver_item): New. Factored out from (cmd_keyserver): here. Call ensure_keyserver. (cmd_ks_search): Call ensure_keyserver. (cmd_ks_get): Ditto. (cmd_ks_fetch): Ditto. (cmd_ks_put): Ditto. -- This option specifies the keyserver to be used if the client does not set another keyserver. We want to fade out the use of --keyserver in gpg.conf in favor of specifying it here. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Make clear that --use-tor is not yet ready for use.Werner Koch2015-10-051-0/+8
| | | | | | * dirmngr/dirmngr.c (main): Print a warning if --use-tor has been given. * tools/gpgconf-comp.c (gc_options_dirmngr): Make --use-tor invisible.
* dirmngr: Add option --use-tor as a stub.Werner Koch2015-09-181-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * dirmngr/dirmngr.h (opt): Add field "use_tor". * dirmngr/dirmngr.c (oUseTor): New. (opts): Add --use-tor. (parse_rereadable_options): Set option. (main): Tell gpgconf about that option. * dirmngr/crlfetch.c (crl_fetch): Pass TOR flag to the http module and return an error if LDAP is used in TOR mode. (ca_cert_fetch): Return an error in TOR mode. (start_cert_fetch): Ditto. * dirmngr/ks-engine-finger.c (ks_finger_fetch): Pass TOR flag to the http module. * dirmngr/ks-engine-hkp.c (send_request): Ditto. * dirmngr/ks-engine-http.c (ks_http_fetch): Ditto. * dirmngr/ks-engine-ldap.c (ks_ldap_get): Return an error in TOR mode. (ks_ldap_search): Ditto. (ks_ldap_put): Ditto. * dirmngr/ocsp.c (do_ocsp_request): Ditto. Also pass TOR flag to the http module. * dirmngr/server.c (option_handler): Add "honor-keyserver-url-used". (cmd_dns_cert): Return an error in TOR mode. (cmd_getinfo): Add subcommand "tor" * tools/gpgconf-comp.c (gc_options_dirmngr): Add TOR group. -- More work is required to actually make --use-tor useful. For now it returns an error for almost all network access but as soon as we have added the TOR feature to the http module some parts will start to work. Signed-off-by: Werner Koch <[email protected]>
* Allow use of debug flag names for all tools.Werner Koch2015-06-231-5/+21
| | | | | | | | | | * g13/g13.c: Make use of debug_parse_flag. * scd/scdaemon.c: Ditto. * sm/gpgsm.c: Ditto * agent/gpg-agent.c: Ditto. But do not terminate on "help" * dirmngr/dirmngr.c: Ditto. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Avoid accessing uninitialized memory in log callback.Werner Koch2015-06-161-2/+6
| | | | | | | | | | | | | | | | | | | | | * dirmngr/dirmngr.c (pid_suffix_callback): Clear int_and_ptr_u before use. (start_connection_thread): Ditto. (handle_connections): Ditto. -- Example valgrind output: ==2921== Conditional jump or move depends on uninitialised value(s) ==2921== at 0x5BBDEF4: pthread_getspecific (pthread_getspecific.c:57) ==2921== by 0x40AAEE: pid_suffix_callback (dirmngr.c:614) ==2921== by 0x433F5A: do_logv (logging.c:684) This is because on 64 bit systems "sizeof aptr > sizeof aint" and thus Valgrind complains about this. It is no a real problem because we don't use the unitialized bits. Signed-off-by: Werner Koch <[email protected]>
* common: Rename log and gcc attribute macros (jnlib merge).Werner Koch2015-04-241-6/+6
| | | | | | | | | | | * common/logging.h: Rename JNLIB_LOG_* to GPGRT_LOG_*. * common/mischelp.h: Rename JNLIB_GCC_* to GPGRT_GCC_*. -- JNLIB has no more meaning. Thus we switch to a GPGRT_ prefix in anticipation that some code may eventually be moved to libgpg-error. Signed-off-by: Werner Koch <[email protected]>
* common: Remove two JNLIB_ macros (jnlib merge).Werner Koch2015-04-241-2/+1
| | | | | | | | | | * configure.ac: Merge seperate jnlib checks. (HAVE_JNLIB_LOGGING): Remove. * common/logging.c, common/simple-pwquery.c (JNLIB_NEED_AFLOCAL): Rename to GNUPG_COMMON_NEED_AFLOCAL. Change all tests. -- Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Add http proxy support for keyservers.Werner Koch2015-04-211-2/+13
| | | | | | | | | | | | | | | | * dirmngr/dirmngr.h (server_control_s): Add field http_proxy. * dirmngr/dirmngr.c (dirmngr_init_default_ctrl): Copy http_proxy value from OPT. (dirmngr_deinit_default_ctrl): New. (main): Call dirmngr_deinit_default_ctrl. * dirmngr/server.c (start_command_handler): Ditto. (option_handler): Add option "http-proxy". * dirmngr/crlfetch.c (crl_fetch): Take http_proxy from CTRL. * dirmngr/ocsp.c (do_ocsp_request): Ditto. * dirmngr/ks-engine-hkp.c (send_request): Add proxy support. * dirmngr/ks-engine-http.c (ks_http_fetch): Ditto. Signed-off-by: Werner Koch <[email protected]>
* Rename DBG_ASSUAN to DBG_IPC and add separate DBG_EXTPROG.Werner Koch2015-04-061-3/+3
| | | | * g10/options.h (DBG_EXTPROG_VALUE): Separate from DBG_IPC_VALUE.
* Improve spelling and grammar of some comments.Neal H. Walfield2015-03-231-3/+3
| | | | | -- Signed-off-by: Neal H. Walfield <[email protected]>
* dirmngr: Initialize cache from sysconfig dirAndre Heinecke2015-02-121-3/+0
| | | | | | | | | | | | | | | | | | | * dirmngr/certcache.c (cert_cache_init): Load certificates from sysconfig dir instead of the homeidr. * dirmngr/dirmngr.c (main): Removed parsing of obsolete homedir_data option. * dirmngr/dirmngr.h (opt): Removed homedir_data. * doc/dirmngr.texi: Update and clarify certs directory doc. -- Using the homedir for extra-certs and trusted-certs makes little sense when dirmngr is used with a caller that manages it's own store of certificates and can provide those through the SENDCERT command. You can use trusted-certs and extra-certs to provide users with a base of locally available certificates that are not already in store of the applications.
* dirmngr: Avoid warning about unused function.Werner Koch2015-02-111-1/+2
| | | | * dirmngr/dirmngr.c (my_gnutls_log): Build only if gnutls is used.
* Add a hook to be called right after main.Werner Koch2015-01-281-0/+2
| | | | | | * common/init.c (early_system_init): New stub function. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Implement socket redirection.Werner Koch2014-12-011-12/+48
| | | | | | | | | | * dirmngr/dirmngr.c (ENAMETOOLONG): new. (redir_socket_name): New. (main): Add Assuan socket redirection. (cleanup): Adjust cleanup for redirection. -- Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Allow building without LDAP support.Werner Koch2014-10-171-4/+35
| | | | | | | | | | | | * configure.ac: Add option --disable-ldap. (USE_LDAP): New ac_define and am_conditional. * dirmngr/Makefile.am: Take care of USE_LDAP. * dirmngr/dirmngr.c (!USE_LDAP): Make all ldap options dummy options and do not call any ldap function. * dirmngr/server.c (!USE_LDAP): Do not call any ldap function. * dirmngr/crlfetch.c (!USE_LDAP): Ditto. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Minor usage output fix.Werner Koch2014-10-171-2/+2
| | | | --
* Use a unique capitalization for "Note:".Werner Koch2014-10-101-2/+2
| | | | --
* First changes for future use of NTBTLS.Werner Koch2014-10-021-5/+20
| | | | | | | | | | | | | | * configure.ac (NEED_NTBTLS_ABI, NEED_NTBTLS_VERSION): New. (HTTP_USE_NTBTLS): New. Prefer over GNUTLS. * m4/ntbtls.m4: New. * m4/Makefile.am (EXTRA_DIST): Add new file. * common/http.c: Add conditionals to eventually use NTBTLS. -- This is only the configure stuff. If you have NTBTLS installed GNUTLS will not be used but there won't be any https support either :-(. This patch is used to have a real world test bench for the forthcoming library.
* Fix typos in messagesYuri Chornoivan2014-06-271-1/+1
|
* dirmngr: Add support for hkps keyservers.Werner Koch2014-05-051-0/+47
| | | | | | | | | | | * dirmngr/dirmngr.c: Include gnutls.h. (opts): Add --gnutls-debug and --hkp-cacert. (opt_gnutls_debug, my_gnutls_log): New. (set_debug): Set gnutls log level. (parse_rereadable_options): Register a CA file. (main): Init GNUTLS. * dirmngr/ks-engine-hkp.c (ks_hkp_help): Support hkps. (send_request): Ditto.
* dirmngr: Fix compiler warning.Werner Koch2014-04-081-11/+25
| | | | | | | | | | * common/mischelp.h (JNLIB_GCC_HAVE_PUSH_PRAGMA): New. * dirmngr/dirmngr.c (handle_tick): Factor time check out to ... (time_for_housekeeping_p): new. -- I am not sure whether that y2038 hack is really useful but it might make me smile in my retirement.
* dirmngr: Resurrect hosts in the HKP hosttable.Werner Koch2014-03-181-15/+74
| | | | | | | | | | | | | | | * dirmngr/dirmngr.c (HOUSEKEEPING_INTERVAL): New. (housekeeping_thread): New. (handle_tick): Call new function. * dirmngr/ks-engine-hkp.c (RESURRECT_INTERVAL): New. (struct hostinfo_s): Add field died_at and set it along with the dead flag. (ks_hkp_print_hosttable): Print that info. (ks_hkp_housekeeping): New. -- The resurrection gives the host a chance to get back to life the next time a new host is selected.
* dirmngr: Default to a user socket name and enable autostart.Werner Koch2014-03-141-1/+5
| | | | | | | | | | | | | | | * common/homedir.c (dirmngr_socket_name): Rename to dirmngr_sys_socket_name. (dirmngr_user_socket_name): New. * common/asshelp.c (start_new_dirmngr): Handle sys and user dirmngr socket. * dirmngr/dirmngr.c (main): Ditto. * dirmngr/server.c (cmd_getinfo): Ditto. * sm/server.c (gpgsm_server): Ditto. * dirmngr/dirmngr-client.c (start_dirmngr): Likewise. * tools/gpgconf.c (main): Print "dirmngr-sys-socket" with --list-dirs. * configure.ac (USE_DIRMNGR_AUTO_START): Set by default.
* gpg: Add option --dirmngr-program.Werner Koch2014-03-121-19/+3
| | | | | | | | | | | * g10/gpg.c: Add option --dirmngr-program. * g10/options.h (struct opt): Add field dirmngr_program. * g10/call-dirmngr.c (create_context): Use new var. * dirmngr/dirmngr.c: Include gc-opt-flags.h. (main): Remove GC_OPT_FLAG_*. * tools/gpgconf-comp.c (GC_OPT_FLAG_NO_CHANGE): Move macro to ... * common/gc-opt-flags.h: here.
* Silence more warnings about unused vars and args.Werner Koch2014-03-071-4/+19
| | | | | | | | | | | | | * dirmngr/cdblib.c (cdb_init) [W32]: Remove unused var. * dirmngr/dirmngr-client.c (start_dirmngr): s/int/assuan_fd_t/. * dirmngr/dirmngr.c (w32_service_control): Mark unused args. (call_real_main): New. (main) [W32]: Use new function to match prototype. (real_main) [W32]: Mark unused vars. (handle_signal) [W32]: Do not build the function at all. (handle_connections) [W32]: Do not define signo. * dirmngr/ldap-wrapper-ce.c (outstream_reader_cb): Remove used vars. * g10/tdbio.c (ftruncate) [DOSISH]: Define only if not yet defined.
* Make use of the *_NAME etc macros.Werner Koch2013-11-181-14/+15
| | | | | | | | | Replace hardwired strings at many places with new macros from config.h and use the new strusage macro replacement feature. * common/asshelp.c (lock_spawning) [W32]: Change the names of the spawn sentinels. * agent/command.c (cmd_import_key): Use asprintf to create the prompt.
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-28 18:42:17 +0000