1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
|
There are old Dirmngr ChangeLog entries.
2004-10-04 Werner Koch <[email protected]>
* src/dirmngr.c: Changed an help entry description.
2004-09-30 Werner Koch <[email protected]>
* src/dirmngr.c (i18n_init): Always use LC_ALL.
2004-09-28 Werner Koch <[email protected]>
Released 0.5.6.
* config.guess, config.sub: Updated.
2004-06-21 Werner Koch <[email protected]>
* src/crlfetch.c (crl_fetch): Bad hack to use the right attribute.
2004-05-13 Werner Koch <[email protected]>
Released 0.5.5.
* src/ldap.c (start_cert_fetch_ldap, start_cert_fetch_ldap): More
detailed error messages.
* src/crlcache.c (update_dir): Handle i-records properly.
2004-04-29 Werner Koch <[email protected]>
Released 0.5.4.
* src/crlcache.h (crl_cache_result_t): Add CRL_CACHE_CANTUSE.
* src/server.c (cmd_isvalid): Handle it here.
* src/crlcache.c (crl_cache_isvalid): Issue this code if the CRL
cant be used.
(open_dir): Parse new fields 8,9 and 10 as well as the invalid flag.
(write_dir_line_crl): Write new fields.
(get_crl_number, get_auth_key_id): New.
(crl_cache_insert): Fill new fields. Mark the entry invalid if
the CRL is too old after an update or an unknown critical
extension was seen.
(list_one_crl_entry): Print the new fields.
2004-04-28 Werner Koch <[email protected]>
* configure.ac: Requires libksba 0.9.6.
* src/dirmngr.c: New option --ocsp-signer.
* src/dirmngr.h (opt): Renamed member OCSP_REPONDERS to
OCSP_RESPONDER and made ist a simple string. Add OCSP_SIGNER.
* src/ocsp.c (ocsp_isvalid): Changed it accordingly.
(ocsp_isvalid): Pass the ocsp_signer to check_signature.
(check_signature): New arg SIGNER_FPR. Use it to retrieve the
certificate. Factored out common code to ..
(check_signature_core): .. New.
2004-04-27 Werner Koch <[email protected]>
* src/server.c (start_command_handler): Keep track of the first
connection.
(dirmngr_tick): New.
* src/ldap.c (attr_fetch_fun_reader): Call it from time to time.
2004-04-23 Werner Koch <[email protected]>
* src/dirmngr.c (main): Removed the add-servers option from the
gpgconf list. It is not really useful.
2004-04-02 Thomas Schwinge <[email protected]>
* autogen.sh: Added ACLOCAL_FLAGS.
2004-04-13 Werner Koch <[email protected]>
* src/crlcache.c (update_dir): Do not double close FPOUT.
2004-04-09 Werner Koch <[email protected]>
* src/cdblib.c (cdb_make_start): Wipeout the entire buffer to
shutup valgrind.
(ewrite): Fixed writing bad data on EINTR.
* src/ldap.c (get_attr_from_result_ldap): Fixed bad copy and
terminate of a string.
* src/crlfetch.c (crl_fetch): Fixed freeing of VALUE on error.
2004-04-07 Werner Koch <[email protected]>
* src/dirmngr.h (server_control_s): Add member force_crl_refresh.
* src/server.c (option_handler): New.
(start_command_handler): Register option handler
* src/crlcache.c (crl_cache_isvalid): Add arg FORCE_REFRESH.
(crl_cache_insert): Record last refresh in memory.
* src/server.c (inquire_cert_and_load_crl): Renamed from
inquire_cert.
2004-04-06 Werner Koch <[email protected]>
Released 0.5.3
* doc/dirmngr.texi: Updated.
* doc/texinfo.tex: Updated.
2004-04-05 Werner Koch <[email protected]>
* src/ocsp.c (ocsp_isvalid): Check THIS_UPDATE.
* src/misc.c (add_isotime): New.
(date2jd, jd2date, days_per_month, days_per_year): New. Taken from
my ancient (1988) code used in Wedit (time2.c).
2004-04-02 Werner Koch <[email protected]>
* autogen.sh: Check gettext version.
* configure.ac: Add AM_GNU_GETTEXT.
2004-04-02 gettextize <[email protected]>
* Makefile.am (SUBDIRS): Add intl.
(EXTRA_DIST): Add config.rpath.
* configure.ac (AC_CONFIG_FILES): Add intl/Makefile,
2004-04-02 Werner Koch <[email protected]>
Add i18n at most places.
* src/dirmngr.c (i18n_init): New.
(main): Call it.
* src/dirmngr.h: Add i18n stuff.
2004-04-01 Werner Koch <[email protected]>
* src/misc.c (get_fingerprint_hexstring): New.
* src/server.c (dirmngr_status): New.
2004-03-26 Werner Koch <[email protected]>
* configure.ac: Add AC_SYS_LARGEFILE.
* doc/dirmngr.texi: Changed the license to the GPL as per message
by Mathhias Kalle Dalheimer of Klaralvdalens-Datakonsult dated
Jan 7, 2004.
* doc/fdl.texi: Removed.
2004-03-25 Werner Koch <[email protected]>
* src/dirmngr.c (main): New command --fetch-crl.
2004-03-23 Werner Koch <[email protected]>
* src/dirmngr.c: New option --allow-ocsp.
* src/server.c (cmd_isvalid): Make use of allow_ocsp.
2004-03-17 Werner Koch <[email protected]>
* src/dirmngr.c (main) <gpgconf>: Fixed default value quoting.
2004-03-16 Werner Koch <[email protected]>
* src/dirmngr.c (main): Add ocsp-responder to the gpgconf list.
Add option --debug-level.
(set_debug): New.
2004-03-15 Werner Koch <[email protected]>
* src/misc.c (canon_sexp_to_grcy): New.
2004-03-12 Werner Koch <[email protected]>
* src/crlfetch.c (crl_fetch): Hack to substitute http for https.
2004-03-10 Werner Koch <[email protected]>
* src/dirmngr.c (parse_ldapserver_file): Don't skip the entire
file on errors.
2004-03-09 Werner Koch <[email protected]>
* src/dirmngr.c (my_ksba_hash_buffer): New.
(main): Initialize the internal libksba hashing.
* src/server.c (get_issuer_cert_local): Renamed to ...
(get_cert_local): ... this. Changed all callers. Allow NULL for
ISSUER to return the current target cert.
(get_issuing_cert_local): New.
(do_get_cert_local): Moved common code to here.
2004-03-06 Werner Koch <[email protected]>
Released 0.5.2.
* configure.ac: Fixed last change to check the API version of
libgcrypt.
2004-03-05 Werner Koch <[email protected]>
* configure.ac: Also check the SONAME of libgcrypt.
2004-03-03 Werner Koch <[email protected]>
* src/dirmngr.c: New option --ocsp-responder.
* src/dirmngr.h (opt): Add member OCSP_RESPONDERS.
2004-02-26 Steffen Hansen <[email protected]>
* src/server.c (start_command_handler): Corrected typo and made
dirmngr output it's version in the greeting message.
2004-02-24 Marcus Brinkmann <[email protected]>
* src/dirmngr.c (DEFAULT_ADD_SERVERS): Removed. If this were
true, there'd be no way to disable it.
(main): Dump options in new gpgconf format.
2004-02-11 Werner Koch <[email protected]>
* autogen.sh (check_version): Removed bashism and simplified.
2004-02-06 Moritz Schulte <[email protected]>
* src/crlfetch.c (crl_fetch_default): Do not dereference VALUE,
when checking for non-zero.
2004-02-01 Marcus Brinkmann <[email protected]>
* src/dirmngr.c (DEFAULT_ADD_SERVERS, DEFAULT_MAX_REPLIES)
(DEFAULT_LDAP_TIMEOUT): New macros.
(main): Use them.
(enum cmd_and_opt_values): New command aGPGConfList.
(main): Add handler here.
2004-01-17 Werner Koch <[email protected]>
* configure.ac: Added AC_CHECK_FUNCS tests again, because the
other test occurrences belong to the jnlib tests block.
2004-01-15 Moritz Schulte <[email protected]>
* configure.ac: Fixed funopen replacement mechanism; removed
unnecessary AC_CHECK_FUNCS calls.
2004-01-14 Werner Koch <[email protected]>
* src/crlcache.c (list_one_crl_entry): Don't use putchar.
* src/server.c (cmd_listcrls): New.
2003-12-23 Werner Koch <[email protected]>
Released 0.5.1.
2003-12-17 Werner Koch <[email protected]>
* configure.ac (CFLAGS): Add -Wformat-noliteral in gcc +
maintainer mode.
(NEED_LIBASSUAN_VERSION): Bump up to 0.6.2.
2003-12-16 Werner Koch <[email protected]>
* configure.ac: Update the tests for jnlib.
* src/dirmngr.c (main): Ignore SIGPIPE in server mode.
2003-12-12 Werner Koch <[email protected]>
* src/crlcache.c (hash_dbfile): Also hash version info of the
cache file format.
* src/Makefile.am (dirmngr_SOURCES): Add http.h.
* configure.ac: Removed checking for DB2. Add checking for mmap.
* src/cdb.h, src/cdblib.h: New. Add a few comments from the
original man page and fixed typos.
* src/cdblib.c (cdb_findinit, cdb_findnext): Modified to allow
walking over all entries.
* src/crlcache.h: Removed DB2/4 cruft.
(release_one_cache_entry, lock_db_file, crl_parse_insert)
(crl_cache_insert, crl_cache_isvalid, list_one_crl_entry): Use the
new CDB interface.
* src/dirmngr.c: Beautified the help messages.
(wrong_args): New.
(main): new option --force. Revamped the command handling code.
Allow to pass multiple CRLS as well as stdin to --local-crl.
* src/crlcache.c (crl_cache_insert): Make --force work.
2003-12-11 Werner Koch <[email protected]>
* src/crlfetch.c (crl_fetch): Enhanced to allow fetching binary
data using HTTP.
* src/http.c, src/http.h: Replaced by the code from gnupg 1.3 and
modified acording to our needs.
(read_line): New. Based on the code from GnuPG's iobuf_read_line.
* configure.ac: Check for getaddrinfo.
* src/dirmngr.c (parse_ldapserver_file): Close the stream.
(main): Free ldapfile.
* src/ocsp.c, src/ocsp.h: New. Albeit not functionality.
* src/server.c (inquire_cert): Catch EOF when reading dist points.
* src/crlcache.c (hash_dbfile, check_dbfile): New.
(lock_db_file, crl_cache_insert): Use them here to detect
corrupted CRL files.
(open_dir): Read the new dbfile hash field.
* src/crlfetch.c (crl_fetch, crl_fetch_default): Changed to retrun
a stream.
(fun_reader, fun_closer, setup_funopen): New.
* src/server.c (inquire_cert): Changed to use the new stream interface
of crlfetch.c.
2003-12-10 Werner Koch <[email protected]>
* src/funopen.c: New.
* configure.ac (funopen): Add test.
* src/Makefile.am (dirmngr_LDADD): Add LIBOBJS.
* src/crlcache.c (next_line_from_file): Remove the limit on the
line length.
(crl_cache_new): Removed.
(open_dbcontent): New.
(crl_cache_init): Use it here.
(crl_cache_flush): The DB content fie is now in the cache
directory, so we can simplify it.
(make_db_file_name, lock_db_file, unlock_db_file): New.
(release_cache): Close the cached DB files.
(crl_cache_isvalid): Make use of the new lock_db_file.
(crl_cache_insert): Changed to take a stream as argument.
(crl_parse_insert): Rewritten to use a temporary DB and to avoid
using up large amounts of memory.
(db_entry_new): Removed.
(release_cache,release_one_cache_entry): Splitted up.
(find_entry): Take care of the new deleted flag.
(crl_cache_load): Simplified becuase we can now pass a FP to the
insert code.
(save_contents): Removed.
(update_dir): New.
(open_dbcontent_file): Renamed to open_dir_file.
(check_dbcontent_version): Renamed to check_dir_version.
(open_dbcontent): Renamed to open_dir.
* src/dirmngr.c: New option --faked-system-time.
* src/misc.c (faked_time_p, set_time, get_time): New. Taken from GnuPG.
(check_isotime): New.
(unpercent_string): New.
2003-12-09 Werner Koch <[email protected]>
* src/crlcache.h (DBDIR,DBCONTENTFILE): Changed value.
* autogen.sh: Reworked.
* README.CVS: New.
* configure.ac: Added min_automake_version.
2003-12-03 Werner Koch <[email protected]>
* src/server.c (cmd_lookup): Send an END line after each
certificate.
2003-11-28 Werner Koch <[email protected]>
* src/Makefile.am (dirmngr_LDADD): Remove DB_LIBS
because it never got defined and -ldb{2,4} is implictly set
by the AC_CHECK_LIB test in configure.
* src/crlcache.c (mydbopen): DB4 needs an extra parameter; I
wonder who ever tested DB4 support. Add an error statement in
case no DB support is configured.
* tests/Makefile.am: Don't use AM_CPPFLAGS but AM_CFLAGS, replaced
variables by configure templates.
* src/Makefile.am: Ditto.
2003-11-19 Werner Koch <[email protected]>
* src/crlcache.c (list_one_crl_entry): Define X to nothing for non
DB4 systems. Thanks to Luca M. G. Centamore.
2003-11-17 Werner Koch <[email protected]>
Released 0.5.0
* src/crlcache.c (crl_cache_new): Fixed eof detection.
* src/server.c (cmd_loadcrl): Do the unescaping.
* doc/dirmngr.texi: Added a history section for this modified
version.
2003-11-14 Werner Koch <[email protected]>
* tests/asschk.c: New. Taken from GnuPG.
* tests/Makefile.am: Added asschk.
2003-11-13 Werner Koch <[email protected]>
* src/ldap.c (fetch_next_cert_ldap): Get the pattern switching
right.
* tests/test-dirmngr.c: Replaced a couple of deprecated types.
* configure.ac (GPG_ERR_SOURCE_DEFAULT): Added.
(fopencookie, asprintf): Removed unneeded test.
(PRINTABLE_OS_NAME): Updated the test from gnupg.
(CFLAGS): Do full warnings only in maintainer mode. Add flag
--enable gcc-warnings to override it and to enable even more
warnings.
* acinclude.m4: Removed the libgcrypt test.
* src/ldap.c (get_attr_from_result_ldap): Simplified the binary
hack and return a proper gpg error.
(attr_fetch_ldap_internal): Changed error handling.
(attr_fetch_ldap): Reworked. Return configuration error if no
servers are configured.
(url_fetch_ldap, add_server_to_servers)
(url_fetch_ldap_internal): Reworked.
(struct cert_fetch_context_s): New to get rid of a global state.
(start_cert_fetch_ldap): Allocate context and do a bind with a
timeout. Parse pattern.
(end_cert_fetch_ldap): Take context and don't return anything.
(find_next_pattern): Removed.
(parse_one_pattern): Redone.
(get_cert_ldap): Redone.
* src/server.c (cmd_lookup): Changed for changed fetch functions.
* doc/dirmngr.texi: Reworked a bit to get rid of tex errors.
* configure.ac: Enable makeinfo test.
* src/crlcache.c (crl_cache_insert): Fixed for latest KSBA API
changes.
* tests/test-dirmngr.c (main): Ditto. Also added some more error
checking.
2003-11-11 Werner Koch <[email protected]>
* src/cert.c (hashify_data, hexify_data, serial_hex)
(serial_to_buffer): Moved all to ...
* src/misc.c: .. here.
* src/Makefile.am (cert.c, cert.h): Removed.
* cert.c, cert.h: Removed.
* m4/: New.
* configure.ac, Makefile.am: Include m4 directory support, updated
required library versions.
* src/cert.c (make_cert): Removed.
* src/ldap.c (fetch_next_cert_ldap): Return a gpg style error.
* src/misc.h (copy_time): New.
* src/misc.c (get_isotime): New.
(iso_string2time, iso_time2string): Removed.
(unhexify): New.
* src/crlcache.h (DBCONTENTSVERSION): Bumbed to 0.6.
* src/crlcache.c (finish_sig_check): New. Factored out from
crl_parse_insert and entirely redone.
(do_encode_md): Removed.
(print_time): Removed
(crl_cache_isvalid): Reworked.
2003-11-10 Werner Koch <[email protected]>
* src/crlcache.c (make_db_val, parse_db_val): Removed.
* src/cert.c (serial_to_buffer): New.
* src/server.c (get_issuer_cert_local): Rewritten.
* src/crlcache.c (crl_parse_insert): Rewritten. Takes now a CTRL
instead of the Assuan context. Changed caller accordingly.
(get_issuer_cert): Cleaned up.
* src/crlfetch.c (crl_fetch): Changed VALUE to unsigned char* for
documentation reasons. Make sure that VALUE is released on error.
(crl_fetch_default, ca_cert_fetch): Ditto.
* src/crlcache.c (release_cache): New.
(crl_cache_deinit): Use it here.
(crl_cache_flush): Redone.
(save_contents): Redone.
(crl_cache_list, list_one_crl_entry): Print error messages.
2003-11-06 Werner Koch <[email protected]>
* src/crlcache.c (create_directory_if_needed, cleanup_cache_dir):
New. Factored out from crl_cache_new and mostly rewritten.
(crl_cache_new): Rewritten.
(next_line_from_file): New.
(find_entry): Cleaned up.
(crl_cache_deinit): Cleaned up.
* src/dirmngr.c (dirmngr_init_default_ctrl): New stub.
* src/dirmngr.h (ctrl_t): New.
(DBG_ASSUAN,...): Added the usual debug test macros.
* src/server.c: Removed the GET_PTR cruft, replaced it by ctrl_t.
Removed the recursion flag.
(get_issuer_cert_local): Allow for arbitary large
certificates. 4096 is definitely too small.
(inquire_cert): Ditto.
(start_command_handler): Set a hello line and call the default
init function.
(cmd_isvalid): Rewritten.
(inquire_cert): Removed unused arg LINE. General cleanup.
(map_assuan_err,map_to_assuan_status): New. Taken from gnupg 1.9.
(cmd_lookup): Rewritten.
(cmd_loadcrl): Started to rewrite it.
2003-10-29 Werner Koch <[email protected]>
* src/dirmngr.c (parse_ldapserver_file): Entirely rewritten.
(cleanup): New.
(main): Cleaned up.
2003-10-28 Werner Koch <[email protected]>
* src/dirmngr.h: Renamed dirmngr_opt to opt.
* src/dirmngr.c (parse_ldapserver_file, free_ldapservers_list):
Moved with this file. Cleaned up. Replaced too deep recursion in
the free function.
2003-10-21 Werner Koch <[email protected]>
Changed all occurrences of assuan.h to use use the system provided
one.
* src/server.c (register_commands): Adjusted for Assuan API change.
2003-08-14 Werner Koch <[email protected]>
* src/Makefile.am: s/LIBKSBA_/KSBA_/. Changed for external Assuan lib.
* tests/Makefile.am: Ditto.
* configure.ac: Partly restructured, add standard checks for
required libraries, removed included libassuan.
* Makefile.am (SUBDIRS): Removed assuan becuase we now use the
libassuan package.
* src/dirmngr.c (main): Properly initialize Libgcrypt and libksba.
2003-08-13 Werner Koch <[email protected]>
* src/server.c (get_issuer_cert_local): Print error using
assuan_strerror.
* src/crlcache.c (do_encode_md, start_sig_check): Adjust for
changed Libgcrypt API.
2003-06-19 Steffen Hansen <[email protected]>
* configure.ac: Upped version to 0.4.7-cvs.
2003-06-19 Steffen Hansen <[email protected]>
* configure.ac: Release 0.4.6.
2003-06-17 Bernhard Reiter <[email protected]>
* src/ldap.c (url_fetch_ldap()):
try other default servers when an url with hostname failed
* AUTHORS: added Steffen and Werner
* THANKS: Thanked people in the ChangeLog and the Ägypten-Team
2003-06-16 Steffen Hansen <[email protected]>
* configure.ac, src/crlcache.h, src/crlcache.c: Added db4 support.
* src/Makefile.am, tests/Makefile.am: Removed automake warning.
* tests/test-dirmngr.c: Removed a warning.
2003-05-12 Steffen Hansen <[email protected]>
* doc/Makefile.am: Added dirmngr.ops to DISTCLEANFILES.
* ChangeLog, doc/ChangeLog, src/ChangeLog: Merged dirmngr ChangeLogs
into one toplevel file.
* acinclude.m4, configure.ac: Renamed PFX to PATH for consistency.
2003-05-12 Steffen Hansen <[email protected]>
* src/ldap.c: Fixed end-of-certificates-list indication.
2003-05-08 Steffen Hansen <[email protected]>
* src/server.c: Fixed iteration over server list
2003-02-23 Steffen Hansen <[email protected]>
* src/crlcache.h, src/crlcache.c, src/dirmngr.c: Implemented --flush command.
2003-02-07 Marcus Brinkmann <[email protected]>
* configure.ac: Release 0.4.4.
2003-02-05 Steffen Hansen <[email protected]>
* src/ldap.c: Try harder with and without ";binary" in the
attribute name when fetching certificates.
* src/ldap.c, src/server.c: Support multiple userCertificate attributes
per entry.
2003-02-04 Steffen Hansen <[email protected]>
* src/ldap.c: Include the sn attribute in the search filter.
Better log messages.
2002-11-20 Steffen Hansen <[email protected]>
* Doc updates (fixes #1373)
* Fix for #1419 (crash in free_ldapservers_list())
* Fix for #1375. Dirmngr now asks back with an INQUIRE SENDCERT before
querying the LDAP servers for an issuer certificate to validate a CRL
2002-11-12 Werner Koch <[email protected]>
* config.sub, config.guess: Updated from ftp.gnu.org/gnu/config
to version 2002-11-08.
2002-11-12 Werner Koch <[email protected]>
* dirmngr.c (main) <load_crl_filename>: Better pass NULL instead
of an unitialized Assuan context. Let's hope that the other
functions can cope with this.
2002-10-25 Bernhard Reiter <[email protected]>
* src/ldap.c (get_attr_from_result_ldap()):
added value extraction retry for CRLs and Certs without ";binary"
* changed version number to reflect cvs status to "0.4.3-cvs"
2002-08-21 Werner Koch <[email protected]>
* dirmngr.c (main): Changed default homedir to .gnupg.
2002-08-07 Steffen Hansen <[email protected]>
* Added configure check to examine whether db2 cursor() uses 3 or
4 parameters.
2002-07-31 Werner Koch <[email protected]>
* doc/dirmngr.texi: Fixed the structure and added menu entries
for the other nodes.
2002-07-30 Steffen Hansen <[email protected]>
* Added doc dir and first steps towards manual.
2002-07-29 Steffen Hansen <[email protected]>
* Got rid of the default server for CRL lookup. We now use the
same list of servers that we use for cert. lookup.
2002-07-29 Steffen Hansen <[email protected]>
* New option --add-servers to allow dirmngr to add LDAP servers
found in CRL distribution points to the list of servers it
searches. NOTE: The added servers are only active in the currently
running dirmngr -- the info isn't written to persistens storage.
2002-07-26 Steffen Hansen <[email protected]>
* Default LDAP timeout is 100 seconds now.
* Use DB2 instead of DB1. Check for libresolv, fixed bug when
libldap was found in the default search path.
2002-07-22 Steffen Hansen <[email protected]>
* Implemented --load-crl <filename> option. Also available as
LOADCRL assuan command when in server mode.
2002-07-22 Steffen Hansen <[email protected]>
* Implemented new option --ldaptimeout to specify the number of seconds to
wait for an LDAP request before timeout.
* Added --list-crls option to print the contents of the CRL cache
* Added some items to the dbcontents file to make printout nicer
and updated it's version number
2002-07-02 Werner Koch <[email protected]>
* crlcache.c (crl_parse_insert): Fixed log_debug format string.
2002-07-02 Steffen Hansen <[email protected]>
* configure.ac: Use DB->get() return value correctly.
2002-06-28 Werner Koch <[email protected]>
* crlcache.c (crl_parse_insert): Keep track of newly allocated
ENTRY so that we don't free existing errors after a bad signature.
* dirmngr.h: Include prototype for start_command_handler.
* crlfetch.c, crlcache.c, http.c, cert.c, ldap.c: Include
config.h.
* crlcache.c (crl_parse_insert): Fixed format type specifiers for
time_t variables in log_debug.
* error.h: Use log_debug instead of dirmngr_debug. Changed all
callers.
* Makefile.am (dirmngr_SOURCES): Removed error.c
* dirmngr.c (main): Register gcrypt malloc functions with ksba so
that we don't run into problems by using the wrong free function.
The gcrypt malloc function have the additional benefit of a
providing allocation sanity checks when compiled with that
feature.
* crlcache.c (get_issuer_cert): Use xfree instead of ksba_free.
2002-06-27 Steffen Hansen <[email protected]>
* ldap.c: Look for both userCertificate and caCertificate
2002-06-26 Steffen Hansen <[email protected]>
* configure.ac: Upped version number to 0.3.1
2002-06-25 Werner Koch <[email protected]>
* server.c (cmd_lookup): Use assuan_write_status which ensures a
correct syntax.
2002-06-20 Werner Koch <[email protected]>
* crlcache.c (crl_cache_isvalid): Started with some nicer logging.
However, this will need a lot more work.
(get_issuer_cert): Ditto.
* dirmngr.c (main): Changed required libgcrypt version and don't
print the prefix when using a logfile.
2002-06-20 Werner Koch <[email protected]>
* tests/Makefile.am (TESTS): Removed test-dirmngr because it
is not a proper test program.
(EXTRA_DIST): Removed the non-existent test certificate.
2002-05-21 Werner Koch <[email protected]>
* server.c (start_command_handler): Enable assuan debugging.
2002-05-08 Steffen Hansen <[email protected]>
* Replaced gdbm check with db1 check
2002-05-08 Steffen Hansen <[email protected]>
* Replaced gdbm with db1, updated file format version
2002-03-01 Steffen Hansen <[email protected]>
* Added gdbm configure check
2002-01-23 Steffen Hansen <[email protected]>
* Return ASSUAN_CRL_Too_Old if the CRL is too old
2002-01-17 Steffen Hansen <[email protected]>
Added commandline options --ldapserver <host> --ldapport <port>
--ldapuser <user> --ldappassword <passwd>.
Cleaned up CRL parsing, signature evaluation a bit, changed
datetime format in config file to ISO, added version string to
contents format and cache file clean up code in case of mismatch.
2002-01-14 Steffen Hansen <[email protected]>
* Use dirmngr_opt.homedir for storing the db. Added Makefile.am to
tests, bugfixes.
* First code.
Things that work:
Loading/saving database (paths hardcoded)
Fetching CRL from hardcoded server, parsing and inserting in database
Answer ISVALID xxx.yyy requests
Things that are missing:
Some error-checking/handling
Proper autoconf handling of gdbm and OpenLDAP
Signature checking downloaded CRLs
Answer LOOKUP requests
...
How to test:
cd tests
ldapsearch -v -x -h www.trustcenter.de -b '<some-users-DN>' userCertificate -t
cp /tmp/<cert-file> testcert.der
./test-dirmngr
Local Variables:
buffer-read-only: t
End:
|
