[svn] dirmngr - r310 - in trunk: . doc doc/examples/trusted-certs po src
svn author wk
cvs at cvs.gnupg.org
Tue Oct 21 16:50:29 CEST 2008
Author: wk
Date: 2008-10-21 16:50:28 +0200 (Tue, 21 Oct 2008)
New Revision: 310
Modified:
trunk/ChangeLog
trunk/NEWS
trunk/TODO
trunk/configure.ac
trunk/doc/dirmngr.texi
trunk/doc/examples/trusted-certs/README
trunk/po/de.po
trunk/po/dirmngr.pot
trunk/src/ChangeLog
trunk/src/certcache.c
trunk/src/crlcache.c
trunk/src/dirmngr.c
trunk/src/dirmngr.h
trunk/src/estream-printf.c
trunk/src/estream-printf.h
trunk/src/estream.c
trunk/src/estream.h
trunk/src/ocsp.c
trunk/src/server.c
trunk/src/validate.c
trunk/src/validate.h
Log:
Allow for client provided CRL signing cert trust anchors.
General updates.
[The diff below has been truncated]
Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog 2008-09-30 14:41:40 UTC (rev 309)
+++ trunk/ChangeLog 2008-10-21 14:50:28 UTC (rev 310)
@@ -1,3 +1,8 @@
+2008-10-21 Werner Koch <wk at g10code.com>
+
+ * configure.ac: Require libgcrypt 1.4. Remove test for
+ gcry_md_debug.
+
2008-07-31 Werner Koch <wk at g10code.com>
* tests/Makefile.am (LDADD): Add LIBINTL and LIBICONV.
Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog 2008-09-30 14:41:40 UTC (rev 309)
+++ trunk/src/ChangeLog 2008-10-21 14:50:28 UTC (rev 310)
@@ -1,3 +1,35 @@
+2008-10-21 Werner Koch <wk at g10code.com>
+
+ * certcache.c (load_certs_from_dir): Accept ".der" files.
+
+ * server.c (get_istrusted_from_client): New.
+ * validate.c (validate_cert_chain): Add new optional arg
+ R_TRUST_ANCHOR. Adjust all callers
+ * crlcache.c (crl_cache_entry_s): Add fields USER_TRUST_REQ
+ and CHECK_TRUST_ANCHOR.
+ (release_one_cache_entry): Release CHECK_TRUST_ANCHOR.
+ (list_one_crl_entry): Print info about the new fields.
+ (open_dir, write_dir_line_crl): Support the new U-flag.
+ (crl_parse_insert): Add arg R_TRUST_ANCHOR and set it accordingly.
+ (crl_cache_insert): Store trust anchor in entry object.
+ (cache_isvalid): Ask client for trust is needed.
+
+ * crlcache.c (open_dir): Replace xcalloc by xtrycalloc.
+ (next_line_from_file): Ditt. Add arg to return the gpg error.
+ Change all callers.
+ (update_dir): Replace sprintf and malloc by estream_asprintf.
+ (crl_cache_insert): Ditto.
+ (crl_cache_isvalid): Replace xmalloc by xtrymalloc.
+ (get_auth_key_id): Ditto.
+ (crl_cache_insert): Ditto.
+
+ * crlcache.c (start_sig_check): Remove HAVE_GCRY_MD_DEBUG test.
+ * validate.c (check_cert_sig): Ditto. Remove workaround for bug
+ in libgcrypt 1.2.
+
+ * estream.c, estream.h, estream-printf.c, estream-printf.h: Update
+ from current libestream (svn rev 61).
+
2008-09-30 Marcus Brinkmann <marcus at g10code.com>
* get-path.c (get_dirmngr_ldap_path): Revert last change.
@@ -16,6 +48,11 @@
* dirmngr.c (main): Mark the ldapserverlist-file option as
read-only.
+2008-07-31 Werner Koch <wk at g10code.com>
+
+ * crlcache.c (start_sig_check) [!HAVE_GCRY_MD_DEBUG]: Use
+ gcry_md_start_debug
+
2008-06-16 Werner Koch <wk at g10code.com>
* get-path.c (w32_commondir): New.
Modified: trunk/NEWS
===================================================================
--- trunk/NEWS 2008-09-30 14:41:40 UTC (rev 309)
+++ trunk/NEWS 2008-10-21 14:50:28 UTC (rev 310)
@@ -1,7 +1,13 @@
Noteworthy changes in version 1.0.3
------------------------------------------------
+ * Client based trust anchors are now supported.
+ * Configured certificates with the suffix ".der" are now also used.
+
+ * Libgcrypt 1.4 is now required.
+
+
Noteworthy changes in version 1.0.2 (2008-07-31)
------------------------------------------------
Modified: trunk/TODO
===================================================================
--- trunk/TODO 2008-09-30 14:41:40 UTC (rev 309)
+++ trunk/TODO 2008-10-21 14:50:28 UTC (rev 310)
@@ -35,6 +35,3 @@
When hashing debugging is enabled, we leak file handles for the
dbgmd crl files. May be a bug in gcrypt.
-* When requiring libgcrypt 1.4:
-** Remove the configure check for gcry_md_debug
-
Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac 2008-09-30 14:41:40 UTC (rev 309)
+++ trunk/configure.ac 2008-10-21 14:50:28 UTC (rev 310)
@@ -38,7 +38,7 @@
NEED_GPG_ERROR_VERSION=1.4
NEED_LIBGCRYPT_API=1
-NEED_LIBGCRYPT_VERSION=1.2.2
+NEED_LIBGCRYPT_VERSION=1.4.0
NEED_LIBASSUAN_API=1
NEED_LIBASSUAN_VERSION=1.0.4
@@ -358,15 +358,6 @@
AC_CHECK_FUNCS([canonicalize_file_name])
-# Temporary check until we require libgcrypt 1.4.
-_save_cppflags="$CPPFLAGS"
-CPPFLAGS="$CPPFLAGS $LIBGCRYPT_CFLAGS"
-_save_ldflags="$LDFLAGS"
-LDFLAGS="$LIBGCRYPT_LIBS $LDFLAGS"
-AC_CHECK_FUNCS([gcry_md_debug])
-CPPFLAGS="${_save_cppflags}"
-LDFLAGS="${_save_ldflags}"
-
#
# Stuff which goes at the bottom of config.h.
#
Modified: trunk/doc/dirmngr.texi
===================================================================
--- trunk/doc/dirmngr.texi 2008-09-30 14:41:40 UTC (rev 309)
+++ trunk/doc/dirmngr.texi 2008-10-21 14:50:28 UTC (rev 310)
@@ -175,13 +175,14 @@
@item /etc/dirmngr/trusted-certs
This directory should be filled with certificates of Root CAs you are
-trusting in checking the CRLS and signing OCSP Reponses. Usually these
-are the same certificates you use with the applications making use of
-dirmngr. It is expected that each of these certificate files contain
-exactly one @acronym{DER} encoded certificate in a file with the suffix
- at file{.crt}. @command{dirmngr} reads those certificates on startup and
-when given a SIGHUP. Certificates which are not readable or do not make
-up a proper X.509 certificate are ignored; see the log file for details.
+trusting in checking the CRLS and signing OCSP Reponses. Usually
+these are the same certificates you use with the applications making
+use of dirmngr. It is expected that each of these certificate files
+contain exactly one @acronym{DER} encoded certificate in a file with
+the suffix @file{.crt} or @file{.der}. @command{dirmngr} reads those
+certificates on startup and when given a SIGHUP. Certificates which
+are not readable or do not make up a proper X.509 certificate are
+ignored; see the log file for details.
Note that for OCSP responses the certificate specified using the option
@option{--ocsp-signer} is always considered valid to sign OCSP requests.
@@ -193,7 +194,7 @@
couple intermediate CA certificates or certificates ususally used to
sign OCSP reponses. These certificates are first tried before going out
to the net to look for them. These certificates must also be
- at acronym{DER} encoded and suffixed with @file{.crt}.
+ at acronym{DER} encoded and suffixed with @file{.crt} or @file{.der}.
@item /var/run/dirmngr
This directory keeps the socket file for accsing @command{dirmngr} services.
@@ -757,7 +758,20 @@
A client should be aware that DirMngr may ask for more than one
certificate.
+If Dirmngr has a certificate but the signature of the certificate
+could not been validated because the root certificate is not known to
+dirmngr as trusted, it may ask back to see whether the client trusts
+this the root certificate:
+ at example
+ S: INQUIRE ISTRUSTED <CertHexfpr>
+ C: D 1
+ C: END
+ at end example
+
+Only this answer will let Dirmngr consider the CRL as valid.
+
+
@node Dirmngr CHECKCRL
@section Validate a certificate using a CRL
Modified: trunk/doc/examples/trusted-certs/README
===================================================================
--- trunk/doc/examples/trusted-certs/README 2008-09-30 14:41:40 UTC (rev 309)
+++ trunk/doc/examples/trusted-certs/README 2008-10-21 14:50:28 UTC (rev 310)
@@ -1,4 +1,4 @@
These certificates are trusted and thus make up an anchor for a certificate
-chain. Note that only DER encoded certificates with the suffix ".crt" are
-used. They are loded at dirmngr startup.
+chain. Note that only DER encoded certificates with a suffix of
+".crt" or ".der" are used. They are loded at dirmngr startup.
Modified: trunk/po/de.po [not shown]
Modified: trunk/po/dirmngr.pot
===================================================================
--- trunk/po/dirmngr.pot 2008-09-30 14:41:40 UTC (rev 309)
+++ trunk/po/dirmngr.pot 2008-10-21 14:50:28 UTC (rev 310)
@@ -8,7 +8,7 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: gpa-dev at gnupg.org\n"
-"POT-Creation-Date: 2008-06-27 09:59+0200\n"
+"POT-Creation-Date: 2008-10-21 16:03+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL at ADDRESS>\n"
"Language-Team: LANGUAGE <LL at li.org>\n"
@@ -51,7 +51,7 @@
msgid "can't access directory `%s': %s\n"
msgstr ""
-#: src/certcache.c:390 src/crlcache.c:2234 src/dirmngr.c:1433
+#: src/certcache.c:390 src/crlcache.c:2366 src/dirmngr.c:1433
#, c-format
msgid "can't open `%s': %s\n"
msgstr ""
@@ -137,7 +137,7 @@
msgid "error fetching certificate by subject: %s\n"
msgstr ""
-#: src/certcache.c:1338 src/validate.c:436
+#: src/certcache.c:1338 src/validate.c:445
msgid "no issuer found in certificate\n"
msgstr ""
@@ -146,486 +146,487 @@
msgid "error getting authorityKeyIdentifier: %s\n"
msgstr ""
-#: src/crlcache.c:206
+#: src/crlcache.c:214
#, c-format
msgid "creating directory `%s'\n"
msgstr ""
-#: src/crlcache.c:210
+#: src/crlcache.c:218
#, c-format
msgid "error creating directory `%s': %s\n"
msgstr ""
-#: src/crlcache.c:238
+#: src/crlcache.c:246
#, c-format
msgid "ignoring database dir `%s'\n"
msgstr ""
-#: src/crlcache.c:247
+#: src/crlcache.c:255
#, c-format
msgid "error reading directory `%s': %s\n"
msgstr ""
-#: src/crlcache.c:268
+#: src/crlcache.c:276
#, c-format
msgid "removing cache file `%s'\n"
msgstr ""
-#: src/crlcache.c:277
+#: src/crlcache.c:285
#, c-format
msgid "not removing file `%s'\n"
msgstr ""
-#: src/crlcache.c:346 src/crlcache.c:1041
+#: src/crlcache.c:374 src/crlcache.c:1113
#, c-format
msgid "error closing cache file: %s\n"
msgstr ""
-#: src/crlcache.c:383 src/crlcache.c:727
+#: src/crlcache.c:412 src/crlcache.c:788
#, c-format
msgid "failed to open cache dir file `%s': %s\n"
msgstr ""
-#: src/crlcache.c:393
+#: src/crlcache.c:422
#, c-format
msgid "error creating new cache dir file `%s': %s\n"
msgstr ""
-#: src/crlcache.c:400
+#: src/crlcache.c:429
#, c-format
msgid "error writing new cache dir file `%s': %s\n"
msgstr ""
-#: src/crlcache.c:407
+#: src/crlcache.c:436
#, c-format
msgid "error closing new cache dir file `%s': %s\n"
msgstr ""
-#: src/crlcache.c:412
+#: src/crlcache.c:441
#, c-format
msgid "new cache dir file `%s' created\n"
msgstr ""
-#: src/crlcache.c:417
+#: src/crlcache.c:446
#, c-format
msgid "failed to re-open cache dir file `%s': %s\n"
msgstr ""
-#: src/crlcache.c:444
+#: src/crlcache.c:474
#, c-format
msgid "first record of `%s' is not the version\n"
msgstr ""
-#: src/crlcache.c:455
+#: src/crlcache.c:487
msgid "old version of cache directory - cleaning up\n"
msgstr ""
-#: src/crlcache.c:471
+#: src/crlcache.c:503
msgid "old version of cache directory - giving up\n"
msgstr ""
-#: src/crlcache.c:559
+#: src/crlcache.c:608
#, c-format
msgid "extra field detected in crl record of `%s' line %u\n"
msgstr ""
-#: src/crlcache.c:567
+#: src/crlcache.c:616
#, c-format
msgid "invalid line detected in `%s' line %u\n"
msgstr ""
-#: src/crlcache.c:576
+#: src/crlcache.c:625
#, c-format
msgid "duplicate entry detected in `%s' line %u\n"
msgstr ""
-#: src/crlcache.c:591
+#: src/crlcache.c:640
#, c-format
msgid "unsupported record type in `%s' line %u skipped\n"
msgstr ""
-#: src/crlcache.c:599 src/crlcache.c:842 src/dirmngr.c:1379
+#: src/crlcache.c:649 src/crlcache.c:654 src/crlcache.c:908 src/crlcache.c:914
+#: src/dirmngr.c:1379
#, c-format
msgid "error reading `%s': %s\n"
msgstr ""
-#: src/crlcache.c:611
+#: src/crlcache.c:666
#, c-format
msgid "invalid issuer hash in `%s' line %u\n"
msgstr ""
-#: src/crlcache.c:617
+#: src/crlcache.c:672
#, c-format
msgid "no issuer DN in `%s' line %u\n"
msgstr ""
-#: src/crlcache.c:624
+#: src/crlcache.c:679
#, c-format
msgid "invalid timestamp in `%s' line %u\n"
msgstr ""
-#: src/crlcache.c:630
+#: src/crlcache.c:685
#, c-format
msgid "WARNING: invalid cache file hash in `%s' line %u\n"
msgstr ""
-#: src/crlcache.c:636
+#: src/crlcache.c:691
msgid "detected errors in cache dir file\n"
msgstr ""
-#: src/crlcache.c:637
+#: src/crlcache.c:692
msgid "please check the reason and manually delete that file\n"
msgstr ""
-#: src/crlcache.c:767
+#: src/crlcache.c:820 src/crlcache.c:834
#, c-format
msgid "failed to create temporary cache dir file `%s': %s\n"
msgstr ""
-#: src/crlcache.c:847
+#: src/crlcache.c:919
#, c-format
msgid "error writing `%s': %s\n"
msgstr ""
-#: src/crlcache.c:858
+#: src/crlcache.c:930
#, c-format
msgid "error closing `%s': %s\n"
msgstr ""
-#: src/crlcache.c:870
+#: src/crlcache.c:942
#, c-format
msgid "error renaming `%s' to `%s': %s\n"
msgstr ""
-#: src/crlcache.c:925
+#: src/crlcache.c:997
#, c-format
msgid "can't hash `%s': %s\n"
msgstr ""
-#: src/crlcache.c:933
+#: src/crlcache.c:1005
#, c-format
msgid "error setting up MD5 hash context: %s\n"
msgstr ""
-#: src/crlcache.c:949
+#: src/crlcache.c:1021
#, c-format
msgid "error hashing `%s': %s\n"
msgstr ""
-#: src/crlcache.c:977
+#: src/crlcache.c:1049
#, c-format
msgid "invalid formatted checksum for `%s'\n"
msgstr ""
-#: src/crlcache.c:1030
+#: src/crlcache.c:1102
msgid "too many open cache files; can't open anymore\n"
msgstr ""
-#: src/crlcache.c:1048
+#: src/crlcache.c:1120
#, c-format
msgid "opening cache file `%s'\n"
msgstr ""
-#: src/crlcache.c:1067
+#: src/crlcache.c:1139
#, c-format
msgid "error opening cache file `%s': %s\n"
msgstr ""
-#: src/crlcache.c:1076
+#: src/crlcache.c:1148
#, c-format
msgid "error initializing cache file `%s' for reading: %s\n"
msgstr ""
-#: src/crlcache.c:1097
+#: src/crlcache.c:1169
msgid "calling unlock_db_file on a closed file\n"
msgstr ""
-#: src/crlcache.c:1099
+#: src/crlcache.c:1171
msgid "calling unlock_db_file on an unlocked file\n"
msgstr ""
-#: src/crlcache.c:1153
+#: src/crlcache.c:1225
#, c-format
msgid "failed to create a new cache object: %s\n"
msgstr ""
-#: src/crlcache.c:1208
+#: src/crlcache.c:1280
#, c-format
msgid "no CRL available for issuer id %s\n"
msgstr ""
-#: src/crlcache.c:1215
+#: src/crlcache.c:1287
#, c-format
msgid "cached CRL for issuer id %s too old; update required\n"
msgstr ""
-#: src/crlcache.c:1229
+#: src/crlcache.c:1301
#, c-format
msgid ""
"force-crl-refresh active and %d minutes passed for issuer id %s; update "
"required\n"
msgstr ""
-#: src/crlcache.c:1237
+#: src/crlcache.c:1309
#, c-format
msgid "force-crl-refresh active for issuer id %s; update required\n"
msgstr ""
-#: src/crlcache.c:1246
+#: src/crlcache.c:1318
#, c-format
msgid "available CRL for issuer ID %s can't be used\n"
msgstr ""
-#: src/crlcache.c:1257
+#: src/crlcache.c:1329
#, c-format
msgid "cached CRL for issuer id %s tampered; we need to update\n"
msgstr ""
-#: src/crlcache.c:1269
+#: src/crlcache.c:1341
msgid "WARNING: invalid cache record length for S/N "
msgstr ""
-#: src/crlcache.c:1278
+#: src/crlcache.c:1350
#, c-format
msgid "problem reading cache record for S/N %s: %s\n"
msgstr ""
-#: src/crlcache.c:1281
+#: src/crlcache.c:1353
#, c-format
msgid "S/N %s is not valid; reason=%02X date=%.15s\n"
msgstr ""
-#: src/crlcache.c:1292
+#: src/crlcache.c:1364
#, c-format
msgid "S/N %s is valid, it is not listed in the CRL\n"
msgstr ""
-#: src/crlcache.c:1300
+#: src/crlcache.c:1372
#, c-format
msgid "error getting data from cache file: %s\n"
msgstr ""
-#: src/crlcache.c:1436 src/validate.c:833
+#: src/crlcache.c:1534 src/validate.c:868
#, c-format
msgid "unknown hash algorithm `%s'\n"
msgstr ""
-#: src/crlcache.c:1443
+#: src/crlcache.c:1541
#, c-format
msgid "gcry_md_open for algorithm %d failed: %s\n"
msgstr ""
-#: src/crlcache.c:1480 src/crlcache.c:1499
+#: src/crlcache.c:1578 src/crlcache.c:1597
msgid "got an invalid S-expression from libksba\n"
msgstr ""
-#: src/crlcache.c:1487 src/crlcache.c:1506 src/misc.c:438
+#: src/crlcache.c:1585 src/crlcache.c:1604 src/misc.c:438
#, c-format
msgid "converting S-expression failed: %s\n"
msgstr ""
-#: src/crlcache.c:1521 src/ocsp.c:419
+#: src/crlcache.c:1619 src/ocsp.c:419
#, c-format
msgid "creating S-expression failed: %s\n"
msgstr ""
-#: src/crlcache.c:1589
+#: src/crlcache.c:1691
#, c-format
msgid "ksba_crl_parse failed: %s\n"
msgstr ""
-#: src/crlcache.c:1603
+#: src/crlcache.c:1705
#, c-format
msgid "error getting update times of CRL: %s\n"
msgstr ""
-#: src/crlcache.c:1610
+#: src/crlcache.c:1712
#, c-format
msgid "update times of this CRL: this=%s next=%s\n"
msgstr ""
-#: src/crlcache.c:1614
+#: src/crlcache.c:1716
msgid "nextUpdate not given; assuming a validity period of one day\n"
msgstr ""
-#: src/crlcache.c:1634
+#: src/crlcache.c:1736
#, c-format
msgid "error getting CRL item: %s\n"
msgstr ""
-#: src/crlcache.c:1649
+#: src/crlcache.c:1751
#, c-format
msgid "error inserting item into temporary cache file: %s\n"
msgstr ""
-#: src/crlcache.c:1676
+#: src/crlcache.c:1778
#, c-format
msgid "no CRL issuer found in CRL: %s\n"
msgstr ""
-#: src/crlcache.c:1691
+#: src/crlcache.c:1793
msgid "locating CRL issuer certificate by authorityKeyIdentifier\n"
msgstr ""
-#: src/crlcache.c:1736
+#: src/crlcache.c:1838
#, c-format
msgid "CRL signature verification failed: %s\n"
msgstr ""
-#: src/crlcache.c:1746
+#: src/crlcache.c:1849
#, c-format
msgid "error checking validity of CRL issuer certificate: %s\n"
msgstr ""
-#: src/crlcache.c:1874
+#: src/crlcache.c:1980
#, c-format
msgid "ksba_crl_new failed: %s\n"
msgstr ""
-#: src/crlcache.c:1881
+#: src/crlcache.c:1987
#, c-format
msgid "ksba_crl_set_reader failed: %s\n"
msgstr ""
-#: src/crlcache.c:1911
+#: src/crlcache.c:2021
#, c-format
msgid "removed stale temporary cache file `%s'\n"
msgstr ""
-#: src/crlcache.c:1914
+#: src/crlcache.c:2025
#, c-format
msgid "problem removing stale temporary cache file `%s': %s\n"
msgstr ""
-#: src/crlcache.c:1924
+#: src/crlcache.c:2035
#, c-format
msgid "error creating temporary cache file `%s': %s\n"
msgstr ""
-#: src/crlcache.c:1934
+#: src/crlcache.c:2045
#, c-format
msgid "crl_parse_insert failed: %s\n"
msgstr ""
-#: src/crlcache.c:1944
+#: src/crlcache.c:2055
#, c-format
msgid "error finishing temporary cache file `%s': %s\n"
msgstr ""
-#: src/crlcache.c:1951
+#: src/crlcache.c:2062
#, c-format
msgid "error closing temporary cache file `%s': %s\n"
msgstr ""
-#: src/crlcache.c:1976
+#: src/crlcache.c:2087
#, c-format
msgid "WARNING: new CRL still too old; it expired on %s - loading anyway\n"
msgstr ""
-#: src/crlcache.c:1980
+#: src/crlcache.c:2091
#, c-format
msgid "new CRL still too old; it expired on %s\n"
msgstr ""
-#: src/crlcache.c:1996
+#: src/crlcache.c:2107
#, c-format
msgid "unknown critical CRL extension %s\n"
msgstr ""
-#: src/crlcache.c:2006
+#: src/crlcache.c:2117
#, c-format
msgid "error reading CRL extensions: %s\n"
msgstr ""
-#: src/crlcache.c:2040
+#: src/crlcache.c:2168
#, c-format
msgid "creating cache file `%s'\n"
msgstr ""
-#: src/crlcache.c:2047
+#: src/crlcache.c:2175
#, c-format
msgid "problem renaming `%s' to `%s': %s\n"
msgstr ""
-#: src/crlcache.c:2061
+#: src/crlcache.c:2189
msgid ""
"updating the DIR file failed - cache entry will get lost with the next "
"program start\n"
msgstr ""
-#: src/crlcache.c:2097
+#: src/crlcache.c:2226
#, c-format
msgid "Begin CRL dump (retrieved via %s)\n"
msgstr ""
-#: src/crlcache.c:2117
+#: src/crlcache.c:2249
#, c-format
msgid ""
" ERROR: The CRL will not be used because it was still too old after an "
"update!\n"
msgstr ""
-#: src/crlcache.c:2119
+#: src/crlcache.c:2251
#, c-format
msgid ""
" ERROR: The CRL will not be used due to an unknown critical extension!\n"
msgstr ""
-#: src/crlcache.c:2121
+#: src/crlcache.c:2253
#, c-format
msgid " ERROR: The CRL will not be used\n"
msgstr ""
-#: src/crlcache.c:2128
+#: src/crlcache.c:2260
#, c-format
msgid " ERROR: This cached CRL may has been tampered with!\n"
msgstr ""
-#: src/crlcache.c:2145
+#: src/crlcache.c:2277
msgid " WARNING: invalid cache record length\n"
msgstr ""
-#: src/crlcache.c:2152
+#: src/crlcache.c:2284
#, c-format
msgid "problem reading cache record: %s\n"
msgstr ""
-#: src/crlcache.c:2163
+#: src/crlcache.c:2295
#, c-format
msgid "problem reading cache key: %s\n"
msgstr ""
-#: src/crlcache.c:2194
+#: src/crlcache.c:2326
#, c-format
msgid "error reading cache entry from db: %s\n"
msgstr ""
-#: src/crlcache.c:2197
+#: src/crlcache.c:2329
#, c-format
msgid "End CRL dump\n"
msgstr ""
-#: src/crlcache.c:2243 src/crlfetch.c:213 src/ldap.c:656
+#: src/crlcache.c:2375 src/crlfetch.c:213 src/ldap.c:656
#, c-format
msgid "error initializing reader object: %s\n"
msgstr ""
-#: src/crlcache.c:2324
+#: src/crlcache.c:2456
#, c-format
msgid "crl_fetch via DP failed: %s\n"
msgstr ""
-#: src/crlcache.c:2335
+#: src/crlcache.c:2467
#, c-format
msgid "crl_cache_insert via DP failed: %s\n"
msgstr ""
-#: src/crlcache.c:2385
+#: src/crlcache.c:2517
#, c-format
msgid "crl_fetch via issuer failed: %s\n"
msgstr ""
-#: src/crlcache.c:2395
+#: src/crlcache.c:2527
#, c-format
msgid "crl_cache_insert via issuer failed: %s\n"
msgstr ""
@@ -1211,7 +1212,7 @@
msgid "no suitable certificate found to verify the OCSP response\n"
msgstr ""
-#: src/ocsp.c:551 src/validate.c:588
+#: src/ocsp.c:551 src/validate.c:609
#, c-format
msgid "issuer certificate not found: %s\n"
msgstr ""
@@ -1300,80 +1301,80 @@
msgid "OCSP responder returned an too old status\n"
msgstr ""
-#: src/server.c:174 src/server.c:286
+#: src/server.c:174 src/server.c:286 src/server.c:332
#, c-format
msgid "assuan_inquire(%s) failed: %s\n"
msgstr ""
-#: src/server.c:390
+#: src/server.c:425
msgid "ldapserver missing"
msgstr ""
-#: src/server.c:461
+#: src/server.c:496
msgid "serialno missing in cert ID"
msgstr ""
-#: src/server.c:514 src/server.c:628 src/server.c:713 src/server.c:1008
-#: src/server.c:1036 src/server.c:1062 src/server.c:1115 src/server.c:1184
+#: src/server.c:549 src/server.c:663 src/server.c:748 src/server.c:1043
+#: src/server.c:1071 src/server.c:1097 src/server.c:1150 src/server.c:1219
#, c-format
msgid "command %s failed: %s\n"
msgstr ""
-#: src/server.c:599 src/server.c:687 src/server.c:1095 src/server.c:1148
+#: src/server.c:634 src/server.c:722 src/server.c:1130 src/server.c:1183
#, c-format
msgid "assuan_inquire failed: %s\n"
msgstr ""
-#: src/server.c:732
+#: src/server.c:767
#, c-format
msgid "fetch_cert_by_url failed: %s\n"
msgstr ""
-#: src/server.c:744 src/server.c:775 src/server.c:931
+#: src/server.c:779 src/server.c:810 src/server.c:966
#, c-format
msgid "error sending data: %s\n"
msgstr ""
-#: src/server.c:879
+#: src/server.c:914
#, c-format
msgid "start_cert_fetch failed: %s\n"
msgstr ""
-#: src/server.c:912
+#: src/server.c:947
#, c-format
msgid "fetch_next_cert failed: %s\n"
msgstr ""
-#: src/server.c:939
+#: src/server.c:974
#, c-format
msgid "max_replies %d exceeded\n"
msgstr ""
-#: src/server.c:1058
+#: src/server.c:1093
msgid "no data stream"
msgstr ""
-#: src/server.c:1250
+#: src/server.c:1285
#, c-format
msgid "can't allocate control structure: %s\n"
msgstr ""
-#: src/server.c:1273
+#: src/server.c:1308
#, c-format
msgid "failed to initialize the server: %s\n"
msgstr ""
-#: src/server.c:1281
+#: src/server.c:1316
#, c-format
msgid "failed to the register commands with Assuan: %s\n"
msgstr ""
-#: src/server.c:1324
+#: src/server.c:1359
#, c-format
msgid "Assuan accept problem: %s\n"
msgstr ""
-#: src/server.c:1344
+#: src/server.c:1379
#, c-format
msgid "Assuan processing failed: %s\n"
msgstr ""
@@ -1411,108 +1412,108 @@
msgid "checking CRL for"
msgstr ""
-#: src/validate.c:365
+#: src/validate.c:374
msgid "running in compatibility mode - certificate chain not checked!\n"
msgstr ""
-#: src/validate.c:450
+#: src/validate.c:459
#, c-format
msgid "certificate with invalid validity: %s"
msgstr ""
-#: src/validate.c:468
+#: src/validate.c:477
msgid "certificate not yet valid"
msgstr ""
-#: src/validate.c:479
+#: src/validate.c:488
msgid "certificate has expired"
msgstr ""
-#: src/validate.c:509
+#: src/validate.c:518
msgid "selfsigned certificate has a BAD signature"
msgstr ""
-#: src/validate.c:527
+#: src/validate.c:536
msgid "root certificate is not marked trusted"
msgstr ""
-#: src/validate.c:529
+#: src/validate.c:538
#, c-format
msgid "fingerprint=%s\n"
msgstr ""
-#: src/validate.c:535
+#: src/validate.c:551
#, c-format
msgid "checking trustworthiness of root certificate failed: %s\n"
msgstr ""
-#: src/validate.c:570
+#: src/validate.c:591
msgid "certificate chain too long\n"
msgstr ""
-#: src/validate.c:582
+#: src/validate.c:603
msgid "issuer certificate not found"
msgstr ""
-#: src/validate.c:608
+#: src/validate.c:629
msgid "certificate has a BAD signature"
msgstr ""
-#: src/validate.c:632
+#: src/validate.c:653
msgid "found another possible matching CA certificate - trying again"
msgstr ""
-#: src/validate.c:657
+#: src/validate.c:678
#, c-format
msgid "certificate chain longer than allowed by CA (%d)"
msgstr ""
-#: src/validate.c:687
+#: src/validate.c:708
msgid "certificate is good\n"
msgstr ""
-#: src/validate.c:707
+#: src/validate.c:728
msgid "certificate chain is good\n"
msgstr ""
-#: src/validate.c:932
+#: src/validate.c:958
msgid "DSA requires the use of a 160 bit hash algorithm\n"
msgstr ""
-#: src/validate.c:1039
+#: src/validate.c:1065
msgid "no key usage specified - assuming all usages\n"
msgstr ""
-#: src/validate.c:1049
+#: src/validate.c:1075
#, c-format
msgid "error getting key usage information: %s\n"
msgstr ""
-#: src/validate.c:1059
+#: src/validate.c:1085
msgid "certificate should have not been used for certification\n"
msgstr ""
-#: src/validate.c:1071
+#: src/validate.c:1097
msgid "certificate should have not been used for OCSP response signing\n"
msgstr ""
-#: src/validate.c:1080
+#: src/validate.c:1106
msgid "certificate should have not been used for CRL signing\n"
msgstr ""
-#: src/validate.c:1091
+#: src/validate.c:1117
msgid "certificate should have not been used for encryption\n"
msgstr ""
-#: src/validate.c:1093
+#: src/validate.c:1119
msgid "certificate should have not been used for signing\n"
msgstr ""
-#: src/validate.c:1094
+#: src/validate.c:1120
msgid "certificate is not usable for encryption\n"
msgstr ""
-#: src/validate.c:1095
+#: src/validate.c:1121
msgid "certificate is not usable for signing\n"
msgstr ""
Modified: trunk/src/certcache.c
===================================================================
--- trunk/src/certcache.c 2008-09-30 14:41:40 UTC (rev 309)
+++ trunk/src/certcache.c 2008-10-21 14:50:28 UTC (rev 310)
@@ -348,7 +348,7 @@
/* Load certificates from the directory DIRNAME. All certificates
- matching the pattern "*.crt" are loaded. We assume that
+ matching the pattern "*.crt" or "*.der" are loaded. We assume that
certificates are DER encoded and not PEM encapsulated. The cache
should be in a locked state when calling this fucntion. */
static gpg_error_t
@@ -379,8 +379,8 @@
if (*p == '.' || !*p)
continue; /* Skip any hidden files and invalid entries. */
n = strlen (p);
- if ( n < 5 || strcmp (p+n-4,".crt") )
- continue; /* Not the desired "*.crt" pattern. */
+ if ( n < 5 || (strcmp (p+n-4,".crt") && strcmp (p+n-4,".der")))
+ continue; /* Not the desired "*.crt" or "*.der" pattern. */
xfree (fname);
fname = make_filename (dirname, p, NULL);
Modified: trunk/src/crlcache.c
===================================================================
--- trunk/src/crlcache.c 2008-09-30 14:41:40 UTC (rev 309)
+++ trunk/src/crlcache.c 2008-10-21 14:50:28 UTC (rev 310)
@@ -49,7 +49,10 @@
1.3. CRL cache record
- Field 1: Constant "c" or "i"
+ Field 1: Constant "c", "u" or "i".
+ A "c" or "u" indicate a valid cache entry, however
+ "u" requires that a user root certificate check needs
+ to be done.
An "i" indicates an invalid Cache entry which should
not be used but still exists so that it can be
updated at NEXT_UPDATE.
@@ -60,10 +63,11 @@
Field 5: 15 character ISO timestamp with THIS_UPDATE.
Field 6: 15 character ISO timestamp with NEXT_UPDATE.
Field 7: Hexadecimal encoded MD-5 hash of the DB file to detect
- accidential modified (i.e.deleted and created) cache files.
+ accidental modified (i.e. deleted and created) cache files.
Field 8: optional CRL number as a hex string.
Field 9: AuthorityKeyID.issuer, each Name separated by 0x01
Field 10: AuthorityKeyID.serial
+ Field 11: Hex fingerprint of trust anchor if field 1 is 'u'.
2. Layout of the standard CRL Cache DB file:
@@ -71,12 +75,13 @@
n bytes Serialnumber (binary) used as key
thus there is no need to store the length explicitly with DB2.
- 1 byte Reason for revocation (currently the KSBA reason flags are used)
+ 1 byte Reason for revocation
+ (currently the KSBA reason flags are used)
15 bytes ISO date of revocation (e.g. 19980815T142000)
Note that there is no terminating 0 stored.
The filename used is the hexadecimal (using uppercase letters)
- SHA-1 hash value of the issuer DN prefix with a "crl-" and
+ SHA-1 hash value of the issuer DN prefixed with a "crl-" and
suffixed with a ".db". Thus the length of the filename is 47.
@@ -108,6 +113,7 @@
#include "crlfetch.h"
#include "misc.h"
#include "cdb.h"
+#include "estream-printf.h"
/* Change this whenever the format changes */
#define DBDIR_D (opt.system_daemon? "crls.d" : "dirmngr-cache.d")
@@ -139,6 +145,8 @@
char *issuer_hash; /* Ditto. */
char *dbfile_hash; /* MD5 sum of the cache file, points into RELEASE_PTR.*/
int invalid; /* Can't use this CRL. */
+ int user_trust_req; /* User supplied root certificate required. */
+ char *check_trust_anchor; /* Malloced fingerprint. */
ksba_isotime_t this_update;
ksba_isotime_t next_update;
ksba_isotime_t last_refresh; /* Use for the force_crl_refresh feature. */
@@ -290,7 +298,7 @@
removed, the function will read the last line of a file, even if
that is not terminated by a LF. */
static char *
-next_line_from_file (FILE *fp)
+next_line_from_file (FILE *fp, gpg_error_t *r_err)
{
char buf[300];
char *largebuf = NULL;
@@ -298,7 +306,9 @@
size_t len = 0;
unsigned char *p;
int c;
+ char *tmpbuf;
+ *r_err = 0;
p = buf;
buflen = sizeof buf - 1;
while ((c=getc (fp)) != EOF && c != '\n')
@@ -308,13 +318,25 @@
if (!largebuf)
{
buflen += 1024;
- largebuf = xmalloc ( buflen + 1 );
+ largebuf = xtrymalloc ( buflen + 1 );
+ if (!largebuf)
+ {
+ *r_err = gpg_error_from_syserror ();
+ return NULL;
+ }
memcpy (largebuf, buf, len);
}
else
{
buflen += 1024;
- largebuf = xrealloc (largebuf, buflen + 1);
+ tmpbuf = xtryrealloc (largebuf, buflen + 1);
+ if (!tmpbuf)
+ {
+ *r_err = gpg_error_from_syserror ();
+ xfree (largebuf);
+ return NULL;
+ }
+ largebuf = tmpbuf;
}
p = largebuf;
}
@@ -325,9 +347,15 @@
p[len] = 0;
if (largebuf)
- return xrealloc (largebuf, len+1);
+ tmpbuf = xtryrealloc (largebuf, len+1);
else
- return xstrdup (buf);
+ tmpbuf = xtrystrdup (buf);
+ if (!tmpbuf)
+ {
+ *r_err = gpg_error_from_syserror ();
+ xfree (largebuf);
+ }
+ return tmpbuf;
}
@@ -346,6 +374,7 @@
log_error (_("error closing cache file: %s\n"), strerror(errno));
}
xfree (entry->release_ptr);
+ xfree (entry->check_trust_anchor);
xfree (entry);
}
}
@@ -430,11 +459,12 @@
int cleanup_on_mismatch)
{
char *line;
+ gpg_error_t lineerr = 0;
FILE *fp = *fpadr;
int created = 0;
retry:
- while ((line = next_line_from_file (fp)))
+ while ((line = next_line_from_file (fp, &lineerr)))
{
++*lineno;
if (*line == 'v' && line[1] == ':')
@@ -447,6 +477,8 @@
}
xfree (line);
}
+ if (lineerr)
+ return lineerr;
if (strtol (line+2, NULL, 10) != DBDIRVERSION)
{
@@ -485,15 +517,20 @@
static gpg_error_t
open_dir (crl_cache_t *r_cache)
{
- crl_cache_t cache = xcalloc (1, sizeof *cache);
+ crl_cache_t cache;
char *fname;
char *line = NULL;
+ gpg_error_t lineerr = 0;
FILE *fp;
crl_cache_entry_t entry, *entrytail;
unsigned int lineno;
gpg_error_t err = 0;
int anyerr = 0;
+ cache = xtrycalloc (1, sizeof *cache);
+ if (!cache)
+ return gpg_error_from_syserror ();
+
fname = make_filename (opt.homedir_cache, DBDIR_D, DBDIRFILE, NULL);
lineno = 0;
@@ -513,15 +550,20 @@
cache->entries = NULL;
entrytail = &cache->entries;
xfree (line);
- while ((line = next_line_from_file (fp)))
+ while ((line = next_line_from_file (fp, &lineerr)))
{
int fieldno;
char *p, *endp;
lineno++;
- if ( *line == 'c' || *line == 'i' )
+ if ( *line == 'c' || *line == 'u' || *line == 'i' )
{
- entry = xcalloc (1, sizeof *entry);
+ entry = xtrycalloc (1, sizeof *entry);
+ if (!entry)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
entry->lineno = lineno;
entry->release_ptr = line;
if (*line == 'i')
@@ -530,6 +572,9 @@
if (entry->invalid < 1)
entry->invalid = 1;
}
+ else if (*line == 'u')
+ entry->user_trust_req = 1;
+
for (fieldno=1, p = line; p; p = endp, fieldno++)
{
endp = strchr (p, ':');
@@ -554,6 +599,10 @@
if (*p)
entry->authority_serialno = unpercent_string (p);
break;
+ case 11:
+ if (*p)
+ entry->check_trust_anchor = xtrystrdup (p);
+ break;
default:
if (*p)
log_info (_("extra field detected in crl record of "
@@ -594,6 +643,12 @@
if (line)
xfree (line);
}
+ if (lineerr)
+ {
+ err = lineerr;
+ log_error (_("error reading `%s': %s\n"), fname, gpg_strerror (err));
+ goto leave;
+ }
if (ferror (fp))
{
log_error (_("error reading `%s': %s\n"), fname, strerror (errno));
@@ -673,6 +728,8 @@
{
if (e->invalid)
fprintf (fp, "i%d", e->invalid);
+ else if (e->user_trust_req)
+ putc ('u', fp);
else
putc ('c', fp);
putc (':', fp);
@@ -696,6 +753,9 @@
putc (':', fp);
if (e->authority_serialno)
fputs (e->authority_serialno, fp);
+ putc (':', fp);
+ if (e->check_trust_anchor && e->user_trust_req)
+ fputs (e->check_trust_anchor, fp);
putc ('\n', fp);
}
@@ -707,6 +767,7 @@
char *fname = NULL;
char *tmpfname = NULL;
char *line = NULL;
+ gpg_error_t lineerr = 0;
FILE *fp, *fpout = NULL;
crl_cache_entry_t e;
unsigned int lineno;
@@ -751,9 +812,15 @@
nodename = utsbuf.nodename;
#endif
- tmpbuf = xmalloc (strlen (nodename) + 100);
- sprintf (tmpbuf, "DIR-tmp-%s-%u-%p.txt.tmp",
- nodename, (unsigned int)getpid (), tmpbuf);
+ estream_asprintf (&tmpbuf, "DIR-tmp-%s-%u-%p.txt.tmp",
+ nodename, (unsigned int)getpid (), &tmpbuf);
+ if (!tmpbuf)
+ {
+ err = gpg_error_from_errno (errno);
+ log_error (_("failed to create temporary cache dir file `%s': %s\n"),
+ tmpfname, strerror (errno));
+ goto leave;
+ }
for (p=tmpbuf; *p; p++)
if (*p == '/')
*p = '.';
@@ -769,10 +836,10 @@
goto leave;
}
- while ((line = next_line_from_file (fp)))
+ while ((line = next_line_from_file (fp, &lineerr)))
{
lineno++;
- if (*line == 'c' || *line == 'i')
+ if (*line == 'c' || *line == 'u' || *line == 'i')
{
/* Extract the issuer hash field. */
char *fieldp, *endp;
@@ -824,7 +891,7 @@
xfree (line);
}
- if (!ferror (fp) && !ferror (fpout))
+ if (!ferror (fp) && !ferror (fpout) && !lineerr)
{
/* Write out the remaining entries. */
for (e= cache->entries; e; e = e->next)
@@ -835,7 +902,12 @@
e->mark = 0;
}
}
-
+ if (lineerr)
+ {
+ err = lineerr;
+ log_error (_("error reading `%s': %s\n"), fname, gpg_strerror (err));
+ goto leave;
+ }
if (ferror (fp))
{
err = gpg_error_from_errno (errno);
@@ -1139,7 +1211,7 @@
void
crl_cache_init(void)
{
- crl_cache_t cache;
+ crl_cache_t cache = NULL;
gpg_error_t err;
if (current_cache)
@@ -1302,6 +1374,28 @@
retval = CRL_CACHE_DONTKNOW;
}
+
+ if (entry->user_trust_req
+ && (retval == CRL_CACHE_VALID || retval == CRL_CACHE_INVALID))
+ {
+ if (!entry->check_trust_anchor)
+ {
+ log_error ("inconsistent data on user trust check\n");
+ retval = CRL_CACHE_CANTUSE;
+ }
+ else if (get_istrusted_from_client (ctrl, entry->check_trust_anchor))
+ {
+ if (opt.verbose)
+ log_info ("no system trust and client does not trust either\n");
+ retval = CRL_CACHE_CANTUSE;
+ }
+ else
+ {
+ /* Okay, the CRL is considered valid by the client and thus
+ we can return the result as is. */
+ }
+ }
+
unlock_db_file (cache, entry);
return retval;
@@ -1327,7 +1421,11 @@
if (n < sizeof snbuf_buffer - 1)
snbuf = snbuf_buffer;
else
- snbuf = xmalloc (n);
+ {
+ snbuf = xtrymalloc (n);
+ if (!snbuf)
+ return CRL_CACHE_DONTKNOW;
+ }
n = unhexify (snbuf, serialno);
@@ -1445,13 +1543,7 @@
return err;
}
if (DBG_HASHING)
- {
-#ifdef HAVE_GCRY_MD_DEBUG
- gcry_md_debug (*md, "hash.cert");
-#else
- gcry_md_start_debug (*md, "crl");
-#endif
- }
+ gcry_md_debug (*md, "hash.cert");
ksba_crl_set_hash_function (crl, HASH_FNC, *md);
return 0;
@@ -1566,13 +1658,16 @@
corresponding data from the CRL. Note that these values might get
set even if the CRL processing fails at a later step; thus the
caller should free *R_ISSUER even if the function returns with an
- error.
+ error. R_TRUST_ANCHOR is set on exit to NULL or a string with the
+ hexified fingerprint of the root certificate, if checking this
+ certificate for trustiness is required.
*/
static int
crl_parse_insert (ctrl_t ctrl, ksba_crl_t crl,
struct cdb_make *cdb, const char *fname,
char **r_crlissuer,
- ksba_isotime_t thisupdate, ksba_isotime_t nextupdate)
+ ksba_isotime_t thisupdate, ksba_isotime_t nextupdate,
+ char **r_trust_anchor)
{
gpg_error_t err;
ksba_stop_reason_t stopreason;
@@ -1585,6 +1680,7 @@
*r_crlissuer = NULL;
*thisupdate = *nextupdate = 0;
+ *r_trust_anchor = NULL;
/* Start of the KSBA parser loop. */
do
@@ -1745,8 +1841,9 @@
}
md = NULL;
- err = validate_cert_chain (ctrl, crlissuer_cert,
- NULL, VALIDATE_MODE_CRL_RECURSIVE);
+ err = validate_cert_chain (ctrl, crlissuer_cert, NULL,
+ VALIDATE_MODE_CRL_RECURSIVE,
+ r_trust_anchor);
if (err)
{
log_error (_("error checking validity of CRL "
@@ -1826,15 +1923,18 @@
length += strlen (p?p:s) + 1;
xfree (p);
}
- string = xmalloc (length+1);
- *string = 0;
- for (idx=0; (s = ksba_name_enum (name, idx)); idx++)
+ string = xtrymalloc (length+1);
+ if (string)
{
- char *p = ksba_name_get_uri (name, idx);
- if (*string)
- strcat (string, "\x01");
- strcat (string, p?p:s);
- xfree (p);
+ *string = 0;
+ for (idx=0; (s = ksba_name_enum (name, idx)); idx++)
+ {
+ char *p = ksba_name_get_uri (name, idx);
+ if (*string)
+ strcat (string, "\x01");
+ strcat (string, p?p:s);
+ xfree (p);
+ }
}
ksba_name_release (name);
return string;
@@ -1866,8 +1966,8 @@
int idx;
const char *oid;
int critical;
+ char *trust_anchor = NULL;
-
/* FIXME: We should acquire a mutex for the URL, so that we don't
simultaneously enter the same CRL twice. However this needs to be
interweaved with the checking function.*/
@@ -1905,9 +2005,13 @@
nodename = utsbuf.nodename;
#endif
- tmpfname = xmalloc (strlen (nodename) + 100);
- sprintf (tmpfname, "crl-tmp-%s-%u-%p.db.tmp",
- nodename, (unsigned int)getpid (), tmpfname);
+ estream_asprintf (&tmpfname, "crl-tmp-%s-%u-%p.db.tmp",
+ nodename, (unsigned int)getpid (), &tmpfname);
+ if (!tmpfname)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
for (p=tmpfname; *p; p++)
if (*p == '/')
*p = '.';
@@ -1917,8 +2021,9 @@
log_info (_("removed stale temporary cache file `%s'\n"), fname);
else if (errno != ENOENT)
{
+ err = gpg_error_from_syserror ();
log_error (_("problem removing stale temporary cache file `%s': %s\n"),
More information about the Gnupg-commits
mailing list