[svn] GnuPG - r5392 - in trunk: agent common dirmngr
svn author wk
cvs at cvs.gnupg.org
Thu Aug 12 13:43:47 CEST 2010
Author: wk
Date: 2010-08-12 13:43:46 +0200 (Thu, 12 Aug 2010)
New Revision: 5392
Modified:
trunk/agent/ChangeLog
trunk/agent/call-pinentry.c
trunk/common/ChangeLog
trunk/common/sysutils.c
trunk/dirmngr/ChangeLog
trunk/dirmngr/crlcache.c
trunk/dirmngr/dirmngr.c
trunk/dirmngr/dirmngr.h
trunk/dirmngr/server.c
Log:
Fix dirmngr problems on CE.
Add new dirmngr commands.
Minor other fixes.
Modified: trunk/agent/ChangeLog
===================================================================
--- trunk/agent/ChangeLog 2010-08-11 14:17:25 UTC (rev 5391)
+++ trunk/agent/ChangeLog 2010-08-12 11:43:46 UTC (rev 5392)
@@ -1,5 +1,8 @@
2010-08-11 Werner Koch <wk at g10code.com>
+ * call-pinentry.c (agent_get_passphrase, agent_askpin): Fix
+ setting of confidential flag.
+
* call-scd.c (agent_card_scd): Pass assuan comment lines to the
caller.
(ASSUAN_CONVEY_COMMENTS): Provide replacement if needed.
Modified: trunk/common/ChangeLog
===================================================================
--- trunk/common/ChangeLog 2010-08-11 14:17:25 UTC (rev 5391)
+++ trunk/common/ChangeLog 2010-08-12 11:43:46 UTC (rev 5392)
@@ -1,3 +1,7 @@
+2010-08-12 Werner Koch <wk at g10code.com>
+
+ * sysutils.c (gnupg_remove) [W32CE]: Fix returned error.
+
2010-08-09 Werner Koch <wk at g10code.com>
* logging.c (WITH_IPV6): New macro.
Modified: trunk/dirmngr/ChangeLog
===================================================================
--- trunk/dirmngr/ChangeLog 2010-08-11 14:17:25 UTC (rev 5391)
+++ trunk/dirmngr/ChangeLog 2010-08-12 11:43:46 UTC (rev 5392)
@@ -1,3 +1,13 @@
+2010-08-12 Werner Koch <wk at g10code.com>
+
+ * crlcache.c (update_dir, crl_cache_insert): s/unlink/gnupg_remove/.
+
+ * dirmngr.c (dirmngr_sighup_action): New.
+
+ * server.c (cmd_killdirmngr, cmd_reloaddirmngr): New.
+ (struct server_local_s): Add field STOPME.
+ (start_command_handler): Act on STOPME.
+
2010-08-06 Werner Koch <wk at g10code.com>
* dirmngr.c (JNLIB_NEED_AFLOCAL): Define macro.
@@ -3,5 +13,4 @@
(main): Use SUN_LEN macro.
(main) [W32]: Allow EEXIST in addition to EADDRINUSE.
- (JNLIB_NEED_AFLOCAL):
2010-08-05 Werner Koch <wk at g10code.com>
Modified: trunk/agent/call-pinentry.c
===================================================================
--- trunk/agent/call-pinentry.c 2010-08-11 14:17:25 UTC (rev 5391)
+++ trunk/agent/call-pinentry.c 2010-08-12 11:43:46 UTC (rev 5392)
@@ -705,6 +705,7 @@
struct entry_parm_s parm;
const char *errtext = NULL;
int is_pin = 0;
+ int saveflag;
if (opt.batch)
return 0; /* fixme: we should return BAD PIN */
@@ -782,8 +783,11 @@
errtext = NULL;
}
+ saveflag = assuan_get_flag (entry_ctx, ASSUAN_CONFIDENTIAL);
+ assuan_begin_confidential (entry_ctx);
rc = assuan_transact (entry_ctx, "GETPIN", getpin_cb, &parm,
inq_quality, entry_ctx, NULL, NULL);
+ assuan_set_flag (entry_ctx, ASSUAN_CONFIDENTIAL, saveflag);
/* Most pinentries out in the wild return the old Assuan error code
for canceled which gets translated to an assuan Cancel error and
not to the code for a user cancel. Fix this here. */
@@ -845,6 +849,7 @@
int rc;
char line[ASSUAN_LINELENGTH];
struct entry_parm_s parm;
+ int saveflag;
*retpass = NULL;
if (opt.batch)
@@ -895,9 +900,11 @@
if (!parm.buffer)
return unlock_pinentry (out_of_core ());
+ saveflag = assuan_get_flag (entry_ctx, ASSUAN_CONFIDENTIAL);
assuan_begin_confidential (entry_ctx);
rc = assuan_transact (entry_ctx, "GETPIN", getpin_cb, &parm,
inq_quality, entry_ctx, NULL, NULL);
+ assuan_set_flag (entry_ctx, ASSUAN_CONFIDENTIAL, saveflag);
/* Most pinentries out in the wild return the old Assuan error code
for canceled which gets translated to an assuan Cancel error and
not to the code for a user cancel. Fix this here. */
Modified: trunk/common/sysutils.c
===================================================================
--- trunk/common/sysutils.c 2010-08-11 14:17:25 UTC (rev 5391)
+++ trunk/common/sysutils.c 2010-08-12 11:43:46 UTC (rev 5392)
@@ -530,8 +530,8 @@
xfree (wfname);
}
if (!rc)
- gpg_err_set_errno (EIO);
- return !rc;
+ return -1; /* ERRNO is automagically provided by gpg-error.h. */
+ return 0;
#else
return remove (fname);
#endif
Modified: trunk/dirmngr/crlcache.c
===================================================================
--- trunk/dirmngr/crlcache.c 2010-08-11 14:17:25 UTC (rev 5391)
+++ trunk/dirmngr/crlcache.c 2010-08-12 11:43:46 UTC (rev 5392)
@@ -274,7 +274,7 @@
if (okay)
{
log_info (_("removing cache file `%s'\n"), cdbname);
- if (unlink (cdbname))
+ if (gnupg_remove (cdbname))
{
log_error ("failed to remove `%s': %s\n",
cdbname, strerror (errno));
@@ -934,7 +934,7 @@
#ifdef HAVE_W32_SYSTEM
/* No atomic mv on W32 systems. */
- unlink (fname);
+ gnupg_remove (fname);
#endif
if (rename (tmpfname, fname))
{
@@ -2166,7 +2166,7 @@
if (opt.verbose)
log_info (_("creating cache file `%s'\n"), newfname);
#ifdef HAVE_W32_SYSTEM
- unlink (newfname);
+ gnupg_remove (newfname);
#endif
if (rename (fname, newfname))
{
Modified: trunk/dirmngr/dirmngr.c
===================================================================
--- trunk/dirmngr/dirmngr.c 2010-08-11 14:17:25 UTC (rev 5391)
+++ trunk/dirmngr/dirmngr.c 2010-08-12 11:43:46 UTC (rev 5392)
@@ -1578,7 +1578,22 @@
}
+/* A global function which allows us to trigger the reload stuff from
+ other places. */
+void
+dirmngr_sighup_action (void)
+{
+ log_info (_("SIGHUP received - "
+ "re-reading configuration and flushing caches\n"));
+ reread_configuration ();
+ cert_cache_deinit (0);
+ crl_cache_deinit ();
+ cert_cache_init ();
+ crl_cache_init ();
+}
+
+
/* The signal handler. */
static void
handle_signal (int signo)
@@ -1587,13 +1602,7 @@
{
#ifndef HAVE_W32_SYSTEM
case SIGHUP:
- log_info (_("SIGHUP received - "
- "re-reading configuration and flushing caches\n"));
- reread_configuration ();
- cert_cache_deinit (0);
- crl_cache_deinit ();
- cert_cache_init ();
- crl_cache_init ();
+ dirmngr_sighup_action ();
break;
case SIGUSR1:
Modified: trunk/dirmngr/dirmngr.h
===================================================================
--- trunk/dirmngr/dirmngr.h 2010-08-11 14:17:25 UTC (rev 5391)
+++ trunk/dirmngr/dirmngr.h 2010-08-12 11:43:46 UTC (rev 5392)
@@ -169,6 +169,7 @@
/*-- dirmngr.c --*/
void dirmngr_exit( int ); /* Wrapper for exit() */
void dirmngr_init_default_ctrl (ctrl_t ctrl);
+void dirmngr_sighup_action (void);
/*-- server.c --*/
ldap_server_t get_ldapservers_from_ctrl (ctrl_t ctrl);
Modified: trunk/dirmngr/server.c
===================================================================
--- trunk/dirmngr/server.c 2010-08-11 14:17:25 UTC (rev 5391)
+++ trunk/dirmngr/server.c 2010-08-12 11:43:46 UTC (rev 5392)
@@ -60,6 +60,10 @@
/* Per-session LDAP serfver. */
ldap_server_t ldapservers;
+
+ /* If this flag is set to true this dirmngr process will be
+ terminated after the end of this session. */
+ int stopme;
};
@@ -1218,7 +1222,7 @@
"\n"
"Put a certificate into the internal cache. This command might be\n"
"useful if a client knows in advance certificates required for a\n"
- "test and wnats to make sure they get added to the internal cache.\n"
+ "test and wants to make sure they get added to the internal cache.\n"
"It is also helpful for debugging. To get the actual certificate,\n"
"this command immediately inquires it using\n"
"\n"
@@ -1376,7 +1380,76 @@
}
+�
+static const char hlp_killdirmngr[] =
+ "KILLDIRMNGR\n"
+ "\n"
+ "This command allows a user - given sufficient permissions -\n"
+ "to kill this dirmngr process.\n";
+static gpg_error_t
+cmd_killdirmngr (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ (void)line;
+
+ if (opt.system_daemon)
+ {
+ if (opt.system_service)
+ return set_error (GPG_ERR_NOT_SUPPORTED,
+ "can't do that whilst running as system service");
+#ifndef HAVE_W32_SYSTEM
+ {
+ gpg_err_code_t ec;
+ assuan_peercred_t cred;
+
+ ec = gpg_err_code (assuan_get_peercred (ctx, &cred));
+ if (!ec && cred.uid)
+ ec = GPG_ERR_EPERM; /* Only root may terminate. */
+ if (ec)
+ return set_error (ec, "no permission to kill this process");
+ }
+#endif
+ }
+
+ ctrl->server_local->stopme = 1;
+ return gpg_error (GPG_ERR_EOF);
+}
+
+
+static const char hlp_reloaddirmngr[] =
+ "RELOADDIRMNGR\n"
+ "\n"
+ "This command is an alternative to SIGHUP\n"
+ "to reload the configuration.";
+static gpg_error_t
+cmd_reloaddirmngr (assuan_context_t ctx, char *line)
+{
+ (void)ctx;
+ (void)line;
+
+ if (opt.system_daemon)
+ {
+#ifndef HAVE_W32_SYSTEM
+ {
+ gpg_err_code_t ec;
+ assuan_peercred_t cred;
+
+ ec = gpg_err_code (assuan_get_peercred (ctx, &cred));
+ if (!ec && cred.uid)
+ ec = GPG_ERR_EPERM; /* Only root may terminate. */
+ if (ec)
+ return set_error (ec, "no permission to reload this process");
+ }
+#endif
+ }
+
+ dirmngr_sighup_action ();
+ return 0;
+}
+
+
+
�
/* Tell the assuan library about our commands. */
static int
@@ -1397,6 +1470,8 @@
{ "CACHECERT", cmd_cachecert, hlp_cachecert },
{ "VALIDATE", cmd_validate, hlp_validate },
{ "GETINFO", cmd_getinfo, hlp_getinfo },
+ { "KILLDIRMNGR",cmd_killdirmngr,hlp_killdirmngr },
+ { "RELOADDIRMNGR",cmd_reloaddirmngr,hlp_reloaddirmngr },
{ NULL, NULL }
};
int i, j, rc;
@@ -1552,6 +1627,9 @@
ctrl->server_local->assuan_ctx = NULL;
assuan_release (ctx);
+ if (ctrl->server_local->stopme)
+ dirmngr_exit (0);
+
if (ctrl->refcount)
log_error ("oops: connection control structure still referenced (%d)\n",
ctrl->refcount);
More information about the Gnupg-commits
mailing list