[svn] GnuPG - r5351 - in trunk: . agent am common dirmngr g13 m4 scd sm tools

svn author wk cvs at cvs.gnupg.org
Wed Jun 9 18:53:57 CEST 2010


Author: wk
Date: 2010-06-09 18:53:51 +0200 (Wed, 09 Jun 2010)
New Revision: 5351

Added:
   trunk/dirmngr/
   trunk/dirmngr/ChangeLog
   trunk/dirmngr/ChangeLog.1
   trunk/dirmngr/Makefile.am
   trunk/dirmngr/OAUTHORS
   trunk/dirmngr/ONEWS
   trunk/dirmngr/b64dec.c
   trunk/dirmngr/b64enc.c
   trunk/dirmngr/cdb.h
   trunk/dirmngr/cdblib.c
   trunk/dirmngr/certcache.c
   trunk/dirmngr/certcache.h
   trunk/dirmngr/crlcache.c
   trunk/dirmngr/crlcache.h
   trunk/dirmngr/crlfetch.c
   trunk/dirmngr/crlfetch.h
   trunk/dirmngr/dirmngr-client.c
   trunk/dirmngr/dirmngr.c
   trunk/dirmngr/dirmngr.h
   trunk/dirmngr/dirmngr_ldap.c
   trunk/dirmngr/get-path.c
   trunk/dirmngr/http.c
   trunk/dirmngr/http.h
   trunk/dirmngr/ldap-url.c
   trunk/dirmngr/ldap-url.h
   trunk/dirmngr/ldap.c
   trunk/dirmngr/ldapserver.c
   trunk/dirmngr/ldapserver.h
   trunk/dirmngr/misc.c
   trunk/dirmngr/misc.h
   trunk/dirmngr/no-libgcrypt.c
   trunk/dirmngr/ocsp.c
   trunk/dirmngr/ocsp.h
   trunk/dirmngr/server.c
   trunk/dirmngr/validate.c
   trunk/dirmngr/validate.h
Modified:
   trunk/ChangeLog
   trunk/Makefile.am
   trunk/NEWS
   trunk/agent/genkey.c
   trunk/am/cmacros.am
   trunk/autogen.sh
   trunk/common/ChangeLog
   trunk/common/asshelp.c
   trunk/common/exechelp-posix.c
   trunk/common/exechelp-w32.c
   trunk/common/exechelp-w32ce.c
   trunk/common/exechelp.h
   trunk/common/homedir.c
   trunk/common/logging.c
   trunk/common/logging.h
   trunk/common/util.h
   trunk/configure.ac
   trunk/g13/be-encfs.c
   trunk/g13/runner.c
   trunk/m4/ChangeLog
   trunk/m4/ldap.m4
   trunk/scd/ChangeLog
   trunk/scd/scdaemon.c
   trunk/sm/export.c
   trunk/sm/import.c
   trunk/tools/gpgconf-comp.c
Log:
Merged Dirmngr with GnuPG.
A few code changes to support dirmngr.


[The diff below has been truncated]

Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/ChangeLog	2010-06-09 16:53:51 UTC (rev 5351)
@@ -1,5 +1,23 @@
+2010-06-09  Werner Koch  <wk at g10code.com>
+
+	* configure.ac (GNUPG_DIRMNGR_LDAP_PGM): Add option
+	--with-dirmngr-ldap-pgm.
+
+	* am/cmacros.am (-DGNUPG_LOCALSTATEDIR): New.
+	(GNUPG_DEFAULT_DIRMNGR_LDAP): New.
+
+2010-06-08  Werner Koch  <wk at g10code.com>
+
+	* configure.ac: Add build support for dirmngr.
+	(try_ldap): Rename to try_ks_ldap.
+	(GNUPG_CHECK_LDAP): Also test if dirmngr is to be build.
+
+	* Makefile.am (SUBDIRS): Add dirmngr.
+
 2010-06-07  Werner Koch  <wk at g10code.com>
 
+	* dirmngr/: New.
+
 	* configure.ac: Add option --enable-gpgtar.
 
 2010-05-31  Werner Koch  <wk at g10code.com>

Modified: trunk/common/ChangeLog
===================================================================
--- trunk/common/ChangeLog	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/common/ChangeLog	2010-06-09 16:53:51 UTC (rev 5351)
@@ -1,3 +1,21 @@
+2010-06-09  Werner Koch  <wk at g10code.com>
+
+	* exechelp-posix.c, exechelp-w32.c
+	* exechelp-w32ce.c (gnupg_wait_process): Add new arg HANG.  Change
+	all callers.
+	(gnupg_release_process): New.  Use it after all calls to
+	gnupg_wait_process.
+
+	* util.h (GNUPG_MODULE_NAME_DIRMNGR_LDAP): New.
+	* homedir.c (gnupg_cachedir): New.
+	(w32_try_mkdir): New.
+	(dirmngr_socket_name): Chanmge standard socket name.
+	(gnupg_module_name): Support GNUPG_MODULE_NAME_DIRMNGR_LDAP.
+
+	* logging.c (log_set_get_tid_callback): Replace by ...
+	(log_set_pid_suffix_cb): .. new.
+	(do_logv): Change accordingly.
+
 2010-06-08  Marcus Brinkmann  <marcus at g10code.de>
 
 	* Makefile.am (AM_CFLAGS): Add $(LIBASSUAN_CFLAGS).
@@ -5,7 +23,7 @@
 	* sysutils.c: Include <assuan.h>.
 	(translate_sys2libc_fd_int): Cast to silence gcc warning.
 	* iobuf.c: Include <assuan.h>
-	(translate_file_handle): Fix syntax error.	
+	(translate_file_handle): Fix syntax error.
 
 2010-06-08  Werner Koch  <wk at g10code.com>
 

Modified: trunk/m4/ChangeLog
===================================================================
--- trunk/m4/ChangeLog	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/m4/ChangeLog	2010-06-09 16:53:51 UTC (rev 5351)
@@ -1,3 +1,7 @@
+2010-06-08  Werner Koch  <wk at g10code.com>
+
+	* ldap.m4 (gnupg_have_ldap): Set variable.
+
 2009-09-03  Werner Koch  <wk at g10code.com>
 
 	* estream.m4: Update for libestream.

Modified: trunk/scd/ChangeLog
===================================================================
--- trunk/scd/ChangeLog	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/scd/ChangeLog	2010-06-09 16:53:51 UTC (rev 5351)
@@ -1,3 +1,8 @@
+2010-06-09  Werner Koch  <wk at g10code.com>
+
+	* scdaemon.c (main): s/log_set_get_tid_callback/log_set_pid_suffix_cb/.
+	(tid_log_callback): Adjust for this change.
+
 2010-03-11  Werner Koch  <wk at g10code.com>
 
 	* scdaemon.c: Include "asshelp.h".

Modified: trunk/Makefile.am
===================================================================
--- trunk/Makefile.am	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/Makefile.am	2010-06-09 16:53:51 UTC (rev 5351)
@@ -61,6 +61,11 @@
 else
 g13 =
 endif
+if BUILD_DIRMNGR
+dirmngr = dirmngr
+else
+dirmngr =
+endif
 if BUILD_TOOLS
 tools = tools
 else
@@ -79,7 +84,8 @@
 endif
 
 SUBDIRS = m4 gl include common ${kbx} \
- ${gpg} ${keyserver} ${sm} ${agent} ${scd} ${g13} ${tools} po ${doc} ${tests}
+          ${gpg} ${keyserver} ${sm} ${agent} ${scd} ${g13} ${dirmngr} \
+          ${tools} po ${doc} ${tests}
 
 dist_doc_DATA = README
 

Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/NEWS	2010-06-09 16:53:51 UTC (rev 5351)
@@ -29,7 +29,9 @@
    option --use-standard-socket may now be used to use this feature by
    default.
 
+ * Dirmngr is now a part of this package.
 
+
 Noteworthy changes in version 2.0.13 (2009-09-04)
 -------------------------------------------------
 

Modified: trunk/agent/genkey.c
===================================================================
--- trunk/agent/genkey.c	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/agent/genkey.c	2010-06-09 16:53:51 UTC (rev 5351)
@@ -129,10 +129,11 @@
 
   if (gnupg_spawn_process_fd (pgmname, argv, fileno (infp), -1, -1, &pid))
     result = 1; /* Execute error - assume password should no be used.  */
-  else if (gnupg_wait_process (pgmname, pid, NULL))
+  else if (gnupg_wait_process (pgmname, pid, 0, NULL))
     result = 1; /* Helper returned an error - probably a match.  */
   else
     result = 0; /* Success; i.e. no match.  */
+  gnupg_release_process (pid);
 
   /* Overwrite our temporary file. */
   fseek (infp, 0, SEEK_SET);

Modified: trunk/am/cmacros.am
===================================================================
--- trunk/am/cmacros.am	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/am/cmacros.am	2010-06-09 16:53:51 UTC (rev 5351)
@@ -25,7 +25,8 @@
                -DGNUPG_LIBEXECDIR="\"$(libexecdir)\""    \
                -DGNUPG_LIBDIR="\"$(libdir)/@PACKAGE@\""  \
                -DGNUPG_DATADIR="\"$(datadir)/@PACKAGE@\"" \
-               -DGNUPG_SYSCONFDIR="\"$(sysconfdir)/@PACKAGE@\""
+               -DGNUPG_SYSCONFDIR="\"$(sysconfdir)/@PACKAGE@\"" \
+               -DGNUPG_LOCALSTATEDIR="\"$(localstatedir)\""
 endif
 
 
@@ -47,6 +48,9 @@
 if GNUPG_PROTECT_TOOL_PGM
 AM_CPPFLAGS += -DGNUPG_DEFAULT_PROTECT_TOOL="\"@GNUPG_PROTECT_TOOL_PGM@\""
 endif
+if GNUPG_DIRMNGR_LDAP_PGM
+AM_CPPFLAGS += -DGNUPG_DEFAULT_DIRMNGR_LDAP="\"@GNUPG_DIRMNGR_LDAP_PGM@\""
+endif
 
 # Under Windows we use LockFileEx.  WindowsCE provides this only on
 # the WindowsMobile 6 platform and thus we need to use the coredll6

Modified: trunk/autogen.sh
===================================================================
--- trunk/autogen.sh	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/autogen.sh	2010-06-09 16:53:51 UTC (rev 5351)
@@ -103,7 +103,7 @@
           w32root="$w32ce_root"
           [ -z "$w32root" ] && w32root="$HOME/w32ce_root"
           toolprefixes="$w32ce_toolprefixes arm-mingw32ce"
-          extraoptions="--disable-scdaemon --disable-zip $w32ce_extraoptions"
+          extraoptions="--disable-scdaemon --disable-zip --disable-ldap --disable-dirmngr $w32ce_extraoptions"
           ;;
         *)
           [ -z "$w32root" ] && w32root="$HOME/w32root"

Modified: trunk/common/asshelp.c
===================================================================
--- trunk/common/asshelp.c	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/common/asshelp.c	2010-06-09 16:53:51 UTC (rev 5351)
@@ -362,12 +362,13 @@
           if (err)
             log_debug ("starting `%s' for testing failed: %s\n",
                        agent_program, gpg_strerror (err));
-          else if ((err = gnupg_wait_process (agent_program, pid, &excode)))
+          else if ((err = gnupg_wait_process (agent_program, pid, 0, &excode)))
             {
               if (excode == -1)
                 log_debug ("running `%s' for testing failed: %s\n",
                            agent_program, gpg_strerror (err));
             }          
+          gnupg_release_process (pid);
 
           if (!err && !excode)
             {

Modified: trunk/common/exechelp-posix.c
===================================================================
--- trunk/common/exechelp-posix.c	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/common/exechelp-posix.c	2010-06-09 16:53:51 UTC (rev 5351)
@@ -416,38 +416,40 @@
 }
 
 
-/* Wait for the process identified by PID to terminate. PGMNAME should
-   be the same as supplied to the spawn function and is only used for
-   diagnostics. Returns 0 if the process succeeded, GPG_ERR_GENERAL
-   for any failures of the spawned program or other error codes.  If
-   EXITCODE is not NULL the exit code of the process is stored at this
-   address or -1 if it could not be retrieved and no error message is
-   logged.  */
+/* See exechelp.h for the description.  */
 gpg_error_t
-gnupg_wait_process (const char *pgmname, pid_t pid, int *exitcode)
+gnupg_wait_process (const char *pgmname, pid_t pid, int hang, int *r_exitcode)
 {
   gpg_err_code_t ec;
-
   int i, status;
 
-  if (exitcode)
-    *exitcode = -1;
+  if (r_exitcode)
+    *r_exitcode = -1;
 
   if (pid == (pid_t)(-1))
     return gpg_error (GPG_ERR_INV_VALUE);
 
 #ifdef USE_GNU_PTH
-  i = pth_waitpid ? pth_waitpid (pid, &status, 0) : waitpid (pid, &status, 0);
-#else
-  while ( (i=waitpid (pid, &status, 0)) == -1 && errno == EINTR)
-    ;
+  if (pth_waitpid)
+    i = pth_waitpid (pid, &status, hang? 0:WNOHANG);
+  else
 #endif
+    {
+      while ((i=waitpid (pid, &status, hang? 0:WNOHANG)) == (pid_t)(-1)
+             && errno == EINTR)
+        ;
+    }
+  
   if (i == (pid_t)(-1))
     {
+      ec = gpg_err_code_from_errno (errno);
       log_error (_("waiting for process %d to terminate failed: %s\n"),
                  (int)pid, strerror (errno));
-      ec = gpg_err_code_from_errno (errno);
     }
+  else if (!i)
+    {
+      ec = GPG_ERR_TIMEOUT; /* Still running.  */
+    }
   else if (WIFEXITED (status) && WEXITSTATUS (status) == 127)
     {
       log_error (_("error running `%s': probably not installed\n"), pgmname);
@@ -455,11 +457,11 @@
     }
   else if (WIFEXITED (status) && WEXITSTATUS (status))
     {
-      if (!exitcode)
+      if (!r_exitcode)
         log_error (_("error running `%s': exit status %d\n"), pgmname,
                    WEXITSTATUS (status));
       else
-        *exitcode = WEXITSTATUS (status);
+        *r_exitcode = WEXITSTATUS (status);
       ec = GPG_ERR_GENERAL;
     }
   else if (!WIFEXITED (status))
@@ -469,8 +471,8 @@
     }
   else 
     {
-      if (exitcode)
-        *exitcode = 0;
+      if (r_exitcode)
+        *r_exitcode = 0;
       ec = 0;
     }
 
@@ -478,7 +480,14 @@
 }
 
 
-/* Spawn a new process and immediatley detach from it.  The name of
+void
+gnupg_release_process (pid_t pid)
+{
+  (void)pid;
+}
+
+
+/* Spawn a new process and immediately detach from it.  The name of
    the program to exec is PGMNAME and its arguments are in ARGV (the
    programname is automatically passed as first argument).
    Environment strings in ENVP are set.  An error is returned if

Modified: trunk/common/exechelp-w32.c
===================================================================
--- trunk/common/exechelp-w32.c	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/common/exechelp-w32.c	2010-06-09 16:53:51 UTC (rev 5351)
@@ -382,7 +382,7 @@
   int cr_flags;
   char *cmdline;
   int fd, fdout, rp[2];
-  HANDLE nullhd[];
+  HANDLE nullhd[2];
   int i;
 
   (void)preexec;
@@ -428,7 +428,7 @@
     }
   
   nullhd[0] =    fd == -1? w32_open_null (0) : INVALID_HANDLE_VALUE;
-  nullhd[1] = outfd == -1? w32_open_null (1) : INVALID_HANDLE_VALUE;
+  nullhd[1] = fdout == -1? w32_open_null (1) : INVALID_HANDLE_VALUE;
 
   /* Start the process.  Note that we can't run the PREEXEC function
      because this would change our own environment. */
@@ -437,7 +437,7 @@
   si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW;
   si.wShowWindow = DEBUG_W32_SPAWN? SW_SHOW : SW_MINIMIZE;
   si.hStdInput  =    fd == -1? nullhd[0] : fd_to_handle (fd);
-  si.hStdOutput = outfd == -1? nullhd[1] : fd_to_handle (fdout);
+  si.hStdOutput = fdout == -1? nullhd[1] : fd_to_handle (fdout);
   si.hStdError  = fd_to_handle (rp[1]);
 
   cr_flags = (CREATE_DEFAULT_ERROR_MODE
@@ -599,22 +599,17 @@
 }
 
 
-/* Wait for the process identified by PID to terminate. PGMNAME should
-   be the same as supplied to the spawn function and is only used for
-   diagnostics. Returns 0 if the process succeeded, GPG_ERR_GENERAL
-   for any failures of the spawned program or other error codes.  If
-   EXITCODE is not NULL the exit code of the process is stored at this
-   address or -1 if it could not be retrieved. */
+/* See exechelp.h for a description.  */
 gpg_error_t
-gnupg_wait_process (const char *pgmname, pid_t pid, int *exitcode)
+gnupg_wait_process (const char *pgmname, pid_t pid, int hang, int *r_exitcode)
 {
   gpg_err_code_t ec;
   HANDLE proc = fd_to_handle (pid);
   int code;
   DWORD exc;
 
-  if (exitcode)
-    *exitcode = -1;
+  if (r_exitcode)
+    *r_exitcode = -1;
 
   if (pid == (pid_t)(-1))
     return gpg_error (GPG_ERR_INV_VALUE);
@@ -622,50 +617,66 @@
   /* FIXME: We should do a pth_waitpid here.  However this has not yet
      been implemented.  A special W32 pth system call would even be
      better.  */
-  code = WaitForSingleObject (proc, INFINITE);
+  code = WaitForSingleObject (proc, hang? INFINITE : 0);
   switch (code) 
     {
-      case WAIT_FAILED:
-        log_error (_("waiting for process %d to terminate failed: %s\n"),
-                   (int)pid, w32_strerror (-1));
-        ec = GPG_ERR_GENERAL;
-        break;
+    case WAIT_TIMEOUT:
+      ec = GPG_ERR_TIMEOUT;
+      break;
 
-      case WAIT_OBJECT_0:
-        if (!GetExitCodeProcess (proc, &exc))
-          {
-            log_error (_("error getting exit code of process %d: %s\n"),
-                         (int)pid, w32_strerror (-1) );
-            ec = GPG_ERR_GENERAL;
-          }
-        else if (exc)
-          {
-            log_error (_("error running `%s': exit status %d\n"),
-                       pgmname, (int)exc );
-            if (exitcode)
-              *exitcode = (int)exc;
-            ec = GPG_ERR_GENERAL;
-          }
-        else
-          {
-            if (exitcode)
-              *exitcode = 0;
-            ec = 0;
-          }
-        CloseHandle (proc);
-        break;
+    case WAIT_FAILED:
+      log_error (_("waiting for process %d to terminate failed: %s\n"),
+                 (int)pid, w32_strerror (-1));
+      ec = GPG_ERR_GENERAL;
+      break;
 
-      default:
-        log_error ("WaitForSingleObject returned unexpected "
-                   "code %d for pid %d\n", code, (int)pid );
-        ec = GPG_ERR_GENERAL;
-        break;
+    case WAIT_OBJECT_0:
+      if (!GetExitCodeProcess (proc, &exc))
+        {
+          log_error (_("error getting exit code of process %d: %s\n"),
+                     (int)pid, w32_strerror (-1) );
+          ec = GPG_ERR_GENERAL;
+        }
+      else if (exc)
+        {
+          log_error (_("error running `%s': exit status %d\n"),
+                     pgmname, (int)exc );
+          if (r_exitcode)
+            *r_exitcode = (int)exc;
+          ec = GPG_ERR_GENERAL;
+        }
+      else
+        {
+          if (r_exitcode)
+            *r_exitcode = 0;
+          ec = 0;
+        }
+      break;
+      
+    default:
+      log_error ("WaitForSingleObject returned unexpected "
+                 "code %d for pid %d\n", code, (int)pid );
+      ec = GPG_ERR_GENERAL;
+      break;
     }
-
+  
   return gpg_err_make (GPG_ERR_SOURCE_DEFAULT, ec);
 }
 
 
+
+void
+gnupg_release_process (pid_t pid)
+{
+  if (pid != (pid_t)INVALID_HANDLE_VALUE)
+    {
+      HANDLE process = (HANDLE)pid;
+      
+      CloseHandle (process);
+    }
+}
+
+
 /* Spawn a new process and immediatley detach from it.  The name of
    the program to exec is PGMNAME and its arguments are in ARGV (the
    programname is automatically passed as first argument).

Modified: trunk/common/exechelp-w32ce.c
===================================================================
--- trunk/common/exechelp-w32ce.c	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/common/exechelp-w32ce.c	2010-06-09 16:53:51 UTC (rev 5351)
@@ -653,14 +653,10 @@
   return 0;
 }
 
-/* Wait for the process identified by PID to terminate. PGMNAME should
-   be the same as supplied to the spawn function and is only used for
-   diagnostics. Returns 0 if the process succeeded, GPG_ERR_GENERAL
-   for any failures of the spawned program or other error codes.  If
-   EXITCODE is not NULL the exit code of the process is stored at this
-   address or -1 if it could not be retrieved. */
+
+/* See exechelp.h for a description.  */
 gpg_error_t
-gnupg_wait_process (const char *pgmname, pid_t pid, int *exitcode)
+gnupg_wait_process (const char *pgmname, pid_t pid, int hang, int *exitcode)
 {
   gpg_err_code_t ec;
   HANDLE proc = fd_to_handle (pid);
@@ -676,50 +672,65 @@
   /* FIXME: We should do a pth_waitpid here.  However this has not yet
      been implemented.  A special W32 pth system call would even be
      better.  */
-  code = WaitForSingleObject (proc, INFINITE);
+  code = WaitForSingleObject (proc, hang? INFINITE : 0);
   switch (code) 
     {
-      case WAIT_FAILED:
-        log_error (_("waiting for process %d to terminate failed: %s\n"),
-                   (int)pid, w32_strerror (-1));
-        ec = GPG_ERR_GENERAL;
-        break;
+    case WAIT_TIMEOUT:
+      ec = GPG_ERR_TIMEOUT;
+      break;
+      
+    case WAIT_FAILED:
+      log_error (_("waiting for process %d to terminate failed: %s\n"),
+                 (int)pid, w32_strerror (-1));
+      ec = GPG_ERR_GENERAL;
+      break;
 
-      case WAIT_OBJECT_0:
-        if (!GetExitCodeProcess (proc, &exc))
-          {
-            log_error (_("error getting exit code of process %d: %s\n"),
-                         (int)pid, w32_strerror (-1) );
-            ec = GPG_ERR_GENERAL;
+    case WAIT_OBJECT_0:
+      if (!GetExitCodeProcess (proc, &exc))
+        {
+          log_error (_("error getting exit code of process %d: %s\n"),
+                     (int)pid, w32_strerror (-1) );
+          ec = GPG_ERR_GENERAL;
           }
-        else if (exc)
-          {
-            log_error (_("error running `%s': exit status %d\n"),
+      else if (exc)
+        {
+          log_error (_("error running `%s': exit status %d\n"),
                        pgmname, (int)exc );
-            if (exitcode)
-              *exitcode = (int)exc;
-            ec = GPG_ERR_GENERAL;
-          }
-        else
-          {
-            if (exitcode)
-              *exitcode = 0;
-            ec = 0;
-          }
-        CloseHandle (proc);
-        break;
-
-      default:
-        log_error ("WaitForSingleObject returned unexpected "
-                   "code %d for pid %d\n", code, (int)pid );
-        ec = GPG_ERR_GENERAL;
-        break;
+          if (exitcode)
+            *exitcode = (int)exc;
+          ec = GPG_ERR_GENERAL;
+        }
+      else
+        {
+          if (exitcode)
+            *exitcode = 0;
+          ec = 0;
+        }
+      break;
+      
+    default:
+      log_error ("WaitForSingleObject returned unexpected "
+                 "code %d for pid %d\n", code, (int)pid );
+      ec = GPG_ERR_GENERAL;
+      break;
     }
 
   return gpg_err_make (GPG_ERR_SOURCE_DEFAULT, ec);
 }
 
 
+void
+gnupg_release_process (pid_t pid)
+{
+  if (pid != (pid_t)INVALID_HANDLE_VALUE)
+    {
+      HANDLE process = (HANDLE)pid;
+      
+      CloseHandle (process);
+    }
+}
+
+
 /* Spawn a new process and immediatley detach from it.  The name of
    the program to exec is PGMNAME and its arguments are in ARGV (the
    programname is automatically passed as first argument).

Modified: trunk/common/exechelp.h
===================================================================
--- trunk/common/exechelp.h	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/common/exechelp.h	2010-06-09 16:53:51 UTC (rev 5351)
@@ -59,8 +59,8 @@
    process are expected in the NULL terminated array ARGV.  The
    program name itself should not be included there.  If PREEXEC is
    not NULL, that function will be called right before the exec.
-   Calling gnupg_wait_process is required.  Returns 0 on success or an
-   error code.
+   Calling gnupg_wait_process and gnupg_release_process is required.
+   Returns 0 on success or an error code.
 
    FLAGS is a bit vector:
 
@@ -85,29 +85,54 @@
    and ERRFD to stderr (any of them may be -1 to connect them to
    /dev/null).  The arguments for the process are expected in the NULL
    terminated array ARGV.  The program name itself should not be
-   included there.  Calling gnupg_wait_process is required.  Returns 0
-   on success or an error code. */
+   included there.  Calling gnupg_wait_process and
+   gnupg_release_process is required.  Returns 0 on success or an
+   error code. */
 gpg_error_t gnupg_spawn_process_fd (const char *pgmname, 
                                     const char *argv[],
                                     int infd, int outfd, int errfd,
                                     pid_t *pid);
 
 
-/* Wait for the process identified by PID to terminate. PGMNAME should
-   be the same as supplied to the spawn fucntion and is only used for
-   diagnostics.  Returns 0 if the process succeded, GPG_ERR_GENERAL
-   for any failures of the spawned program or other error codes.  If
-   EXITCODE is not NULL the exit code of the process is stored at this
-   address or -1 if it could not be retrieved.  */
-gpg_error_t gnupg_wait_process (const char *pgmname, pid_t pid, int *exitcode);
+/* If HANG is true, waits for the process identified by PID to exit;
+   if HANG is false, checks whether the process has terminated.
+   PGMNAME should be the same as supplied to the spawn function and is
+   only used for diagnostics.  Return values:
 
+   0
+       The process exited successful.  0 is stored at R_EXITCODE.
 
+   GPG_ERR_GENERAL
+       The process exited without success.  The exit code of process
+       is then stored at R_EXITCODE.  An exit code of -1 indicates
+       that the process terminated abnormally (e.g. due to a signal).
+
+   GPG_ERR_TIMEOUT 
+       The process is still running (returned only if HANG is false).
+
+   GPG_ERR_INV_VALUE 
+       An invalid PID has been specified.  
+
+   Other error codes may be returned as well.  Unless otherwise noted,
+   -1 will be stored at R_EXITCODE.  R_EXITCODE may be passed as NULL
+   if the exit code is not required (in that case an error messge will
+   be printed).  Note that under Windows PID is not the process id but
+   the handle of the process.  */
+gpg_error_t gnupg_wait_process (const char *pgmname, pid_t pid, int hang,
+                                int *r_exitcode);
+
+
 /* Kill a process; that is send an appropriate signal to the process.
    gnupg_wait_process must be called to actually remove the process
    from the system.  An invalid PID is ignored.  */
 void gnupg_kill_process (pid_t pid);
 
+/* Release the process identified by PID.  This function is actually
+   only required for Windows but it does not harm to always call it.
+   It is a nop if PID is invalid.  */
+void gnupg_release_process (pid_t pid);
 
+
 /* Spawn a new process and immediatley detach from it.  The name of
    the program to exec is PGMNAME and its arguments are in ARGV (the
    programname is automatically passed as first argument).

Modified: trunk/common/homedir.c
===================================================================
--- trunk/common/homedir.c	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/common/homedir.c	2010-06-09 16:53:51 UTC (rev 5351)
@@ -44,6 +44,24 @@
 #include "sysutils.h"
 
 
+#ifdef HAVE_W32_SYSTEM
+static void
+w32_try_mkdir (const char *dir)
+{
+#ifdef HAVE_W32CE_SYSTEM
+  wchar_t *wdir = utf8_to_wchar (dir);
+  if (wdir)
+    {
+      CreateDirectory (wdir, NULL);
+      xfree (wdir);
+    }
+#else              
+  CreateDirectory (dir, NULL);
+#endif
+}
+#endif
+
+
 /* This is a helper function to load a Windows function from either of
    one DLLs. */
 #ifdef HAVE_W32_SYSTEM
@@ -114,18 +132,7 @@
           
           /* Try to create the directory if it does not yet exists.  */
           if (access (dir, F_OK))
-            {
-#ifdef HAVE_W32CE_SYSTEM
-              wchar_t *wdir = utf8_to_wchar (dir);
-              if (wdir)
-                {
-                  CreateDirectory (wdir, NULL);
-                  xfree (wdir);
-                }
-#else              
-              CreateDirectory (dir, NULL);
-#endif
-            }
+            w32_try_mkdir (dir);
         }
       else
         dir = GNUPG_DEFAULT_HOMEDIR;
@@ -366,6 +373,54 @@
 }
 
 
+/* Return the name of the cache directory.  The name is allocated in a
+   static area on the first use.  Windows only: If the directory does
+   not exist it is created.  */
+const char *
+gnupg_cachedir (void)
+{
+#ifdef HAVE_W32_SYSTEM
+  static const char *dir;
+
+  if (!dir)
+    {
+      char path[MAX_PATH];
+      const char *s1[] = { "GNU", "cache", "gnupg", NULL };
+      int s1_len;
+      const char **comp;
+
+      s1_len = 0;
+      for (comp = s1; *comp; comp++)
+        s1_len += 1 + strlen (*comp);
+
+      if (w32_shgetfolderpath (NULL, CSIDL_LOCAL_APPDATA|CSIDL_FLAG_CREATE, 
+                               NULL, 0, path) >= 0) 
+        {
+          char *tmp = xmalloc (strlen (path) + s1_len + 1);
+	  char *p;
+
+	  p = stpcpy (tmp, path);
+          for (comp = s1; *comp; comp++)
+	    {
+	      p = stpcpy (p, "\\");
+	      p = stpcpy (p, *comp);
+
+	      if (access (tmp, F_OK))
+		w32_try_mkdir (tmp);
+	    }
+
+          dir = tmp;
+        }
+      else
+        dir = "c:\\temp\\cache\\dirmngr";
+    }
+  return dir;
+#else /*!HAVE_W32_SYSTEM*/
+  return GNUPG_LOCALSTATEDIR "/cache/" PACKAGE_NAME;
+#endif /*!HAVE_W32_SYSTEM*/
+}
+
+
 /* Return the default socket name used by DirMngr. */
 const char *
 dirmngr_socket_name (void)
@@ -379,7 +434,10 @@
       const char *s2;
 
       /* We need something akin CSIDL_COMMON_PROGRAMS, but local
-	 (non-roaming).  */
+	 (non-roaming).  This is becuase the file needs to be on the
+	 local machine and makes only sense on that machine.
+	 CSIDL_WINDOWS seems to be the only location which guarantees
+	 that. */
       if (w32_shgetfolderpath (NULL, CSIDL_WINDOWS, NULL, 0, s1) < 0)
 	strcpy (s1, "C:\\WINDOWS");
       s2 = DIRSEP_S "S.dirmngr";
@@ -388,7 +446,7 @@
     }
   return name;
 #else /*!HAVE_W32_SYSTEM*/
-  return "/var/run/dirmngr/socket";
+  return GNUPG_LOCALSTATEDIR "/run/" PACKAGE_NAME "/S.dirmngr";
 #endif /*!HAVE_W32_SYSTEM*/
 }
 
@@ -450,6 +508,13 @@
       X(libexecdir, "gpg-protect-tool");
 #endif
 
+    case GNUPG_MODULE_NAME_DIRMNGR_LDAP:
+#ifdef GNUPG_DEFAULT_DIRMNGR_LDAP
+      return GNUPG_DEFAULT_DIRMNGR_LDAP;
+#else 
+      X(libexecdir, "dirmngr_ldap");
+#endif
+
     case GNUPG_MODULE_NAME_CHECK_PATTERN:
       X(libexecdir, "gpg-check-pattern");
 

Modified: trunk/common/logging.c
===================================================================
--- trunk/common/logging.c	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/common/logging.c	2010-06-09 16:53:51 UTC (rev 5351)
@@ -63,7 +63,7 @@
 static int with_time;
 static int with_prefix;
 static int with_pid;
-static unsigned long (*get_tid_callback)(void);
+static int (*get_pid_suffix_cb)(unsigned long *r_value);
 static int running_detached;
 static int force_prefixes;
 
@@ -336,9 +336,9 @@
 
 
 void
-log_set_get_tid_callback (unsigned long (*cb)(void))
+log_set_pid_suffix_cb (int (*cb)(unsigned long *r_value))
 {
-  get_tid_callback = cb;
+  get_pid_suffix_cb = cb;
 }
 
 
@@ -441,9 +441,12 @@
         es_fputs_unlocked (prefix_buffer, logstream);
       if (with_pid || force_prefixes)
         {
-          if (get_tid_callback)
-            es_fprintf_unlocked (logstream, "[%u.%lx]", 
-                        (unsigned int)getpid (), get_tid_callback ());
+          unsigned long pidsuf;
+          int pidfmt;
+
+          if (get_pid_suffix_cb && (pidfmt=get_pid_suffix_cb (&pidsuf)))
+            es_fprintf_unlocked (logstream, pidfmt == 1? "[%u.%lu]":"[%u.%lx]",
+                                 (unsigned int)getpid (), pidsuf);
           else
             es_fprintf_unlocked (logstream, "[%u]", (unsigned int)getpid ());
         }

Modified: trunk/common/logging.h
===================================================================
--- trunk/common/logging.h	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/common/logging.h	2010-06-09 16:53:51 UTC (rev 5351)
@@ -35,7 +35,7 @@
 void log_inc_errorcount (void);
 void log_set_file( const char *name );
 void log_set_fd (int fd);
-void log_set_get_tid_callback (unsigned long (*cb)(void));
+void log_set_pid_suffix_cb (int (*cb)(unsigned long *r_value));
 void log_set_prefix (const char *text, unsigned int flags);
 const char *log_get_prefix (unsigned int *flags);
 int log_test_fd (int fd);

Modified: trunk/common/util.h
===================================================================
--- trunk/common/util.h	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/common/util.h	2010-06-09 16:53:51 UTC (rev 5351)
@@ -192,6 +192,7 @@
 const char *gnupg_libdir (void);
 const char *gnupg_datadir (void);
 const char *gnupg_localedir (void);
+const char *gnupg_cachedir (void);
 const char *dirmngr_socket_name (void);
 
 /* All module names.  We also include gpg and gpgsm for the sake for
@@ -206,6 +207,7 @@
 #define GNUPG_MODULE_NAME_GPG           8
 #define GNUPG_MODULE_NAME_CONNECT_AGENT 9
 #define GNUPG_MODULE_NAME_GPGCONF       10
+#define GNUPG_MODULE_NAME_DIRMNGR_LDAP  11
 const char *gnupg_module_name (int which);
 
 

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2010-06-08 18:33:21 UTC (rev 5350)
+++ trunk/configure.ac	2010-06-09 16:53:51 UTC (rev 5351)
@@ -1,6 +1,6 @@
 # configure.ac - for GnuPG 2.1
 # Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
-#               2006, 2007, 2008, 2009 Free Software Foundation, Inc.
+#               2006, 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
 # 
 # This file is part of GnuPG.
 # 
@@ -81,11 +81,14 @@
 use_ccid_driver=yes
 use_standard_socket=no
 
+try_ks_ldap=no
+
 GNUPG_BUILD_PROGRAM(gpg, yes)
 GNUPG_BUILD_PROGRAM(gpgsm, yes)
 GNUPG_BUILD_PROGRAM(agent, yes)
 GNUPG_BUILD_PROGRAM(scdaemon, yes)
 GNUPG_BUILD_PROGRAM(g13, yes)
+GNUPG_BUILD_PROGRAM(dirmngr, yes)
 GNUPG_BUILD_PROGRAM(tools, yes)
 GNUPG_BUILD_PROGRAM(doc, yes)
 GNUPG_BUILD_PROGRAM(symcryptrun, no)
@@ -155,7 +158,16 @@
 test -n "$GNUPG_PROTECT_TOOL_PGM" \
       && show_gnupg_protect_tool_pgm="$GNUPG_PROTECT_TOOL_PGM"
 
+AC_ARG_WITH(dirmngr-ldap-pgm,
+    [  --with-dirmngr-ldap-pgm=PATH  Use PATH as the default for the dirmnge ldap wrapper)],
+          GNUPG_DIRMNGR_LDAP_PGM="$withval", GNUPG_DIRMNGR_LDAP_PGM="" )
+AC_SUBST(GNUPG_DIRMNGR_LDAP_PGM)
+AM_CONDITIONAL(GNUPG_DIRMNGR_LDAP_PGM, test -n "$GNUPG_DIRMNGR_LDAP_PGM")
+show_gnupg_dirmngr_ldap_pgm="(default)"
+test -n "$GNUPG_DIRMNGR_LDAP_PGM" \
+      && show_gnupg_dirmngr_ldap_pgm="$GNUPG_DIRMNGR_LDAP_PGM"
 
+
 # Some folks want to use only the agent from this packet.  Make it
 # easier for them by providing the configure option
 # --enable-only-agent.
@@ -239,8 +251,8 @@
     AC_MSG_CHECKING([whether LDAP keyserver support is requested])
     AC_ARG_ENABLE(ldap,
       AC_HELP_STRING([--disable-ldap],[disable LDAP keyserver interface only]),
-      try_ldap=$enableval, try_ldap=yes)
-    AC_MSG_RESULT($try_ldap)
+      try_ks_ldap=$enableval, try_ks_ldap=yes)
+    AC_MSG_RESULT($try_ks_ldap)
 
     AC_MSG_CHECKING([whether HKP keyserver support is requested])
     AC_ARG_ENABLE(hkp,
@@ -528,6 +540,7 @@
 have_w32_system=no
 have_w32ce_system=no
 use_simple_gettext=no
+mmap_needed=yes
 case "${host}" in
     *-mingw32*)
         # special stuff for Windoze NT
@@ -552,6 +565,7 @@
         esac
         try_gettext="no"
 	use_simple_gettext=yes
+	mmap_needed=no
         ;;
     i?86-emx-os2 | i?86-*-os2*emx )
         # OS/2 with the EMX environment
@@ -738,6 +752,10 @@
 AC_DEFINE_UNQUOTED(FUSERMOUNT,
 	"${FUSERMOUNT}", [defines the filename of the fusermount program])
 
+
+# Checks for dirmngr
+
+
 #
 # Checks for symcryptrun:
 #
@@ -943,7 +961,7 @@
 #
 # Check for LDAP
 #
-if test "$try_ldap" = yes ; then
+if test "$try_ks_ldap" = yes || test "$build_dirmngr" = "yes" ; then
    GNUPG_CHECK_LDAP($NETLIBS)
 fi
 
@@ -1152,9 +1170,9 @@
 AC_FUNC_FSEEKO
 AC_FUNC_VPRINTF
 AC_FUNC_FORK
-AC_CHECK_FUNCS([strerror strlwr tcgetattr mmap])
-AC_CHECK_FUNCS([strcasecmp strncasecmp ctermid times gmtime_r])
-AC_CHECK_FUNCS([unsetenv fcntl ftruncate])
+AC_CHECK_FUNCS([strerror strlwr tcgetattr mmap canonicalize_file_name])
+AC_CHECK_FUNCS([strcasecmp strncasecmp ctermid times gmtime_r strtoull])
+AC_CHECK_FUNCS([unsetenv fcntl ftruncate canonicalize_file_name])
 AC_CHECK_FUNCS([gettimeofday getrusage getrlimit setrlimit clock_gettime])
 AC_CHECK_FUNCS([atexit raise getpagesize strftime nl_langinfo setlocale])
 AC_CHECK_FUNCS([waitpid wait4 sigaction sigprocmask pipe getaddrinfo])
@@ -1162,6 +1180,11 @@
 
 AC_CHECK_TYPES([struct sigaction, sigset_t],,,[#include <signal.h>])
 
+# Dirmngr requires mmap on Unix systems.
+if test $ac_cv_func_mmap != yes -a $mmap_needed = yes; then
+  AC_MSG_ERROR([[Sorry, the current implemenation requires mmap.]])
+fi
+
 #
 # These are needed by the jnlib parts in common.
 # Note:  We already checked pwd.h.
@@ -1170,7 +1193,10 @@
                 memrchr isascii timegm getrusage setrlimit stat setlocale   \
                 flockfile funlockfile fopencookie funopen getpwnam getpwuid \
                 getenv ])
+# end jnlib checks.
 
+
+
 #
 # gnulib checks
 #
@@ -1466,18 +1492,19 @@
 fi
 
 
-AM_CONDITIONAL(BUILD_GPG,   test "$build_gpg" = "yes")
-AM_CONDITIONAL(BUILD_GPGSM, test "$build_gpgsm" = "yes")
-AM_CONDITIONAL(BUILD_AGENT, test "$build_agent" = "yes")
-AM_CONDITIONAL(BUILD_SCDAEMON, test "$build_scdaemon" = "yes")
-AM_CONDITIONAL(BUILD_G13,   test "$build_g13" = "yes")
-AM_CONDITIONAL(BUILD_TOOLS, test "$build_tools" = "yes")
-AM_CONDITIONAL(BUILD_DOC,   test "$build_doc" = "yes")
+AM_CONDITIONAL(BUILD_GPG,         test "$build_gpg" = "yes")
+AM_CONDITIONAL(BUILD_GPGSM,       test "$build_gpgsm" = "yes")
+AM_CONDITIONAL(BUILD_AGENT,       test "$build_agent" = "yes")
+AM_CONDITIONAL(BUILD_SCDAEMON,    test "$build_scdaemon" = "yes")
+AM_CONDITIONAL(BUILD_G13,         test "$build_g13" = "yes")
+AM_CONDITIONAL(BUILD_DIRMNGR,     test "$build_dirmngr" = "yes")
+AM_CONDITIONAL(BUILD_TOOLS,       test "$build_tools" = "yes")
+AM_CONDITIONAL(BUILD_DOC,         test "$build_doc" = "yes")
 AM_CONDITIONAL(BUILD_SYMCRYPTRUN, test "$build_symcryptrun" = "yes")
-AM_CONDITIONAL(BUILD_GPGTAR,test "$build_gpgtar" = "yes")
+AM_CONDITIONAL(BUILD_GPGTAR,      test "$build_gpgtar" = "yes")
 
 AM_CONDITIONAL(RUN_GPG_TESTS,
-	test x$cross_compiling = xno -a "$build_gpg" = yes )
+               test x$cross_compiling = xno -a "$build_gpg" = yes )
 
 
 #
@@ -1524,6 +1551,16 @@
 *** (at least version $NEED_KSBA_VERSION using API $NEED_KSBA_API is required).
 ***]])
 fi
+if test "$gnupg_have_ldap" = "no"; then
+    die=yes
+    AC_MSG_NOTICE([[
+***
+*** You need a LDAP library to build this program.
+*** Check out 
+***    http://www.openldap.org 
+*** for a suitable implementation. 
+***]])
+fi
 if test "$missing_pth" = "yes"; then
     AC_MSG_NOTICE([[
 ***
@@ -1562,6 +1599,7 @@
 agent/Makefile
 scd/Makefile
 g13/Makefile
+dirmngr/Makefile
 keyserver/Makefile
 keyserver/gpg2keys_mailto
 keyserver/gpg2keys_test
@@ -1585,9 +1623,11 @@
         Agent:     $build_agent $build_agent_threaded
         Smartcard: $build_scdaemon $build_scdaemon_extra
         G13:       $build_g13
+        Dirmngr:   $build_dirmngr
         Gpgtar:    $build_gpgtar
 
         Protect tool:      $show_gnupg_protect_tool_pgm
+        LDAP wrapper:      $show_gnupg_dirmngr_ldap_pgm
         Default agent:     $show_gnupg_agent_pgm
         Default pinentry:  $show_gnupg_pinentry_pgm
         Default scdaemon:  $show_gnupg_scdaemon_pgm

Added: trunk/dirmngr/ChangeLog
===================================================================
--- trunk/dirmngr/ChangeLog	                        (rev 0)
+++ trunk/dirmngr/ChangeLog	2010-06-09 16:53:51 UTC (rev 5351)
@@ -0,0 +1,1345 @@
+2010-06-09  Werner Koch  <wk at g10code.com>
+
+	* i18n.h: Remove.
+
+	* Makefile.am (no-libgcrypt.c): New rule.
+
+	* exechelp.h: Remove.
+	* exechelp.c: Remove.
+	(dirmngr_release_process): Change callers to use the gnupg func.
+	(dirmngr_wait_process): Likewise.
+	(dirmngr_kill_process): Likewise.  This actually implements it for
+	W32.
+	* ldap.c (ldap_wrapper): s/get_dirmngr_ldap_path/gnupg_module_name/.
+	(ldap_wrapper_thread): Use gnupg_wait_process and adjust for
+	changed semantics.
+	(ldap_wrapper): Replace xcalloc by xtrycalloc.  Replace spawn
+	mechanism.
+
+	* server.c (start_command_handler): Remove assuan_set_log_stream.
+
+	* validate.c: Remove gcrypt.h and ksba.h.
+
+	* ldapserver.c: s/util.h/dirmngr.h/.
+
+	* dirmngr.c (sleep) [W32]: Remove macro.
+	(main): s/sleep/gnupg_sleep/.
+	(pid_suffix_callback): Change arg type.
+	(my_gcry_logger): Remove.
+	(fixed_gcry_pth_init): New.
+	(main): Use it.
+	(FD2INT): Remove.
+
+2010-06-08  Werner Koch  <wk at g10code.com>
+
+	* misc.h (copy_time): Remove and replace by gnupg_copy_time which
+	allows to set a null date.
+	* misc.c (dump_isotime, get_time, get_isotime, set_time)
+	(check_isotime, add_isotime): Remove and replace all calls by the
+	versions from common/gettime.c.
+
+	* crlcache.c, misc.c, misc.h: s/dirmngr_isotime_t/gnupg_isotime_t/.
+	* server.c, ldap.c: Reorder include directives.
+	* crlcache.h, misc.h: Remove all include directives.
+
+	* certcache.c (cmp_simple_canon_sexp): Remove.
+	(compare_serialno): Rewrite using cmp_simple_canon_sexp from
+	common/sexputil.c
+
+	* error.h: Remove.
+
+	* dirmngr.c: Remove transitional option "--ignore-ocsp-servic-url".
+	(opts): Use ARGPARSE macros.
+	(i18n_init): Remove.
+	(main): Use GnuPG init functions.
+
+	* dirmngr.h: Remove duplicated stuff now taken from ../common.
+
+	* get-path.c, util.h: Remove.
+
+	* Makefile.am: Adjust to GnuPG system.
+	* estream.c, estream.h, estream-printf.c, estream-printf.h: Remove.
+
+2010-06-07  Werner Koch  <wk at g10code.com>
+
+	* OAUTHORS, ONEWS, ChangeLog.1: New.
+
+	* ChangeLog, Makefile.am, b64dec.c, b64enc.c, cdb.h, cdblib.c
+	* certcache.c, certcache.h, crlcache.c, crlcache.h, crlfetch.c
+	* crlfetch.h, dirmngr-client.c, dirmngr.c, dirmngr.h
+	* dirmngr_ldap.c, error.h, estream-printf.c, estream-printf.h
+	* estream.c, estream.h, exechelp.c, exechelp.h, get-path.c, http.c
+	* http.h, i18n.h, ldap-url.c, ldap-url.h, ldap.c, ldapserver.c
+	* ldapserver.h, misc.c, misc.h, ocsp.c, ocsp.h, server.c, util.h
+	* validate.c, validate.h: Imported from the current SVN of the
+	dirmngr package (only src/).
+
+2010-03-13  Werner Koch  <wk at g10code.com>
+
+	* dirmngr.c (int_and_ptr_u): New.
+	(pid_suffix_callback): Trick out compiler.
+	(start_connection_thread): Ditto.
+	(handle_connections): Ditto.
+
+2010-03-09  Werner Koch  <wk at g10code.com>
+
+	* dirmngr.c (set_debug): Allow numerical values.
+
+2009-12-15  Werner Koch  <wk at g10code.com>
+
+	* dirmngr.c: Add option --ignore-cert-extension.
+	(parse_rereadable_options): Implement.
+	* dirmngr.h (opt): Add IGNORED_CERT_EXTENSIONS.
+	* validate.c (unknown_criticals): Handle ignored extensions.
+
+2009-12-08  Marcus Brinkmann  <marcus at g10code.de>
+
+	* dirmngr-client.c (start_dirmngr): Convert posix FDs to assuan fds.
+
+2009-11-25  Marcus Brinkmann  <marcus at g10code.de>
+
+	* server.c (start_command_handler): Use assuan_fd_t and
+	assuan_fdopen on fds.
+
+2009-11-05  Marcus Brinkmann  <marcus at g10code.de>
+
+	* server.c (start_command_handler): Update use of
+	assuan_init_socket_server.
+	* dirmngr-client.c (start_dirmngr): Update use of
+	assuan_pipe_connect and assuan_socket_connect.
+
+2009-11-04  Werner Koch  <wk at g10code.com>
+
+	* server.c (register_commands): Add help arg to
+	assuan_register_command.  Change all command comments to strings.
+
+2009-11-02  Marcus Brinkmann  <marcus at g10code.de>
+
+	* server.c (reset_notify): Take LINE argument, return gpg_error_t.
+
+2009-10-16  Marcus Brinkmann  <marcus at g10code.com>
+
+	* Makefile.am: (dirmngr_LDADD): Link to $(LIBASSUAN_LIBS) instead
+	of $(LIBASSUAN_PTH_LIBS).
+	* dirmngr.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
+	(main): Call assuan_set_system_hooks and assuan_sock_init.
+
+2009-09-22  Marcus Brinkmann  <marcus at g10code.de>
+
+	* dirmngr.c (main): Update to new Assuan interface.
+	* server.c (option_handler, cmd_ldapserver, cmd_isvalid)
+	(cmd_checkcrl, cmd_checkocsp, cmd_lookup, cmd_loadcrl)
+	(cmd_listcrls, cmd_cachecert, cmd_validate): Return gpg_error_t
+	instead int.
+	(register_commands): Likewise for member HANDLER.
+	(start_command_handler): Allocate context with assuan_new before
+	starting server.  Release on error.
+	* dirmngr-client.c (main): Update to new Assuan interface.
+	(start_dirmngr): Allocate context with assuan_new before
+	connecting to server.  Release on error.
+
+2009-08-12  Werner Koch  <wk at g10code.com>
+
+	* dirmngr-client.c (squid_loop_body): Flush stdout.  Suggested by
+	Philip Shin.
+
+2009-08-07  Werner Koch  <wk at g10code.com>
+
+	* crlfetch.c (my_es_read): Add explicit check for EOF.
+
+	* http.c (struct http_context_s): Turn IN_DATA and IS_HTTP_0_9 to
+	bit fields.
+	(struct cookie_s): Add CONTENT_LENGTH_VALID and CONTENT_LENGTH.
+	(parse_response): Parse the Content-Length header.
+	(cookie_read): Handle content length.
+	(http_open): Make NEED_HEADER the semi-default.
+
+	* http.h (HTTP_FLAG_IGNORE_CL): New.
+
+2009-08-04  Werner Koch  <wk at g10code.com>
+
+	* ldap.c (ldap_wrapper_thread): Factor some code out to ...
+	(read_log_data): ... new.  Close the log fd on error.
+	(ldap_wrapper_thread): Delay cleanup until the log fd is closed.
+	(SAFE_PTH_CLOSE): New.  Use it instead of pth_close.
+
+2009-07-31  Werner Koch  <wk at g10code.com>
+
+	* server.c (cmd_loadcrl): Add option --url.
+	* dirmngr-client.c (do_loadcrl): Make use of --url.
+
+	* crlfetch.c (crl_fetch): Remove HTTP_FLAG_NO_SHUTDOWN.  Add
+	flag HTTP_FLAG_LOG_RESP with active DBG_LOOKUP.
+
+	* http.c: Require estream.  Remove P_ES macro.
+	(write_server): Remove.
+	(my_read_line): Remove.  Replace all callers by es_read_line.
+	(send_request): Use es_asprintf.  Always store the cookie.
+	(http_wait_response): Remove the need to dup the socket.  USe new
+	shutdown flag.
+	* http.h (HTTP_FLAG_NO_SHUTDOWN): Rename to HTTP_FLAG_SHUTDOWN.
+
+	* estream.c, estream.h, estream-printf.c, estream-printf.h: Update
+	from current libestream.  This is provide es_asprintf.
+
+2009-07-20  Werner Koch  <wk at g10code.com>
+
+	* dirmngr.c (pid_suffix_callback): New.
+	(main): Use log_set_pid_suffix_cb.
+	(start_connection_thread): Put the fd into the tls.
+
+	* ldap.c (ldap_wrapper_thread): Print ldap worker stati.
+	(ldap_wrapper_release_context): Print a debug info.
+	(end_cert_fetch_ldap): Release the reader.  Might fix bug#999.
+
+2009-06-17  Werner Koch  <wk at g10code.com>
+
+	* util.h: Remove unused dotlock.h.
+
+2009-05-26  Werner Koch  <wk at g10code.com>
+
+	* ldap.c (ldap_wrapper): Show reader object in diagnostics.
+	* crlcache.c (crl_cache_reload_crl): Ditto.  Change debug messages
+	to regular diagnostics.
+	* dirmngr_ldap.c (print_ldap_entries): Add extra diagnostics.
+
+2009-04-03  Werner Koch  <wk at g10code.com>
+
+	* dirmngr.h (struct server_local_s): Move back to ...
+	* server.c (struct server_local_s): ... here.
+	(get_ldapservers_from_ctrl): New.
+	* ldapserver.h (ldapserver_iter_begin): Use it.
+
+2008-10-29  Marcus Brinkmann  <marcus at g10code.de>
+
+	* estream.c (es_getline): Add explicit cast to silence gcc -W
+	warning.
+	* crlcache.c (finish_sig_check): Likewise.
+
+	* dirmngr.c (opts): Add missing initializer to silence gcc
+	-W warning.
+	* server.c (register_commands): Likewise.
+	* dirmngr-client.c (opts): Likewise.
+	* dirmngr_ldap.c (opts): Likewise.
+
+	* dirmngr-client.c (status_cb, inq_cert, data_cb): Change return
+	type to gpg_error_t to silence gcc warning.
+
+2008-10-21  Werner Koch  <wk at g10code.com>
+
+	* certcache.c (load_certs_from_dir): Accept ".der" files.
+
+	* server.c (get_istrusted_from_client): New.
+	* validate.c (validate_cert_chain): Add new optional arg
+	R_TRUST_ANCHOR.  Adjust all callers
+	* crlcache.c (crl_cache_entry_s): Add fields USER_TRUST_REQ
+	and CHECK_TRUST_ANCHOR.
+	(release_one_cache_entry): Release CHECK_TRUST_ANCHOR.
+	(list_one_crl_entry): Print info about the new fields.
+	(open_dir, write_dir_line_crl): Support the new U-flag.
+	(crl_parse_insert): Add arg R_TRUST_ANCHOR and set it accordingly.
+	(crl_cache_insert): Store trust anchor in entry object.
+	(cache_isvalid): Ask client for trust is needed.
+
+	* crlcache.c (open_dir): Replace xcalloc by xtrycalloc.
+	(next_line_from_file): Ditt.  Add arg to return the gpg error.
+	Change all callers.
+	(update_dir): Replace sprintf and malloc by estream_asprintf.
+	(crl_cache_insert): Ditto.
+	(crl_cache_isvalid): Replace xmalloc by xtrymalloc.
+	(get_auth_key_id): Ditto.
+	(crl_cache_insert): Ditto.
+
+	* crlcache.c (start_sig_check): Remove HAVE_GCRY_MD_DEBUG test.
+	* validate.c (check_cert_sig): Ditto.  Remove workaround for bug
+	in libgcrypt 1.2.
+
+	* estream.c, estream.h, estream-printf.c, estream-printf.h: Update
+	from current libestream (svn rev 61).
+
+2008-09-30  Marcus Brinkmann  <marcus at g10code.com>
+
+	* get-path.c (get_dirmngr_ldap_path): Revert last change.
+	Instead, use dirmngr_libexecdir().
+	(find_program_at_standard_place): Don't define for now.
+
+2008-09-30  Marcus Brinkmann  <marcus at g10code.com>
+
+	* get-path.c (dirmngr_cachedir): Make COMP a pointer to const to
+	silence gcc warning.
+	(get_dirmngr_ldap_path): Look for dirmngr_ldap in the installation
+	directory.
+
+2008-08-06  Marcus Brinkmann  <marcus at g10code.com>
+
+	* dirmngr.c (main): Mark the ldapserverlist-file option as
+	read-only.
+
+2008-07-31  Werner Koch  <wk at g10code.com>
+
+	* crlcache.c (start_sig_check) [!HAVE_GCRY_MD_DEBUG]: Use
+	gcry_md_start_debug
+
+2008-06-16  Werner Koch  <wk at g10code.com>
+
+	* get-path.c (w32_commondir): New.
+	(dirmngr_sysconfdir): Use it here.
+	(dirmngr_datadir): Ditto.
+
+2008-06-12  Marcus Brinkmann  <marcus at g10code.de>
+
+	* Makefile.am (dirmngr_SOURCES): Add ldapserver.h and ldapserver.c.
+	* ldapserver.h, ldapserver.c: New files.
+	* ldap.c: Include "ldapserver.h".
+	(url_fetch_ldap): Use iterator to get session servers as well.
+	(attr_fetch_ldap, start_default_fetch_ldap): Likewise.
+	* dirmngr.c: Include "ldapserver.h".
+	(free_ldapservers_list): Removed.  Change callers to
+	ldapserver_list_free.
+	(parse_ldapserver_file): Use ldapserver_parse_one.
+	* server.c: Include "ldapserver.h".
+	(cmd_ldapserver): New command.
+	(register_commands): Add new command LDAPSERVER.
+	(reset_notify): New function.
+	(start_command_handler): Register reset notify handler.
+	Deallocate session server list.
+	(lookup_cert_by_pattern): Use iterator to get session servers as well.
+	(struct server_local_s): Move to ...
+	* dirmngr.h (struct server_local_s): ... here.  Add new member
+	ldapservers.
+
+2008-06-10  Werner Koch  <wk at g10code.com>
+
+	Support PEM encoded CRLs.  Fixes bug#927.
+
+	* crlfetch.c (struct reader_cb_context_s): New.
+	(struct file_reader_map_s): Replace FP by new context.
+	(register_file_reader, get_file_reader): Adjust accordingly.
+	(my_es_read): Detect Base64 encoded CRL and decode if needed.
+	(crl_fetch): Pass new context to the callback.
+	(crl_close_reader): Cleanup the new context.
+	* b64dec.c: New.  Taken from GnuPG.
+	* util.h (struct b64state): Add new fields STOP_SEEN and
+	INVALID_ENCODING.
+
+2008-05-26  Marcus Brinkmann  <marcus at g10code.com>
+
+	* dirmngr.c (main) [HAVE_W32_SYSTEM]: Switch to system
+	configuration on gpgconf related commands, and make all options
+	unchangeable.
+
+2008-03-25  Marcus Brinkmann  <marcus at g10code.de>
+
+	* dirmngr_ldap.c (print_ldap_entries): Add code alternative for
+	W32 console stdout (unused at this point).
+
+2008-03-21  Marcus Brinkmann  <marcus at g10code.de>
+
+	* estream.c (ESTREAM_MUTEX_DESTROY): New macro.
+	(es_create, es_destroy): Use it.
+
+2008-02-21  Werner Koch  <wk at g10code.com>
+
+	* validate.c (check_cert_sig) [HAVE_GCRY_MD_DEBUG]: Use new debug
+	function if available.
+
+	* crlcache.c (abort_sig_check): Mark unused arg.
+
+	* exechelp.c (dirmngr_release_process) [!W32]: Mark unsed arg.
+
+	* validate.c (is_root_cert): New.  Taken from GnuPG.
+	(validate_cert_chain): Use it in place of the simple DN compare.
+
+2008-02-15  Marcus Brinkmann  <marcus at g10code.de>
+
+	* dirmngr.c (main): Reinitialize assuan log stream if necessary.
+
+	* crlcache.c (update_dir) [HAVE_W32_SYSTEM]: Remove destination
+	file before rename.
+	(crl_cache_insert) [HAVE_W32_SYSTEM]: Remove destination file
+	before rename.
+
+2008-02-14  Marcus Brinkmann  <marcus at g10code.de>
+
+	* validate.c (check_cert_policy): Use ksba_free instead of xfree.
+	(validate_cert_chain): Likewise.  Free SUBJECT on error.
+	(cert_usage_p): Likewise.
+
+	* crlcache.c (finish_sig_check): Undo last change.
+	(finish_sig_check): Close md.
+	(abort_sig_check): New function.
+	(crl_parse_insert): Use abort_sig_check to clean up.
+
+	* crlcache.c (crl_cache_insert): Clean up CDB on error.
+
+2008-02-13  Marcus Brinkmann  <marcus at g10code.de>
+
+	* crlcache.c (finish_sig_check): Call gcry_md_stop_debug.
+	* exechelp.h (dirmngr_release_process): New prototype.
+	* exechelp.c (dirmngr_release_process): New function.
+	* ldap.c (ldap_wrapper_thread): Release pid.
+	(destroy_wrapper): Likewise.
+
+	* dirmngr.c (launch_reaper_thread): Destroy tattr.
+	(handle_connections): Likewise.
+
+2008-02-12  Marcus Brinkmann  <marcus at g10code.de>
+
+	* ldap.c (pth_close) [! HAVE_W32_SYSTEM]: New macro.
+	(struct wrapper_context_s): New member log_ev.
+	(destroy_wrapper): Check FDs for != -1 rather than != 0.  Use
+	pth_close instead of close.  Free CTX->log_ev.
+	(ldap_wrapper_thread): Rewritten to use pth_wait instead of
+	select.  Also use pth_read instead of read and pth_close instead
+	of close.
+	(ldap_wrapper): Initialize CTX->log_ev.
+	(reader_callback): Use pth_close instead of close.
+	* exechelp.c (create_inheritable_pipe) [HAVE_W32_SYSTEM]: Removed.
+	(dirmngr_spawn_process) [HAVE_W32_SYSTEM]: Use pth_pipe instead.
+	* dirmngr_ldap.c [HAVE_W32_SYSTEM]: Include <fcntl.h>.
+	(main) [HAVE_W32_SYSTEM]: Set mode of stdout to binary.
+
+2008-02-01  Werner Koch  <wk at g10code.com>
+
+	* ldap.c: Remove all ldap headers as they are unused.
+
+	* dirmngr_ldap.c (LDAP_DEPRECATED): New, to have OpenLDAP use the
+	old standard API.
+
+2008-01-10  Werner Koch  <wk at g10code.com>
+
+	* dirmngr-client.c: New option --local.
+	(do_lookup): Use it.
+
+	* server.c (lookup_cert_by_pattern): Implement local lookup.
+	(return_one_cert): New.
+	* certcache.c (hexsn_to_sexp): New.
+	(classify_pattern, get_certs_bypattern): New.
+
+	* misc.c (unhexify): Allow passing NULL for RESULT.
+	(cert_log_subject): Do not call ksba_free on an unused variable.
+
+2008-01-02  Marcus Brinkmann  <marcus at g10code.de>
+
+	* Makefile.am (dirmngr_LDADD, dirmngr_ldap_LDADD)
+	(dirmngr_client_LDADD): Add $(LIBICONV).  Reported by Michael
+	Nottebrock.
+
+2007-12-11  Werner Koch  <wk at g10code.com>
+
+	* server.c (option_handler): New option audit-events.
+	* dirmngr.h (struct server_control_s): Add member AUDIT_EVENTS.
+
+2007-11-26  Marcus Brinkmann  <marcus at g10code.de>
+
+	* get-path.c (dirmngr_cachedir): Create intermediate directories.
+	(default_socket_name): Use CSIDL_WINDOWS.
+
+2007-11-21  Werner Koch  <wk at g10code.com>
+
+	* server.c (lookup_cert_by_pattern): Add args SINGLE and CACHE_ONLY.
+	(cmd_lookup): Add options --single and --cache-only.
+
+2007-11-16  Werner Koch  <wk at g10code.com>
+
+	* certcache.c (load_certs_from_dir): Also log the subject DN.
+	* misc.c (cert_log_subject): New.
+
+2007-11-14  Werner Koch  <wk at g10code.com>
+
+	* dirmngr-client.c: Replace --lookup-url by --url.
+	(main): Remove extra code for --lookup-url.
+	(do_lookup): Remove LOOKUP_URL arg and use the
+	global option OPT.URL.
+
+	* server.c (has_leading_option): New.
+	(cmd_lookup): Use it.
+
+	* crlfetch.c (fetch_cert_by_url): Use GPG_ERR_INV_CERT_OBJ.
+	(fetch_cert_by_url): Use gpg_error_from_syserror.
+
+2007-11-14  Moritz  <moritz at gnu.org>  (wk)
+
+	* dirmngr-client.c: New command: --lookup-url <URL>.
+	(do_lookup): New parameter: lookup_url.  If TRUE, include "--url"
+	switch in LOOKUP transaction.
+	(enum): New entry: oLookupUrl.
+	(opts): Likewise.
+	(main): Handle oLookupUrl.  New variable: cmd_lookup_url, set
+	during option parsing, pass to do_lookup() and substitute some
+	occurences of "cmd_lookup" with "cmd_lookup OR cmd_lookup_url".
+	* crlfetch.c (fetch_cert_by_url): New function, uses
+	url_fetch_ldap() to create a reader object and libksba functions
+	to read a single cert from that reader.
+	* server.c (lookup_cert_by_url, lookup_cert_by_pattern): New
+	functions.
+	(cmd_lookup): Moved almost complete code ...
+	(lookup_cert_by_pattern): ... here.
+	(cmd_lookup): Support new optional argument: --url.  Depending on
+	the presence of that switch, call lookup_cert_by_url() or
+	lookup_cert_by_pattern().
+	(lookup_cert_by_url): Heavily stripped down version of
+	lookup_cert_by_pattern(), using fetch_cert_by_url.
+
+2007-10-24  Marcus Brinkmann  <marcus at g10code.de>
+
+	* exechelp.c (dirmngr_spawn_process): Fix child handles.
+
+2007-10-05  Marcus Brinkmann  <marcus at g10code.de>
+
+	* dirmngr.h: Include assuan.h.
+	(start_command_handler): Change type of FD to assuan_fd_t.
+	* dirmngr.c: Do not include w32-afunix.h.
+        (socket_nonce): New global variable.
+        (create_server_socket): Use assuan socket wrappers.  Remove W32
+	specific stuff.  Save the server nonce.
+        (check_nonce): New function.
+        (start_connection_thread): Call it.
+        (handle_connections): Change args to assuan_fd_t.
+	* server.c (start_command_handler): Change type of FD to assuan_fd_t.




More information about the Gnupg-commits mailing list