[git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-360-g59b4fb5
by Werner Koch
cvs at cvs.gnupg.org
Fri Mar 14 17:00:58 CET 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 59b4fb5f4927908af06bb80ecd86adbf6e54ba14 (commit)
via d7fbefeb82833db9eea8b15dc7889ecf0b7ffab4 (commit)
via a401f768ca8e218eef7a5c87a8f99cb1d6b4aaeb (commit)
via 5d321eb00be0774418de1a05678ac0ec44d7193b (commit)
via 6dd5d99a61f24aff862ccba9f7410d7f1af87c05 (commit)
from fb56a273b1f2b3a99dc1d1a0850378ab7625e6b9 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 59b4fb5f4927908af06bb80ecd86adbf6e54ba14
Author: Werner Koch <wk at gnupg.org>
Date: Fri Mar 14 17:00:10 2014 +0100
dirmngr: Make use of IPv4 and IPV6 more explicit.
* common/http.c (connect_server): Handle the new flags.
* common/http.h (HTTP_FLAG_IGNORE_IPv4, HTTP_FLAG_IGNORE_IPv4): New.
* dirmngr/ks-engine-hkp.c (map_host): Add arg r_httpflags.
(make_host_part): Ditto.
(send_request): Add arg httpflags.
(ks_hkp_search, ks_hkp_get, ks_hkp_put): Handle httpflags.
diff --git a/common/http.c b/common/http.c
index d95a2fb..5410141 100644
--- a/common/http.c
+++ b/common/http.c
@@ -1,6 +1,7 @@
/* http.c - HTTP protocol handler
* Copyright (C) 1999, 2001, 2002, 2003, 2004, 2006, 2009, 2010,
* 2011 Free Software Foundation, Inc.
+ * Copyright (C) 2014 Werner Koch
*
* This file is part of GnuPG.
*
@@ -1706,8 +1707,6 @@ connect_server (const char *server, unsigned short port,
#ifdef HAVE_W32_SYSTEM
unsigned long inaddr;
#endif
- /* Not currently using the flags */
- (void)flags;
*r_host_not_found = 0;
#ifdef HAVE_W32_SYSTEM
@@ -1790,6 +1789,11 @@ connect_server (const char *server, unsigned short port,
for (ai = res; ai && !connected; ai = ai->ai_next)
{
+ if (ai->ai_family == AF_INET && (flags & HTTP_FLAG_IGNORE_IPv4))
+ continue;
+ if (ai->ai_family == AF_INET6 && (flags & HTTP_FLAG_IGNORE_IPv6))
+ continue;
+
if (sock != -1)
sock_close (sock);
sock = socket (ai->ai_family, ai->ai_socktype, ai->ai_protocol);
diff --git a/common/http.h b/common/http.h
index bea9f07..224128b 100644
--- a/common/http.h
+++ b/common/http.h
@@ -74,10 +74,12 @@ http_req_t;
/* We put the flag values into an enum, so that gdb can display them. */
enum
{
- HTTP_FLAG_TRY_PROXY = 1,
- HTTP_FLAG_SHUTDOWN = 2,
- HTTP_FLAG_LOG_RESP = 8,
- HTTP_FLAG_IGNORE_CL = 32
+ HTTP_FLAG_TRY_PROXY = 1, /* Try to use a proxy. */
+ HTTP_FLAG_SHUTDOWN = 2, /* Close sending end after the request. */
+ HTTP_FLAG_LOG_RESP = 8, /* Log the server respone. */
+ HTTP_FLAG_IGNORE_CL = 32, /* Ignore content-length. */
+ HTTP_FLAG_IGNORE_IPv4 = 64, /* Do not use IPv4. */
+ HTTP_FLAG_IGNORE_IPv6 = 128 /* Do not use IPv6. */
};
struct http_context_s;
diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
index 0b2850c..7b67302 100644
--- a/dirmngr/ks-engine-hkp.c
+++ b/dirmngr/ks-engine-hkp.c
@@ -249,13 +249,18 @@ my_getnameinfo (struct addrinfo *ai, char *host, size_t hostlen)
to choose one of the hosts. For example we skip those hosts which
failed for some time and we stick to one host for a time
independent of DNS retry times. If FORCE_RESELECT is true a new
- host is always selected. */
+ host is always selected. If R_HTTPFLAGS is not NULL if will
+ received flags which are to be passed to http_open. */
static char *
-map_host (ctrl_t ctrl, const char *name, int force_reselect)
+map_host (ctrl_t ctrl, const char *name, int force_reselect,
+ unsigned int *r_httpflags)
{
hostinfo_t hi;
int idx;
+ if (r_httpflags)
+ *r_httpflags = 0;
+
/* No hostname means localhost. */
if (!name || !*name)
return xtrystrdup ("localhost");
@@ -406,6 +411,18 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect)
return NULL;
}
+ if (r_httpflags)
+ {
+ /* If the hosttable does not indicate that a certain host
+ supports IPv<N>, we explicit set the corresponding http
+ flags. The reason for this is that a host might be listed in
+ a pool as not v6 only but actually support v6 when later
+ resolved the name is resolved by our http layer. */
+ if (!hi->v4)
+ *r_httpflags |= HTTP_FLAG_IGNORE_IPv4;
+ if (!hi->v6)
+ *r_httpflags |= HTTP_FLAG_IGNORE_IPv6;
+ }
return xtrystrdup (hi->name);
}
@@ -605,7 +622,7 @@ ks_hkp_help (ctrl_t ctrl, parsed_uri_t uri)
static char *
make_host_part (ctrl_t ctrl,
const char *scheme, const char *host, unsigned short port,
- int force_reselect)
+ int force_reselect, unsigned int *r_httpflags)
{
char portstr[10];
char *hostname;
@@ -629,7 +646,7 @@ make_host_part (ctrl_t ctrl,
/*fixme_do_srv_lookup ()*/
}
- hostname = map_host (ctrl, host, force_reselect);
+ hostname = map_host (ctrl, host, force_reselect, r_httpflags);
if (!hostname)
return NULL;
@@ -648,7 +665,7 @@ ks_hkp_resolve (ctrl_t ctrl, parsed_uri_t uri)
gpg_error_t err;
char *hostport = NULL;
- hostport = make_host_part (ctrl, uri->scheme, uri->host, uri->port, 1);
+ hostport = make_host_part (ctrl, uri->scheme, uri->host, uri->port, 1, NULL);
if (!hostport)
{
err = gpg_error_from_syserror ();
@@ -671,6 +688,7 @@ ks_hkp_resolve (ctrl_t ctrl, parsed_uri_t uri)
writing the post data. */
static gpg_error_t
send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
+ unsigned int httpflags,
gpg_error_t (*post_cb)(void *, http_t), void *post_cb_value,
estream_t *r_fp)
{
@@ -687,7 +705,7 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
post_cb? HTTP_REQ_POST : HTTP_REQ_GET,
request,
/* fixme: AUTH */ NULL,
- 0,
+ httpflags,
/* fixme: proxy*/ NULL,
NULL, NULL,
/*FIXME curl->srvtag*/NULL);
@@ -892,6 +910,7 @@ ks_hkp_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
char *request = NULL;
estream_t fp = NULL;
int reselect;
+ unsigned int httpflags;
unsigned int tries = SEND_REQUEST_RETRIES;
*r_fp = NULL;
@@ -941,7 +960,7 @@ ks_hkp_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
xfree (hostport);
hostport = make_host_part (ctrl, uri->scheme, uri->host, uri->port,
- reselect);
+ reselect, &httpflags);
if (!hostport)
{
err = gpg_error_from_syserror ();
@@ -969,7 +988,7 @@ ks_hkp_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
}
/* Send the request. */
- err = send_request (ctrl, request, hostport, NULL, NULL, &fp);
+ err = send_request (ctrl, request, hostport, httpflags, NULL, NULL, &fp);
if (handle_send_request_error (err, request, &tries))
{
reselect = 1;
@@ -1026,6 +1045,7 @@ ks_hkp_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec, estream_t *r_fp)
char *request = NULL;
estream_t fp = NULL;
int reselect;
+ unsigned int httpflags;
unsigned int tries = SEND_REQUEST_RETRIES;
*r_fp = NULL;
@@ -1062,7 +1082,8 @@ ks_hkp_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec, estream_t *r_fp)
again:
/* Build the request string. */
xfree (hostport);
- hostport = make_host_part (ctrl, uri->scheme, uri->host, uri->port, reselect);
+ hostport = make_host_part (ctrl, uri->scheme, uri->host, uri->port,
+ reselect, &httpflags);
if (!hostport)
{
err = gpg_error_from_syserror ();
@@ -1081,7 +1102,7 @@ ks_hkp_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec, estream_t *r_fp)
}
/* Send the request. */
- err = send_request (ctrl, request, hostport, NULL, NULL, &fp);
+ err = send_request (ctrl, request, hostport, httpflags, NULL, NULL, &fp);
if (handle_send_request_error (err, request, &tries))
{
reselect = 1;
@@ -1148,6 +1169,7 @@ ks_hkp_put (ctrl_t ctrl, parsed_uri_t uri, const void *data, size_t datalen)
struct put_post_parm_s parm;
char *armored = NULL;
int reselect;
+ unsigned int httpflags;
unsigned int tries = SEND_REQUEST_RETRIES;
parm.datastring = NULL;
@@ -1169,7 +1191,8 @@ ks_hkp_put (ctrl_t ctrl, parsed_uri_t uri, const void *data, size_t datalen)
reselect = 0;
again:
xfree (hostport);
- hostport = make_host_part (ctrl, uri->scheme, uri->host, uri->port, reselect);
+ hostport = make_host_part (ctrl, uri->scheme, uri->host, uri->port,
+ reselect, &httpflags);
if (!hostport)
{
err = gpg_error_from_syserror ();
@@ -1185,7 +1208,7 @@ ks_hkp_put (ctrl_t ctrl, parsed_uri_t uri, const void *data, size_t datalen)
}
/* Send the request. */
- err = send_request (ctrl, request, hostport, put_post_cb, &parm, &fp);
+ err = send_request (ctrl, request, hostport, 0, put_post_cb, &parm, &fp);
if (handle_send_request_error (err, request, &tries))
{
reselect = 1;
commit d7fbefeb82833db9eea8b15dc7889ecf0b7ffab4
Author: Werner Koch <wk at gnupg.org>
Date: Fri Mar 14 16:22:54 2014 +0100
dirmngr: Do not use brackets around legacy IP addresses.
* dirmngr/ks-engine-hkp.c (my_getnameinfo): Change args to take a
complete addrinfo. Bracket only v6 addresses. Change caller.
diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
index 5c45435..0b2850c 100644
--- a/dirmngr/ks-engine-hkp.c
+++ b/dirmngr/ks-engine-hkp.c
@@ -214,23 +214,29 @@ select_random_host (int *table)
for TMPHOST which is 2 bytes larger than the the largest hostname.
returns 0 on success or an EAI error code. */
static int
-my_getnameinfo (const struct sockaddr *sa, socklen_t salen,
- char *host, size_t hostlen)
+my_getnameinfo (struct addrinfo *ai, char *host, size_t hostlen)
{
int ec;
+ char *p;
if (hostlen < 5)
return EAI_OVERFLOW;
- ec = getnameinfo (sa, salen, host, hostlen, NULL, 0, NI_NAMEREQD);
+ ec = getnameinfo (ai->ai_addr, ai->ai_addrlen,
+ host, hostlen, NULL, 0, NI_NAMEREQD);
if (!ec && *host == '[')
ec = EAI_FAIL; /* A name may never start with a bracket. */
else if (ec == EAI_NONAME)
{
- *host = '[';
- ec = getnameinfo (sa, salen, host + 1, hostlen - 2,
- NULL, 0, NI_NUMERICHOST);
- if (!ec)
+ p = host;
+ if (ai->ai_family == AF_INET6)
+ {
+ *p++ = '[';
+ hostlen -= 2;
+ }
+ ec = getnameinfo (ai->ai_addr, ai->ai_addrlen,
+ p, hostlen, NULL, 0, NI_NUMERICHOST);
+ if (!ec && ai->ai_family == AF_INET6)
strcat (host, "]");
}
@@ -295,8 +301,7 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect)
continue;
dirmngr_tick (ctrl);
- if ((ec = my_getnameinfo (ai->ai_addr, ai->ai_addrlen,
- tmphost, sizeof tmphost)))
+ if ((ec = my_getnameinfo (ai, tmphost, sizeof tmphost)))
{
log_info ("getnameinfo failed while checking '%s': %s\n",
name, gai_strerror (ec));
commit a401f768ca8e218eef7a5c87a8f99cb1d6b4aaeb
Author: Werner Koch <wk at gnupg.org>
Date: Fri Mar 14 16:12:54 2014 +0100
gpg: Print the actual used keyserver address.
* dirmngr/ks-engine-hkp.c (ks_hkp_search, ks_hkp_get): Print SOURCE
status lines.
* g10/call-dirmngr.c (ks_status_parm_s): New.
(ks_search_parm_s): Add field stparm.
(ks_status_cb): New.
(ks_search_data_cb): Send source to the data callback.
(gpg_dirmngr_ks_search): Change callback prototope to include the
SPECIAL arg. Adjust all users. Use ks_status_cb.
(gpg_dirmngr_ks_get): Add arg r_source and use ks_status_cb.
* g10/keyserver.c (search_line_handler): Adjust callback and print
"data source" disgnostic.
(keyserver_get): Print data source diagnostic.
--
It has often been requested that the actually used IP of a keyservers
is shown in with gpg --recv-key and --search-key. This is helpful if
the keyserver is actually a pool of keyservers. This patch does this.
diff --git a/common/stringhelp.c b/common/stringhelp.c
index 2d2b412..7cbf82c 100644
--- a/common/stringhelp.c
+++ b/common/stringhelp.c
@@ -77,7 +77,7 @@ change_slashes (char *name)
/*
- * Check whether STRINGS starts with KEYWORD. The keyword is
+ * Check whether STRING starts with KEYWORD. The keyword is
* delimited by end of string, a space or a tab. Returns NULL if not
* found or a pointer into STRING to the next non-space character
* after the KEYWORD (which may be end of string).
diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
index 28b05e9..5c45435 100644
--- a/dirmngr/ks-engine-hkp.c
+++ b/dirmngr/ks-engine-hkp.c
@@ -454,8 +454,7 @@ mark_host_dead (const char *name)
/* Mark a host in the hosttable as dead or - if ALIVE is true - as
- alive. If the host NAME does not exist a warning status message is
- printed. */
+ alive. */
gpg_error_t
ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive)
{
@@ -974,6 +973,10 @@ ks_hkp_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
if (err)
goto leave;
+ err = dirmngr_status (ctrl, "SOURCE", hostport, NULL);
+ if (err)
+ goto leave;
+
/* Peek at the response. */
{
int c = es_getc (fp);
@@ -1082,6 +1085,10 @@ ks_hkp_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec, estream_t *r_fp)
if (err)
goto leave;
+ err = dirmngr_status (ctrl, "SOURCE", hostport, NULL);
+ if (err)
+ goto leave;
+
/* Return the read stream and close the HTTP context. */
*r_fp = fp;
fp = NULL;
diff --git a/g10/call-dirmngr.c b/g10/call-dirmngr.c
index 9935333..73f829e 100644
--- a/g10/call-dirmngr.c
+++ b/g10/call-dirmngr.c
@@ -40,6 +40,13 @@
#include "call-dirmngr.h"
+/* Parameter structure used to gather status info. */
+struct ks_status_parm_s
+{
+ char *source;
+};
+
+
/* Parameter structure used with the KS_SEARCH command. */
struct ks_search_parm_s
{
@@ -47,8 +54,9 @@ struct ks_search_parm_s
membuf_t saveddata; /* Buffer to build complete lines. */
char *helpbuf; /* NULL or malloced buffer. */
size_t helpbufsize; /* Allocated size of HELPBUF. */
- gpg_error_t (*data_cb)(void*, char*); /* Callback. */
+ gpg_error_t (*data_cb)(void*, int, char*); /* Callback. */
void *data_cb_value; /* First argument for DATA_CB. */
+ struct ks_status_parm_s *stparm; /* Link to the status parameter. */
};
@@ -235,6 +243,29 @@ close_context (ctrl_t ctrl, assuan_context_t ctx)
+/* Status callback for ks_get and ks_search. */
+static gpg_error_t
+ks_status_cb (void *opaque, const char *line)
+{
+ struct ks_status_parm_s *parm = opaque;
+ gpg_error_t err = 0;
+ const char *s;
+
+ if ((s = has_leading_keyword (line, "SOURCE")))
+ {
+ if (!parm->source)
+ {
+ parm->source = xtrystrdup (s);
+ if (!parm->source)
+ err = gpg_error_from_syserror ();
+ }
+ }
+
+ return err;
+}
+
+
+
/* Data callback for the KS_SEARCH command. */
static gpg_error_t
ks_search_data_cb (void *opaque, const void *data, size_t datalen)
@@ -248,6 +279,22 @@ ks_search_data_cb (void *opaque, const void *data, size_t datalen)
if (parm->lasterr)
return 0;
+ if (parm->stparm->source)
+ {
+ err = parm->data_cb (parm->data_cb_value, 1, parm->stparm->source);
+ if (err)
+ {
+ parm->lasterr = err;
+ return err;
+ }
+ /* Clear it so that we won't get back here unless the server
+ accidentally sends a second source status line. Note that
+ will not see all accidentally sent source lines because it
+ depends on whether data lines have been send in between. */
+ xfree (parm->stparm->source);
+ parm->stparm->source = NULL;
+ }
+
if (!data)
return 0; /* Ignore END commands. */
@@ -270,7 +317,7 @@ ks_search_data_cb (void *opaque, const void *data, size_t datalen)
fixedbuf[linelen] = 0;
if (linelen && fixedbuf[linelen-1] == '\r')
fixedbuf[linelen-1] = 0;
- err = parm->data_cb (parm->data_cb_value, fixedbuf);
+ err = parm->data_cb (parm->data_cb_value, 0, fixedbuf);
}
else
{
@@ -289,7 +336,7 @@ ks_search_data_cb (void *opaque, const void *data, size_t datalen)
parm->helpbuf[linelen] = 0;
if (linelen && parm->helpbuf[linelen-1] == '\r')
parm->helpbuf[linelen-1] = 0;
- err = parm->data_cb (parm->data_cb_value, parm->helpbuf);
+ err = parm->data_cb (parm->data_cb_value, 0, parm->helpbuf);
}
if (err)
parm->lasterr = err;
@@ -306,17 +353,18 @@ ks_search_data_cb (void *opaque, const void *data, size_t datalen)
/* Run the KS_SEARCH command using the search string SEARCHSTR. All
data lines are passed to the CB function. That function is called
- with CB_VALUE as its first argument and the decoded data line as
- second argument. The callback function may modify the data line
- and it is guaranteed that this data line is a complete line with a
- terminating 0 character but without the linefeed. NULL is passed
- to the callback to indicate EOF. */
+ with CB_VALUE as its first argument, a 0 as second argument, and
+ the decoded data line as third argument. The callback function may
+ modify the data line and it is guaranteed that this data line is a
+ complete line with a terminating 0 character but without the
+ linefeed. NULL is passed to the callback to indicate EOF. */
gpg_error_t
gpg_dirmngr_ks_search (ctrl_t ctrl, const char *searchstr,
- gpg_error_t (*cb)(void*, char *), void *cb_value)
+ gpg_error_t (*cb)(void*, int, char *), void *cb_value)
{
gpg_error_t err;
assuan_context_t ctx;
+ struct ks_status_parm_s stparm;
struct ks_search_parm_s parm;
char line[ASSUAN_LINELENGTH];
@@ -336,18 +384,21 @@ gpg_dirmngr_ks_search (ctrl_t ctrl, const char *searchstr,
xfree (escsearchstr);
}
+ memset (&stparm, 0, sizeof stparm);
memset (&parm, 0, sizeof parm);
init_membuf (&parm.saveddata, 1024);
parm.data_cb = cb;
parm.data_cb_value = cb_value;
+ parm.stparm = &stparm;
err = assuan_transact (ctx, line, ks_search_data_cb, &parm,
- NULL, NULL, NULL, NULL);
+ NULL, NULL, ks_status_cb, &stparm);
if (!err)
- err = cb (cb_value, NULL); /* Send EOF. */
+ err = cb (cb_value, 0, NULL); /* Send EOF. */
xfree (get_membuf (&parm.saveddata, NULL));
xfree (parm.helpbuf);
+ xfree (stparm.source);
close_context (ctrl, ctx);
return err;
@@ -382,24 +433,32 @@ ks_get_data_cb (void *opaque, const void *data, size_t datalen)
don't need to escape the patterns before sending them to the
server.
+ If R_SOURCE is not NULL the source of the data is stored as a
+ malloced string there. If a source is not known NULL is stored.
+
If there are too many patterns the function returns an error. That
could be fixed by issuing several search commands or by
implementing a different interface. However with long keyids we
are able to ask for (1000-10-1)/(2+8+1) = 90 keys at once. */
gpg_error_t
-gpg_dirmngr_ks_get (ctrl_t ctrl, char **pattern, estream_t *r_fp)
+gpg_dirmngr_ks_get (ctrl_t ctrl, char **pattern,
+ estream_t *r_fp, char **r_source)
{
gpg_error_t err;
assuan_context_t ctx;
+ struct ks_status_parm_s stparm;
struct ks_get_parm_s parm;
char *line = NULL;
size_t linelen;
membuf_t mb;
int idx;
+ memset (&stparm, 0, sizeof stparm);
memset (&parm, 0, sizeof parm);
*r_fp = NULL;
+ if (r_source)
+ *r_source = NULL;
err = open_context (ctrl, &ctx);
if (err)
@@ -433,7 +492,7 @@ gpg_dirmngr_ks_get (ctrl_t ctrl, char **pattern, estream_t *r_fp)
goto leave;
}
err = assuan_transact (ctx, line, ks_get_data_cb, &parm,
- NULL, NULL, NULL, NULL);
+ NULL, NULL, ks_status_cb, &stparm);
if (err)
goto leave;
@@ -441,8 +500,15 @@ gpg_dirmngr_ks_get (ctrl_t ctrl, char **pattern, estream_t *r_fp)
*r_fp = parm.memfp;
parm.memfp = NULL;
+ if (r_source)
+ {
+ *r_source = stparm.source;
+ stparm.source = NULL;
+ }
+
leave:
es_fclose (parm.memfp);
+ xfree (stparm.source);
xfree (line);
close_context (ctrl, ctx);
return err;
diff --git a/g10/call-dirmngr.h b/g10/call-dirmngr.h
index 933303d..481b948 100644
--- a/g10/call-dirmngr.h
+++ b/g10/call-dirmngr.h
@@ -22,9 +22,10 @@
void gpg_dirmngr_deinit_session_data (ctrl_t ctrl);
gpg_error_t gpg_dirmngr_ks_search (ctrl_t ctrl, const char *searchstr,
- gpg_error_t (*cb)(void*, char *),
+ gpg_error_t (*cb)(void*, int, char *),
void *cb_value);
-gpg_error_t gpg_dirmngr_ks_get (ctrl_t ctrl, char *pattern[], estream_t *r_fp);
+gpg_error_t gpg_dirmngr_ks_get (ctrl_t ctrl, char *pattern[],
+ estream_t *r_fp, char **r_source);
gpg_error_t gpg_dirmngr_ks_fetch (ctrl_t ctrl,
const char *url, estream_t *r_fp);
gpg_error_t gpg_dirmngr_ks_put (ctrl_t ctrl, void *data, size_t datalen,
diff --git a/g10/keyserver.c b/g10/keyserver.c
index b8ab81e..3a3bc40 100644
--- a/g10/keyserver.c
+++ b/g10/keyserver.c
@@ -831,17 +831,29 @@ show_prompt (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int numdesc,
/* This is a callback used by call-dirmngr.c to process the result of
- KS_SEARCH command. LINE is the actual data line received with all
- escaping removed and guaranteed to be exactly one line with
- stripped LF; an EOF is indicated by LINE passed as NULL. LINE may
- be modified after return. */
+ KS_SEARCH command. If SPECIAL is 0, LINE is the actual data line
+ received with all escaping removed and guaranteed to be exactly one
+ line with stripped LF; an EOF is indicated by LINE passed as NULL.
+ If special is 1, the line conatins the source of the information
+ (usually an URL). LINE may be modified after return. */
static gpg_error_t
-search_line_handler (void *opaque, char *line)
+search_line_handler (void *opaque, int special, char *line)
{
struct search_line_handler_parm_s *parm = opaque;
gpg_error_t err = 0;
struct keyrec *keyrec;
+ if (special == 1)
+ {
+ log_info ("data source: %s\n", line);
+ return 0;
+ }
+ else if (special)
+ {
+ log_debug ("unknown value %d for special search callback", special);
+ return 0;
+ }
+
if (parm->eof_seen && line)
{
log_debug ("ooops: unexpected data after EOF\n");
@@ -1478,6 +1490,7 @@ keyserver_get (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc,
char **pattern;
int idx, npat;
estream_t datastream;
+ char *source = NULL;
/* Create an array filled with a search pattern for each key. The
array is delimited by a NULL entry. */
@@ -1561,10 +1574,13 @@ keyserver_get (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc,
}
- err = gpg_dirmngr_ks_get (ctrl, pattern, &datastream);
+ err = gpg_dirmngr_ks_get (ctrl, pattern, &datastream, &source);
for (idx=0; idx < npat; idx++)
xfree (pattern[idx]);
xfree (pattern);
+ if (opt.verbose)
+ log_info ("data source: %s\n", source);
+
if (!err)
{
void *stats_handle;
@@ -1590,7 +1606,7 @@ keyserver_get (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc,
import_release_stats_handle (stats_handle);
}
es_fclose (datastream);
-
+ xfree (source);
return err;
}
commit 5d321eb00be0774418de1a05678ac0ec44d7193b
Author: Werner Koch <wk at gnupg.org>
Date: Wed Mar 12 19:33:30 2014 +0100
dirmngr: Default to a user socket name and enable autostart.
* common/homedir.c (dirmngr_socket_name): Rename to
dirmngr_sys_socket_name.
(dirmngr_user_socket_name): New.
* common/asshelp.c (start_new_dirmngr): Handle sys and user dirmngr
socket.
* dirmngr/dirmngr.c (main): Ditto.
* dirmngr/server.c (cmd_getinfo): Ditto.
* sm/server.c (gpgsm_server): Ditto.
* dirmngr/dirmngr-client.c (start_dirmngr): Likewise.
* tools/gpgconf.c (main): Print "dirmngr-sys-socket" with --list-dirs.
* configure.ac (USE_DIRMNGR_AUTO_START): Set by default.
diff --git a/common/asshelp.c b/common/asshelp.c
index b5dde5a..4763de1 100644
--- a/common/asshelp.c
+++ b/common/asshelp.c
@@ -600,19 +600,41 @@ start_new_dirmngr (assuan_context_t *r_ctx,
return err;
}
- sockname = dirmngr_socket_name ();
+ sockname = dirmngr_user_socket_name ();
+ if (sockname)
+ {
+ /* First try the local socket name and only if that fails try
+ the system socket. */
+ err = assuan_socket_connect (ctx, sockname, 0, 0);
+ if (err)
+ sockname = dirmngr_sys_socket_name ();
+ }
+ else
+ sockname = dirmngr_sys_socket_name ();
+
err = assuan_socket_connect (ctx, sockname, 0, 0);
+
#ifdef USE_DIRMNGR_AUTO_START
if (err)
{
lock_spawn_t lock;
- const char *argv[2];
+ const char *argv[4];
+ int try_system_daemon = 0;
+ char *abs_homedir;
+
+ /* No connection: Try start a new Dirmngr. On Windows this will
+ fail because the Dirmngr is expected to be a system service.
+ However on WinCE we don't distinguish users and thus we can
+ start it. */
+
+ /* We prefer to start it as a user daemon. */
+ sockname = dirmngr_user_socket_name ();
+ if (!sockname)
+ {
+ sockname = dirmngr_sys_socket_name ();
+ try_system_daemon = 1;
+ }
- /* With no success try start a new Dirmngr. On most systems
- this will fail because the Dirmngr is expected to be a system
- service. However on Wince we don't distinguish users and
- thus we can start it. A future extension might be to use the
- userv system to start the Dirmngr as a system service. */
if (!dirmngr_program || !*dirmngr_program)
dirmngr_program = gnupg_module_name (GNUPG_MODULE_NAME_DIRMNGR);
@@ -624,6 +646,8 @@ start_new_dirmngr (assuan_context_t *r_ctx,
status_cb (status_cb_arg, STATUS_PROGRESS,
"starting_dirmngr ? 0 0", NULL);
+ abs_homedir = make_filename (homedir, NULL);
+
if (fflush (NULL))
{
gpg_error_t tmperr = gpg_err_make (errsource,
@@ -635,12 +659,25 @@ start_new_dirmngr (assuan_context_t *r_ctx,
}
argv[0] = "--daemon";
- argv[1] = NULL;
+ if (try_system_daemon)
+ argv[1] = NULL;
+ else
+ { /* Try starting as user daemon - dirmngr does this if the
+ home directory is given on the command line. */
+ argv[1] = "--homedir";
+ argv[2] = abs_homedir;
+ argv[3] = NULL;
+ }
+
+ /* On the use of HOMEDIR for locking: Under Windows HOMEDIR is
+ not used thus it does not matter. Under Unix we should
+ TRY_SYSTEM_DAEMON should never be true because
+ dirmngr_user_socket_name() won't return NULL. */
if (!(err = lock_spawning (&lock, homedir, "dirmngr", verbose))
&& assuan_socket_connect (ctx, sockname, 0, 0))
{
- err = gnupg_spawn_process_detached (dirmngr_program, argv,NULL);
+ err = gnupg_spawn_process_detached (dirmngr_program, argv, NULL);
if (err)
log_error ("failed to start the dirmngr '%s': %s\n",
dirmngr_program, gpg_strerror (err));
@@ -671,6 +708,7 @@ start_new_dirmngr (assuan_context_t *r_ctx,
}
unlock_spawning (&lock, "dirmngr");
+ xfree (abs_homedir);
}
#else
(void)homedir;
diff --git a/common/homedir.c b/common/homedir.c
index 77622a1..e2a117b 100644
--- a/common/homedir.c
+++ b/common/homedir.c
@@ -555,9 +555,9 @@ gnupg_cachedir (void)
}
-/* Return the default socket name used by DirMngr. */
+/* Return the system socket name used by DirMngr. */
const char *
-dirmngr_socket_name (void)
+dirmngr_sys_socket_name (void)
{
#ifdef HAVE_W32_SYSTEM
static char *name;
@@ -600,6 +600,22 @@ dirmngr_socket_name (void)
}
+/* Return the user socket name used by DirMngr. If a a user specific
+ dirmngr installation is not supported, NULL is returned. */
+const char *
+dirmngr_user_socket_name (void)
+{
+#ifdef HAVE_W32_SYSTEM
+ return NULL; /* We support only a system service. */
+#else /*!HAVE_W32_SYSTEM*/
+ static char *name;
+
+ if (!name)
+ name = make_filename (default_homedir (), DIRMNGR_SOCK_NAME, NULL);
+ return name;
+#endif /*!HAVE_W32_SYSTEM*/
+}
+
/* Return the file name of a helper tool. WHICH is one of the
GNUPG_MODULE_NAME_foo constants. */
diff --git a/common/util.h b/common/util.h
index c4acb0b..4b3cbfc 100644
--- a/common/util.h
+++ b/common/util.h
@@ -231,7 +231,8 @@ const char *gnupg_libdir (void);
const char *gnupg_datadir (void);
const char *gnupg_localedir (void);
const char *gnupg_cachedir (void);
-const char *dirmngr_socket_name (void);
+const char *dirmngr_sys_socket_name (void);
+const char *dirmngr_user_socket_name (void);
/* All module names. We also include gpg and gpgsm for the sake for
gpgconf. */
diff --git a/configure.ac b/configure.ac
index c20984a..e384fba 100644
--- a/configure.ac
+++ b/configure.ac
@@ -92,7 +92,7 @@ disable_keyserver_path=no
card_support=yes
use_ccid_driver=yes
use_standard_socket=yes
-dirmngr_auto_start=no
+dirmngr_auto_start=yes
try_ks_ldap=no
@@ -428,15 +428,10 @@ AC_ARG_ENABLE(ccid-driver,
use_ccid_driver=$enableval)
AC_MSG_RESULT($use_ccid_driver)
-#
-# Dirmngr is nowadays a system service and thus it usually does no
-# make sense to start it as needed. However on some systems this is
-# possible; this option enable the feature.
-#
AC_MSG_CHECKING([whether to auto start dirmngr])
AC_ARG_ENABLE(dirmngr-auto-start,
- AC_HELP_STRING([--enable-dirmngr-auto-start],
- [enable auto starting of the dirmngr]),
+ AC_HELP_STRING([--disable-dirmngr-auto-start],
+ [disable auto starting of the dirmngr]),
dirmngr_auto_start=$enableval)
AC_MSG_RESULT($dirmngr_auto_start)
if test "$dirmngr_auto_start" = yes ; then
diff --git a/dirmngr/dirmngr-client.c b/dirmngr/dirmngr-client.c
index da97443..0e62764 100644
--- a/dirmngr/dirmngr-client.c
+++ b/dirmngr/dirmngr-client.c
@@ -443,7 +443,10 @@ start_dirmngr (int only_daemon)
infostr = opt.force_pipe_server? NULL : getenv (DIRMNGR_INFO_NAME);
if (only_daemon && (!infostr || !*infostr))
{
- infostr = xstrdup (dirmngr_socket_name ());
+ if (dirmngr_user_socket_name ())
+ infostr = xstrdup (dirmngr_user_socket_name ());
+ else
+ infostr = xstrdup (dirmngr_sys_socket_name ());
try_default = 1;
}
diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
index 7bcff7a..e3f98c0 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
@@ -666,7 +666,6 @@ main (int argc, char **argv)
opt.ldaptimeout = DEFAULT_LDAP_TIMEOUT;
/* Other defaults. */
- socket_name = dirmngr_socket_name ();
/* Check whether we have a config file given on the commandline */
orig_argc = argc;
@@ -721,7 +720,12 @@ main (int argc, char **argv)
#endif
opt.homedir_data = gnupg_datadir ();
opt.homedir_cache = gnupg_cachedir ();
+ socket_name = dirmngr_sys_socket_name ();
}
+ else if (dirmngr_user_socket_name ())
+ socket_name = dirmngr_user_socket_name ();
+ else
+ socket_name = dirmngr_sys_socket_name ();
if (default_config)
configname = make_filename (opt.homedir, DIRMNGR_NAME".conf", NULL );
diff --git a/dirmngr/server.c b/dirmngr/server.c
index a1d2033..f1319ad 100644
--- a/dirmngr/server.c
+++ b/dirmngr/server.c
@@ -1781,7 +1781,10 @@ cmd_getinfo (assuan_context_t ctx, char *line)
}
else if (!strcmp (line, "socket_name"))
{
- const char *s = dirmngr_socket_name ();
+ const char *s = dirmngr_user_socket_name ();
+
+ if (!s)
+ s = dirmngr_sys_socket_name ();
if (s)
err = assuan_send_data (ctx, s, strlen (s));
diff --git a/sm/server.c b/sm/server.c
index 74caf6c..201a34b 100644
--- a/sm/server.c
+++ b/sm/server.c
@@ -1296,6 +1296,7 @@ gpgsm_server (certlist_t default_recplist)
char *tmp = NULL;
const char *s1 = getenv (GPG_AGENT_INFO_NAME);
+ /* Fixme: Use the really used socket name. */
if (asprintf (&tmp,
"Home: %s\n"
"Config: %s\n"
@@ -1305,7 +1306,9 @@ gpgsm_server (certlist_t default_recplist)
opt.homedir,
opt.config_filename,
s1?s1:"[not set]",
- dirmngr_socket_name (),
+ (dirmngr_user_socket_name ()
+ ? dirmngr_user_socket_name ()
+ : dirmngr_sys_socket_name ()),
hello) > 0)
{
assuan_set_hello_line (ctx, tmp);
diff --git a/tools/gpgconf.c b/tools/gpgconf.c
index a9bf491..fbce6d3 100644
--- a/tools/gpgconf.c
+++ b/tools/gpgconf.c
@@ -347,8 +347,20 @@ main (int argc, char **argv)
gc_percent_escape (gnupg_datadir ()));
es_fprintf (outfp, "localedir:%s\n",
gc_percent_escape (gnupg_localedir ()));
- es_fprintf (outfp, "dirmngr-socket:%s\n",
- gc_percent_escape (dirmngr_socket_name ()));
+
+ if (dirmngr_user_socket_name ())
+ {
+ es_fprintf (outfp, "dirmngr-socket:%s\n",
+ gc_percent_escape (dirmngr_user_socket_name ()));
+ es_fprintf (outfp, "dirmngr-sys-socket:%s\n",
+ gc_percent_escape (dirmngr_sys_socket_name ()));
+ }
+ else
+ {
+ es_fprintf (outfp, "dirmngr-socket:%s\n",
+ gc_percent_escape (dirmngr_sys_socket_name ()));
+ }
+
{
char *infostr = getenv (GPG_AGENT_INFO_NAME);
commit 6dd5d99a61f24aff862ccba9f7410d7f1af87c05
Author: Werner Koch <wk at gnupg.org>
Date: Wed Mar 12 18:24:52 2014 +0100
gpg: Add option --dirmngr-program.
* g10/gpg.c: Add option --dirmngr-program.
* g10/options.h (struct opt): Add field dirmngr_program.
* g10/call-dirmngr.c (create_context): Use new var.
* dirmngr/dirmngr.c: Include gc-opt-flags.h.
(main): Remove GC_OPT_FLAG_*.
* tools/gpgconf-comp.c (GC_OPT_FLAG_NO_CHANGE): Move macro to ...
* common/gc-opt-flags.h: here.
diff --git a/common/gc-opt-flags.h b/common/gc-opt-flags.h
index b777c06..11ecec0 100644
--- a/common/gc-opt-flags.h
+++ b/common/gc-opt-flags.h
@@ -36,5 +36,11 @@
a default, which is described by the value of the ARGDEF field. */
#define GC_OPT_FLAG_NO_ARG_DESC (1UL << 6)
+/* The NO_CHANGE flag for an option indicates that the user should not
+ be allowed to change this option using the standard gpgconf method.
+ Frontends using gpgconf should grey out such options, so that only
+ the current value is displayed. */
+#define GC_OPT_FLAG_NO_CHANGE (1UL <<7)
+
#endif /*GNUPG_GC_OPT_FLAGS_H*/
diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
index 0cbdc7b..7bcff7a 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
@@ -57,6 +57,7 @@
#include "asshelp.h"
#include "ldap-wrapper.h"
#include "../common/init.h"
+#include "gc-opt-flags.h"
/* The plain Windows version uses the windows service system. For
example to start the service you may use "sc start dirmngr".
@@ -709,7 +710,7 @@ main (int argc, char **argv)
}
/* If --daemon has been given on the command line but not --homedir,
- we switch to /etc/dirmngr as default home directory. Note, that
+ we switch to /etc/gnupg as default home directory. Note, that
this also overrides the GNUPGHOME environment variable. */
if (opt.system_daemon && !homedir_seen)
{
@@ -910,7 +911,7 @@ main (int argc, char **argv)
if (cmd == aServer)
{
- /* Note that this server mode is maily useful for debugging. */
+ /* Note that this server mode is mainly useful for debugging. */
if (argc)
wrong_args ("--server");
@@ -1193,23 +1194,6 @@ main (int argc, char **argv)
char *filename;
char *filename_esc;
- /* List options and default values in the GPG Conf format. */
-
-/* The following list is taken from gnupg/tools/gpgconf-comp.c. */
-/* Option flags. YOU MUST NOT CHANGE THE NUMBERS OF THE EXISTING
- FLAGS, AS THEY ARE PART OF THE EXTERNAL INTERFACE. */
-#define GC_OPT_FLAG_NONE 0UL
-/* The DEFAULT flag for an option indicates that the option has a
- default value. */
-#define GC_OPT_FLAG_DEFAULT (1UL << 4)
-/* The DEF_DESC flag for an option indicates that the option has a
- default, which is described by the value of the default field. */
-#define GC_OPT_FLAG_DEF_DESC (1UL << 5)
-/* The NO_ARG_DESC flag for an option indicates that the argument has
- a default, which is described by the value of the ARGDEF field. */
-#define GC_OPT_FLAG_NO_ARG_DESC (1UL << 6)
-#define GC_OPT_FLAG_NO_CHANGE (1UL <<7)
-
#ifdef HAVE_W32_SYSTEM
/* On Windows systems, dirmngr always runs as system daemon, and
the per-user configuration is never used. So we short-cut
diff --git a/doc/gpg.texi b/doc/gpg.texi
index c1ce07b..e1ad33c 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1696,6 +1696,25 @@ been given. Given that this option is not anymore used by
@command{gpg2}, it should be avoided if possible.
@end ifset
+
+ at ifclear gpgone
+ at item --agent-program @var{file}
+ at opindex agent-program
+Specify an agent program to be used for secret key operations. The
+default value is the @file{/usr/bin/gpg-agent}. This is only used
+as a fallback when the environment variable @code{GPG_AGENT_INFO} is not
+set or a running agent cannot be connected.
+ at end ifclear
+
+ at ifset gpgtwoone
+ at item --dirmngr-program @var{file}
+ at opindex dirmngr-program
+Specify a dirmngr program to be used for keyserver access. The
+default value is @file{/usr/sbin/dirmngr}. This is only used as a
+fallback when the environment variable @code{DIRMNGR_INFO} is not set or
+a running dirmngr cannot be connected.
+ at end ifset
+
@item --lock-once
@opindex lock-once
Lock the databases the first time a lock is requested
diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi
index f7cedaf..3d2594f 100644
--- a/doc/gpgsm.texi
+++ b/doc/gpgsm.texi
@@ -350,7 +350,7 @@ as a fallback when the environment variable @code{GPG_AGENT_INFO} is not
set or a running agent cannot be connected.
@item --dirmngr-program @var{file}
- at opindex dirmnr-program
+ at opindex dirmngr-program
Specify a dirmngr program to be used for @acronym{CRL} checks. The
default value is @file{/usr/sbin/dirmngr}. This is only used as a
fallback when the environment variable @code{DIRMNGR_INFO} is not set or
diff --git a/g10/call-dirmngr.c b/g10/call-dirmngr.c
index 2310d8b..9935333 100644
--- a/g10/call-dirmngr.c
+++ b/g10/call-dirmngr.c
@@ -121,7 +121,7 @@ create_context (ctrl_t ctrl, assuan_context_t *r_ctx)
err = start_new_dirmngr (&ctx,
GPG_ERR_SOURCE_DEFAULT,
opt.homedir,
- NULL,
+ opt.dirmngr_program,
opt.verbose, DBG_ASSUAN,
NULL /*gpg_status2*/, ctrl);
if (!err)
diff --git a/g10/gpg.c b/g10/gpg.c
index d24cc23..361a25a 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -346,6 +346,7 @@ enum cmd_and_opt_values
oPersonalDigestPreferences,
oPersonalCompressPreferences,
oAgentProgram,
+ oDirmngrProgram,
oDisplay,
oTTYname,
oTTYtype,
@@ -739,7 +740,9 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oPersonalCipherPreferences, "personal-cipher-prefs", "@"),
ARGPARSE_s_s (oPersonalDigestPreferences, "personal-digest-prefs", "@"),
ARGPARSE_s_s (oPersonalCompressPreferences, "personal-compress-prefs", "@"),
+
ARGPARSE_s_s (oAgentProgram, "agent-program", "@"),
+ ARGPARSE_s_s (oDirmngrProgram, "dirmngr-program", "@"),
ARGPARSE_s_s (oDisplay, "display", "@"),
ARGPARSE_s_s (oTTYname, "ttyname", "@"),
ARGPARSE_s_s (oTTYtype, "ttytype", "@"),
@@ -2974,6 +2977,7 @@ main (int argc, char **argv)
pers_compress_list=pargs.r.ret_str;
break;
case oAgentProgram: opt.agent_program = pargs.r.ret_str; break;
+ case oDirmngrProgram: opt.dirmngr_program = pargs.r.ret_str; break;
case oDisplay:
set_opt_session_env ("DISPLAY", pargs.r.ret_str);
diff --git a/g10/options.h b/g10/options.h
index 47b8bfb..592e066 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -101,6 +101,7 @@ struct
int max_cert_depth;
const char *homedir;
const char *agent_program;
+ const char *dirmngr_program;
/* Options to be passed to the gpg-agent */
session_env_t session_env;
diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c
index 6d366af..356b251 100644
--- a/tools/gpgconf-comp.c
+++ b/tools/gpgconf-comp.c
@@ -357,11 +357,6 @@ static struct
several times. A comma separated list of arguments is used as the
argument value. */
#define GC_OPT_FLAG_LIST (1UL << 2)
-/* The NO_CHANGE flag for an option indicates that the user should not
- be allowed to change this option using the standard gpgconf method.
- Frontends using gpgconf should grey out such options, so that only
- the current value is displayed. */
-#define GC_OPT_FLAG_NO_CHANGE (1UL <<7)
/* A human-readable description for each flag. */
-----------------------------------------------------------------------
Summary of changes:
common/asshelp.c | 56 ++++++++++++++++++++++-----
common/gc-opt-flags.h | 6 +++
common/homedir.c | 20 +++++++++-
common/http.c | 8 +++-
common/http.h | 10 +++--
common/stringhelp.c | 2 +-
common/util.h | 3 +-
configure.ac | 11 ++----
dirmngr/dirmngr-client.c | 5 ++-
dirmngr/dirmngr.c | 28 ++++----------
dirmngr/ks-engine-hkp.c | 81 +++++++++++++++++++++++++++------------
dirmngr/server.c | 5 ++-
doc/gpg.texi | 19 ++++++++++
doc/gpgsm.texi | 2 +-
g10/call-dirmngr.c | 94 +++++++++++++++++++++++++++++++++++++++-------
g10/call-dirmngr.h | 5 ++-
g10/gpg.c | 4 ++
g10/keyserver.c | 30 +++++++++++----
g10/options.h | 1 +
sm/server.c | 5 ++-
tools/gpgconf-comp.c | 5 ---
tools/gpgconf.c | 16 +++++++-
22 files changed, 312 insertions(+), 104 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list