[git] GnuPG - branch, master, updated. gnupg-2.1.15-389-g8fb4822
by Daniel Kahn Gillmor
cvs at cvs.gnupg.org
Thu Nov 17 15:39:31 CET 2016
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 8fb482252436b3b4b0b33663d95d1d17188ad1d9 (commit)
via 7c1613d41566f7d8db116790087de323621205fe (commit)
via c4e02a3b7ad6ee1da6bfc439921378bdbd5c029c (commit)
via 5210ff70bc79673d14f346297798d8d7bafc8215 (commit)
from 4f189325a409bb08f7a8eabfac3f4579288cf5c5 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 8fb482252436b3b4b0b33663d95d1d17188ad1d9
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date: Thu Oct 27 18:30:59 2016 -0400
dirmngr: Use a default keyserver if none is explicitly set
* configure.ac: Define DIRMNGR_DEFAULT_KEYSERVER.
* dirmngr/server.c (ensure_keyserver): Use it if no keyservers are set.
* doc/dirmngr.texi: Document this behavior.
--
A user who doesn't specify a keyserver, but asks gnupg to fetch a key
currently just gets a simple error messages "No keyserver available".
If the user is asking to contact a keyserver, we should have a
reasonable default, and not require them to fiddle with settings when
they might not know what settings to choose. This patch makes the
default hkps://hkps.pool.sks-keyservers.net.
Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
diff --git a/configure.ac b/configure.ac
index bc3e2a8..1b77a45 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1764,6 +1764,9 @@ AC_DEFINE_UNQUOTED(SCDAEMON_SOCK_NAME, "S.scdaemon",
[The name of the SCdaemon socket])
AC_DEFINE_UNQUOTED(DIRMNGR_SOCK_NAME, "S.dirmngr",
[The name of the dirmngr socket])
+AC_DEFINE_UNQUOTED(DIRMNGR_DEFAULT_KEYSERVER,
+ "hkps://hkps.pool.sks-keyservers.net",
+ [The default keyserver for dirmngr to use, if none is explicitly given])
AC_DEFINE_UNQUOTED(GPGEXT_GPG, "gpg", [The standard binary file suffix])
diff --git a/dirmngr/server.c b/dirmngr/server.c
index 5c78d64..0088498 100644
--- a/dirmngr/server.c
+++ b/dirmngr/server.c
@@ -1810,7 +1810,11 @@ ensure_keyserver (ctrl_t ctrl)
if (ctrl->server_local->keyservers)
return 0; /* Already set for this session. */
if (!opt.keyserver)
- return 0; /* No global option set. */
+ {
+ /* No global option set. Fall back to default: */
+ return make_keyserver_item (DIRMNGR_DEFAULT_KEYSERVER,
+ &ctrl->server_local->keyservers);
+ }
for (sl = opt.keyserver; sl; sl = sl->next)
{
diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi
index bc3072c..be4e97a 100644
--- a/doc/dirmngr.texi
+++ b/doc/dirmngr.texi
@@ -277,6 +277,8 @@ service (.onion), Dirmngr selects the keyserver to use depending on
whether Tor is locally running or not. The check for a running Tor is
done for each new connection.
+If no keyserver is explicitly configured, dirmngr will use the
+built-in default of hkps://hkps.pool.sks-keyservers.net.
@item --nameserver @var{ipaddr}
@opindex nameserver
commit 7c1613d41566f7d8db116790087de323621205fe
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date: Thu Oct 27 18:30:58 2016 -0400
dirmngr: Add system CAs if no hkp-cacert is given
* dirmngr/dirmngr.c (http_session_new): If the user isn't talking to
the HKPS pool, and they have not specified any hkp-cacert, then we
should default to the system CAs, rather than nothing.
* doc/dirmngr.texi: Document choice of CAs.
--
Consider three possible classes of dirmngr configuration:
a) no hkps:// keyserver URLs at all (communication with keyservers is
entirely in the clear)
b) hkps:// keyserver URLs, but no hkp-cacert directives
c) hkps:// keyserver URLs, and at least one hkp-cacert directive
class (a) provides no confidentiality of requests.
class (b) currently will never work because the server certificate
cannot be validated.
class (c) is currently supported as intended.
This patch allows users with configurations in class (b) to work as
most users expect (relying on the system certificate authorities),
without affecting users in classes (a) or (c).
Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
o minor indentation fix
- wk
diff --git a/dirmngr/http.c b/dirmngr/http.c
index 90682fa..bc62c82 100644
--- a/dirmngr/http.c
+++ b/dirmngr/http.c
@@ -613,6 +613,8 @@ http_session_new (http_session_t *r_session, const char *tls_priority,
const char *errpos;
int rc;
strlist_t sl;
+ int add_system_cas = !!(flags & HTTP_FLAG_TRUST_SYS);
+ int is_hkps_pool;
rc = gnutls_certificate_allocate_credentials (&sess->certcred);
if (rc < 0)
@@ -623,13 +625,14 @@ http_session_new (http_session_t *r_session, const char *tls_priority,
goto leave;
}
+ is_hkps_pool = (intended_hostname
+ && !ascii_strcasecmp (intended_hostname,
+ "hkps.pool.sks-keyservers.net"));
+
/* If the user has not specified a CA list, and they are looking
* for the hkps pool from sks-keyservers.net, then default to
* Kristian's certificate authority: */
- if (!tls_ca_certlist
- && intended_hostname
- && !ascii_strcasecmp (intended_hostname,
- "hkps.pool.sks-keyservers.net"))
+ if (!tls_ca_certlist && is_hkps_pool)
{
char *pemname = make_filename_try (gnupg_datadir (),
"sks-keyservers.netCA.pem", NULL);
@@ -662,10 +665,12 @@ http_session_new (http_session_t *r_session, const char *tls_priority,
log_info ("setting CA from file '%s' failed: %s\n",
sl->d, gnutls_strerror (rc));
}
+ if (!tls_ca_certlist && !is_hkps_pool)
+ add_system_cas = 1;
}
/* Add system certificates to the session. */
- if ((flags & HTTP_FLAG_TRUST_SYS))
+ if (add_system_cas)
{
#if GNUTLS_VERSION_NUMBER >= 0x030014
static int shown;
diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi
index 73afbc3..bc3072c 100644
--- a/doc/dirmngr.texi
+++ b/doc/dirmngr.texi
@@ -461,6 +461,11 @@ the file is in PEM format a suffix of @code{.pem} is expected for
@var{file}. This option may be given multiple times to add more
root certificates. Tilde expansion is supported.
+If no @code{hkp-cacert} directive is present, dirmngr will make a
+reasonable choice: if the keyserver in question is the special pool
+ at code{hkps.pool.sks-keyservers.net}, it will use the bundled root
+certificate for that pool. Otherwise, it will use the system CAs.
+
@end table
commit c4e02a3b7ad6ee1da6bfc439921378bdbd5c029c
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date: Thu Oct 27 18:30:57 2016 -0400
dirmngr: Register hkp-cacert even if the file doesn't exist yet
* dirmngr/dirmngr.c (parse_readable_options): If we're unable to turn
an argument for hkp-cacert into an absolute filename, terminate
completely.
* dirmngr/http.c (http_register_tls_ca): Show a warning if file is not
immediately accessible, but register it anyway.
--
Without this changeset, the condition of the filesystem when dirmngr
is initialized will have an effect on later activities of dirmngr.
For example, if a file identified by a hkp-cacert directive doesn't
exist when dirmngr starts, dirmngr will behave as though it simply
didn't have the hkp-cacert directive set at all, even if the file
should appear later.
dirmngr currently behaves differently if no hkp-cacert directives have
been set then it does when at least one hkp-cacert directive has been
set. For example, its choice of CA cert for
hkps://hkps.pool.sks-keyservers.net depends on whether a TLS CA file
has been registered. That behavior shouldn't additionally depend on
the state of the filesystem at the time of dirmngr launch.
Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
index 9d4fb14..f5dce81 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
@@ -611,15 +611,9 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
{
char *tmpname;
- /* Do tilde expansion and print a warning if the file can't be
- accessed. */
- tmpname = make_absfilename_try (pargs->r.ret_str, NULL);
- if (!tmpname || access (tmpname, F_OK))
- log_info (_("can't access '%s': %s\n"),
- tmpname? tmpname : pargs->r.ret_str,
- gpg_strerror (gpg_error_from_syserror()));
- else
- http_register_tls_ca (tmpname);
+ /* Do tilde expansion and make path absolute. */
+ tmpname = make_absfilename (pargs->r.ret_str, NULL);
+ http_register_tls_ca (tmpname);
xfree (tmpname);
}
break;
diff --git a/dirmngr/http.c b/dirmngr/http.c
index b74a9ef..90682fa 100644
--- a/dirmngr/http.c
+++ b/dirmngr/http.c
@@ -495,6 +495,11 @@ http_register_tls_ca (const char *fname)
}
else
{
+ /* Warn if we can't access right now, but register it anyway in
+ case it becomes accessible later */
+ if (access (fname, F_OK))
+ log_info (_("can't access '%s': %s\n"), fname,
+ gpg_strerror (gpg_error_from_syserror()));
sl = add_to_strlist (&tls_ca_certlist, fname);
if (*sl->d && !strcmp (sl->d + strlen (sl->d) - 4, ".pem"))
sl->flags = 1;
commit 5210ff70bc79673d14f346297798d8d7bafc8215
Author: Werner Koch <wk at gnupg.org>
Date: Thu Nov 17 10:46:43 2016 +0100
doc: Typo fixes.
--
Reported-by: Nathan Musoke <nathan.musoke at gmail.com>
diff --git a/doc/gpg.texi b/doc/gpg.texi
index c69e512..e3756e9 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1853,7 +1853,7 @@ Maximum depth of a certification chain (default is 5).
@opindex no-sig-cache
Do not cache the verification status of key signatures.
Caching gives a much better performance in key listings. However, if
-you suspect that your public keyring is not save against write
+you suspect that your public keyring is not safe against write
modifications, you can use this option to disable the caching. It
probably does not make sense to disable it because all kind of damage
can be done if someone else has write access to your public keyring.
@@ -2758,8 +2758,8 @@ protected by the signature.
@opindex emit-version
Force inclusion of the version string in ASCII armored output. If
given once only the name of the program and the major number is
-emitted, given twice the minor is also emitted, given triple
-the micro is added, and given quad an operating system identification
+emitted, given twice the minor is also emitted, given thrice
+the micro is added, and given four times an operating system identification
is also emitted. @option{--no-emit-version} (default) disables the version
line.
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 171afb7..795be05 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -2953,7 +2953,7 @@ keyedit_quick_adduid (ctrl_t ctrl, const char *username, const char *newuid)
keydb_release (kdbhd);
}
-/* Unattended revokation of a keyid. USERNAME specifies the
+/* Unattended revocation of a keyid. USERNAME specifies the
key. UIDTOREV is the user id revoke from the key. */
void
keyedit_quick_revuid (ctrl_t ctrl, const char *username, const char *uidtorev)
-----------------------------------------------------------------------
Summary of changes:
configure.ac | 3 +++
dirmngr/dirmngr.c | 12 +++---------
dirmngr/http.c | 20 +++++++++++++++-----
dirmngr/server.c | 6 +++++-
doc/dirmngr.texi | 7 +++++++
doc/gpg.texi | 6 +++---
g10/keyedit.c | 2 +-
7 files changed, 37 insertions(+), 19 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list