[git] GnuPG - branch, master, updated. gnupg-2.1.17-30-g9695124

by Werner Koch cvs at cvs.gnupg.org
Tue Jan 3 12:48:41 CET 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  969512401603639e4467ede7d892f1b02582c2c9 (commit)
       via  0004d52ba2f1245c84f95a151342ad99fd72ca3d (commit)
      from  a1e0d4a1e75fc6e6c3392a4e1d1d27005b38d6cc (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 969512401603639e4467ede7d892f1b02582c2c9
Author: Werner Koch <wk at gnupg.org>
Date:   Tue Jan 3 12:03:28 2017 +0100

    dirmngr: Make sure Tor mode is also set for DNS on SIGHUP.
    
    * dirmngr/dns-stuff.c (enable_dns_tormode): Always succeed.
    (reload_dns_stuff): Reset tor port.
    * dirmngr/dirmngr.c (set_tor_mode): Also enable Tor mode for DNS.
    (main): Remove warning that Tor mode may not fully work.
    * dirmngr/server.c (cmd_dns_cert): Remove explicit Tor for DNS
    initialization.
    * dirmngr/t-dns-stuff.c (main): Remove option --new-circuit and error
    checking for enable_dns_tormode.
    --
    
    This patch also resets the port on SIGHUP so that after starting Tor
    SIGHUP is sufficient to use Tor.  Without the SIGHUP and when not
    using the Tor browser Dirmngr would keep on trying the Tor browser
    port.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
index 5ee589e..f50e935 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
@@ -481,6 +481,9 @@ set_tor_mode (void)
 {
   if (opt.use_tor)
     {
+      /* Enable Tor mode and when called again force a new curcuit
+       * (e.g. on SIGHUP).  */
+      enable_dns_tormode (1);
       if (assuan_sock_set_flag (ASSUAN_INVALID_FD, "tor-mode", 1))
         {
           log_error ("error enabling Tor mode: %s\n", strerror (errno));
@@ -919,13 +922,6 @@ main (int argc, char **argv)
   log_info ("NOTE: this is a development version!\n");
 #endif
 
-  if (opt.use_tor)
-    {
-      log_info ("WARNING: ***************************************\n");
-      log_info ("WARNING: Tor mode (--use-tor) MAY NOT FULLY WORK!\n");
-      log_info ("WARNING: ***************************************\n");
-    }
-
   /* Print a warning if an argument looks like an option.  */
   if (!opt.quiet && !(pargs.flags & ARGPARSE_FLAG_STOP_SEEN))
     {
diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c
index cf8cefb..e32e1e3 100644
--- a/dirmngr/dns-stuff.c
+++ b/dirmngr/dns-stuff.c
@@ -199,9 +199,9 @@ recursive_resolver_p (void)
 }
 
 
-/* Sets the module in Tor mode.  Returns 0 is this is possible or an
-   error code.  */
-gpg_error_t
+/* Puts this module eternally into Tor mode.  When called agained with
+ * NEW_CIRCUIT request a new TOR circuit for the next DNS query.  */
+void
 enable_dns_tormode (int new_circuit)
 {
   if (!*tor_socks_user || new_circuit)
@@ -215,7 +215,6 @@ enable_dns_tormode (int new_circuit)
       counter++;
     }
   tor_mode = 1;
-  return 0;
 }
 
 
@@ -548,7 +547,10 @@ reload_dns_stuff (int force)
       libdns_reinit_pending = 0;
     }
   else
-    libdns_reinit_pending = 1;
+    {
+      libdns_reinit_pending = 1;
+      libdns_tor_port = 0;  /* Start again with the default port.  */
+    }
 #else
   (void)force;
 #endif
diff --git a/dirmngr/dns-stuff.h b/dirmngr/dns-stuff.h
index 0a4a4de..eb7fe72 100644
--- a/dirmngr/dns-stuff.h
+++ b/dirmngr/dns-stuff.h
@@ -113,9 +113,9 @@ void enable_recursive_resolver (int yes);
 /* Return true iff the recursive resolver is used.  */
 int recursive_resolver_p (void);
 
-/* Calling this function switches the DNS code into Tor mode if
-   possibe.  Return 0 on success.  */
-gpg_error_t enable_dns_tormode (int new_circuit);
+/* Put this module eternally into Tor mode.  When called agained with
+ * NEW_CIRCUIT request a new TOR circuit for the next DNS query.  */
+void enable_dns_tormode (int new_circuit);
 
 /* Change the default IP address of the nameserver to IPADDR.  The
    address needs to be a numerical IP address and will be used for the
diff --git a/dirmngr/server.c b/dirmngr/server.c
index a785238..28c2cd4 100644
--- a/dirmngr/server.c
+++ b/dirmngr/server.c
@@ -709,13 +709,6 @@ cmd_dns_cert (assuan_context_t ctx, char *line)
         }
     }
 
-  if (opt.use_tor && (err = enable_dns_tormode (0)))
-    {
-      /* Tor mode is requested but the DNS code can't enable it.  */
-      assuan_set_error (ctx, err, "error enabling Tor mode");
-      goto leave;
-    }
-
   if (pka_mode || dane_mode)
     {
       char *domain;     /* Points to mbox.  */
diff --git a/dirmngr/t-dns-stuff.c b/dirmngr/t-dns-stuff.c
index b087b5e..bc4ca9a 100644
--- a/dirmngr/t-dns-stuff.c
+++ b/dirmngr/t-dns-stuff.c
@@ -51,7 +51,6 @@ main (int argc, char **argv)
   gpg_error_t err;
   int any_options = 0;
   int opt_tor = 0;
-  int opt_new_circuit = 0;
   int opt_cert = 0;
   int opt_srv = 0;
   int opt_bracket = 0;
@@ -103,11 +102,6 @@ main (int argc, char **argv)
           opt_tor = 1;
           argc--; argv++;
         }
-      else if (!strcmp (*argv, "--new-circuit"))
-        {
-          opt_new_circuit = 1;
-          argc--; argv++;
-        }
       else if (!strcmp (*argv, "--standard-resolver"))
         {
           enable_standard_resolver (1);
@@ -171,15 +165,7 @@ main (int argc, char **argv)
   init_sockets ();
 
   if (opt_tor)
-    {
-      err = enable_dns_tormode (opt_new_circuit);
-      if (err)
-        {
-          fprintf (stderr, "error switching into Tor mode: %s\n",
-                   gpg_strerror (err));
-          exit (1);
-        }
-    }
+    enable_dns_tormode (0);
 
   if (opt_cert)
     {

commit 0004d52ba2f1245c84f95a151342ad99fd72ca3d
Author: Werner Koch <wk at gnupg.org>
Date:   Mon Jan 2 15:47:24 2017 +0100

    dirmngr: New debug message on correctly initialized libdns.
    
    * dirmngr/dns-stuff.c (libdns_init): Add debug level diagnostic on
    success.
    --
    
    This output may help to avoid questions when evaluating an Assuan log.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c
index f2e1df9..cf8cefb 100644
--- a/dirmngr/dns-stuff.c
+++ b/dirmngr/dns-stuff.c
@@ -507,6 +507,9 @@ libdns_init (void)
   /* All fine.  Make the data global.  */
   libdns = ld;
 
+  if (opt_debug)
+    log_debug ("dns: libdns initialized%s\n", tor_mode?" (tor mode)":"");
+
  leave:
   xfree (cfgstr);
   return err;
@@ -595,7 +598,7 @@ libdns_res_open (struct dns_resolver **r_res)
 
 
 #ifdef USE_LIBDNS
-/* Helper to test whether we need totry again after having swicthed
+/* Helper to test whether we need to try again after having switched
  * the Tor port.  */
 static int
 libdns_switch_port_p (gpg_error_t err)

-----------------------------------------------------------------------

Summary of changes:
 dirmngr/dirmngr.c     | 10 +++-------
 dirmngr/dns-stuff.c   | 17 +++++++++++------
 dirmngr/dns-stuff.h   |  6 +++---
 dirmngr/server.c      |  7 -------
 dirmngr/t-dns-stuff.c | 16 +---------------
 5 files changed, 18 insertions(+), 38 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list