[git] GnuPG - branch, master, updated. gnupg-2.1.17-102-g3ca3da8

by Werner Koch cvs at cvs.gnupg.org
Mon Jan 23 13:11:26 CET 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  3ca3da8fc4ef802b8cceec5fde398a07b4888848 (commit)
       via  d4c0187dd93163f12e9f953366adef81ecf526a6 (commit)
      from  9ae0b81e4ff08712da642456d0164f81924a91e4 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 3ca3da8fc4ef802b8cceec5fde398a07b4888848
Author: Werner Koch <wk at gnupg.org>
Date:   Mon Jan 23 13:07:54 2017 +0100

    dirmngr: On SIGHUP mark all keyservers alive.
    
    * dirmngr/ks-engine-hkp.c (ks_hkp_reload): New.
    * dirmngr/dirmngr.c (dirmngr_sighup_action): Call it.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
index 92984b6..061cfc3 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
@@ -1702,6 +1702,7 @@ dirmngr_sighup_action (void)
   cert_cache_init ();
   crl_cache_init ();
   reload_dns_stuff (0);
+  ks_hkp_reload ();
 }
 
 
diff --git a/dirmngr/dirmngr.h b/dirmngr/dirmngr.h
index 9a87878..35bc000 100644
--- a/dirmngr/dirmngr.h
+++ b/dirmngr/dirmngr.h
@@ -194,6 +194,7 @@ const char* dirmngr_get_current_socket_name (void);
 
 /*-- Various housekeeping functions.  --*/
 void ks_hkp_housekeeping (time_t curtime);
+void ks_hkp_reload (void);
 
 
 /*-- server.c --*/
diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
index 08ef851..9de6267 100644
--- a/dirmngr/ks-engine-hkp.c
+++ b/dirmngr/ks-engine-hkp.c
@@ -1003,6 +1003,29 @@ ks_hkp_housekeeping (time_t curtime)
 }
 
 
+/* Reload (SIGHUP) action for this module.  We mark all host alive
+ * even those which have been manually shot.  */
+void
+ks_hkp_reload (void)
+{
+  int idx, count;
+  hostinfo_t hi;
+
+  for (idx=count=0; idx < hosttable_size; idx++)
+    {
+      hi = hosttable[idx];
+      if (!hi)
+        continue;
+      if (!hi->dead)
+        continue;
+      hi->dead = 0;
+      count++;
+    }
+  if (count)
+    log_info ("number of resurrected hosts: %d", count);
+}
+
+
 /* Send an HTTP request.  On success returns an estream object at
    R_FP.  HOSTPORTSTR is only used for diagnostics.  If HTTPHOST is
    not NULL it will be used as HTTP "Host" header.  If POST_CB is not

commit d4c0187dd93163f12e9f953366adef81ecf526a6
Author: Gaetan Bisson <bisson at archlinux.org>
Date:   Mon Jan 23 12:46:35 2017 +0100

    libdns: Hack to skip negation term.
    
    * dirmngr/dns.c (dns_nssconf_loadfile): Skip negation terms in
    nsswitch.conf parser.
    --
    
    This small patch was submitted along with this comment:
    
      We've been having issues over at Arch Linux with the new libdns
      code.  Our /etc/nsswitch.conf contains the following line:
    
        hosts: files mymachines resolve [!UNAVAIL=return] dns myhostname
    
      And it turns out dirmngr fails to parse the negation statement (the
      bang in !UNAVAIL). This results in gnupg not being able to resolve
      any name.
    
      Looking at dirmngr/dns.c it was unclear to me how to properly handle
      such negations. The dns_anyconf_scan calls used in
      dns_nssconf_loadfile do not allow to store a negation bit easily...
    
      In the meantime, I wrote the attached patch which ignores those
      statements altogether. It makes libdns work as expected for us.
    
    Commit log written by wk

diff --git a/dirmngr/dns.c b/dirmngr/dns.c
index 016ff44..869e7ed 100644
--- a/dirmngr/dns.c
+++ b/dirmngr/dns.c
@@ -6071,7 +6071,15 @@ int dns_nssconf_loadfile(struct dns_resolv_conf *resconf, FILE *fp) {
 			if ('[' == dns_anyconf_peek(fp)) {
 				dns_anyconf_skip("[ \t", fp);
 
-				while (dns_anyconf_scan(&cf, "%w_", fp, &error)) {
+				for (;;) {
+					if ('!' == dns_anyconf_peek(fp)) {
+						dns_anyconf_skip("! \t", fp);
+						/* FIXME: negating statuses; currently not implemented */
+						dns_anyconf_skip("^#;]\n", fp); /* skip to end of criteria */
+						break;
+					}
+
+					if (!dns_anyconf_scan(&cf, "%w_", fp, &error)) break;
 					dns_anyconf_skip("= \t", fp);
 					if (!dns_anyconf_scan(&cf, "%w_", fp, &error)) {
 						dns_anyconf_pop(&cf); /* discard status */

-----------------------------------------------------------------------

Summary of changes:
 dirmngr/dirmngr.c       |  1 +
 dirmngr/dirmngr.h       |  1 +
 dirmngr/dns.c           | 10 +++++++++-
 dirmngr/ks-engine-hkp.c | 23 +++++++++++++++++++++++
 4 files changed, 34 insertions(+), 1 deletion(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list