[git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.0-16-gdf692a6

by Werner Koch cvs at cvs.gnupg.org
Mon Sep 18 22:54:59 CEST 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, STABLE-BRANCH-2-2 has been updated
       via  df692a6167be5486f9a29da003a00292fd895176 (commit)
       via  9588dd116c0118f31fc33dc09a1d08125ab8cdc9 (commit)
      from  50c8b6c88f5d9f4b6c4e9c03aee31fe29afa94b8 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit df692a6167be5486f9a29da003a00292fd895176
Author: Werner Koch <wk at gnupg.org>
Date:   Mon Sep 18 22:49:05 2017 +0200

    dirmngr: Use system certs if --hkp-cacert is not used.
    
    * dirmngr/certcache.c (any_cert_of_class): New var.
    (put_cert): Set it.
    (cert_cache_deinit): Clear it.
    (cert_cache_any_in_class): New func.
    * dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Add hack to
    override empty list of HKP certs.
    --
    
    This patch carries the changes for GNUTLS from commit
    7c1613d41566f7d8db116790087de323621205fe over to NTBTLS.  NTBTLS works
    quite different and thus we need to do it this way.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/dirmngr/certcache.c b/dirmngr/certcache.c
index b4e5381..56629fd 100644
--- a/dirmngr/certcache.c
+++ b/dirmngr/certcache.c
@@ -94,6 +94,10 @@ static int initialization_done;
 /* Total number of non-permanent certificates.  */
 static unsigned int total_nonperm_certificates;
 
+/* For each cert class the corresponding bit is set if at least one
+ * certificate of that class is loaded permanetly.  */
+static unsigned int any_cert_of_class;
+
 
 #ifdef HAVE_W32_SYSTEM
 /* We load some functions dynamically.  Provide typedefs for tehse
@@ -343,7 +347,9 @@ put_cert (ksba_cert_t cert, int permanent, unsigned int trustclass,
   ci->permanent = !!permanent;
   ci->trustclasses = trustclass;
 
-  if (!permanent)
+  if (permanent)
+    any_cert_of_class |= trustclass;
+  else
     total_nonperm_certificates++;
 
   return 0;
@@ -758,6 +764,7 @@ cert_cache_deinit (int full)
     }
 
   total_nonperm_certificates = 0;
+  any_cert_of_class = 0;
   initialization_done = 0;
   release_cache_lock ();
 }
@@ -814,6 +821,15 @@ cert_cache_print_stats (void)
 }
 
 
+/* Return true if any cert of a class in MASK is permanently
+ * loaded.  */
+int
+cert_cache_any_in_class (unsigned int mask)
+{
+  return !!(any_cert_of_class & mask);
+}
+
+
 /* Put CERT into the certificate cache.  */
 gpg_error_t
 cache_cert (ksba_cert_t cert)
diff --git a/dirmngr/certcache.h b/dirmngr/certcache.h
index 92529bf..8d64583 100644
--- a/dirmngr/certcache.h
+++ b/dirmngr/certcache.h
@@ -39,6 +39,9 @@ void cert_cache_deinit (int full);
 /* Print some statistics to the log file.  */
 void cert_cache_print_stats (void);
 
+/* Return true if any cert of a class in MASK is permanently loaded.  */
+int cert_cache_any_in_class (unsigned int mask);
+
 /* Compute the fingerprint of the certificate CERT and put it into
    the 20 bytes large buffer DIGEST.  Return address of this buffer.  */
 unsigned char *cert_compute_fpr (ksba_cert_t cert, unsigned char *digest);
diff --git a/dirmngr/http-ntbtls.c b/dirmngr/http-ntbtls.c
index 250db55..ea66a4d 100644
--- a/dirmngr/http-ntbtls.c
+++ b/dirmngr/http-ntbtls.c
@@ -91,6 +91,12 @@ gnupg_http_tls_verify_cb (void *opaque,
         validate_flags |= VALIDATE_FLAG_TRUST_HKP;
       if ((http_flags & HTTP_FLAG_TRUST_SYS))
         validate_flags |= VALIDATE_FLAG_TRUST_SYSTEM;
+
+      /* If HKP trust is requested and there are no HKP certificates
+       * configured, also try thye standard system certificates.  */
+      if ((validate_flags & VALIDATE_FLAG_TRUST_HKP)
+          && !cert_cache_any_in_class (CERTTRUST_CLASS_HKP))
+        validate_flags |= VALIDATE_FLAG_TRUST_SYSTEM;
     }
 
   if ((http_flags & HTTP_FLAG_NO_CRL))

commit 9588dd116c0118f31fc33dc09a1d08125ab8cdc9
Author: Dimitris Maroulidis <dmaroulidis at dimitrismaroulidis.com>
Date:   Mon Sep 18 16:23:43 2017 +0200

    po: Minor Grammar update of the Greek translation
    
    --
    GnuPG-bug-id: 3409
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/po/el.po b/po/el.po
index dd690a4..a57c8b8 100644
--- a/po/el.po
+++ b/po/el.po
@@ -1,20 +1,21 @@
 # Greek Translation of GnuPG.
 # Copyright (C) 2002 Free Software Foundation, Inc.
 # Dokianakis Theofanis <madf at hellug.gr>, 2002.
-#                      !-- psbl.surriel.com rejected (2011-01-11)
+# !-- psbl.surriel.com rejected (2011-01-11)
 # Designated-Translator: none
-#
+# Dimitris Maroulidis <dmaroulidis at dimitrismaroulidis.com>, 2017.
 msgid ""
 msgstr ""
 "Project-Id-Version: gnupg-1.1.92\n"
 "Report-Msgid-Bugs-To: translations at gnupg.org\n"
-"PO-Revision-Date: 2003-06-27 12:00+0200\n"
-"Last-Translator: Dokianakis Theofanis <madf at hellug.gr>\n"
-"Language-Team: Greek <nls at tux.hellug.gr>\n"
+"PO-Revision-Date: 2017-09-14 21:14+0300\n"
+"Last-Translator: Dimitris Maroulidis <dmaroulidis at dimitrismaroulidis.com>\n"
+"Language-Team: team at gnome.gr\n"
 "Language: el\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
 
 #, fuzzy, c-format
 msgid "failed to acquire the pinentry lock: %s\n"
@@ -4423,7 +4424,7 @@ msgid "Keyring"
 msgstr "Κλειδοθήκη"
 
 msgid "Primary key fingerprint:"
-msgstr "Αποτύπωμα πρωτεύων κλειδιού:"
+msgstr "Αποτύπωμα πρωτεύοντος κλειδιού:"
 
 msgid "     Subkey fingerprint:"
 msgstr "     Αποτύπωμα υποκλειδιού:"
@@ -4431,7 +4432,7 @@ msgstr "     Αποτύπωμα υποκλειδιού:"
 #. TRANSLATORS: this should fit into 24 bytes so that the
 #. * fingerprint data is properly aligned with the user ID
 msgid " Primary key fingerprint:"
-msgstr " Αποτύπωμα πρωτεύων κλειδιού:"
+msgstr " Αποτύπωμα πρωτ. κλειδιού:"
 
 msgid "      Subkey fingerprint:"
 msgstr "      Αποτύπωμα υποκλειδιού:"

-----------------------------------------------------------------------

Summary of changes:
 dirmngr/certcache.c   | 18 +++++++++++++++++-
 dirmngr/certcache.h   |  3 +++
 dirmngr/http-ntbtls.c |  6 ++++++
 po/el.po              | 15 ++++++++-------
 4 files changed, 34 insertions(+), 8 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list