[git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.10-21-g8a33d5c
by Werner Koch
cvs at cvs.gnupg.org
Fri Oct 26 15:09:41 CEST 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via 8a33d5c9c699d2145d39b362d580df67571c5f36 (commit)
via 839426104a0c829f0182b22048fdc51cf295beb7 (commit)
from 04604e6cb9999a1f29fcb6acfe2223981fd2cf4b (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 8a33d5c9c699d2145d39b362d580df67571c5f36
Author: Werner Koch <wk at gnupg.org>
Date: Fri Oct 26 14:54:52 2018 +0200
build: By default build wks-tools on all Unix platforms.
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit b83fed64f8051279a8f36e024c1f12f7f13c4716)
diff --git a/configure.ac b/configure.ac
index 5106bd9..4d66af9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -129,7 +129,10 @@ GNUPG_BUILD_PROGRAM(symcryptrun, no)
# We use gpgtar to unpack test data, hence we always build it. If the
# user opts out, we simply don't install it.
GNUPG_BUILD_PROGRAM(gpgtar, yes)
-GNUPG_BUILD_PROGRAM(wks-tools, no)
+# We also install the gpg-wks-server tool by default but disable it
+# later for platforms where it can't be build.
+GNUPG_BUILD_PROGRAM(wks-tools, yes)
+
AC_SUBST(PACKAGE)
AC_SUBST(PACKAGE_GT)
@@ -666,6 +669,7 @@ case "${host}" in
try_gettext="no"
use_simple_gettext=yes
mmap_needed=no
+ build_wks_tools=no
;;
i?86-emx-os2 | i?86-*-os2*emx )
# OS/2 with the EMX environment
@@ -673,6 +677,7 @@ case "${host}" in
AC_DEFINE(HAVE_DRIVE_LETTERS)
have_dosish_system=yes
try_gettext="no"
+ build_wks_tools=no
;;
i?86-*-msdosdjgpp*)
@@ -681,6 +686,7 @@ case "${host}" in
AC_DEFINE(HAVE_DRIVE_LETTERS)
have_dosish_system=yes
try_gettext="no"
+ build_wks_tools=no
;;
*-*-hpux*)
@@ -711,6 +717,7 @@ case "${host}" in
# Android is fully utf-8 and we do not want to use iconv to
# keeps things simple
require_iconv=no
+ build_wks_tools=no
;;
*-apple-darwin*)
AC_DEFINE(_DARWIN_C_SOURCE, 900000L,
commit 839426104a0c829f0182b22048fdc51cf295beb7
Author: Werner Koch <wk at gnupg.org>
Date: Fri Oct 26 14:44:32 2018 +0200
wkd: Add option --directory to the server.
* tools/gpg-wks-server.c (opts): Add '--directory',
(main): Explain how to set correct permissions.
(command_list_domains): Create an empty policy file and remove the
warning for an empty policy file.
--
Note that a policy file is meanwhile required and thus is is useful to
create it.
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit f248416bc9792e80bb0785302058131de49d7639)
diff --git a/doc/wks.texi b/doc/wks.texi
index 6d62282..b8de296 100644
--- a/doc/wks.texi
+++ b/doc/wks.texi
@@ -215,9 +215,9 @@ Further it creates missing directories for the configuration and
prints warnings pertaining to problems in the configuration.
The command @option{--check-key} (or just @option{--check}) checks
-whether a key with the given user-id is installed. The process return
-success in this case; to also print a diagnostic, use option
- at option{-v}. If the key is not installed a diagnostics is printed and
+whether a key with the given user-id is installed. The process returns
+success in this case; to also print a diagnostic use the option
+ at option{-v}. If the key is not installed a diagnostic is printed and
the process returns failure; to suppress the diagnostic, use option
@option{-q}. More than one user-id can be given; see also option
@option{with-file}.
@@ -243,6 +243,12 @@ The command @option{--revoke-key} is not yet functional.
@table @gnupgtabopt
+ at item -C @var{dir}
+ at itemx --directory @var{dir}
+ at opindex directory
+Use @var{dir} as top level directory for domains. The default is
+ at file{/var/lib/gnupg/wks}.
+
@item --from @var{mailaddr}
@opindex from
Use @var{mailaddr} as the default sender address.
@@ -256,21 +262,22 @@ Add the mail header "@var{name}: @var{value}" to all outgoing mails.
Directly send created mails using the @command{sendmail} command.
Requires installation of that command.
- at item --output @var{file}
- at itemx -o
+ at item -o @var{file}
+ at itemx --output @var{file}
@opindex output
Write the created mail also to @var{file}. Note that the value
@code{-} for @var{file} would write it to stdout.
@item --with-dir
@opindex with-dir
-Also print the directory name for each domain listed by command
- at option{--list-domains}.
+When used with the command @option{--list-domains} print for each
+installed domain the domain name and its directory name.
@item --with-file
@opindex with-file
-With command @option{--check-key} print for each user-id, the address,
-'i' for installed key or 'n' for not installed key, and the filename.
+When used with the command @option{--check-key} print for each user-id,
+the address, 'i' for installed key or 'n' for not installed key, and
+the filename.
@item --verbose
@opindex verbose
@@ -316,7 +323,7 @@ Finally run
$ gpg-wks-server --list-domains
@end example
-to create the required sub-directories with the permission set
+to create the required sub-directories with the permissions set
correctly. For each domain a submission address needs to be
configured. All service mails are directed to that address. It can
be the same address for all configured domains, for example:
@@ -326,7 +333,7 @@ be the same address for all configured domains, for example:
$ echo key-submission@@example.net >submission-address
@end example
-The protocol requires that the key to be published is sent with an
+The protocol requires that the key to be published is send with an
encrypted mail to the service. Thus you need to create a key for
the submission address:
diff --git a/tools/gpg-wks-server.c b/tools/gpg-wks-server.c
index a588155..24b3312 100644
--- a/tools/gpg-wks-server.c
+++ b/tools/gpg-wks-server.c
@@ -58,6 +58,7 @@ enum cmd_and_opt_values
oQuiet = 'q',
oVerbose = 'v',
oOutput = 'o',
+ oDirectory = 'C',
oDebug = 500,
@@ -108,6 +109,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oGpgProgram, "gpg", "@"),
ARGPARSE_s_n (oSend, "send", "send the mail using sendmail"),
ARGPARSE_s_s (oOutput, "output", "|FILE|write the mail to FILE"),
+ ARGPARSE_s_s (oDirectory, "directory", "|DIR|use DIR as top directory"),
ARGPARSE_s_s (oFrom, "from", "|ADDR|use ADDR as the default sender"),
ARGPARSE_s_s (oHeader, "header" ,
"|NAME=VALUE|add \"NAME: VALUE\" as header to all mails"),
@@ -225,6 +227,9 @@ parse_arguments (ARGPARSE_ARGS *pargs, ARGPARSE_OPTS *popts)
case oGpgProgram:
opt.gpg_program = pargs->r.ret_str;
break;
+ case oDirectory:
+ opt.directory = pargs->r.ret_str;
+ break;
case oFrom:
opt.default_from = pargs->r.ret_str;
break;
@@ -350,6 +355,7 @@ main (int argc, char **argv)
{
log_error ("directory '%s' has too relaxed permissions\n",
opt.directory);
+ log_info ("Fix by running: chmod o-rw '%s'\n", opt.directory);
exit (2);
}
}
@@ -1667,7 +1673,7 @@ command_receive_cb (void *opaque, const char *mediatype,
-/* Return a list of all configured domains. ECh list element is the
+/* Return a list of all configured domains. Each list element is the
* top directory for the domain. To figure out the actual domain
* name strrchr(name, '/') can be used. */
static gpg_error_t
@@ -1946,7 +1952,17 @@ command_list_domains (void)
if (!fp)
{
err = gpg_error_from_syserror ();
- if (gpg_err_code (err) != GPG_ERR_ENOENT)
+ if (gpg_err_code (err) == GPG_ERR_ENOENT)
+ {
+ fp = es_fopen (fname, "w");
+ if (!fp)
+ log_error ("domain %s: can't create policy file: %s\n",
+ domain, gpg_strerror (err));
+ else
+ es_fclose (fp);
+ fp = NULL;
+ }
+ else
log_error ("domain %s: error in policy file: %s\n",
domain, gpg_strerror (err));
}
@@ -1955,17 +1971,8 @@ command_list_domains (void)
struct policy_flags_s policy;
err = wks_parse_policy (&policy, fp, 0);
es_fclose (fp);
- if (!err)
- {
- struct policy_flags_s empty_policy;
- memset (&empty_policy, 0, sizeof empty_policy);
- if (!memcmp (&empty_policy, &policy, sizeof policy))
- log_error ("domain %s: empty policy file\n", domain);
- }
wks_free_policy (&policy);
}
-
-
}
err = 0;
-----------------------------------------------------------------------
Summary of changes:
configure.ac | 9 ++++++++-
doc/wks.texi | 29 ++++++++++++++++++-----------
tools/gpg-wks-server.c | 29 ++++++++++++++++++-----------
3 files changed, 44 insertions(+), 23 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list