sm: Print diagnostic about CRL problems due to Tor mode.

* dirmngr/crlfetch.c (crl_fetch, crl_fetch_default) (ca_cert_fetch, start_cert_fetch): Factor Tor error out to ... (no_crl_due_to_tor): new. Print status note. * dirmngr/ks-engine-ldap.c (ks_ldap_get) (ks_ldap_search, ks_ldap_put): Factor Tor error out to ... (no_ldap_due_to_tor): new. Print status note. * dirmngr/ocsp.c (do_ocsp_request): Print status note. * sm/misc.c (gpgsm_print_further_info): New. * sm/call-dirmngr.c (warning_and_note_printer): New. (isvalid_status_cb): Call it. (lookup_status_cb): Ditto. (run_command_status_cb): Ditto. * common/asshelp2.c (vprint_assuan_status): Strip a possible trailing LF. --
2025-07-02 22:46:30 +02:00 · 2022-04-11 17:57:14 +02:00 · 2022-04-11 17:57:14 +02:00 · 137e59a6a5
commit 137e59a6a5
parent 0dcc249852
7 changed files with 122 additions and 23 deletions
--- a/sm/call-dirmngr.c
+++ b/sm/call-dirmngr.c
@ -425,6 +425,51 @@ unhexify_fpr (const char *hexstr, unsigned char *fpr)
 }


+/* This is a helper to print diagnostics from dirmngr indicated by
+ * WARNING or NOTE status lines.  Returns true if the status LINE was
+ * processed.  */
+static int
+warning_and_note_printer (const char *line)
+{
+  const char *s, *s2;
+  const char *warn = NULL;
+  int is_note = 0;
+
+  if ((s = has_leading_keyword (line, "WARNING")))
+    ;
+  else if ((is_note = !!(s = has_leading_keyword (line, "NOTE"))))
+    ;
+  else
+    return 0;  /* Nothing to process.  */
+
+  if ((s2 = has_leading_keyword (s, "no_crl_due_to_tor"))
+      || (s2 = has_leading_keyword (s, "no_ldap_due_to_tor"))
+      || (s2 = has_leading_keyword (s, "no_ocsp_due_to_tor")))
+    warn = _("Tor might be in use - network access is limited");
+  else
+    warn = NULL;
+
+  if (warn)
+    {
+      if (is_note)
+        log_info (_("Note: %s\n"), warn);
+      else
+        log_info (_("WARNING: %s\n"), warn);
+      if (s2)
+        {
+          while (*s2 && !spacep (s2))
+            s2++;
+          while (*s2 && spacep (s2))
+            s2++;
+          if (*s2)
+            gpgsm_print_further_info ("%s", s2);
+        }
+    }
+
+  return 1;  /* Status line processed.  */
+}
+
+
 static gpg_error_t
 isvalid_status_cb (void *opaque, const char *line)
 {
@ -446,6 +491,10 @@ isvalid_status_cb (void *opaque, const char *line)
      if (!*s || !unhexify_fpr (s, parm->fpr))
        parm->seen++; /* Bump it to indicate an error. */
    }
+  else if (warning_and_note_printer (line))
+    {
+    }
+
  return 0;
 }

@ -722,6 +771,10 @@ lookup_status_cb (void *opaque, const char *line)
          gpgsm_status (parm->ctrl, STATUS_TRUNCATED, line);
        }
    }
+  else if (warning_and_note_printer (line))
+    {
+    }
+
  return 0;
 }

@ -969,6 +1022,10 @@ run_command_status_cb (void *opaque, const char *line)
            return gpg_error (GPG_ERR_ASS_CANCELED);
        }
    }
+  else if (warning_and_note_printer (line))
+    {
+    }
+
  return 0;
 }

--- a/sm/gpgsm.h
+++ b/sm/gpgsm.h
@ -489,6 +489,7 @@ int gpgsm_dirmngr_run_command (ctrl_t ctrl, const char *command,


 /*-- misc.c --*/
+void gpgsm_print_further_info (const char *format, ...) GPGRT_ATTR_PRINTF(1,2);
 void setup_pinentry_env (void);
 gpg_error_t transform_sigval (const unsigned char *sigval, size_t sigvallen,
                              int mdalgo,
--- a/sm/misc.c
+++ b/sm/misc.c
@ -35,6 +35,27 @@
 #include "../common/sexp-parse.h"


+/* Print a message
+ *   "(further info: %s)\n
+ * in verbose mode to further explain an error.  That message is
+ * intended to help debug a problem and should not be translated.
+ */
+void
+gpgsm_print_further_info (const char *format, ...)
+{
+  va_list arg_ptr;
+
+  if (!opt.verbose)
+    return;
+
+  log_info (_("(further info: "));
+  va_start (arg_ptr, format);
+  log_logv (GPGRT_LOGLVL_CONT, format, arg_ptr);
+  va_end (arg_ptr);
+  log_printf (")\n");
+}
+
+
 /* Setup the environment so that the pinentry is able to get all
   required information.  This is used prior to an exec of the
   protect-tool. */