diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi index ed9d6f34c..b184634ee 100644 --- a/doc/gpgsm.texi +++ b/doc/gpgsm.texi @@ -377,7 +377,10 @@ certificates voluntary without the need of putting all ever issued certificates into a CRL. The disable option may be used to switch this extra check off. Due to the caching done by the Dirmngr, there won't be any noticeable performance gain. Note, that this also disables possible -OCSP checks for trusted root certificates. +OCSP checks for trusted root certificates. A more specific way of +disabling this check is by adding the ``relax'' keyword to the root CA +line of the @file{trustlist.txt} + @item --force-crl-refresh @opindex force-crl-refresh diff --git a/keyserver/ChangeLog b/keyserver/ChangeLog index 83d3be15d..4e634e05e 100644 --- a/keyserver/ChangeLog +++ b/keyserver/ChangeLog @@ -1,3 +1,14 @@ +2006-09-26 Werner Koch + + * curl-shim.c: Adjusted for changes in http.c. + (curl_easy_perform): Changed LINE from unsigned char* to char*. + + * Makefile.am (gpg2keys_curl_LDADD, gpg2keys_hkp_LDADD) + [FAKE_CURL]: Need to link against common_libs and pth. + + * curl-shim.h, curl-shim.c: Removed license exception as not + needed here. + 2006-09-22 Werner Koch * gpgkeys_curl.c, gpgkeys_hkp.c, gpgkeys_ldap.c, curl-shim.c: diff --git a/keyserver/Makefile.am b/keyserver/Makefile.am index 1d2e40910..5ad30782e 100644 --- a/keyserver/Makefile.am +++ b/keyserver/Makefile.am @@ -54,11 +54,13 @@ gpg2keys_finger_LDADD = $(common_libs) $(LIBGCRYPT_LIBS) \ if FAKE_CURL gpg2keys_curl_SOURCES += curl-shim.c curl-shim.h -gpg2keys_curl_LDADD = $(NETLIBS) $(DNSLIBS) \ - $(other_libs) $(W32LIBS) +gpg2keys_curl_CPPFLAGS = $(AM_CPPFLAGS) +gpg2keys_curl_LDADD = $(common_libs) $(GPG_ERROR_LIBS) $(NETLIBS) $(DNSLIBS) \ + $(other_libs) $(PTH_LIBS) $(W32LIBS) gpg2keys_hkp_SOURCES += curl-shim.c curl-shim.h -gpg2keys_hkp_LDADD = $(NETLIBS) $(DNSLIBS) \ - $(other_libs) $(W32LIBS) +gpg2keys_hkp_CPPFLAGS = $(AM_CPPFLAGS) +gpg2keys_hkp_LDADD = $(common_libs) $(GPG_ERROR_LIBS) $(NETLIBS) $(DNSLIBS) \ + $(other_libs) $(PTH_LIBS) $(W32LIBS) else gpg2keys_curl_CPPFLAGS = $(LIBCURL_CPPFLAGS) $(AM_CPPFLAGS) gpg2keys_curl_LDADD = $(LIBCURL) $(GETOPT) diff --git a/keyserver/curl-shim.c b/keyserver/curl-shim.c index f9ab3be6c..763c0ef24 100644 --- a/keyserver/curl-shim.c +++ b/keyserver/curl-shim.c @@ -19,17 +19,6 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, * USA. - * - * In addition, as a special exception, the Free Software Foundation - * gives permission to link the code of the keyserver helper tools: - * gpgkeys_ldap, gpgkeys_curl and gpgkeys_hkp with the OpenSSL - * project's "OpenSSL" library (or with modified versions of it that - * use the same license as the "OpenSSL" library), and distribute the - * linked executables. You must obey the GNU General Public License - * in all respects for all of the code used other than "OpenSSL". If - * you modify this file, you may extend this exception to your version - * of the file, but you are not obligated to do so. If you do not - * wish to do so, delete this exception statement from your version. */ #include @@ -114,7 +103,7 @@ curl_easy_cleanup(CURL *curl) { if (curl) { - http_close (curl->hd); + http_close (curl->hd, 0); free(curl); } } @@ -210,7 +199,7 @@ curl_easy_perform(CURL *curl) curl->status = http_get_status_code (curl->hd); if (!rc && curl->flags.failonerror && curl->status>=300) err = CURLE_HTTP_RETURNED_ERROR; - http_close(curl->hd); + http_close (curl->hd, 0); curl->hd = NULL; } } @@ -229,7 +218,7 @@ curl_easy_perform(CURL *curl) else { unsigned int maxlen = 1024, buflen, len; - unsigned char *line = NULL; + char *line = NULL; while ((len = es_read_line (http_get_read_ptr (curl->hd), &line, &buflen, &maxlen))) @@ -247,34 +236,29 @@ curl_easy_perform(CURL *curl) } es_free (line); - http_close(curl->hd); + http_close(curl->hd, 0); curl->hd = NULL; } } else { - http_close (curl->hd); + http_close (curl->hd, 0); curl->hd = NULL; } } } - switch(rc) + switch(gpg_err_code (rc)) { case 0: break; - case G10ERR_INVALID_URI: + case GPG_ERR_INV_URI: err=CURLE_UNSUPPORTED_PROTOCOL; break; - case G10ERR_NETWORK: - errstr=strerror(errno); - err=CURLE_COULDNT_CONNECT; - break; - default: - errstr=g10_errstr(rc); + errstr=gpg_strerror (rc); err=CURLE_COULDNT_CONNECT; break; } diff --git a/keyserver/curl-shim.h b/keyserver/curl-shim.h index ad8e8e1d9..e942ec710 100644 --- a/keyserver/curl-shim.h +++ b/keyserver/curl-shim.h @@ -17,17 +17,6 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, * USA. - * - * In addition, as a special exception, the Free Software Foundation - * gives permission to link the code of the keyserver helper tools: - * gpgkeys_ldap, gpgkeys_curl and gpgkeys_hkp with the OpenSSL - * project's "OpenSSL" library (or with modified versions of it that - * use the same license as the "OpenSSL" library), and distribute the - * linked executables. You must obey the GNU General Public License - * in all respects for all of the code used other than "OpenSSL". If - * you modify this file, you may extend this exception to your version - * of the file, but you are not obligated to do so. If you do not - * wish to do so, delete this exception statement from your version. */ #ifndef _CURL_SHIM_H_