security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

Merge branch 'master' into keyserver-via-dirmngr

This commit is contained in:
Werner Koch 2011-01-20 14:21:46 +01:00
parent 7f32d88ed1 13acd78a39
commit 49d25d3185
14 changed files with 95 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ChangeLog
View File

@ -1,3 +1,9 @@
2011-01-19 Werner Koch <wk@g10code.com>
* configure.ac: Add new option --enable-gpg2-is-gpg.
(NAME_OF_INSTALLED_GPG): New ac_define.
* autogen.sh [--build-w32ce]: Use --enable-gpg2-is-gpg.
2011-01-03 Werner Koch <wk@g10code.com>
* README.SVN: Rename to README.GIT.
@ -16,7 +22,7 @@
2010-11-17 Werner Koch <wk@g10code.com>
* configure.ac (ENABLE_CARD_SUPPORT): Define.
* configure.ac (ENABLE_CARD_SUPPORT): Define.
2010-10-27 Werner Koch <wk@g10code.com>

3
NEWS
View File

@ -14,6 +14,9 @@ Noteworthy changes in version 2.1.0beta2 (unreleased)
* Fixed CRL loading under W32 (bug#1010).
* Fixed TTY management for pinentries and session variable update
problem.
Noteworthy changes in version 2.1.0beta1 (2010-10-26)
-----------------------------------------------------

4
agent/ChangeLog
View File

@ -1,3 +1,7 @@
2011-01-19 Werner Koch <wk@g10code.com>
* trustlist.c (read_one_trustfile): Also chop an CR.
2010-12-02 Werner Koch <wk@g10code.com>
* gpg-agent.c (CHECK_OWN_SOCKET_INTERVAL) [W32CE]: Set to 60

9
agent/trustlist.c
View File

@ -139,8 +139,9 @@ read_one_trustfile (const char *fname, int allow_include,
while (es_fgets (line, DIM(line)-1, fp))
{
lnr++;
if (!*line || line[strlen(line)-1] != '\n')
n = strlen (line);
if (!n || line[n-1] != '\n')
{
/* Eat until end of line. */
while ( (c=es_getc (fp)) != EOF && c != '\n')
@ -151,7 +152,9 @@ read_one_trustfile (const char *fname, int allow_include,
fname, lnr, gpg_strerror (err));
continue;
}
line[strlen(line)-1] = 0; /* Chop the LF. */
line[--n] = 0; /* Chop the LF. */
if (n && line[n-1] == '\r')
line[--n] = 0; /* Chop an optional CR. */
/* Allow for empty lines and spaces */
for (p=line; spacep (p); p++)

3
autogen.sh
View File

@ -104,7 +104,8 @@ if [ "$myhost" = "w32" ]; then
[ -z "$w32root" ] && w32root="$HOME/w32ce_root"
toolprefixes="$w32ce_toolprefixes arm-mingw32ce"
extraoptions="--enable-dirmngr-auto-start --disable-scdaemon "
extraoptions="$extraoptions --disable-zip $w32ce_extraoptions"
extraoptions="$extraoptions --disable-zip --enable-gpg2-is-gpg"
extraoptions="$extraoptions $w32ce_extraoptions"
;;
*)
[ -z "$w32root" ] && w32root="$HOME/w32root"

9
common/ChangeLog
View File

@ -9,14 +9,17 @@
(insert_escapes): Implement using escape_data.
(http_escape_data): New.
2011-01-19 Werner Koch <wk@g10code.com>
* homedir.c (gnupg_module_name): Use NAME_OF_INSTALLED_GPG instead
of "gpg2".
2011-01-18 Werner Koch <wk@g10code.com>
* iobuf.c (file_es_filter_ctx_t): New.
(file_es_filter): New.
(iobuf_esopen): New.
* estream.c (es_func_mem_write): Fix computation of NEWSIZE.
* membuf.c (clear_membuf, peek_membuf): New.
* util.h (GPG_ERR_NO_KEYSERVER): New.
@ -29,6 +32,8 @@
* http.h (parsed_uri_s): Add field IS_HTTP.
(http_parse_uri): Support NO_SCHEME_CHECK arg.
* estream.c (es_func_mem_write): Fix computation of NEWSIZE.
2011-01-10 Werner Koch <wk@g10code.com>
* session-env.c (update_var): Fix same value detection. Fixes

2
common/homedir.c
View File

@ -528,7 +528,7 @@ gnupg_module_name (int which)
X(bindir, "gpgsm");
case GNUPG_MODULE_NAME_GPG:
X(bindir, "gpg2");
X(bindir, NAME_OF_INSTALLED_GPG);
case GNUPG_MODULE_NAME_CONNECT_AGENT:
X(bindir, "gpg-connect-agent");

5
common/session-env.c
View File

@ -183,10 +183,11 @@ update_var (session_env_t se, const char *string, size_t namelen,
else if (!strncmp (se->array[idx]->name, string, namelen)
&& strlen (se->array[idx]->name) == namelen)
{
/* Check if the value is the same; no need to update it,
except for updating the default flag. */
if (strlen (se->array[idx]->value) == valuelen)
{
/* The new value has the same length. We can update it
in-place. */
memcpy (se->array[idx]->value, value, valuelen);
se->array[idx]->is_default = !!set_default;
return 0;
}

18
configure.ac
View File

@ -168,6 +168,24 @@ show_gnupg_dirmngr_ldap_pgm="(default)"
test -n "$GNUPG_DIRMNGR_LDAP_PGM" \
&& show_gnupg_dirmngr_ldap_pgm="$GNUPG_DIRMNGR_LDAP_PGM"
#
# On some platforms gpg2 is usually installed as gpg without using a
# symlink. For correct operation of gpgconf it needs to know the
# installed name of gpg. This option sets "gpg2"'s installed name to
# just "gpg". Note that it might be required to rename gpg2 to gpg
# manually after the build process.
#
AC_ARG_ENABLE(gpg2-is-gpg,
AC_HELP_STRING([--enable-gpg2-is-gpg],[Set installed name of gpg2 to gpg]),
gpg2_is_gpg=$enableval)
if test "$gpg2_is_gpg" = "yes"; then
name_of_installed_gpg=gpg
else
name_of_installed_gpg=gpg2
fi
AC_DEFINE_UNQUOTED(NAME_OF_INSTALLED_GPG, "$name_of_installed_gpg",
[The name of the installed GPG tool])
# Some folks want to use only the agent from this packet. Make it
# easier for them by providing the configure option

4
dirmngr/ChangeLog
View File

@ -11,6 +11,10 @@
(cmd_ks_search): New.
* Makefile.am (dirmngr_SOURCES): Add new files.
2011-01-19 Werner Koch <wk@g10code.com>
* dirmngr.c (main): Use es_printf for --gpgconf-list.
2010-12-14 Werner Koch <wk@g10code.com>
* cdb.h (struct cdb) [W32]: Add field CDB_MAPPING.

54
dirmngr/dirmngr.c
View File

@ -1019,7 +1019,7 @@ main (int argc, char **argv)
start of the dirmngr. */
#ifdef HAVE_W32_SYSTEM
pid = getpid ();
printf ("set DIRMNGR_INFO=%s;%lu;1\n", socket_name, (ulong) pid);
es_printf ("set DIRMNGR_INFO=%s;%lu;1\n", socket_name, (ulong) pid);
#else
pid = pth_fork ();
if (pid == (pid_t)-1)
@ -1051,11 +1051,11 @@ main (int argc, char **argv)
if (csh_style)
{
*strchr (infostr, '=') = ' ';
printf ( "setenv %s\n", infostr);
es_printf ( "setenv %s\n", infostr);
}
else
{
printf ( "%s; export DIRMNGR_INFO;\n", infostr);
es_printf ( "%s; export DIRMNGR_INFO;\n", infostr);
}
free (infostr);
exit (0);
@ -1220,15 +1220,15 @@ main (int argc, char **argv)
"dirmngr.conf", NULL );
filename = percent_escape (opt.config_filename, NULL);
printf ("gpgconf-dirmngr.conf:%lu:\"%s\n",
es_printf ("gpgconf-dirmngr.conf:%lu:\"%s\n",
GC_OPT_FLAG_DEFAULT, filename);
xfree (filename);
printf ("verbose:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("quiet:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("debug-level:%lu:\"none\n", flags | GC_OPT_FLAG_DEFAULT);
printf ("log-file:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("force:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("verbose:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("quiet:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("debug-level:%lu:\"none\n", flags | GC_OPT_FLAG_DEFAULT);
es_printf ("log-file:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("force:%lu:\n", flags | GC_OPT_FLAG_NONE);
/* --csh and --sh are mutually exclusive, something we can not
express in GPG Conf. --options is only usable from the
@ -1241,34 +1241,34 @@ main (int argc, char **argv)
"ldapservers.conf":"dirmngr_ldapservers.conf",
NULL);
filename_esc = percent_escape (filename, NULL);
printf ("ldapserverlist-file:%lu:\"%s\n", flags | GC_OPT_FLAG_DEFAULT,
es_printf ("ldapserverlist-file:%lu:\"%s\n", flags | GC_OPT_FLAG_DEFAULT,
filename_esc);
xfree (filename_esc);
xfree (filename);
printf ("ldaptimeout:%lu:%u\n",
es_printf ("ldaptimeout:%lu:%u\n",
flags | GC_OPT_FLAG_DEFAULT, DEFAULT_LDAP_TIMEOUT);
printf ("max-replies:%lu:%u\n",
es_printf ("max-replies:%lu:%u\n",
flags | GC_OPT_FLAG_DEFAULT, DEFAULT_MAX_REPLIES);
printf ("allow-ocsp:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("ocsp-responder:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("ocsp-signer:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("allow-ocsp:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("ocsp-responder:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("ocsp-signer:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("faked-system-time:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("no-greeting:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("faked-system-time:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("no-greeting:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("disable-http:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("disable-ldap:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("honor-http-proxy:%lu\n", flags | GC_OPT_FLAG_NONE);
printf ("http-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("only-ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("ignore-ldap-dp:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("ignore-http-dp:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("ignore-ocsp-service-url:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("disable-http:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("disable-ldap:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("honor-http-proxy:%lu\n", flags | GC_OPT_FLAG_NONE);
es_printf ("http-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("only-ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("ignore-ldap-dp:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("ignore-http-dp:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("ignore-ocsp-service-url:%lu:\n", flags | GC_OPT_FLAG_NONE);
/* Note: The next one is to fix a typo in gpgconf - should be
removed eventually. */
printf ("ignore-ocsp-servic-url:%lu:\n", flags | GC_OPT_FLAG_NONE);
es_printf ("ignore-ocsp-servic-url:%lu:\n", flags | GC_OPT_FLAG_NONE);
}
cleanup ();
return !!rc;

4
doc/debugging.texi
View File

@ -103,7 +103,7 @@ used. Using the keyserver debug option as in
is thus often helpful. Note that the actual output depends on the
backend and may change from release to release.
@ifset gpgtwoone
@item Logging on WindowsCE
For development, the best logging method on WindowsCE is the use of
@ -113,7 +113,7 @@ on the given port. (@pxref{option watchgnupg --tcp}). For in the field
tests it is better to make use of the logging facility provided by the
@command{gpgcedev} driver (part of libassuan); this is enabled by using
a log file name of @file{GPG2:}. (@pxref{option --log-file}).
@end ifset
@end itemize

8
doc/gnupg.texi
View File

@ -34,7 +34,7 @@ Published by the Free Software Foundation@*
Boston, MA 02110-1301 USA
@end iftex
Copyright @copyright{} 2002, 2004, 2005, 2006, 2007 Free Software Foundation, Inc.
Copyright @copyright{} 2002, 2004, 2005, 2006, 2007, 2010 Free Software Foundation, Inc.
@quotation
Permission is granted to copy, distribute and/or modify this document
@ -51,8 +51,10 @@ section entitled ``Copying''.
* gpg2: (gnupg). OpenPGP encryption and signing tool.
* gpgsm: (gnupg). S/MIME encryption and signing tool.
* gpg-agent: (gnupg). The secret key daemon.
@ifset gpgtwoone
* dirmngr: (gnupg). X.509 CRL and OCSP server.
* dirmngr-client: (gnupg). X.509 CRL and OCSP client.
@end ifset
@end direntry
@ -124,7 +126,9 @@ the administration and the architecture.
* Installation:: A short installation guide.
* Invoking GPG-AGENT:: How to launch the secret key daemon.
@ifset gpgtwoone
* Invoking DIRMNGR:: How to launch the CRL and OCSP daemon.
@end ifset
* Invoking GPG:: Using the OpenPGP protocol.
* Invoking GPGSM:: Using the S/MIME protocol.
* Invoking SCDAEMON:: How to handle Smartcards.
@ -156,7 +160,9 @@ the administration and the architecture.
@include instguide.texi
@include gpg-agent.texi
@ifset gpgtwoone
@include dirmngr.texi
@end ifset
@include gpg.texi
@include gpgsm.texi
@include scdaemon.texi

5
doc/tools.texi
View File

@ -16,7 +16,9 @@ GnuPG comes with a couple of smaller tools:
* gpgsm-gencert.sh:: Generate an X.509 certificate request.
* gpg-preset-passphrase:: Put a passphrase into the cache.
* gpg-connect-agent:: Communicate with a running agent.
@ifset gpgtwoone
* dirmngr-client:: How to use the Dirmngr client tool.
@end ifset
* gpgparsemail:: Parse a mail message into an annotated format
* symcryptrun:: Call a simple symmetric encryption tool.
* gpg-zip:: Encrypt or sign files into an archive.
@ -1434,6 +1436,7 @@ Print a list of available control commands.
@include see-also-note.texi
@end ifset
@ifset gpgtwoone
@c
@c DIRMNGR-CLIENT
@c
@ -1594,7 +1597,7 @@ Squid's @option{external_acl_type} option.
@command{gpgsm}(1)
@include see-also-note.texi
@end ifset
@end ifset
@c
@c GPGPARSEMAIL