security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

Merge branch 'master' into keyserver-via-dirmngr

This commit is contained in:
Werner Koch 2011-01-20 14:21:46 +01:00
parent 7f32d88ed1 13acd78a39
commit 49d25d3185
14 changed files with 95 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ChangeLog
View File

@ -1,3 +1,9 @@
2011-01-19 Werner Koch <wk@g10code.com>
* configure.ac: Add new option --enable-gpg2-is-gpg.
(NAME_OF_INSTALLED_GPG): New ac_define.
* autogen.sh [--build-w32ce]: Use --enable-gpg2-is-gpg.
2011-01-03 Werner Koch <wk@g10code.com> 2011-01-03 Werner Koch <wk@g10code.com>
* README.SVN: Rename to README.GIT. * README.SVN: Rename to README.GIT.
@ -16,7 +22,7 @@
2010-11-17 Werner Koch <wk@g10code.com> 2010-11-17 Werner Koch <wk@g10code.com>
* configure.ac (ENABLE_CARD_SUPPORT): Define. * configure.ac (ENABLE_CARD_SUPPORT): Define.
2010-10-27 Werner Koch <wk@g10code.com> 2010-10-27 Werner Koch <wk@g10code.com>

3
NEWS
View File

@ -14,6 +14,9 @@ Noteworthy changes in version 2.1.0beta2 (unreleased)
* Fixed CRL loading under W32 (bug#1010). * Fixed CRL loading under W32 (bug#1010).
* Fixed TTY management for pinentries and session variable update
problem.
Noteworthy changes in version 2.1.0beta1 (2010-10-26) Noteworthy changes in version 2.1.0beta1 (2010-10-26)
----------------------------------------------------- -----------------------------------------------------

4
agent/ChangeLog
View File

@ -1,3 +1,7 @@
2011-01-19 Werner Koch <wk@g10code.com>
* trustlist.c (read_one_trustfile): Also chop an CR.
2010-12-02 Werner Koch <wk@g10code.com> 2010-12-02 Werner Koch <wk@g10code.com>
* gpg-agent.c (CHECK_OWN_SOCKET_INTERVAL) [W32CE]: Set to 60 * gpg-agent.c (CHECK_OWN_SOCKET_INTERVAL) [W32CE]: Set to 60

9
agent/trustlist.c
View File

@ -139,8 +139,9 @@ read_one_trustfile (const char *fname, int allow_include,
while (es_fgets (line, DIM(line)-1, fp)) while (es_fgets (line, DIM(line)-1, fp))
{ {
lnr++; lnr++;
if (!*line || line[strlen(line)-1] != '\n') n = strlen (line);
if (!n || line[n-1] != '\n')
{ {
/* Eat until end of line. */ /* Eat until end of line. */
while ( (c=es_getc (fp)) != EOF && c != '\n') while ( (c=es_getc (fp)) != EOF && c != '\n')
@ -151,7 +152,9 @@ read_one_trustfile (const char *fname, int allow_include,
fname, lnr, gpg_strerror (err)); fname, lnr, gpg_strerror (err));
continue; continue;
} }
line[strlen(line)-1] = 0; /* Chop the LF. */ line[--n] = 0; /* Chop the LF. */
if (n && line[n-1] == '\r')
line[--n] = 0; /* Chop an optional CR. */
/* Allow for empty lines and spaces */ /* Allow for empty lines and spaces */
for (p=line; spacep (p); p++) for (p=line; spacep (p); p++)

3
autogen.sh
View File

@ -104,7 +104,8 @@ if [ "$myhost" = "w32" ]; then
[ -z "$w32root" ] && w32root="$HOME/w32ce_root" [ -z "$w32root" ] && w32root="$HOME/w32ce_root"
toolprefixes="$w32ce_toolprefixes arm-mingw32ce" toolprefixes="$w32ce_toolprefixes arm-mingw32ce"
extraoptions="--enable-dirmngr-auto-start --disable-scdaemon " extraoptions="--enable-dirmngr-auto-start --disable-scdaemon "
extraoptions="$extraoptions --disable-zip $w32ce_extraoptions" extraoptions="$extraoptions --disable-zip --enable-gpg2-is-gpg"
extraoptions="$extraoptions $w32ce_extraoptions"
;; ;;
*) *)
[ -z "$w32root" ] && w32root="$HOME/w32root" [ -z "$w32root" ] && w32root="$HOME/w32root"

9
common/ChangeLog
View File

@ -9,14 +9,17 @@
(insert_escapes): Implement using escape_data. (insert_escapes): Implement using escape_data.
(http_escape_data): New. (http_escape_data): New.
2011-01-19 Werner Koch <wk@g10code.com>
* homedir.c (gnupg_module_name): Use NAME_OF_INSTALLED_GPG instead
of "gpg2".
2011-01-18 Werner Koch <wk@g10code.com> 2011-01-18 Werner Koch <wk@g10code.com>
* iobuf.c (file_es_filter_ctx_t): New. * iobuf.c (file_es_filter_ctx_t): New.
(file_es_filter): New. (file_es_filter): New.
(iobuf_esopen): New. (iobuf_esopen): New.
* estream.c (es_func_mem_write): Fix computation of NEWSIZE.
* membuf.c (clear_membuf, peek_membuf): New. * membuf.c (clear_membuf, peek_membuf): New.
* util.h (GPG_ERR_NO_KEYSERVER): New. * util.h (GPG_ERR_NO_KEYSERVER): New.
@ -29,6 +32,8 @@
* http.h (parsed_uri_s): Add field IS_HTTP. * http.h (parsed_uri_s): Add field IS_HTTP.
(http_parse_uri): Support NO_SCHEME_CHECK arg. (http_parse_uri): Support NO_SCHEME_CHECK arg.
* estream.c (es_func_mem_write): Fix computation of NEWSIZE.
2011-01-10 Werner Koch <wk@g10code.com> 2011-01-10 Werner Koch <wk@g10code.com>
* session-env.c (update_var): Fix same value detection. Fixes * session-env.c (update_var): Fix same value detection. Fixes

2
common/homedir.c
View File

@ -528,7 +528,7 @@ gnupg_module_name (int which)
X(bindir, "gpgsm"); X(bindir, "gpgsm");
case GNUPG_MODULE_NAME_GPG: case GNUPG_MODULE_NAME_GPG:
X(bindir, "gpg2"); X(bindir, NAME_OF_INSTALLED_GPG);
case GNUPG_MODULE_NAME_CONNECT_AGENT: case GNUPG_MODULE_NAME_CONNECT_AGENT:
X(bindir, "gpg-connect-agent"); X(bindir, "gpg-connect-agent");

5
common/session-env.c
View File

@ -183,10 +183,11 @@ update_var (session_env_t se, const char *string, size_t namelen,
else if (!strncmp (se->array[idx]->name, string, namelen) else if (!strncmp (se->array[idx]->name, string, namelen)
&& strlen (se->array[idx]->name) == namelen) && strlen (se->array[idx]->name) == namelen)
{ {
/* Check if the value is the same; no need to update it,
except for updating the default flag. */
if (strlen (se->array[idx]->value) == valuelen) if (strlen (se->array[idx]->value) == valuelen)
{ {
/* The new value has the same length. We can update it
in-place. */
memcpy (se->array[idx]->value, value, valuelen);
se->array[idx]->is_default = !!set_default; se->array[idx]->is_default = !!set_default;
return 0; return 0;
} }

18
configure.ac
View File

@ -168,6 +168,24 @@ show_gnupg_dirmngr_ldap_pgm="(default)"
test -n "$GNUPG_DIRMNGR_LDAP_PGM" \ test -n "$GNUPG_DIRMNGR_LDAP_PGM" \
&& show_gnupg_dirmngr_ldap_pgm="$GNUPG_DIRMNGR_LDAP_PGM" && show_gnupg_dirmngr_ldap_pgm="$GNUPG_DIRMNGR_LDAP_PGM"
#
# On some platforms gpg2 is usually installed as gpg without using a
# symlink. For correct operation of gpgconf it needs to know the
# installed name of gpg. This option sets "gpg2"'s installed name to
# just "gpg". Note that it might be required to rename gpg2 to gpg
# manually after the build process.
#
AC_ARG_ENABLE(gpg2-is-gpg,
AC_HELP_STRING([--enable-gpg2-is-gpg],[Set installed name of gpg2 to gpg]),
gpg2_is_gpg=$enableval)
if test "$gpg2_is_gpg" = "yes"; then
name_of_installed_gpg=gpg
else
name_of_installed_gpg=gpg2
fi
AC_DEFINE_UNQUOTED(NAME_OF_INSTALLED_GPG, "$name_of_installed_gpg",
[The name of the installed GPG tool])
# Some folks want to use only the agent from this packet. Make it # Some folks want to use only the agent from this packet. Make it
# easier for them by providing the configure option # easier for them by providing the configure option

4
dirmngr/ChangeLog
View File

@ -11,6 +11,10 @@
(cmd_ks_search): New. (cmd_ks_search): New.
* Makefile.am (dirmngr_SOURCES): Add new files. * Makefile.am (dirmngr_SOURCES): Add new files.
2011-01-19 Werner Koch <wk@g10code.com>
* dirmngr.c (main): Use es_printf for --gpgconf-list.
2010-12-14 Werner Koch <wk@g10code.com> 2010-12-14 Werner Koch <wk@g10code.com>
* cdb.h (struct cdb) [W32]: Add field CDB_MAPPING. * cdb.h (struct cdb) [W32]: Add field CDB_MAPPING.

54
dirmngr/dirmngr.c
View File

@ -1019,7 +1019,7 @@ main (int argc, char **argv)
start of the dirmngr. */ start of the dirmngr. */
#ifdef HAVE_W32_SYSTEM #ifdef HAVE_W32_SYSTEM
pid = getpid (); pid = getpid ();
printf ("set DIRMNGR_INFO=%s;%lu;1\n", socket_name, (ulong) pid); es_printf ("set DIRMNGR_INFO=%s;%lu;1\n", socket_name, (ulong) pid);
#else #else
pid = pth_fork (); pid = pth_fork ();
if (pid == (pid_t)-1) if (pid == (pid_t)-1)
@ -1051,11 +1051,11 @@ main (int argc, char **argv)
if (csh_style) if (csh_style)
{ {
*strchr (infostr, '=') = ' '; *strchr (infostr, '=') = ' ';
printf ( "setenv %s\n", infostr); es_printf ( "setenv %s\n", infostr);
} }
else else
{ {
printf ( "%s; export DIRMNGR_INFO;\n", infostr); es_printf ( "%s; export DIRMNGR_INFO;\n", infostr);
} }
free (infostr); free (infostr);
exit (0); exit (0);
@ -1220,15 +1220,15 @@ main (int argc, char **argv)
"dirmngr.conf", NULL ); "dirmngr.conf", NULL );
filename = percent_escape (opt.config_filename, NULL); filename = percent_escape (opt.config_filename, NULL);
printf ("gpgconf-dirmngr.conf:%lu:\"%s\n", es_printf ("gpgconf-dirmngr.conf:%lu:\"%s\n",
GC_OPT_FLAG_DEFAULT, filename); GC_OPT_FLAG_DEFAULT, filename);
xfree (filename); xfree (filename);
printf ("verbose:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("verbose:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("quiet:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("quiet:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("debug-level:%lu:\"none\n", flags | GC_OPT_FLAG_DEFAULT); es_printf ("debug-level:%lu:\"none\n", flags | GC_OPT_FLAG_DEFAULT);
printf ("log-file:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("log-file:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("force:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("force:%lu:\n", flags | GC_OPT_FLAG_NONE);
/* --csh and --sh are mutually exclusive, something we can not /* --csh and --sh are mutually exclusive, something we can not
express in GPG Conf. --options is only usable from the express in GPG Conf. --options is only usable from the
@ -1241,34 +1241,34 @@ main (int argc, char **argv)
"ldapservers.conf":"dirmngr_ldapservers.conf", "ldapservers.conf":"dirmngr_ldapservers.conf",
NULL); NULL);
filename_esc = percent_escape (filename, NULL); filename_esc = percent_escape (filename, NULL);
printf ("ldapserverlist-file:%lu:\"%s\n", flags | GC_OPT_FLAG_DEFAULT, es_printf ("ldapserverlist-file:%lu:\"%s\n", flags | GC_OPT_FLAG_DEFAULT,
filename_esc); filename_esc);
xfree (filename_esc); xfree (filename_esc);
xfree (filename); xfree (filename);
printf ("ldaptimeout:%lu:%u\n", es_printf ("ldaptimeout:%lu:%u\n",
flags | GC_OPT_FLAG_DEFAULT, DEFAULT_LDAP_TIMEOUT); flags | GC_OPT_FLAG_DEFAULT, DEFAULT_LDAP_TIMEOUT);
printf ("max-replies:%lu:%u\n", es_printf ("max-replies:%lu:%u\n",
flags | GC_OPT_FLAG_DEFAULT, DEFAULT_MAX_REPLIES); flags | GC_OPT_FLAG_DEFAULT, DEFAULT_MAX_REPLIES);
printf ("allow-ocsp:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("allow-ocsp:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("ocsp-responder:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("ocsp-responder:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("ocsp-signer:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("ocsp-signer:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("faked-system-time:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("faked-system-time:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("no-greeting:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("no-greeting:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("disable-http:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("disable-http:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("disable-ldap:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("disable-ldap:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("honor-http-proxy:%lu\n", flags | GC_OPT_FLAG_NONE); es_printf ("honor-http-proxy:%lu\n", flags | GC_OPT_FLAG_NONE);
printf ("http-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("http-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("only-ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("only-ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("ignore-ldap-dp:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("ignore-ldap-dp:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("ignore-http-dp:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("ignore-http-dp:%lu:\n", flags | GC_OPT_FLAG_NONE);
printf ("ignore-ocsp-service-url:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("ignore-ocsp-service-url:%lu:\n", flags | GC_OPT_FLAG_NONE);
/* Note: The next one is to fix a typo in gpgconf - should be /* Note: The next one is to fix a typo in gpgconf - should be
removed eventually. */ removed eventually. */
printf ("ignore-ocsp-servic-url:%lu:\n", flags | GC_OPT_FLAG_NONE); es_printf ("ignore-ocsp-servic-url:%lu:\n", flags | GC_OPT_FLAG_NONE);
} }
cleanup (); cleanup ();
return !!rc; return !!rc;

4
doc/debugging.texi
View File

@ -103,7 +103,7 @@ used. Using the keyserver debug option as in
is thus often helpful. Note that the actual output depends on the is thus often helpful. Note that the actual output depends on the
backend and may change from release to release. backend and may change from release to release.
@ifset gpgtwoone
@item Logging on WindowsCE @item Logging on WindowsCE
For development, the best logging method on WindowsCE is the use of For development, the best logging method on WindowsCE is the use of
@ -113,7 +113,7 @@ on the given port. (@pxref{option watchgnupg --tcp}). For in the field
tests it is better to make use of the logging facility provided by the tests it is better to make use of the logging facility provided by the
@command{gpgcedev} driver (part of libassuan); this is enabled by using @command{gpgcedev} driver (part of libassuan); this is enabled by using
a log file name of @file{GPG2:}. (@pxref{option --log-file}). a log file name of @file{GPG2:}. (@pxref{option --log-file}).
@end ifset
@end itemize @end itemize

8
doc/gnupg.texi
View File

@ -34,7 +34,7 @@ Published by the Free Software Foundation@*
Boston, MA 02110-1301 USA Boston, MA 02110-1301 USA
@end iftex @end iftex
Copyright @copyright{} 2002, 2004, 2005, 2006, 2007 Free Software Foundation, Inc. Copyright @copyright{} 2002, 2004, 2005, 2006, 2007, 2010 Free Software Foundation, Inc.
@quotation @quotation
Permission is granted to copy, distribute and/or modify this document Permission is granted to copy, distribute and/or modify this document
@ -51,8 +51,10 @@ section entitled ``Copying''.
* gpg2: (gnupg). OpenPGP encryption and signing tool. * gpg2: (gnupg). OpenPGP encryption and signing tool.
* gpgsm: (gnupg). S/MIME encryption and signing tool. * gpgsm: (gnupg). S/MIME encryption and signing tool.
* gpg-agent: (gnupg). The secret key daemon. * gpg-agent: (gnupg). The secret key daemon.
@ifset gpgtwoone
* dirmngr: (gnupg). X.509 CRL and OCSP server. * dirmngr: (gnupg). X.509 CRL and OCSP server.
* dirmngr-client: (gnupg). X.509 CRL and OCSP client. * dirmngr-client: (gnupg). X.509 CRL and OCSP client.
@end ifset
@end direntry @end direntry
@ -124,7 +126,9 @@ the administration and the architecture.
* Installation:: A short installation guide. * Installation:: A short installation guide.
* Invoking GPG-AGENT:: How to launch the secret key daemon. * Invoking GPG-AGENT:: How to launch the secret key daemon.
@ifset gpgtwoone
* Invoking DIRMNGR:: How to launch the CRL and OCSP daemon. * Invoking DIRMNGR:: How to launch the CRL and OCSP daemon.
@end ifset
* Invoking GPG:: Using the OpenPGP protocol. * Invoking GPG:: Using the OpenPGP protocol.
* Invoking GPGSM:: Using the S/MIME protocol. * Invoking GPGSM:: Using the S/MIME protocol.
* Invoking SCDAEMON:: How to handle Smartcards. * Invoking SCDAEMON:: How to handle Smartcards.
@ -156,7 +160,9 @@ the administration and the architecture.
@include instguide.texi @include instguide.texi
@include gpg-agent.texi @include gpg-agent.texi
@ifset gpgtwoone
@include dirmngr.texi @include dirmngr.texi
@end ifset
@include gpg.texi @include gpg.texi
@include gpgsm.texi @include gpgsm.texi
@include scdaemon.texi @include scdaemon.texi

5
doc/tools.texi
View File

@ -16,7 +16,9 @@ GnuPG comes with a couple of smaller tools:
* gpgsm-gencert.sh:: Generate an X.509 certificate request. * gpgsm-gencert.sh:: Generate an X.509 certificate request.
* gpg-preset-passphrase:: Put a passphrase into the cache. * gpg-preset-passphrase:: Put a passphrase into the cache.
* gpg-connect-agent:: Communicate with a running agent. * gpg-connect-agent:: Communicate with a running agent.
@ifset gpgtwoone
* dirmngr-client:: How to use the Dirmngr client tool. * dirmngr-client:: How to use the Dirmngr client tool.
@end ifset
* gpgparsemail:: Parse a mail message into an annotated format * gpgparsemail:: Parse a mail message into an annotated format
* symcryptrun:: Call a simple symmetric encryption tool. * symcryptrun:: Call a simple symmetric encryption tool.
* gpg-zip:: Encrypt or sign files into an archive. * gpg-zip:: Encrypt or sign files into an archive.
@ -1434,6 +1436,7 @@ Print a list of available control commands.
@include see-also-note.texi @include see-also-note.texi
@end ifset @end ifset
@ifset gpgtwoone
@c @c
@c DIRMNGR-CLIENT @c DIRMNGR-CLIENT
@c @c
@ -1594,7 +1597,7 @@ Squid's @option{external_acl_type} option.
@command{gpgsm}(1) @command{gpgsm}(1)
@include see-also-note.texi @include see-also-note.texi
@end ifset @end ifset
@end ifset
@c @c
@c GPGPARSEMAIL @c GPGPARSEMAIL