dirmngr: Remove all system daemon features.

* dirmngr/dirmngr.h (opts): Remove fields 'system_service' and
'system_daemon'.
* common/homedir.c (dirmngr_sys_socket_name): Remove.
(dirmngr_user_socket_name): Rename to ...
(dirmngr_socket_name): this.  Change call callers.
* common/asshelp.c (start_new_dirmngr): Remove the system socket
feature.
* tools/gpgconf.c (list_dirs): Do not print "dirmngr-sys-socket".
* sm/server.c (gpgsm_server): Adjust for removed system socket feature.
* dirmngr/server.c (cmd_getinfo): Ditto.
(cmd_killdirmngr): Remove check for system daemon.
(cmd_reloaddirmngr): Ditto.
* dirmngr/dirmngr.c (USE_W32_SERVICE): Remove macro.
(aService): Remove.
(opts): Remove --service.
(w32_service_control): Remove.
(real_main, call_real_main) [W32]: Remove wrapper.
(main): Remove Windows system service feature.  Remove system dameon
feature.  Use only the "~/.gnupg/dirmngr_ldapservers.conf" file.
* dirmngr/certcache.c (load_certs_from_dir): Remove warning in the
system dameon case.
* dirmngr/crlcache.c (DBDIR_D): Always use "~/.gnupg/crls.d".
* dirmngr/ocsp.c (validate_responder_cert): Do not call
validate_cert_chain which was used only in system daemon mode.
* dirmngr/validate.c (validate_cert_chain): Always use the code.
--

We are now starting dirmngr as needed as a user daemon.  The
deprecated system daemon mode does not anymore make sense.  In case a
system wide daemon is required, it is better to setup a dedicated
account to run dirmngr and tweak socket permissions accordingly.

Signed-off-by: Werner Koch <wk@gnupg.org>

common/asshelp.c

@@ -564,18 +564,7 @@ start_new_dirmngr (assuan_context_t *r_ctx,
       return err;
     }
 
-  sockname = dirmngr_user_socket_name ();
-  if (sockname)
-    {
-      /* First try the local socket name and only if that fails try
-         the system socket.  */
-      err = assuan_socket_connect (ctx, sockname, 0, 0);
-      if (err)
-        sockname = dirmngr_sys_socket_name ();
-    }
-  else
-    sockname = dirmngr_sys_socket_name ();
-
+  sockname = dirmngr_socket_name ();
   err = assuan_socket_connect (ctx, sockname, 0, 0);
 
 #ifdef USE_DIRMNGR_AUTO_START
@@ -583,22 +572,9 @@ start_new_dirmngr (assuan_context_t *r_ctx,
     {
       lock_spawn_t lock;
       const char *argv[4];
-      int try_system_daemon = 0;
       char *abs_homedir;
 
-      /* No connection: Try start a new Dirmngr.  On Windows this will
-         fail because the Dirmngr is expected to be a system service.
-         However on WinCE we don't distinguish users and thus we can
-         start it.  */
-
-      /* We prefer to start it as a user daemon.  */
-      sockname = dirmngr_user_socket_name ();
-      if (!sockname)
-        {
-          sockname = dirmngr_sys_socket_name ();
-          try_system_daemon = 1;
-        }
-
+      /* No connection: Try start a new Dirmngr.  */
       if (!dirmngr_program || !*dirmngr_program)
         dirmngr_program = gnupg_module_name (GNUPG_MODULE_NAME_DIRMNGR);
 
@@ -631,20 +607,11 @@ start_new_dirmngr (assuan_context_t *r_ctx,
         }
 
       argv[0] = "--daemon";
-      if (try_system_daemon)
-        argv[1] = NULL;
-      else
-        { /* Try starting as user daemon - dirmngr does this if the
-             home directory is given on the command line.  */
-          argv[1] = "--homedir";
-          argv[2] = abs_homedir;
-          argv[3] = NULL;
-        }
-
-      /* On the use of HOMEDIR for locking: Under Windows HOMEDIR is
-         not used thus it does not matter.  Under Unix we should
-         TRY_SYSTEM_DAEMON should never be true because
-         dirmngr_user_socket_name() won't return NULL.  */
+      /* Try starting the daemon.  Versions of dirmngr < 2.1.15 do
+       * this only if the home directory is given on the command line.  */
+      argv[1] = "--homedir";
+      argv[2] = abs_homedir;
+      argv[3] = NULL;
 
       if (!(err = lock_spawning (&lock, gnupg_homedir (), "dirmngr", verbose))
           && assuan_socket_connect (ctx, sockname, 0, 0))

common/homedir.c

@@ -812,55 +812,9 @@ gnupg_cachedir (void)
 }
 
 
-/* Return the system socket name used by DirMngr.  */
+/* Return the user socket name used by DirMngr.  */
 const char *
-dirmngr_sys_socket_name (void)
-{
-#ifdef HAVE_W32_SYSTEM
-  static char *name;
-
-  if (!name)
-    {
-      char *p;
-# ifdef HAVE_W32CE_SYSTEM
-      const char *s1, *s2;
-
-      s1 = default_homedir ();
-# else
-      char s1buf[MAX_PATH];
-      const char *s1, *s2;
-
-      s1 = default_homedir ();
-      if (!w32_portable_app)
-        {
-          /* We need something akin CSIDL_COMMON_PROGRAMS, but local
-             (non-roaming).  This is because the file needs to be on
-             the local machine and makes only sense on that machine.
-             CSIDL_WINDOWS seems to be the only location which
-             guarantees that. */
-          if (w32_shgetfolderpath (NULL, CSIDL_WINDOWS, NULL, 0, s1buf) < 0)
-            strcpy (s1buf, "C:\\WINDOWS");
-          s1 = s1buf;
-        }
-# endif
-      s2 = DIRSEP_S DIRMNGR_SOCK_NAME;
-      name = xmalloc (strlen (s1) + strlen (s2) + 1);
-      strcpy (stpcpy (name, s1), s2);
-      for (p=name; *p; p++)
-        if (*p == '/')
-          *p = '\\';
-    }
-  return name;
-#else /*!HAVE_W32_SYSTEM*/
-  return GNUPG_LOCALSTATEDIR "/run/" PACKAGE_NAME "/"DIRMNGR_SOCK_NAME;
-#endif /*!HAVE_W32_SYSTEM*/
-}
-
-
-/* Return the user socket name used by DirMngr.  If a user specific
-   dirmngr installation is not supported, NULL is returned.  */
-const char *
-dirmngr_user_socket_name (void)
+dirmngr_socket_name (void)
 {
   static char *name;
 

common/util.h

@@ -227,8 +227,7 @@ const char *gnupg_libdir (void);
 const char *gnupg_datadir (void);
 const char *gnupg_localedir (void);
 const char *gnupg_cachedir (void);
-const char *dirmngr_sys_socket_name (void);
-const char *dirmngr_user_socket_name (void);
+const char *dirmngr_socket_name (void);
 
 char *_gnupg_socketdir_internal (int skip_checks, unsigned *r_info);