* dirmngr/http.c (read_server, write_server): Use assuan_fd_t.
(http_wait_response): Use FD2INT to get unsigned integer fd.
(read_server, write_server): Likewise.
(simple_cookie_read, simple_cookie_write): Use assuan_fd_t.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr/http.c (simple_cookie_read, simple_cookie_write): Only
valid with HTTP_USE_NTBTLS.
(_my_socket_new): Simply cast to int since it's for debug.
(_my_socket_ref, _my_socket_unref): Likewise.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr/dns-stuff.c (T_CERT): Define our own.
--
T_CERT may be defined by another enum type even if the value is same.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr/dns-stuff.c: Don't include arpa/nameser.h.
--
It is not needed at all. T_CERT may be defined by different type of
ns_type.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr/dns.c (plus1_ns): New.
(dns_p_push): Use it.
--
On OpenBSD, htons and ntohs are expanded to GCC's statement
expressions where local variable is allowed. Consecutive use
of htons and ntohs causes problem of variable name.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr/dirmngr.h (struct opt): Add field 'disable_ipv6'.
* dirmngr/dirmngr.c (oDisableIPv6): New const.
(opts): New option --disable-ipv6.
(parse_rereadable_options): Set that option.
* dirmngr/dns-stuff.c (opt_disable_ipv6): New var.
(set_dns_disable_ipv6): New.
(resolve_name_standard): Make use of it.
* dirmngr/ks-engine-finger.c (ks_finger_fetch): Take care of
OPT.DISABLE_IPV6.
* dirmngr/ks-engine-hkp.c (map_host): Ditto.
(send_request): Ditto.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/ocsp.c (do_ocsp_request): Ditto.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/dns-stuff.c (libdns_init): No Windows specific handling of a
missing /etc/hosts.
--
My last comment on this was flawed. Windows seems to always have its
version of /etc/hosts. Only the en passant fixed bad escaping led me
assume that this was the case. Thanks to Andre for complaining about
my comment remark.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/dns-stuff.c (libdns_init): Do not bail out.
--
A standard Windows installation does not have a hosts file and thus we
can't bail out here. We should also not bail out on a Unix system
because /etc/hosts is just one method in nsswitch.conf.
Fixes-commit: 88f1505f0613894d5544290a170119eb538921e5
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/dns-stuff.c (libdns_init): Actually load the hosts file into
libdns.
--
Previously, connecting to key servers specified in /etc/hosts was not
possible because libdns' hosts structure was initialized, but not
filled with the content of the hosts file.
GnuPG-bug-id: 2977
Signed-off-by: Justus Winter <justus@g10code.com>
* dirmngr/t-http.c (my_http_tls_verify_cb): Avoid warnings when not
using ntbtls.
--
Without this patch, when building without ntbtls, we see the following
warnings during "make check":
t-http.c: In function ‘my_http_tls_verify_cb’:
t-http.c:141:16: warning: implicit declaration of function
‘ntbtls_x509_get_peer_cert’ [-Wimplicit-function-declaration]
(cert = ntbtls_x509_get_peer_cert (tls_context, idx)); idx++)
^~~~~~~~~~~~~~~~~~~~~~~~~
t-http.c:141:14: warning: assignment makes pointer from integer
without a cast -Wint-conversion]
(cert = ntbtls_x509_get_peer_cert (tls_context, idx)); idx++)
^
At top level:
t-http.c:123:1: warning: ‘my_http_tls_verify_cb’ defined but not
used [-Wunused-function]
my_http_tls_verify_cb (void *opaque,
^~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* dirmngr/dirmngr.h (DBG_EXTPROG_VALUE, DBG_EXTPROG): New macros.
* dirmngr/dirmngr.c (debug_flags): Add flag "extprog".
(handle_connections): Use a macro instead of -1 for an invalid socket.
* dirmngr/loadswdb.c (verify_status_cb): Debug the gpgv call.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/validate.h (VALIDATE_FLAG_SYSTRUST): Remove
(VALIDATE_FLAG_EXTRATRUST): Remove
(VALIDATE_FLAG_TRUST_SYSTEM): New.
(VALIDATE_FLAG_TRUST_CONFIG): New.
(VALIDATE_FLAG_TRUST_HKP): New.
(VALIDATE_FLAG_TRUST_HKPSPOOL): New.
(VALIDATE_FLAG_MASK_TRUST): New.
* dirmngr/validate.c (check_header_constants): New.
(validate_cert_chain): Call new function. Simplify call to
is_trusted_cert.
* dirmngr/crlcache.c (crl_parse_insert): Pass
VALIDATE_FLAG_TRUST_CONFIG to validate_cert_chain
* dirmngr/server.c (cmd_validate): Use VALDIATE_FLAG_TRUST_SYSTEM and
VALIDATE_FLAG_TRUST_CONFIG.
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Check provided TLS
context. Set trustclass flags using the new VALIDATE_FLAG_TRUST
values.
* dirmngr/certcache.c (cert_cache_init): Load the standard pool
certificate prior to the --hkp-cacerts.
--
Note that this changes the way the standard cert is used: We require
that it is installed at /usr/share/gnupg and we do not allow to change
it. If this is not desired, the the standard cert can be removed or
replaced by a newer one.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/dirmngr.c (hkp_cacert_filenames): New var.
(parse_rereadable_options): Store filenames from --hkp-cacert in the
new var.
(main, dirmngr_sighup_action): Pass that var to cert_cache_init.
* dirmngr/certcache.c (cert_cache_init): Add arg 'hkp_cacert' and load
those certs.
(load_certs_from_file): Use autodetect so that PEM and DER encodings
are possible.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/certcache.c (load_certs_from_file): Always build this
function. Add args 'trustclasses' and 'no_error'. Pass TRUSTCLASSES
to put_cert.
(load_certs_from_system): Pass CERTTRUST_CLASS_SYSTEM to
load_certs_from_file.
(cert_cache_init): Try to load "sks-keyservers.netCA.pem". Don't make
function fail in an out-of-core condition.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/certcache.h (CERTTRUST_CLASS_SYSTEM): New.
(CERTTRUST_CLASS_CONFIG): New.
(CERTTRUST_CLASS_HKP): New.
(CERTTRUST_CLASS_HKPSPOOL): New.
* dirmngr/certcache.c (MAX_EXTRA_CACHED_CERTS): Rename to ...
(MAX_NONPERM_CACHED_CERTS): this.
(total_extra_certificates): Rename to ...
(total_nonperm_certificates): this.
(total_config_certificates): Remove.
(total_trusted_certificates): Remove.
(total_system_trusted_certificates): Remove.
(cert_item_s): Remove field 'flags'. Add fields 'permanent' and
'trustclasses'.
(clean_cache_slot): Clear new fields.
(put_cert): Change for new cert_item_t structure.
(load_certs_from_dir): Rename arg 'are_trusted' to 'trustclass'
(load_certs_from_file): Use CERTTRUST_CLASS_ value for put_cert.
(load_certs_from_w32_store): Ditto.
(cert_cache_init): Ditto.
(cert_cache_print_stats): Rewrite.
(is_trusted_cert): Replace arg 'with_systrust' by 'trustclasses'.
Chnage the test.
* dirmngr/validate.c (allowed_ca): Pass CERTTRUST_CLASS_CONFIG to
is_trusted_cert.
(validate_cert_chain): Pass CERTTRUST_CLASS_ values to
is_trusted_cert.
--
These trust classes make it easier to select certain sets of root
certificates.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/dirmngr.h (server_control_s): New flag 'http_no_crl'.
* dirmngr/dirmngr.c (dirmngr_init_default_ctrl): Set this flag.
* dirmngr/server.c (option_handler): New option "http-crl"
* dirmngr/http.h (HTTP_FLAG_NO_CRL): New flag.
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Consult this flag.
* dirmngr/ks-engine-hkp.c (send_request): Set flag depending on CTRL.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/t-http.c (main): New option --no-crl.
--
This new option can be used to enable CRL checks on a per session
base. The default is not to use CRLs for https connections.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/http.c (HTTP_SESSION_MAGIC): New.
(http_session_s): New field 'magic'.
(HTTP_CONTEXT_MAGIC): New.
(http_context_s): New field 'magic'.
(my_ntbtls_verify_cb): Assert MAGIC.
(fp_onclose_notification): Ditto.
(session_unref): Ditto. Reset MAGIC.
(http_session_new): Set MAGIC.
(http_open): Ditto.
(http_raw_connect): Ditto.
(http_close): Assert MAGIC. Reset MAGIC.
* dirmngr/t-http.c (my_http_tls_verify_cb): MArk HTTP_FLAGS unused.
--
We pass those handles through opaque pointers. The magic numbers will
help to detect wrong use.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/http-ntbtls.c: New.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add file.
* dirmngr/dirmngr.h (SERVER_CONTROL_MAGIC): New.
(server_conrol_s): Add field 'magic',
* dirmngr/dirmngr.c (dirmngr_init_default_ctrl): Set MAGIC.
(dirmngr_deinit_default_ctrl): Set MAGIC to deadbeef.
* dirmngr/http.c (my_ntbtls_verify_cb): New.
(http_session_new) [HTTP_USE_NTBTLS]: Remove all CA setting code.
(send_request) [HTTP_USE_NTBTLS]: Set the verify callback. Do not call
the verify callback after the handshake.
* dirmngr/ks-engine-hkp.c (send_request): Pass
gnupg_http_tls_verify_cb to http_session_new.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/t-http.c (my_http_tls_verify_cb): New.
(main): Rename option --gnutls-debug to --tls-debug.
(main) [HTTP_USE_NTBTLS]: Create a session.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/certcache.h (certlist_s, certlist_t): New.
* dirmngr/certcache.c (read_certlist_from_stream): New.
(release_certlist): New.
* dirmngr/server.c (MAX_CERTLIST_LENGTH): New.
(cmd_validate): Add options --tls and --systrust. Implement them
using a kludge for now.
* dirmngr/validate.c (validate_cert_chain): Support systrust
checking. Add kludge to disable the CRL checking for tls mode.
--
This can now be used to test a list of certificates as returned by
TLS. Put the certs PEM encoded into a a file certlist.pem with the
target certificate being the first. Then run
gpg-connect-agent --dirmngr \
'/definqfile CERTLIST wiki-gnupg-chain.pem' \
'validate --systrust --tls' /bye
CRLS check has been disabled becuase we can't yet pass the systrust
flag to the CRL checking code.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/validate.c (enum cert_usage_modes): New.
(cert_usage_p): Change type of arg MODE. Use enums instead of
hardwired values. Use a switch instead of tricky bit tests.
(cert_use_cert_p, cert_use_ocsp_p, cert_use_crl_p): Adjust.
* dirmngr/validate.c (cert_usage_p): Rename to check_cert_usage.
(cert_use_cert_p): Rename to check_cert_use_cert.
(cert_use_ocsp_p): Rename to check_cert_use_ocsp.
(cert_use_crl_p): Rename to check_cert_use_crl.
* dirmngr/validate.h (VALIDATE_MODE_CERT_SYSTRUST): New.
(VALIDATE_MODE_TLS, VALIDATE_MODE_TLS_SYSTRUST): New.
--
A function with a "_p" suffix return 0 for a True just looks weird.
We now use names which better indicate that an error code is returned.
Signed-off-by: Werner Koch <wk@gnupg.org>