diff options
| author | Werner Koch <wk@gnupg.org> | 2016-08-18 11:23:40 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2016-08-18 11:23:40 +0200 |
| commit | d83ba4897bf217d1045c58d1b99e52bd31c58812 (patch) | |
| tree | 1eaf4c2976175b8dcedd5d3c3a721c3015fbf68a /dirmngr/server.c | |
| parent | gpg: New option --sender (diff) | |
| download | gnupg2-d83ba4897bf217d1045c58d1b99e52bd31c58812.tar.xz gnupg2-d83ba4897bf217d1045c58d1b99e52bd31c58812.zip | |
dirmngr: Remove all system daemon features.
* dirmngr/dirmngr.h (opts): Remove fields 'system_service' and
'system_daemon'.
* common/homedir.c (dirmngr_sys_socket_name): Remove.
(dirmngr_user_socket_name): Rename to ...
(dirmngr_socket_name): this. Change call callers.
* common/asshelp.c (start_new_dirmngr): Remove the system socket
feature.
* tools/gpgconf.c (list_dirs): Do not print "dirmngr-sys-socket".
* sm/server.c (gpgsm_server): Adjust for removed system socket feature.
* dirmngr/server.c (cmd_getinfo): Ditto.
(cmd_killdirmngr): Remove check for system daemon.
(cmd_reloaddirmngr): Ditto.
* dirmngr/dirmngr.c (USE_W32_SERVICE): Remove macro.
(aService): Remove.
(opts): Remove --service.
(w32_service_control): Remove.
(real_main, call_real_main) [W32]: Remove wrapper.
(main): Remove Windows system service feature. Remove system dameon
feature. Use only the "~/.gnupg/dirmngr_ldapservers.conf" file.
* dirmngr/certcache.c (load_certs_from_dir): Remove warning in the
system dameon case.
* dirmngr/crlcache.c (DBDIR_D): Always use "~/.gnupg/crls.d".
* dirmngr/ocsp.c (validate_responder_cert): Do not call
validate_cert_chain which was used only in system daemon mode.
* dirmngr/validate.c (validate_cert_chain): Always use the code.
--
We are now starting dirmngr as needed as a user daemon. The
deprecated system daemon mode does not anymore make sense. In case a
system wide daemon is required, it is better to setup a dedicated
account to run dirmngr and tweak socket permissions accordingly.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'dirmngr/server.c')
| -rw-r--r-- | dirmngr/server.c | 48 |
1 files changed, 5 insertions, 43 deletions
diff --git a/dirmngr/server.c b/dirmngr/server.c index db6f5a8ff..3ac41604b 100644 --- a/dirmngr/server.c +++ b/dirmngr/server.c @@ -2217,15 +2217,8 @@ cmd_getinfo (assuan_context_t ctx, char *line) } else if (!strcmp (line, "socket_name")) { - const char *s = dirmngr_user_socket_name (); - - if (!s) - s = dirmngr_sys_socket_name (); - - if (s) - err = assuan_send_data (ctx, s, strlen (s)); - else - err = gpg_error (GPG_ERR_NO_DATA); + const char *s = dirmngr_socket_name (); + err = assuan_send_data (ctx, s, strlen (s)); } else if (!strcmp (line, "tor")) { @@ -2269,29 +2262,12 @@ static gpg_error_t cmd_killdirmngr (assuan_context_t ctx, char *line) { ctrl_t ctrl = assuan_get_pointer (ctx); - gpg_error_t err; (void)line; - if (opt.system_daemon) - { - if (opt.system_service) - err = set_error (GPG_ERR_NOT_SUPPORTED, - "can't do that whilst running as system service"); - else - err = check_owner_permission (ctx, - "no permission to kill this process"); - } - else - err = 0; - - if (!err) - { - ctrl->server_local->stopme = 1; - assuan_set_flag (ctx, ASSUAN_FORCE_CLOSE, 1); - err = gpg_error (GPG_ERR_EOF); - } - return err; + ctrl->server_local->stopme = 1; + assuan_set_flag (ctx, ASSUAN_FORCE_CLOSE, 1); + return gpg_error (GPG_ERR_EOF); } @@ -2306,20 +2282,6 @@ cmd_reloaddirmngr (assuan_context_t ctx, char *line) (void)ctx; (void)line; - if (opt.system_daemon) - { -#ifndef HAVE_W32_SYSTEM - { - gpg_error_t err; - - err = check_owner_permission (ctx, - "no permission to reload this process"); - if (err) - return err; - } -#endif - } - dirmngr_sighup_action (); return 0; } |