summaryrefslogtreecommitdiffstats
path: root/dirmngr (follow)
Commit message (Collapse)AuthorAgeFilesLines
* dirmngr: Allow http URLs with "LOOKUP --url"Werner Koch2020-04-161-20/+103
| | | | | | | | * dirmngr/crlfetch.c (read_cert_via_http): New. (fetch_cert_by_url): Implement http scheme. -- Signed-off-by: Werner Koch <wk@gnupg.org>
* sm,dirmngr: Restrict allowed parameters used with rsaPSS.Werner Koch2020-04-152-1/+48
| | | | | | | | | | | | | | | * sm/certcheck.c (extract_pss_params): Check the used PSS params. * dirmngr/crlcache.c (finish_sig_check): Ditto. * dirmngr/validate.c (check_cert_sig): Ditto. -- GnuPG-bug-id: 4538 # ------------------------ >8 ------------------------ See https://www.metzdowd.com/pipermail/cryptography/2019-November/035449.html Signed-off-by: Werner Koch <wk@gnupg.org>
* sm: Support rsaPSS verification also for CMS signatures.Werner Koch2020-04-141-1/+1
| | | | | | | | | * sm/certcheck.c (gpgsm_check_cert_sig): Factor PSS parsing out to ... (extract_pss_params): new. (gpgsm_check_cms_signature): Implement PSS. -- GnuPG-bug-id: 4538
* dirmngr: Support rsaPSS also in the general validate module.Werner Koch2020-04-091-44/+127
| | | | | | | | | | | | | | | | | | * dirmngr/validate.c (hash_algo_from_buffer): New. (uint_from_buffer): New. (check_cert_sig): Support rsaPSS. * sm/certcheck.c (gpgsm_check_cert_sig): Fix small memory leak on error. -- Yes, I know that there is a lot of code duplication. In fact some of the code is ugly and it would be better if we enhance Libgcrypt to guarantee that returned memory buffers via gcry_sexp_extract_param are allways Nul terminated and we should also enhance that function to directly extract into an unsigned int or char *. GnuPG-bug-id: 4538 Signed-off-by: Werner Koch <wk@gnupg.org>
* sm,dirmngr: Support rsaPSS signature verification.Werner Koch2020-04-091-15/+162
| | | | | | | | | | | | | | | | * sm/certcheck.c (hash_algo_from_buffer): New. (uint_from_buffer): New. (gpgsm_check_cert_sig): Handle PSS. * dirmngr/crlcache.c (hash_algo_from_buffer): New. (uint_from_buffer): New. (start_sig_check): Detect PSS and extract hash algo. New arg to return a PSS flag. (finish_sig_check): New arg use_pss. Extract PSS args and use them. (crl_parse_insert): Pass use_pss flag along. -- GnuPG-bug-id: 4538 Signed-off-by: Werner Koch <wk@gnupg.org>
* gpgconf: Further simplify the gpgconf option processing.Werner Koch2020-03-141-54/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/gc-opt-flags.h (GC_OPT_FLAG_RUNTIME): Move to ... * tools/gpgconf-comp.c: here. (known_options_scdaemon): Remove "options". (known_options_dirmngr): Remove "options". (known_options_gpgsm): Remove "options". (known_options_gpg): Remove "options" and "keyserver". (struct gc_option_s): Rename active t gpgconf_list. (gc_component_list_options): Do not act upon active. (option_check_validity): Ditto. (is_known_option): Make it work correctly for unknown options. (retrieve_options_from_program): Use renamed flag gpgconf_list only to detect duplicated items from --gpgconf-list. Do not set runtime. Only e set the options if set by --gpgconf-list; never clear them. * agent/gpg-agent.c: Simplify the --gpgconf-list output. * dirmngr/dirmngr.c: Ditto. * g10/gpg.c: Ditto. * kbx/keyboxd.c: Ditto. * scd/scdaemon.c: Ditto. * sm/gpgsm.c: Ditto. * tests/openpgp/gpgconf.scm: Use "compliance" instead of "keyserver" for the string arg test. -- There is no need to read the list of options from the components unless they convey a default value. It is better to consult only the list we have in gpgconf-comp.c to decide on whether an option should be displayed. Right, this might mess up thing if a newer gpgconf version is used with an older component, but we already print warnings in this case and in general we do not want to support this anymore - the times of gpg 1.4. and 2.0 are long over now. GnuPG-bug-id: 4788 Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Re-group the options in the --help output.Werner Koch2020-03-061-50/+81
| | | | | | | | | -- This looks better and is also required for further simplifications of gpgconf. Signed-off-by: Werner Koch <wk@gnupg.org>
* gpgconf: Support reading global options (part 2).Werner Koch2020-03-061-2/+4
| | | | | | | | | | | | | | | | | | | * tools/gpgconf-comp.c: Remove all regular option descriptions. They are now read in from the component. Also remove a few meanwhile obsolete options. * agent/gpg-agent.c: Add option description which were only set in gpgconf-comp.c. * dirmngr/dirmngr.c: Ditto. * scd/scdaemon.c: Ditto. * sm/gpgsm.c: Ditto. * g10/gpg.c: Ditto. -- This second part removes all regular option descriptions because they can be read from the components. A few were missing in the components and thus moved to there. Signed-off-by: Werner Koch <wk@gnupg.org>
* agent,dirmngr: Re-read the user specified config file.Werner Koch2020-02-221-2/+8
| | | | | | | | | | | | * agent/gpg-agent.c (reread_configuration): Use a two-part config file. * dirmngr/dirmngr.c (reread_configuration): Ditto. -- If --options is used to to set a specific options file, this file and not the default file needs to be re-read on SIGHUP. GnuPG-bug-id: 4788
* Use gpgrt's new option parser for the remaining daemons.Werner Koch2020-02-213-128/+109
| | | | | | | | | | | | | | | | | | | | * scd/scdaemon.c: Switch to the new option parser and enable a global conf file. * dirmngr/dirmngr.c: Ditto. * g13/g13.c: Ditto. * g13/g13-syshelp.c: Ditto. Do not force verbose mode. * dirmngr/dirmngr_ldap.c: Switch to the new option parser. * dirmngr/dirmngr-client.c: Switch to the new option parser. -- This finalizes the switch to the new option parser. What's left is to remove the old argparser code from common. g13-syshelp does not anymore default to --verbose because that can now be enabled in /etc/gnupg/g13-syshelp.conf. GnuPG-bug-id: 4788 Signed-off-by: Werner Koch <wk@gnupg.org>
* gpg: Use gpgrt's new option parser to provide a global conf file.Werner Koch2020-02-203-0/+12
| | | | | | | | | | | | | | | | | | | | | | | | * common/util.h: Remove argparse.h. * common/argparse.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS. * configure.ac (GPGRT_ENABLE_ARGPARSE_MACROS): Define. * agent/gpg-agent.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS and include argparse.h. Do this also for all main modules which use our option parser except for gpg. Replace calls to strusage by calls to gpgrt_strusage everywhere. * g10/gpg.c (opts): Change type to gpgrt_opt_t. Flag oOptions and oNoOptions with ARGPARSE_conffile and ARGPARSE_no_conffile. (main): Change type of pargs to gpgrt_argparse_t. Rework the option parser to make use of the new gpgrt_argparser. -- This is not yet finished but a make check works. gpg has the most complex and oldest option handling and thus this is the first migration target. SE-Linux checks and version-ed config files are missing and will be added later. GnuPG-bug-id: 4788 Signed-off-by: Werner Koch <wk@gnupg.org>
* Spelling cleanup.Daniel Kahn Gillmor2020-02-196-10/+10
| | | | | | | | | | | | | | | | No functional changes, just fixing minor spelling issues. --- Most of these were identified from the command line by running: codespell \ --ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \ --skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \ doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \ NEWS README README.maint TODO Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* build: Always use EXTERN_UNLESS_MAIN_MODULE pattern.Werner Koch2020-02-102-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | * common/util.h (EXTERN_UNLESS_MAIN_MODULE): Add the definion only here but now without the Norcroft-C. Change all other places where it gets defined. * common/iobuf.h (iobuf_debug_mode): Declare unconditionally as extern. * common/iobuf.c (iobuf_debug_mode): Define it here. * agent/gpg-agent.c (INCLUDED_BY_MAIN_MODULE): Define here and also in all main modules of all other programs. * g10/main.h: Put util.h before the local header files. -- This change is required for use with gcc/ld's LTO feature which does not allow common blocks. Further gcc 10 will make -fno-common the default and thus this chnage is always needed. What a pitty. Co-authored-by: Tomáš Mráz GnuPG-bug-id: 4831 Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit 21d9bd8b87a9f793a106095e3838eb71825189d7) - Applied respective chnages also to gpg-card and keyboxd. Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Fix building w/o LDAP supportWerner Koch2020-01-211-0/+6
| | | | | | * dirmngr/Makefile.am: Conditionally build dirmngr_ldap. Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Tell gpg about WKD looks resulting from a cache.Werner Koch2019-12-061-0/+1
| | | | | | | | | | | | | * dirmngr/server.c (proc_wkd_get): Print new NOTE status "wkd_cached_result". * g10/call-dirmngr.c (ks_status_cb): Detect this and print a not ein verbose mode. -- This little patch is helpful to see why a WKD change still does not work after it has been updated on the server. Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Replace no-strict-overflow pragma by wrapv pragma.Werner Koch2019-11-271-3/+8
| | | | | | | | | | | | | | | | | | | * dirmngr/dirmngr.c (time_for_housekeeping_p): Build with --fwrapv. Replace protecting macro. -- I once replaced all JNLIB macros by GPGRT macros. However, I missed to get this right for the push pragma test and used GPGRT_GCC_HAVE_PUSH_PRAGMA instead of the correct GPGRT_HAVE_PRAGMA_GCC_PUSH Now after fixing this it turned out that no-strict-overflow is not anymore supported as oprimize pragma and thus I replaced that too according to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58454 . Tested with 32 bit Windows but the real test will be in 2038. Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Rework of the LDAP code, part 1.Werner Koch2019-11-266-40/+93
| | | | | | | | | | | | | | | | | | | | | | | * dirmngr/http.h (struct parsed_uri_s): Add flag is_ldap. * dirmngr/http.c (do_parse_uri): Set flag. Do not error out for a missing slashes in an http scheme if NO_SCHEME_CHECK is active. * dirmngr/t-http.c (main): Print new flag. * dirmngr/ks-engine-ldap.c (ks_ldap_help): Use flag instead of checking the scheme. * dirmngr/ldap-parse-uri.c (ldap_uri_p): Re-implement using http_parse_uri. * dirmngr/t-ldap-parse-uri.c (main): Add option --verbose. -- This patch merely remove the separate parser for checking for an LDAP scheme. It is better to let our generic URI parser handle this. Also fixes this bug || url[4] == 'i' || url[4] == 'i') to make the rarely used ldapi scheme case-insensitive. More changes to the LDAP code are planned. Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Make building with a TLS library mandatoryWerner Koch2019-11-261-57/+34
| | | | | | | * configure.ac: Do not build dirmngr if no TLS is available. * dirmngr/http.c: Remove all uses of the USE_TLS macro. Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr,gpg: Better diagnostic in case of bad TLS certificates.Werner Koch2019-11-181-1/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | * doc/DETAILS: Specify new status code "NOTE". * dirmngr/ks-engine-http.c (ks_http_fetch): Print a NOTE status for a bad TLS certificate. * g10/call-dirmngr.c (ks_status_cb): Detect this status. -- For example a gpg -v --locate-external-keys dd9jn@posteo.net now yields gpg: Note: server uses an invalid certificate gpg: (further info: bad cert for 'posteo.net': \ Hostname does not match the certificate) gpg: error retrieving 'dd9jn@posteo.net' via WKD: Wrong name gpg: error reading key: Wrong name (without -v the "further info" line is not shown). Note that even after years Posteo is not able to provide a valid certificate for their .net addresses. Anyway, this help to show the feature. Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Forward http redirect warnings to gpg.Werner Koch2019-11-184-1/+20
| | | | | | | | | | | | | | | | * dirmngr/http.c: Include dirmngr-status.h (http_prepare_redirect): Emit WARNING status lines for redirection problems. * dirmngr/http.h: Include fwddecl.h. (struct http_redir_info_s): Add field ctrl. * dirmngr/ks-engine-hkp.c (send_request): Set it. * dirmngr/ks-engine-http.c (ks_http_fetch): Set it. * g10/call-dirmngr.c (ks_status_cb): Detect the two new warnings. -- This should make it easier to diagnose problems with bad WKD servers. Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Fixed typo in recently added diagnostic.Werner Koch2019-11-181-1/+1
| | | | --
* dirmngr: Use IPv4 or IPv6 interface only if available.Werner Koch2019-11-124-3/+119
| | | | | | | | | | | | | | | * dirmngr/dns-stuff.c (cached_inet_support): New variable. (dns_stuff_housekeeping): New. (check_inet_support): New. * dirmngr/http.c (connect_server): Use only detected interfaces. * dirmngr/dirmngr.c (housekeeping_thread): Flush the new cache. -- This currently works only for Windows but that is where users really ran into problems. The old workaround was to configure disable-ipv4 or disable-ipv6. Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Tune down err on missing ldapservers fileAndre Heinecke2019-11-121-1/+1
| | | | | | | | | | | | * dirmngr/dirmngr.c (parse_ldapservers_file): Tune down error in case no such file exists. -- This is hardly an error because by default such a file does not exist. This caused trouble in support because people think "Oh the system prints an error". GnuPG-Bug-Id: T3539
* dirmngr: Remove cruft from dirmngr_ldapWerner Koch2019-11-115-699/+58
| | | | | | | | | | | | | | | | | | | * configure.ac (USE_LDAPWRAPPER): Remove ac_define and conditional. * dirmngr/Makefile.am: Remove USE_LDAPWRAPPER and considere true. * dirmngr/ldap-wrapper-ce.c: Remove. * dirmngr/ldap-wrapper.c: Remove USE_LDAPWRAPPER stuff. Minor chnages to debug output. * dirmngr/dirmngr_ldap.c: Remove USE_LDAPWRAPPER stuff. Remove my_ldap macros. (fetch_ldap) [W32]: Use ldap_sslinit. -- Note that the ldap_sslinit stuff for Windows has not been tested. This patch removes the whole wrapper-but-linked business because we do not need it anymore. WindowsCE for which we used it is pretty dead. Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Rename an enum value for clarity.Werner Koch2019-11-111-3/+3
| | | | | | | | | | * dirmngr/ldapserver.h: Rename LDAPSERVER_OPT. -- Using _OPT is not good because it does not describe for what this configuration group is used. _SESSION immediately shows the purpose. Signed-off-by: Werner Koch <wk@gnupg.org>
* gpgsm: Allow sepcification of ldaps servers.Werner Koch2019-11-094-11/+85
| | | | | | | | | | | | | | | | | | | | | | | | | | | * sm/gpgsm.h (struct keyserver_spec): Add field use_ldaps. * sm/gpgsm.c (parse_keyserver_line): Parse flags. * sm/call-dirmngr.c (prepare_dirmngr): Send ldaps flag to the dirmngr. * dirmngr/dirmngr.h (struct ldap_server_s): Add field use_ldaps. * dirmngr/ldapserver.c (ldapserver_parse_one): Parse flags. * dirmngr/ldap.c (start_cert_fetch_ldap): Call wrapper with --tls. * dirmngr/dirmngr_ldap.c: New option --tls. (fetch_ldap): Make use of that option. -- There was no way to specify an LDAPS server in dirmngr_ldapserver.socnf or with gpgsm's --keyserver option. This patch fixes this. Eventually we should allow to replace host and port by a partial URI in the same way ldap_initialize does it. For backward compatibility we do not yet do that. Although the dirmngr code accepts an URL (eg. taken from a certificate), I can't see how the scheme was ever used. Thus the patch also detects an ldaps scheme and uses this. That part has not been tested, though. Signed-off-by: Werner Koch <wk@gnupg.org>
* doc: Document gpgsm's --keyserver option.Werner Koch2019-11-071-1/+1
| | | | | | | | -- Also fix a few related entries. Signed-off-by: Werner Koch <wk@gnupg.org>
* dns: Fix irrelevant use of tmpfile.NIIBE Yutaka2019-08-221-2/+0
| | | | | | | * dirmngr/dns.c (dns_trace_open): Don't use tmpfile. GnuPG-bug-id: 4228 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr: Don't add system CAs for SKS HKPS pool.NIIBE Yutaka2019-07-161-0/+2
| | | | | | | | * dirmngr/http.c [HTTP_USE_GNUTLS] (http_session_new): Clear add_system_cas. GnuPG-bug-id: 4594 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr: fix handling of HTTPS redirections during HKPDaniel Kahn Gillmor2019-07-041-1/+3
| | | | | | | | | | | | | * dirmngr/ks-engine-hkp.c (send_request): Reinitialize HTTP session when following a HTTP redirection. -- inspired by patch from Damien Goutte-Gattat <dgouttegattat@incenp.org> GnuPG-Bug_id: 4566 Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> Originally applied to 2.2. Here a minor conflict fix was needed.
* dirmngr: Avoid endless loop in case of HTTP error 503.Werner Koch2019-07-031-10/+33
| | | | | | | | | | | | | | | | | * dirmngr/ks-engine-hkp.c (SEND_REQUEST_EXTRA_RETRIES): New. (handle_send_request_error): Use it for 503 and 504. (ks_hkp_search, ks_hkp_get, ks_hkp_put): Pass a new var for extra_tries. -- This is a pretty stupid fix but one which works without much risk of regressions. We could have used the existing TRIES but in that case the fallback to other host would have been too limited. With the used value we can have several fallbacks to other hosts. Note that the TRIES is still cumulative and not per host. GnuPG-bug-id: 4600 Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Do not rewrite the redirection for the "openpgpkey" subdomain.Werner Koch2019-07-031-0/+20
| | | | | | | | | * dirmngr/http.c (same_host_p): Consider certain subdomains to be the same. -- GnuPG-bug-id: 4603 Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Allow for other hash algorithms than SHA-1 in OCSP.Werner Koch2019-05-281-25/+80
| | | | | | | | | | | | * dirmngr/ocsp.c (do_ocsp_request): Remove arg md. Add args r_sigval, r_produced_at, and r_md. Get the hash algo from the signature and create the context here. (check_signature): Allow any hash algo. Print a diagnostic if the signature does not verify. -- GnuPG-bug-id: 3966 Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Improve finding OCSP cert.Werner Koch2019-05-281-1/+35
| | | | | | | | | | | | * dirmngr/certcache.c (find_cert_bysubject): Add better debug output and try to locate by keyid. -- This chnages was suggested in GnuPG-bug-id: 4536 but we do not have any test cases for this. Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Add a CSRF expection for pm.meWerner Koch2019-05-091-1/+2
| | | | | | -- Also comment typo fix.
* dirmngr: Improve domaininfo cache update algorithm.Werner Koch2019-04-021-19/+106
| | | | | | | | | | | | | | | | | * dirmngr/domaininfo.c (struct domaininfo_s): Add field keepmark. (insert_or_update): Implement new update algorithm. -- The old algorithm limited the length of a bucket chain by purging the last 50% or the entries. Thus the first domains entered into the cache were never purged. The new algorithm is a bit better: It also limits the chain length on overflow to 50% but tries to keep the entries indicating that a WKD is available in the cache. If there is still space to keep more, those which clearly do not support WKD are also kept. Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Better for error code for http status 413.Werner Koch2019-03-293-0/+12
| | | | | | | | | * dirmngr/ks-engine-hkp.c (send_request): New case for 413. * dirmngr/ks-engine-http.c (ks_http_fetch): Ditto. * dirmngr/ocsp.c (do_ocsp_request): Ditto. -- Signed-off-by: Werner Koch <wk@gnupg.org>
* libdns: Don't use _[A-Z] which are reserved names.NIIBE Yutaka2019-03-251-40/+40
| | | | | | | | | | * dirmngr/dns.c: Use the identifiers of "*_instance" instead of reserved "_[A-Z]". -- GnuPG-bug-id: 4420 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* kbx: Unify the fingerprint search modes.Werner Koch2019-03-142-18/+11
| | | | | | | | | | | | | | | * kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_FPR16) (KEYDB_SEARCH_MODE_FPR20, KEYDB_SEARCH_MODE_FPR32): Remove. Switch all users to KEYDB_SEARCH_MODE_FPR along with the fprlen value. -- These search modes were added over time and there has until recently be no incentive to remove the cruft. With the change for v5 keys I finally went over all places and allowed the generic fingerprint mode along with a given length of the fingerprint at all places. Consequently the other modes can now be removed. Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Avoid testing for Tor with --gpgconf-list.Werner Koch2019-03-111-1/+6
| | | | | | | | * dirmngr/dirmngr.c (post_option_parsing): Do not call set_tor_mode. (dirmngr_sighup_action): Call it here. (main): Call it here unless in --gpgconf-list mode. Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr: Add CSRF protection exception for protonmail.Werner Koch2019-03-071-5/+40
| | | | | | | | | | * dirmngr/http.c (same_host_p): Add exception table. -- Please: Adding entries to this table shall be an exception and not the rule. Signed-off-by: Werner Koch <wk@gnupg.org>
* libdns: Avoid using compound literals (8).NIIBE Yutaka2019-02-261-20/+0
| | | | | | | | | | | | | * dirmngr/dns.h (dns_quietinit): Remove. (dns_hints_i_new): Remove. -- Even before our change, dns_quietinit was questionable macro; There was no place in dns.c which requires overrides in initializer list. Only redundant zero were. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* libdns: Avoid using compound literals (7).NIIBE Yutaka2019-02-263-12/+16
| | | | | | | | | | | | | | | | * dirmngr/dns.h (DNS_OPTS_INIT, dns_opts): Remove. * dirmngr/dns-stuff.c (libdns_res_open): Use zero-ed, and initialized automatic variable for opts. * dirmngr/dns.c (send_query, resolve_query, resolve_addrinfo): Likewise. -- In fact, DNS_OPTS_INIT was only needed when args are none. With partially specified initialization, C99 guarantees zero-ed other members just like static object. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* libdns: Avoid using compound literals (6).NIIBE Yutaka2019-02-263-33/+51
| | | | | | | | | | | | | * dirmngr/dns.h (dns_rr_i_new): Remove. (dns_rr_i_init): Remove unused second argument. * dirmngr/dns.c (dns_p_dump, dns_hints_query, print_packet) (parse_packet): Use automatic variable for struct dns_rr_i. (dns_d_cname): No need to call dns_rr_i_init after memset 0. (dns_rr_i_init): Remove unused second argument. Return nothing. * dirmngr/dns-stuff.c (resolve_addr_libdns, get_dns_cert_libdns) (getsrv_libdns): Follow the change of dns_rr_i_init. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* libdns: Avoid using compound literals (5).NIIBE Yutaka2019-02-262-2/+3
| | | | | | | | | | | | | | | * dirmngr/dns.h (dns_rr_foreach): Don't use dns_rr_i_new. Call dns_rr_grep with NULL. * dirmngr/dns.c (dns_rr_grep): Support NULL for error_. -- Here we still use C99 feature of struct member initialization in dns_rr_foreach, for struct dns_rr_i. Note that in C99, it guarantees non-specified member fields are initialized by zero. So, there's no need to use dns_rr_i_new at all. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* libdns: Avoid using compound literals (4).NIIBE Yutaka2019-02-262-7/+6
| | | | | | | | | * dirmngr/dns.h (dns_d_new*): Remove. * dirmngr/dns.c (parse_packet): Use dns_d_init with automatic variable. (parse_domain): Likewise. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* libdns: Avoid using compound literals (3).NIIBE Yutaka2019-02-262-12/+18
| | | | | | | | | | | | | | | * dirmngr/dns.h (dns_p_new): Remove. * dirmngr/dns.c (dns_hosts_query): Use dns_p_init with automatic variable. (dns_hints_query, dns_res_glue, parse_packet, query_hosts) (send_query, show_hints, echo_port): Likewise. -- Implicit automatic allocation by compound literals is confusing for C90 code. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* libdns: Avoid using compound literals (2).NIIBE Yutaka2019-02-262-19/+12
| | | | | | | | | | | | * dirmngr/dns.h (dns_strsection1, dns_strsection3): Remove. (dns_strclass1, dns_strclass3): Remove. (dns_strtype1, dns_strtype3): Remove. (dns_strsection, dns_strclass, dns_strtype): Directly use the function. * dirmngr/dns.c (dns_strsection): Use automatic variable. (dns_strclass, dns_strtype): Likewise. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* libdns: Avoid using compound literals.NIIBE Yutaka2019-02-261-5/+10
| | | | | | | | | | | | | | | * dirmngr/dns.c (dns_inet_pton, dns_so_tcp_keep): Use automatic variables. (dns_poll, dns_send_nopipe): Likewise, adding const qualifier. -- Compound literals is a feature of C99. Because we only use C90 plus some limited features, in the project, it's better to avoid it. Besides, we make sure when it's read-only. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr: Fix initialization of assuan's nPth hook.NIIBE Yutaka2019-01-251-1/+1
| | | | | | | * dirmngr/dirmngr.c (main): Move assuan_set_system_hooks to... (thread_init): ... here. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>