debian/0000755000000000000000000000000012200131140007146 5ustar debian/dirs0000644000000000000000000000015311734772051010060 0ustar etc/dirmngr etc/dirmngr/trusted-certs var/lib/dirmngr/extra-certs var/cache/dirmngr/crls.d var/log/dirmngr debian/postinst0000644000000000000000000000060011737123110010764 0ustar #! /bin/sh set -e addgroup --system --quiet dirmngr adduser --system --quiet --ingroup dirmngr --no-create-home --home /var/cache/dirmngr --shell /bin/sh dirmngr if dpkg --compare-versions "$2" lt-nl 1.1.0-3; then if [ -e /var/log/dirmngr.log ]; then mv /var/log/dirmngr.log* /var/log/dirmngr/ fi fi chown -R dirmngr:dirmngr /var/cache/dirmngr/ /var/log/dirmngr/ #DEBHELPER# debian/info0000644000000000000000000000002211531777173010052 0ustar #doc/dirmngr.info debian/init.d0000644000000000000000000000324712200130503010266 0ustar #! /bin/sh ### BEGIN INIT INFO # Provides: dirmngr # Required-Start: $local_fs $network $remote_fs # Required-Stop: $local_fs $network $remote_fs # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: start DirMngr daemon # Description: DirMngr is a server for managing and downloading certificate # revocation lists. ### END INIT INFO PATH=/sbin:/bin:/usr/sbin:/usr/bin NAME=dirmngr DAEMON=/usr/bin/$NAME PIDFILE=/var/run/$NAME.pid test -x $DAEMON || exit 5 if [ -r /etc/default/$NAME ]; then . /etc/default/$NAME fi . /lib/lsb/init-functions d_start() { if pidofproc $DAEMON >/dev/null; then : else mkdir -p /var/run/dirmngr || return 1 chown dirmngr:dirmngr /var/run/dirmngr || return 1 output=$(su -c ". /lib/lsb/init-functions && umask 027 && start_daemon -p $PIDFILE $DAEMON --daemon --sh" dirmngr) || return 1 eval "$output" || return 1 pid=$(echo "$DIRMNGR_INFO" | cut -d : -f 2) || return 1 echo "$pid" >$PIDFILE || return 1 chmod ${DIRMNGR_SOCKET_MODE:-0777} /var/run/dirmngr/socket || return 1 fi return 0 } case "$1" in start) log_daemon_msg "Starting DirMngr" $NAME d_start log_end_msg $? ;; stop) log_daemon_msg "Stopping DirMngr" $NAME killproc $DAEMON log_end_msg $? ;; status) status_of_proc $DAEMON DirMngr ;; restart) $0 stop && sleep 1 && $0 start ;; try-restart) if $0 status >/dev/null; then $0 restart else exit 0 fi ;; reload|force-reload) log_daemon_msg "Reloading DirMngr configuration" $NAME killproc $DAEMON HUP log_end_msg $? ;; *) log_failure_msg "Usage: $0 {start|stop|status|restart|try-restart|reload|force-reload}" exit 2 ;; esac debian/install0000644000000000000000000000011611531777173010571 0ustar debian/etc/dirmngr.conf etc/dirmngr/ debian/etc/ldapservers.conf etc/dirmngr/ debian/postrm0000644000000000000000000000044111734773031010442 0ustar #! /bin/sh set -e if [ "$1" = purge ]; then rm -rf /var/cache/dirmngr/ /var/lib/dirmngr/ /var/log/dirmngr/ /var/run/dirmngr/ if [ -x /usr/sbin/deluser ]; then deluser --system dirmngr || : fi if [ -x /usr/sbin/delgroup ]; then delgroup --system dirmngr || : fi fi #DEBHELPER# debian/logrotate0000644000000000000000000000020411734605777011126 0ustar /var/log/dirmngr/dirmngr.log { missingok notifempty postrotate invoke-rc.d --quiet dirmngr try-restart >/dev/null endscript } debian/watch0000644000000000000000000000014611531777173010234 0ustar version=3 opts=pasv \ ftp://ftp.gnupg.org/gcrypt/dirmngr/dirmngr-(.+).tar.(?:bz2|gz) debian uupdate debian/rules0000755000000000000000000000050311707320621010243 0ustar #!/usr/bin/make -f DPKG_EXPORT_BUILDFLAGS = 1 -include /usr/share/dpkg/buildflags.mk export DH_ALWAYS_EXCLUDE = dir.gz export LDFLAGS += -Wl,--as-needed %: dh $@ --with autotools_dev override_dh_auto_build: dh_auto_build -- LDAPLIBS='-lldap -llber' override_dh_installchangelogs: dh_installchangelogs -X ChangeLog debian/changelog0000644000000000000000000001574612200130604011041 0ustar dirmngr (1.1.1-1.1) unstable; urgency=low * Non-maintainer upload. * Do not read /etc/profile and /etc/profile.d/* for the daemon, it’s fundamentally wrong (can start gpg-agent, ssh-agent, or other background or interactive programs, and insert unwanted output, depending on local configuration). Closes: #668890 -- Thorsten Glaser Tue, 06 Aug 2013 10:18:18 +0200 dirmngr (1.1.1-1) unstable; urgency=low * New upstream release * Fixed Texinfo syntax (texinfo-fix.patch) * Updated standards version * Updated copyright * Fixed more spelling errors found by lintian (spelling.patch) -- Peter Eisentraut Tue, 23 Jul 2013 10:12:39 -0400 dirmngr (1.1.0-3) unstable; urgency=low * Run dirmngr under dirmngr user (closes: #663988) * Updated standards version -- Peter Eisentraut Wed, 04 Apr 2012 23:02:46 +0300 dirmngr (1.1.0-2) unstable; urgency=low * Changed default permissions of dirmngr socket file to 0777 (closes: #627373) * Changed to Debhelper level 8 * Updated standards version * Fixed spelling errors found by lintian (spelling.patch) * Changed build system from cdbs to dh -- Peter Eisentraut Mon, 23 Jan 2012 20:11:21 +0200 dirmngr (1.1.0-1) unstable; urgency=low * New upstream release * Updated build dependency on libassuan (closes: #614522) * Changed source format to 3.0 (quilt) * Updated standards version * Removed definition of LDAP_DEPRECATED; upstream now does this * Added -llber to link line, because binutils-gold no longer gets it through -lldap (closes: #554497) -- Peter Eisentraut Sun, 27 Feb 2011 12:40:44 +0200 dirmngr (1.0.3-1) unstable; urgency=low * New upstream release * Updated build dependency versions * Updated copyright years * Pointed copyright to license file GPL-2, per lintian * Updated standards version * Use status_of_proc in init script -- Peter Eisentraut Mon, 29 Jun 2009 21:41:35 +0300 dirmngr (1.0.2-1) unstable; urgency=low * New upstream release * Updated standards version -- Peter Eisentraut Fri, 22 Aug 2008 00:00:00 +0000 dirmngr (1.0.1-3) unstable; urgency=low * Fixed init script dependencies (closes: #466346) * Defined LDAP_DEPRECATED=1 because deprecated LDAP API is used (closes: #463358) * Added linker option --as-needed * Removed redundant/useless changelog and README files from installation -- Peter Eisentraut Mon, 18 Feb 2008 10:18:26 +0100 dirmngr (1.0.1-2) unstable; urgency=low * debian/watch: force passive FTP, since ftp.gnupg.org seems unhappy with active (closes: #456466) * Updated standards version * Added Homepage control field -- Peter Eisentraut Fri, 21 Dec 2007 21:47:26 +0100 dirmngr (1.0.1-1) unstable; urgency=low * New upstream release -- Peter Eisentraut Mon, 20 Aug 2007 10:56:56 +0200 dirmngr (1.0.0-1) unstable; urgency=low * New upstream release * Updated watch file -- Peter Eisentraut Tue, 10 Apr 2007 09:55:24 +0200 dirmngr (0.9.6-1) unstable; urgency=low * New upstream release * Manual pages are now provided upstream * Updated build dependencies * Added $network to init script LSB header * Added uupdate to watch file -- Peter Eisentraut Sat, 9 Sep 2006 12:24:08 +0200 dirmngr (0.9.5-2) unstable; urgency=low * Build depend against libksba >= 0.9.16-1, which contains a corrected shlibs file (closes: #383764) -- Peter Eisentraut Sun, 20 Aug 2006 13:56:36 +0200 dirmngr (0.9.5-1) unstable; urgency=low * New upstream release -- Peter Eisentraut Sun, 2 Jul 2006 13:12:44 +0200 dirmngr (0.9.4-1) unstable; urgency=low * New upstream release - Info file installation was corrected * Changed to Debhelper level 5 * Updated standards version -- Peter Eisentraut Fri, 19 May 2006 12:01:27 +0200 dirmngr (0.9.3-2) unstable; urgency=low * Create /var/run/dirmngr in the init script rather than in the package (closes: #344758) * Removed workaround for killproc bug; now requires lsb-base 3.0-12 * Added init script info section -- Peter Eisentraut Sun, 8 Jan 2006 19:28:53 +0100 dirmngr (0.9.3-1) unstable; urgency=low * New upstream release * Properly encoded non-ASCII characters in the man pages * Removed redundant debian/docs file * Rebuild against new libksba should prevent partial upgrades (closes: #324611) * Only chmod/chgrp the socket when the server is really being started (closes: #336482) -- Peter Eisentraut Tue, 1 Nov 2005 20:20:33 +0100 dirmngr (0.9.2-2) unstable; urgency=medium * Init script fixes: - Pass complete path name to killproc and pidofproc (closes: #327178) - Use log_daemon_msg instead of log_start_msg - Prevent descruction of the PID file when trying to start with an instance already running -- Peter Eisentraut Sat, 10 Sep 2005 22:45:49 +0200 dirmngr (0.9.2-1) unstable; urgency=low * New upstream release (closes: #306888) * Build dependencies revised accordingly * Changed maintainer address * Applied de.po corrections by Jens Seidel (closes: #314132) * Updated standards version * Changed init script to LSB style * Updated watch file -- Peter Eisentraut Thu, 4 Aug 2005 18:18:17 +0200 dirmngr (0.9.1-2) unstable; urgency=medium * Use option --sh in init script to be independent of current shell (closes: #305093) -- Peter Eisentraut Tue, 19 Apr 2005 21:01:38 +0200 dirmngr (0.9.1-1) unstable; urgency=low * New upstream release * Updated man pages * /etc/default/dirmngr no longer controls whether to start the daemon * Allow setting the access mode of the socket in /etc/default/dirmngr * Removed README.Debian; upstream documentation is now better -- Peter Eisentraut Fri, 11 Feb 2005 02:03:50 +0100 dirmngr (0.9.0-1) unstable; urgency=low * New upstream release * Build dependencies revised accordingly * Converted to CDBS * Added log rotation * Added init script * Updated man page, new man page for dirmngr-client * Added system group to control access to socket of daemon * Install custom-built combined changelog -- Peter Eisentraut Wed, 5 Jan 2005 00:34:42 +0100 dirmngr (0.5.6-1) unstable; urgency=low * New upstream release -- Peter Eisentraut Thu, 30 Sep 2004 12:51:55 +0200 dirmngr (0.5.5-1) experimental; urgency=low * New upstream release * Build dependencies revised accordingly * Binary now installed in /usr/bin * Added man page * Added watch file -- Peter Eisentraut Thu, 22 Jul 2004 15:11:40 +0200 dirmngr (0.5.0-1) experimental; urgency=low * Initial public release (closes: #187549) -- Peter Eisentraut Wed, 30 Jun 2004 14:19:26 +0200 debian/source/0000755000000000000000000000000011707070713010471 5ustar debian/source/options0000644000000000000000000000004611707070713012107 0ustar extend-diff-ignore = doc/dirmngr.info debian/source/format0000644000000000000000000000001411532271010011664 0ustar 3.0 (quilt) debian/patches/0000755000000000000000000000000012173505055010620 5ustar debian/patches/spelling.patch0000644000000000000000000000601112173505040013446 0ustar Description: Fix spelling errors Author: Peter Eisentraut --- a/doc/dirmngr.texi +++ b/doc/dirmngr.texi @@ -449,9 +449,9 @@ whether @option{--honor-http-proxy} has @item --ldap-proxy @var{host}[:@var{port}] @opindex ldap-proxy Use @var{host} and @var{port} to connect to LDAP servers. If @var{port} -is ommitted, port 389 (standard LDAP port) is used. This overrides any +is omitted, port 389 (standard LDAP port) is used. This overrides any specified host and port part in a LDAP URL and will also be used if host -and port have been ommitted from the URL. +and port have been omitted from the URL. @item --only-ldap-proxy @opindex only-ldap-proxy @@ -478,7 +478,7 @@ Obviously this will lead to problems if encoded as Latin-1. There is no other solution here than to put such a password in the binary encoding into the file (i.e. non-ascii characters won't show up readable).@footnote{The @command{gpgconf} tool might be -helpful for frontends as it allows to edit this configuration file using +helpful for frontends as it allows one to edit this configuration file using percent escaped strings.} @@ -641,7 +641,7 @@ be started like: This will force it to go into the backround, read the default certificates (including the trusted root certificates) and listen on a socket for client requests. It does also print information about the -socket used but they are only for compatibilty reasons with old GnuPG +socket used but they are only for compatibility reasons with old GnuPG versions and may be ignored. @@ -946,7 +946,7 @@ The return value of this command is @item 0 The certificate under question is valid; i.e. there is a valid CRL -available and it is not listed tehre or teh OCSP request returned that +available and it is not listed there or the OCSP request returned that that certificate is valid. @item 1 --- a/src/crlcache.c +++ b/src/crlcache.c @@ -2313,7 +2313,7 @@ list_one_crl_entry (crl_cache_t cache, c if (reason & KSBA_CRLREASON_AFFILIATION_CHANGED ) fputs( "affiliation_changed ", fp ), any = 1; if (reason & KSBA_CRLREASON_SUPERSEDED ) - fputs( "superseeded", fp ), any = 1; + fputs( "superseded", fp ), any = 1; if (reason & KSBA_CRLREASON_CESSATION_OF_OPERATION ) fputs( "cessation_of_operation", fp ), any = 1; if (reason & KSBA_CRLREASON_CERTIFICATE_HOLD ) --- a/src/ocsp.c +++ b/src/ocsp.c @@ -710,7 +710,7 @@ ocsp_isvalid (ctrl_t ctrl, ksba_cert_t c reason == KSBA_CRLREASON_CA_COMPROMISE? "CA compromise": reason == KSBA_CRLREASON_AFFILIATION_CHANGED? "affiliation changed": - reason == KSBA_CRLREASON_SUPERSEDED? "superseeded": + reason == KSBA_CRLREASON_SUPERSEDED? "superseded": reason == KSBA_CRLREASON_CESSATION_OF_OPERATION? "cessation of operation": reason == KSBA_CRLREASON_CERTIFICATE_HOLD? debian/patches/series0000644000000000000000000000004112173505055012030 0ustar spelling.patch texinfo-fix.patch debian/patches/texinfo-fix.patch0000644000000000000000000000160112173503533014076 0ustar Description: Fix Texinfo syntax Fix a build failure because of a section nesting error in the Texinfo syntax. Author: Peter Eisentraut Forwarded: no Last-Update: 2013-07-23 --- a/doc/gpl.texi +++ b/doc/gpl.texi @@ -12,7 +12,7 @@ Everyone is permitted to copy and distri of this license document, but changing it is not allowed. @end display -@appendixsubsec Preamble +@appendixsec Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public @@ -63,7 +63,7 @@ patent must be licensed for everyone's f modification follow. @iftex -@appendixsubsec TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION +@appendixsec TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION @end iftex @ifinfo @center TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION debian/copyright0000644000000000000000000000255112173502352011124 0ustar This package was debianized by Peter Eisentraut on Mon, 28 Jun 2004 10:20:37 +0200, based on earlier work by Marcus Brinkmann and Michael Bramer. It was downloaded from . Upstream authors: Steffen Hansen g10 Code GmbH Werner Koch , Free Software Foundation Michael Tokarev Copyright: Copyright (C) 2002 Klarälvdalens Datakonsult AB Copyright (C) 2003-2010 g10 Code GmbH Copyright (C) 1998-2012 Free Software Foundation, Inc. DirMngr is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. DirMngr is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. On Debian systems, the complete text of the GNU General Public License version 3 can be found in the file /usr/share/common-licenses/GPL-3. Copyright for src/cdb.h and src/cdblib.c: These files are a part of tinycdb package by Michael Tokarev, mjt@corpit.ru. Public domain. debian/compat0000644000000000000000000000000211707067132010370 0ustar 8 debian/etc/0000755000000000000000000000000011531777173007755 5ustar debian/etc/dirmngr.conf0000644000000000000000000000004611734605670012263 0ustar log-file /var/log/dirmngr/dirmngr.log debian/etc/ldapservers.conf0000644000000000000000000000005211531777173013153 0ustar # HOSTNAME:PORT:USERNAME:PASSWORD:BASE_DN debian/docs0000644000000000000000000000003111707317441010040 0ustar AUTHORS NEWS THANKS TODO debian/default0000644000000000000000000000052711707066364010553 0ustar # Defaults for dirmngr init script # sourced by /etc/init.d/dirmngr # This variable contols the access mode of the dirmngr socket. Set it # to 0770 to allow only users in the "dirmngr" group to access the # socket and thus use the daemon. Set it to 0777 to allow everyone to # use the daemon. The default is 0777. DIRMNGR_SOCKET_MODE=0777 debian/control0000644000000000000000000000161412173501646010600 0ustar Source: dirmngr Section: utils Priority: optional Maintainer: Peter Eisentraut Build-Depends: autotools-dev, debhelper (>= 8), gettext, libassuan-dev (>= 2.0.0), libgcrypt11-dev (>= 1.4.0), libgpg-error-dev (>= 1.4), libksba-dev (>= 1.0.2), libldap2-dev, libpth-dev (>= 1.3.7) Standards-Version: 3.9.4 Homepage: http://www.gnupg.org/aegypten/ Package: dirmngr Architecture: any Depends: adduser, lsb-base (>= 3.2-13), ${shlibs:Depends}, ${misc:Depends} Enhances: gpgsm, squid Description: server for managing certificate revocation lists DirMngr is a server for managing and downloading certificate revocation lists (CRLs) for X.509 certificates and for downloading the certificates themselves. DirMngr also handles OCSP requests as an alternative to CRLs. DirMngr is either invoked internally by gpgsm or when running as a system daemon through the dirmngr-client tool. debian/dirmngr.info0000644000000000000000000000002111532271635011503 0ustar doc/dirmngr.info