We would always show the first photo ID on a key when displaying it
in /pks/lookup. Fix this so we show them all correctly. Patch from
Philippe Teuwen as reporting in Debian bug #467020
We don't want to add keys when there are no keys in the previous list,
we want to only add new keys on the first pass. Otherwise if we end up
with an empty list we'll start again as if none of the previous words
where specified.
Apparently PGP Desktop doesn't like our "Storing %d keys." success
message when storing keys received via HKP. Change our output to match
what the pgp.com and SKS keyservers return. Patch from Timothy Legge.
Fix up dynamic loading; we export a structure of functions now from
each of the backends, which means we can maintain unique namespaces.
This should allow further cleanups/cunningness, but hopefully this is
enough to get us operating correctly across all platforms to start with.
Fix config structure references for dynamic backends
This patch fixes the config structure when dynamic backends are
used - the basic issue is that when the backend was loaded, it wouldn't
(neccessarily) share the config structure with the program that called
it (and had therefore read the config). Thanks to Brett Parker.
Fixup config file for Debian package upgrades
We now need to configure a suitable DB backend and are also using the
mail_dir setting, so we need to add/fix these in onak.conf for package
upgrades.
Allow checking for signature times and use in merging
Add support for pulling out the creation time of a signature, then use
this information when we're merging key signatures. This allows for
updating of signatures (eg key preferences) or adding new signatures eg
with later expiry dates. As reported in Debian bug #410796
Fix assumption that a signature on a public key is a revocation
We've been assuming that a signature directly on a public key means the
key is revoked. This isn't the case; it's used for key preferences for
example. Change the structure element names to reflect this
(revocations->sigs) and check for revoked status by looking for a
signature type of 0x20.
Fix incoming mail spool directory
onak-mail has spooled incoming mail for a long time; fix up the default
config to put this in spool/onak rather than the hardcoded /community
that was previously configured.
Change Debian package to use dynamic backend.
This hopefully does all that's required to build a Debian package with
all our backends but defaulting to db4 so we don't break those
upgrading.
Try to load backends from current dir if none specified.
If we don't specify a directory for the backends in the config file
then try to load them from the current directory.
Gracefully fail when we can't open a DB4 DB.
If we don't have permissions to open a DB4 DB we'll not even get to
open our environment. As such we should close it cleanly and fail rather
than segfaulting. As reported in Debian bug #370440
Gracefully exit if no backend defined.
If no backend was defined we were attempting to strlen a NULL string,
which isn't sensible. Gracefully exit with a critical error instead.
Fix replyto email address bug.
If Reply-To wasn't set we wouldn't be able to send a reply email from
onak-mail.pl for ADD/(V)INDEX mails. Fix this so we'll use Reply-To or
From if that isn't set.
Enable ADD support for email interface.
onak-mail.pl didn't support ADD; this is still in use by some people,
so has now been added. Thanks to Ian Jackson for reporting, I'd
forgotten it didn't support this yet.
Support 16 digit key ids in lookup.
When generating our html keyindexes, use 64bit key ids for the links,
to help avoid collisions. Also make lookup support this length of id.
Add dynamic loading of backends.
This adds support for the dynamic loading of backends. By default we
now try to build all the backends we can and then dynamically load the
one the user wants.
Make onak-mail.pl queue requests.
onak-mail.pl sequentially processes requests. Rather than having a lot
of these processes hang around waiting for other requests to complete we
now dump requests to a file and then the active copy will process all
pending requests.
Handle signature revokations better.
Hanna Wallach reported an issue with UID revokations. This was because
we weren't allowing multiple signatures from the same keyid for a UID;
we now check the signature type and allow them if they're different.
Fix path bug in sendkeysync.
We weren't using the path configured for the MTA from the config file,
instead it was a hard coded value. This causes problems if the MTA isn't
on the path.
Fix problem with closing stderr in add.c
Fred Strauss reported a problem when we close stderr in add.c; we now
do some basic checking to try to ensure it's a valid file ptr before
we close it. Also do this for stdout just in case.
Fix parsing of empty config file lines.
Fred Strauss reported a problem with parsing empty lines in the config
file; we weren't checking if the line was empty before stripping
trailing white space. We do now.
Allow non ASCII characters to be stored.
Previously we only stored letters/numbers. Now we store anything except
punctuation and spaces. Based on a patch from Jason Harris for pks.
Move dumpdb over to using iterate_keys.
iterate_keys provides a generic way to do stuff with every key in the
DB, so use it instead for dumping the database and remove the old
dumpdb function.
Add links to HTML index output. (Debian bug #275227)
Add links to get the key data and the verbose index for a key to the
HTML output of op=index. I think this was previously removed to try to
make gpg --search happy, but I've tested 1.2.4 with this change and it
still works.
Add lladdend function and use in makewordlist.
Add a new function that adds an object to the end of a linked list.
We make use of this in makewordlist, which means we search for keys
containing words from the start of the email address first, rather than
starting with the words at the end. When you're dealing with TLDs like
com, net, org this makes a big difference, as you don't end up with a
huge list from the first word you try.
Introduce sorted keyid array functions and use in DB4.
Adds functions to keep a sorted array of keyids (aiding searching speed).
Makes use of these in the DB4 backed for searching for keys based on uid
text.
Cleanup db4 properly if we fail to open it.
Rather than exiting as soon as we hit a problem opening the DB4 db we
try to cleanup whatever we've managed to open.
Change buffer_put/fetchchar functions to use memcpy.
We used an inefficient loop to copy data in the buffer character
functions; change them to use memcpy.
Make Makefile cleanup keyd and backend db .o files.
We weren't cleaning up keyd.o and keydb_$(DBTYPE).o with "make clean"
when keyd was enabled; fix this.
Add key iteration functionality to keydb backends.
Add a function to the keydb backends which will call a given function
once for every contained in the db. Currently implemented for db4, keyd,
file and pg backends.
Move update_keys to keydb rather than merge.
Move update_keys to the database backends, as in some senses it makes
more sense there - we have multiple DB calls and this is the main thing
that needs transactions, so by moving it here we should be able to hide
them from the rest of the code.
Add keyd backend (persistant database access over Unix socket)
Add keyd, which runs in the background and talks to the real database
and then communicates with the various onak programs over a Unix
socket.
Update version to indicate arch build.
Update the version in autoconf and debian/changelog to indicate that
any build is from arch rather than a released tarball (ie add +arch).
Fix maxpath to initialise the logging infrastructure.
maxpath wasn't initialising the logging infrastructure, so would
log to stderr rather than the log file for example. Fix this.
Fix sixdegrees to initialise the logging infrastructure.
sixdegrees wasn't initialising the logging infrastructure, so would
log to stderr rather than the log file for example. Fix this.
Fix transaction around id32 updating in DB4 backend.
For some reason we finished our transaction before we wrote the id32db
details. Fix this so we do it afterwards instead.
Add assert for invalid armor parameters.
Add an assert if we had a NULL string to the armor_putchar function.
Brett spotted this while doing evil things.
Change makedepend to use the compile instead.
Change to using the compiler for makedepend instead. This works for GCC;
I don't know about other compilers. May need an autoconf test instead in
future.
Quieten cleanup infrastructure.
Lower the loglevel output of the cleanup infrastructure to INFO rather
than NOTICE; ie don't show it on the default install.
Create an initial database when installing the package.
If we're installing the Debian package and there's no existing database
then create one by importing my key.
Configure basic onak.conf using autoconf info.
Write a basic onak.conf that has paths from the autoconf info, rather
than hard coded paths to my homedir.
Add more checking on db4 cleanup.
Add more checking when cleaning up the db4 backend; some things might
not have succeeded, but we should still try to cleanup those that did.
First cut at cleanup infrastructure.
Due to the fact that db4 is incredibly fragile in the fact of abnormal
termination and that Apache (and presumably other web servers) will
merrily kill CGI as and when they see fit, we need to try and catch any
signal we can and clean ourselves up.