crux-commits
Threads by month
- ----- 2025 -----
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
February 2024
- 1 participants
- 670 discussions
commit 7d028f14f936a5f8bf2688d226a51fc6c5fc55e6
Author: Tim Biermann <tbier(a)posteo.de>
Date: Sun Jan 28 10:10:56 2024 +0100
libidn2: 2.3.4 -> 2.3.7
diff --git a/libidn2/.footprint b/libidn2/.footprint
index 2944b2f4a..d3e84fe73 100644
--- a/libidn2/.footprint
+++ b/libidn2/.footprint
@@ -6,9 +6,9 @@ drwxr-xr-x root/root usr/include/
drwxr-xr-x root/root usr/lib/
-rw-r--r-- root/root usr/lib/libidn2.a
-rwxr-xr-x root/root usr/lib/libidn2.la
-lrwxrwxrwx root/root usr/lib/libidn2.so -> libidn2.so.0.3.8
-lrwxrwxrwx root/root usr/lib/libidn2.so.0 -> libidn2.so.0.3.8
--rwxr-xr-x root/root usr/lib/libidn2.so.0.3.8
+lrwxrwxrwx root/root usr/lib/libidn2.so -> libidn2.so.0.4.0
+lrwxrwxrwx root/root usr/lib/libidn2.so.0 -> libidn2.so.0.4.0
+-rwxr-xr-x root/root usr/lib/libidn2.so.0.4.0
drwxr-xr-x root/root usr/lib/pkgconfig/
-rw-r--r-- root/root usr/lib/pkgconfig/libidn2.pc
drwxr-xr-x root/root usr/share/
diff --git a/libidn2/.signature b/libidn2/.signature
index 178842869..289c1ffee 100644
--- a/libidn2/.signature
+++ b/libidn2/.signature
@@ -1,5 +1,5 @@
untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/dHI5yIFjv29xvaKOQ+8JGZ27pIxHgrj/1pBacEGEpBz/Q3c3G7FYJNZpcpWNMO97J+xKBTuhkFDkx4xUHeVGAY=
-SHA256 (Pkgfile) = 3b52c841758a5adb69eeb3d916247c626481b9b2d714acc1449fd02685634529
-SHA256 (.footprint) = 33bd31a89a7f5886c147ac943b64ff28aa7d214e5c251f7bba0147bd274c8d5f
-SHA256 (libidn2-2.3.4.tar.gz) = 93caba72b4e051d1f8d4f5a076ab63c99b77faee019b72b9783b267986dbb45f
+RWSE3ohX2g5d/SAcha/+fDJXXyNFnEZXD9GF/CuLwrqmjO0q15s5lZpJgi6rCyNuQG3mfqCzZ1zFX6Nz+wnFlI5xesrch7Rpfwk=
+SHA256 (Pkgfile) = 680afaf122efc50598eda74889abf08ac2d9d10e8fd4e8af8154a30c9a8c69d3
+SHA256 (.footprint) = 031c18f981beba746151927c9ea50f68d6176044cf5ac313b605dbf0efec2dc4
+SHA256 (libidn2-2.3.7.tar.gz) = 4c21a791b610b9519b9d0e12b8097bf2f359b12f8dd92647611a929e6bfd7d64
diff --git a/libidn2/Pkgfile b/libidn2/Pkgfile
index eb3b20c69..82e611b8a 100644
--- a/libidn2/Pkgfile
+++ b/libidn2/Pkgfile
@@ -4,7 +4,7 @@
# Depends on: libunistring
name=libidn2
-version=2.3.4
+version=2.3.7
release=1
source=(https://ftp.gnu.org/gnu/libidn/$name-$version.tar.gz)
1
0
commit a85ec54a179b1a9ec763241fa2237bb3e21d3569
Author: Tim Biermann <tbier(a)posteo.de>
Date: Sun Jan 28 10:11:17 2024 +0100
c-ares: 1.25.0 -> 1.26.0
diff --git a/c-ares/.footprint b/c-ares/.footprint
index 4847043fb..9369950ce 100644
--- a/c-ares/.footprint
+++ b/c-ares/.footprint
@@ -18,8 +18,8 @@ drwxr-xr-x root/root usr/lib/cmake/c-ares/
-rw-r--r-- root/root usr/lib/cmake/c-ares/c-ares-targets-release.cmake
-rw-r--r-- root/root usr/lib/cmake/c-ares/c-ares-targets.cmake
lrwxrwxrwx root/root usr/lib/libcares.so -> libcares.so.2
-lrwxrwxrwx root/root usr/lib/libcares.so.2 -> libcares.so.2.10.1
--rwxr-xr-x root/root usr/lib/libcares.so.2.10.1
+lrwxrwxrwx root/root usr/lib/libcares.so.2 -> libcares.so.2.11.0
+-rwxr-xr-x root/root usr/lib/libcares.so.2.11.0
drwxr-xr-x root/root usr/lib/pkgconfig/
-rw-r--r-- root/root usr/lib/pkgconfig/libcares.pc
drwxr-xr-x root/root usr/share/
diff --git a/c-ares/.signature b/c-ares/.signature
index 59aad43db..d387fe51c 100644
--- a/c-ares/.signature
+++ b/c-ares/.signature
@@ -1,5 +1,5 @@
untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/V3UuXMGqq9sGaEox2fh7halCfK2//F+kP+qe5Q3sqHKfelt881ADV5gXtut40eL8Vio97sNVIFfuO3SHRLY0wk=
-SHA256 (Pkgfile) = 06b6176189e0a7349ff1e02bf39dde83c997757c74e3b8ea385a80016d74db57
-SHA256 (.footprint) = 89ab25a47fea866cae5baabe0d21c4cdd93c3588552e100378b9a0528ed12de7
-SHA256 (c-ares-1.25.0.tar.gz) = 71832b93a48f5ff579c505f4869120c14e57b783275367207f1a98314aa724e5
+RWSE3ohX2g5d/be8gy1kl+OzOEFrIve/ufv9V/4oMc/B9eB03ov96OtBTYYUHq5BZ3rZlC+oW4ySkOaaX+ccaj/7S5+iWAc8yw0=
+SHA256 (Pkgfile) = 12ef64dd109835441704a5fcb37195a61328a858e889fcd4aff47cd0636d5f53
+SHA256 (.footprint) = a8024feebe2cceb8d46e34c5f6d0edff842332738d9e69ee4bdfcc1749f49f01
+SHA256 (c-ares-1.26.0.tar.gz) = bed58c4f02b009080ebda6c2467ba469722ac6aebbf4497dc44a83d8c6194e50
diff --git a/c-ares/Pkgfile b/c-ares/Pkgfile
index bf58ba546..7564f8861 100644
--- a/c-ares/Pkgfile
+++ b/c-ares/Pkgfile
@@ -3,7 +3,7 @@
# Maintainer: Tim Biermann, tbier at posteo dot de
name=c-ares
-version=1.25.0
+version=1.26.0
release=1
source=(https://c-ares.haxx.se/download/$name-$version.tar.gz)
1
0
commit 43de58c6d31cfae6d9d5ccb444560350efce7b30
Author: Tim Biermann <tbier(a)posteo.de>
Date: Sun Jan 28 10:10:38 2024 +0100
orc: 0.4.35 -> 0.4.36
diff --git a/orc/.footprint b/orc/.footprint
index 5cce58ced..01c78b663 100644
--- a/orc/.footprint
+++ b/orc/.footprint
@@ -45,11 +45,11 @@ drwxr-xr-x root/root usr/include/orc-0.4/orc/
-rw-r--r-- root/root usr/include/orc-0.4/orc/orcx86insn.h
drwxr-xr-x root/root usr/lib/
lrwxrwxrwx root/root usr/lib/liborc-0.4.so -> liborc-0.4.so.0
-lrwxrwxrwx root/root usr/lib/liborc-0.4.so.0 -> liborc-0.4.so.0.35.0
--rwxr-xr-x root/root usr/lib/liborc-0.4.so.0.35.0
+lrwxrwxrwx root/root usr/lib/liborc-0.4.so.0 -> liborc-0.4.so.0.36.0
+-rwxr-xr-x root/root usr/lib/liborc-0.4.so.0.36.0
lrwxrwxrwx root/root usr/lib/liborc-test-0.4.so -> liborc-test-0.4.so.0
-lrwxrwxrwx root/root usr/lib/liborc-test-0.4.so.0 -> liborc-test-0.4.so.0.35.0
--rwxr-xr-x root/root usr/lib/liborc-test-0.4.so.0.35.0
+lrwxrwxrwx root/root usr/lib/liborc-test-0.4.so.0 -> liborc-test-0.4.so.0.36.0
+-rwxr-xr-x root/root usr/lib/liborc-test-0.4.so.0.36.0
drwxr-xr-x root/root usr/lib/pkgconfig/
-rw-r--r-- root/root usr/lib/pkgconfig/orc-0.4.pc
-rw-r--r-- root/root usr/lib/pkgconfig/orc-test-0.4.pc
diff --git a/orc/.signature b/orc/.signature
index 8f14e428d..02bff9fac 100644
--- a/orc/.signature
+++ b/orc/.signature
@@ -1,5 +1,5 @@
untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/T3DcjYumeKSX24RqF6q6WvPkrFtgnGEAE8iOZ4BjEmmgaPBSiAzWe9BFwQRICz9hPGzt4Ixpf66H8NczQ2dbgc=
-SHA256 (Pkgfile) = 20b5dde56184cf9da8e3126d21868385c4719f46969bd45d2cd17fb9ea4bf5ab
-SHA256 (.footprint) = cf17b440ce0f5845a15c1c7a03242aa60a2749d5d74dad018d46cc04fa58360e
-SHA256 (orc-0.4.35.tar.xz) = 718cdb60db0d5f7d4fc8eb955cd0f149e0ecc78dcd5abdc6ce3be95221b793b9
+RWSE3ohX2g5d/V81JQx+37Hgx768oYvtJ9T4pCQH52OGUtfN3gJssCAyPGVq+GF0GryU9cvOHUlEDgbKYN7k4uMoJupyhKEPMAA=
+SHA256 (Pkgfile) = 51e0902b4b192d6d2748cf805eef7709319ff62e57b21aa4e516d71d90f0b2d1
+SHA256 (.footprint) = 0582edbeb9a2cb4c08b275018ce414cd7f318cb4b630ce7dd1b3f4e34d2ea671
+SHA256 (orc-0.4.36.tar.xz) = 83b074cb67317d58bef1e8d0cc862f7ae8a77a45bbff056a1f987c6488b2f5fd
diff --git a/orc/Pkgfile b/orc/Pkgfile
index cf5b977f0..48f884805 100644
--- a/orc/Pkgfile
+++ b/orc/Pkgfile
@@ -3,7 +3,7 @@
# Maintainer: Tim Biermann, tbier at posteo dot de
name=orc
-version=0.4.35
+version=0.4.36
release=1
source=(https://gstreamer.freedesktop.org/src/$name/$name-$version.tar.xz)
1
0
commit 8a7e8a31f4bb66e5beb81b220873e03144badf91
Author: Tim Biermann <tbier(a)posteo.de>
Date: Sun Jan 28 10:09:51 2024 +0100
unrar: 7.0.5 -> 7.0.6
diff --git a/unrar/.signature b/unrar/.signature
index 5824e3720..af0028173 100644
--- a/unrar/.signature
+++ b/unrar/.signature
@@ -1,5 +1,5 @@
untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/cHCse7IJL2I1fL3XICVrFzghAzeQk39xS7gSYeOScRyxG4aMqs69mEmMmKRI9iG8CaauckAPclKtcNA8t/w1wY=
-SHA256 (Pkgfile) = 0726e4cf152be55f0a3b9771872221b2c2bd476c8285325712c8c4f2a7d9a680
+RWSE3ohX2g5d/RqBY3lk7u2sqhQMMtb6CpcSKsg6EUKf4i6/wrXbbrm+D4W/RNHvnBD3r/XMxEtBtf3Yj60S60KKEDQaDFyIQAw=
+SHA256 (Pkgfile) = 8b5cbc50610c7a3142bef68c97eed4a1de561a1d91a8cab446a138d99e9941e2
SHA256 (.footprint) = d74185592e6529cf0090c3626f6fb89245c2afdb36aea39882a058f85d4153ea
-SHA256 (unrarsrc-7.0.5.tar.gz) = 137308f98427a369c5684041d7ec0ad0d89d53eb5444e0617a206dafe6f44a02
+SHA256 (unrarsrc-7.0.6.tar.gz) = d9c0d1c881603aa2fa38248634bf9c9d63a6a3bdb5fa17dc9358ebf8b61f0cd2
diff --git a/unrar/Pkgfile b/unrar/Pkgfile
index 41b163db8..09cf76b24 100644
--- a/unrar/Pkgfile
+++ b/unrar/Pkgfile
@@ -3,7 +3,7 @@
# Maintainer: Tim Biermann, tbier at posteo dot de
name=unrar
-version=7.0.5
+version=7.0.6
release=1
source=(https://www.rarlab.com/rar/${name}src-$version.tar.gz)
1
0
commit 8b68f97d5f2f11cb632d9c974a9fc5efbf245145
Author: Matt Housh <jaeger(a)crux.ninja>
Date: Thu Jan 25 21:44:43 2024 -0600
nvidia: updated to version 535.154.05
diff --git a/nvidia/.footprint b/nvidia/.footprint
index b0db00d94..896d3368a 100644
--- a/nvidia/.footprint
+++ b/nvidia/.footprint
@@ -7,9 +7,9 @@ drwxr-xr-x root/root etc/rc.d/
drwxr-xr-x root/root lib/
drwxr-xr-x root/root lib/firmware/
drwxr-xr-x root/root lib/firmware/nvidia/
-drwxr-xr-x root/root lib/firmware/nvidia/535.146.02/
--rw-r--r-- root/root lib/firmware/nvidia/535.146.02/gsp_ga10x.bin
--rw-r--r-- root/root lib/firmware/nvidia/535.146.02/gsp_tu10x.bin
+drwxr-xr-x root/root lib/firmware/nvidia/535.154.05/
+-rw-r--r-- root/root lib/firmware/nvidia/535.154.05/gsp_ga10x.bin
+-rw-r--r-- root/root lib/firmware/nvidia/535.154.05/gsp_tu10x.bin
drwxr-xr-x root/root lib/modules/
drwxr-xr-x root/root lib/modules/<kernel-version>/
drwxr-xr-x root/root lib/modules/<kernel-version>/extra/
@@ -35,85 +35,85 @@ drwxr-xr-x root/root usr/bin/
-rwxr-xr-x root/root usr/bin/nvidia-xconfig
drwxr-xr-x root/root usr/lib/
drwxr-xr-x root/root usr/lib/gbm/
-lrwxrwxrwx root/root usr/lib/gbm/nvidia-drm_gbm.so -> libnvidia-allocator.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libEGL_nvidia.so.0 -> libEGL_nvidia.so.535.146.02
--rwxr-xr-x root/root usr/lib/libEGL_nvidia.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libGLESv1_CM_nvidia.so.1 -> libGLESv1_CM_nvidia.so.535.146.02
--rwxr-xr-x root/root usr/lib/libGLESv1_CM_nvidia.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libGLESv2_nvidia.so.2 -> libGLESv2_nvidia.so.535.146.02
--rwxr-xr-x root/root usr/lib/libGLESv2_nvidia.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libGLX_nvidia.so.0 -> libGLX_nvidia.so.535.146.02
--rwxr-xr-x root/root usr/lib/libGLX_nvidia.so.535.146.02
+lrwxrwxrwx root/root usr/lib/gbm/nvidia-drm_gbm.so -> libnvidia-allocator.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libEGL_nvidia.so.0 -> libEGL_nvidia.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libEGL_nvidia.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libGLESv1_CM_nvidia.so.1 -> libGLESv1_CM_nvidia.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libGLESv1_CM_nvidia.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libGLESv2_nvidia.so.2 -> libGLESv2_nvidia.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libGLESv2_nvidia.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libGLX_nvidia.so.0 -> libGLX_nvidia.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libGLX_nvidia.so.535.154.05
-rwxr-xr-x root/root usr/lib/libOpenCL.so.1.0.0
-lrwxrwxrwx root/root usr/lib/libcuda.so -> libcuda.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libcuda.so.1 -> libcuda.so.535.146.02
--rwxr-xr-x root/root usr/lib/libcuda.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libcudadebugger.so -> libcudadebugger.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libcudadebugger.so.1 -> libcudadebugger.so.535.146.02
--rwxr-xr-x root/root usr/lib/libcudadebugger.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvcuvid.so -> libnvcuvid.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvcuvid.so.1 -> libnvcuvid.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvcuvid.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-allocator.so -> libnvidia-allocator.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-allocator.so.1 -> libnvidia-allocator.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-allocator.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-cfg.so -> libnvidia-cfg.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-cfg.so.1 -> libnvidia-cfg.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-cfg.so.535.146.02
+lrwxrwxrwx root/root usr/lib/libcuda.so -> libcuda.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libcuda.so.1 -> libcuda.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libcuda.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libcudadebugger.so -> libcudadebugger.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libcudadebugger.so.1 -> libcudadebugger.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libcudadebugger.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvcuvid.so -> libnvcuvid.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvcuvid.so.1 -> libnvcuvid.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvcuvid.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-allocator.so -> libnvidia-allocator.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-allocator.so.1 -> libnvidia-allocator.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-allocator.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-cfg.so -> libnvidia-cfg.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-cfg.so.1 -> libnvidia-cfg.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-cfg.so.535.154.05
lrwxrwxrwx root/root usr/lib/libnvidia-egl-gbm.so -> libnvidia-egl-gbm.so.1.1.0
lrwxrwxrwx root/root usr/lib/libnvidia-egl-gbm.so.1 -> libnvidia-egl-gbm.so.1.1.0
-rwxr-xr-x root/root usr/lib/libnvidia-egl-gbm.so.1.1.0
-lrwxrwxrwx root/root usr/lib/libnvidia-eglcore.so -> libnvidia-eglcore.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-eglcore.so.1 -> libnvidia-eglcore.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-eglcore.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-encode.so -> libnvidia-encode.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-encode.so.1 -> libnvidia-encode.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-encode.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-fbc.so -> libnvidia-fbc.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-fbc.so.1 -> libnvidia-fbc.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-fbc.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-glcore.so -> libnvidia-glcore.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-glcore.so.1 -> libnvidia-glcore.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-glcore.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-glsi.so -> libnvidia-glsi.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-glsi.so.1 -> libnvidia-glsi.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-glsi.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-glvkspirv.so -> libnvidia-glvkspirv.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-glvkspirv.so.1 -> libnvidia-glvkspirv.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-glvkspirv.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-gtk2.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-gtk3.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-ml.so -> libnvidia-ml.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-ml.so.1 -> libnvidia-ml.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-ml.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-ngx.so -> libnvidia-ngx.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-ngx.so.1 -> libnvidia-ngx.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-ngx.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-opencl.so -> libnvidia-opencl.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-opencl.so.1 -> libnvidia-opencl.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-opencl.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-opticalflow.so -> libnvidia-opticalflow.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-opticalflow.so.1 -> libnvidia-opticalflow.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-opticalflow.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-ptxjitcompiler.so -> libnvidia-ptxjitcompiler.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-ptxjitcompiler.so.1 -> libnvidia-ptxjitcompiler.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-ptxjitcompiler.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-rtcore.so -> libnvidia-rtcore.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvidia-rtcore.so.1 -> libnvidia-rtcore.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-rtcore.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvidia-tls.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvoptix.so -> libnvoptix.so.535.146.02
-lrwxrwxrwx root/root usr/lib/libnvoptix.so.1 -> libnvoptix.so.535.146.02
--rwxr-xr-x root/root usr/lib/libnvoptix.so.535.146.02
+lrwxrwxrwx root/root usr/lib/libnvidia-eglcore.so -> libnvidia-eglcore.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-eglcore.so.1 -> libnvidia-eglcore.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-eglcore.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-encode.so -> libnvidia-encode.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-encode.so.1 -> libnvidia-encode.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-encode.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-fbc.so -> libnvidia-fbc.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-fbc.so.1 -> libnvidia-fbc.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-fbc.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-glcore.so -> libnvidia-glcore.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-glcore.so.1 -> libnvidia-glcore.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-glcore.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-glsi.so -> libnvidia-glsi.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-glsi.so.1 -> libnvidia-glsi.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-glsi.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-glvkspirv.so -> libnvidia-glvkspirv.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-glvkspirv.so.1 -> libnvidia-glvkspirv.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-glvkspirv.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-gtk2.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-gtk3.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-ml.so -> libnvidia-ml.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-ml.so.1 -> libnvidia-ml.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-ml.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-ngx.so -> libnvidia-ngx.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-ngx.so.1 -> libnvidia-ngx.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-ngx.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-opencl.so -> libnvidia-opencl.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-opencl.so.1 -> libnvidia-opencl.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-opencl.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-opticalflow.so -> libnvidia-opticalflow.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-opticalflow.so.1 -> libnvidia-opticalflow.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-opticalflow.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-ptxjitcompiler.so -> libnvidia-ptxjitcompiler.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-ptxjitcompiler.so.1 -> libnvidia-ptxjitcompiler.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-ptxjitcompiler.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-rtcore.so -> libnvidia-rtcore.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvidia-rtcore.so.1 -> libnvidia-rtcore.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-rtcore.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvidia-tls.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvoptix.so -> libnvoptix.so.535.154.05
+lrwxrwxrwx root/root usr/lib/libnvoptix.so.1 -> libnvoptix.so.535.154.05
+-rwxr-xr-x root/root usr/lib/libnvoptix.so.535.154.05
drwxr-xr-x root/root usr/lib/nvidia/
drwxr-xr-x root/root usr/lib/nvidia/xorg/
-lrwxrwxrwx root/root usr/lib/nvidia/xorg/libglxserver_nvidia.so -> libglxserver_nvidia.so.535.146.02
-lrwxrwxrwx root/root usr/lib/nvidia/xorg/libglxserver_nvidia.so.1 -> libglxserver_nvidia.so.535.146.02
--rwxr-xr-x root/root usr/lib/nvidia/xorg/libglxserver_nvidia.so.535.146.02
+lrwxrwxrwx root/root usr/lib/nvidia/xorg/libglxserver_nvidia.so -> libglxserver_nvidia.so.535.154.05
+lrwxrwxrwx root/root usr/lib/nvidia/xorg/libglxserver_nvidia.so.1 -> libglxserver_nvidia.so.535.154.05
+-rwxr-xr-x root/root usr/lib/nvidia/xorg/libglxserver_nvidia.so.535.154.05
drwxr-xr-x root/root usr/lib/vdpau/
-lrwxrwxrwx root/root usr/lib/vdpau/libvdpau_nvidia.so -> libvdpau_nvidia.so.535.146.02
-lrwxrwxrwx root/root usr/lib/vdpau/libvdpau_nvidia.so.1 -> libvdpau_nvidia.so.535.146.02
--rwxr-xr-x root/root usr/lib/vdpau/libvdpau_nvidia.so.535.146.02
+lrwxrwxrwx root/root usr/lib/vdpau/libvdpau_nvidia.so -> libvdpau_nvidia.so.535.154.05
+lrwxrwxrwx root/root usr/lib/vdpau/libvdpau_nvidia.so.1 -> libvdpau_nvidia.so.535.154.05
+-rwxr-xr-x root/root usr/lib/vdpau/libvdpau_nvidia.so.535.154.05
drwxr-xr-x root/root usr/lib/xorg/
drwxr-xr-x root/root usr/lib/xorg/modules/
drwxr-xr-x root/root usr/lib/xorg/modules/drivers/
@@ -132,8 +132,8 @@ drwxr-xr-x root/root usr/share/glvnd/
drwxr-xr-x root/root usr/share/glvnd/egl_vendor.d/
-rw-r--r-- root/root usr/share/glvnd/egl_vendor.d/10_nvidia.json
drwxr-xr-x root/root usr/share/nvidia/
--rw-r--r-- root/root usr/share/nvidia/nvidia-application-profiles-535.146.02-key-documentation
--rw-r--r-- root/root usr/share/nvidia/nvidia-application-profiles-535.146.02-rc
+-rw-r--r-- root/root usr/share/nvidia/nvidia-application-profiles-535.154.05-key-documentation
+-rw-r--r-- root/root usr/share/nvidia/nvidia-application-profiles-535.154.05-rc
-rw-r--r-- root/root usr/share/nvidia/nvoptix.bin
drwxr-xr-x root/root usr/share/pixmaps/
-rw-r--r-- root/root usr/share/pixmaps/nvidia-settings.png
diff --git a/nvidia/.signature b/nvidia/.signature
index 14919e001..9e5309e64 100644
--- a/nvidia/.signature
+++ b/nvidia/.signature
@@ -1,8 +1,8 @@
untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/ab+U9uHVmfgNTGR6Skh6KgzQAQCCjnf0TAQmRLL/zYQCNSvYpF8tfOc8Ttu9Ht5R6BvtH8LT5WhzqsYFrvgYA4=
-SHA256 (Pkgfile) = 883af18624f0499386f8c0ab7ee3291d129f3bdf38f2b62b08c3ffb18ae199af
-SHA256 (.footprint) = 706be2b08b21b93e95297ffb98f86f384fa8b09ae26968dd3853b7428e6124d2
-SHA256 (NVIDIA-Linux-x86_64-535.146.02.run) = 49fd1cc9e445c98b293f7c66f36becfe12ccc1de960dfff3f1dc96ba3a9cbf70
+RWSE3ohX2g5d/fNzr8OsqIrHxlZ4Eqdzl/QBMf9BkDZzfINwVNIklzFFt6zCEfX0d5wv32US/qCsMJo6mpr32fXdJ+vw2WX3oQ8=
+SHA256 (Pkgfile) = bb99d915faf590ce4d1d4399f9146a0982654479544de4754fee740dade697ef
+SHA256 (.footprint) = 6fe1e7aff92b772423a1d15d97a7685d358c1ff494e206d8263ff2df29e483ff
+SHA256 (NVIDIA-Linux-x86_64-535.154.05.run) = 7e95065caa6b82de926110f14827a61972eb12c200e863a29e9fb47866eaa898
SHA256 (90-nvidia-uvm.rules) = c35c61cebf5bf9a112ac06539bdc670a388afa4b50a7f8223a114fbeafedb140
SHA256 (10-nvidia-drm-outputclass.conf) = 4a72c70d7e348102f8c159b3f58973218bc740de1d86830f7cbee1c40744929c
SHA256 (nvidia-powerd.rc) = 93aa2a176eba74041c8f39363da303eadb611c62a5f12f3cdb1725a3e329b022
diff --git a/nvidia/Pkgfile b/nvidia/Pkgfile
index 95a0c737b..d673afed5 100644
--- a/nvidia/Pkgfile
+++ b/nvidia/Pkgfile
@@ -4,7 +4,7 @@
# Depends on: gtk gtk3 libglvnd
name=nvidia
-version=535.146.02
+version=535.154.05
release=1
source=(https://us.download.nvidia.com/XFree86/Linux-x86_64/$version/NVIDIA… \
90-nvidia-uvm.rules 10-nvidia-drm-outputclass.conf nvidia-powerd.rc)
1
0
commit dc19bc4c1bea03663decaa37737c439bc1754b83
Author: Tim Biermann <tbier(a)posteo.de>
Date: Thu Jan 25 19:51:18 2024 +0100
gnupg: 2.4.3 -> 2.4.4
diff --git a/gnupg/.signature b/gnupg/.signature
index 4df77e51e..465327ca5 100644
--- a/gnupg/.signature
+++ b/gnupg/.signature
@@ -1,6 +1,5 @@
untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/S9OejUwygJmK4WjbEsfMZhKGhXUkQ/gBlJoeA03XV9/lf3U7wLmPhp9Yr7gNb6Yx7Ek0R1DC/83/gik5ERFRwQ=
-SHA256 (Pkgfile) = 691d6656aacd0934e6d196ea8652db3672617a9c5992db53629203b3e3de04e8
+RWSE3ohX2g5d/UrRDFuSQAnBmyqvCfDYvYTfP+L2/aad1MBJ57qPOpiMK0lQo4QRDbZwLcJ2gvFR7Vm3tIXP5oSsAGT6Zw87Xwk=
+SHA256 (Pkgfile) = a5d916296767763753b7ec744c98885a8d66a6d3b87b887e54b65a3f98ba6719
SHA256 (.footprint) = c2951faf9544a9cc3546a88e7b78e2f4c0e10ae923e17c11a6d9069ede5c3c21
-SHA256 (gnupg-2.4.3.tar.bz2) = a271ae6d732f6f4d80c258ad9ee88dd9c94c8fdc33c3e45328c4d7c126bd219d
-SHA256 (ldap.patch) = 20d57800b23b9f678ce5be1793df1183287bbca92995b36f14e1d95c4ff0ec04
+SHA256 (gnupg-2.4.4.tar.bz2) = 67ebe016ca90fa7688ce67a387ebd82c6261e95897db7b23df24ff335be85bc6
diff --git a/gnupg/Pkgfile b/gnupg/Pkgfile
index ffe70df69..06ccd8734 100644
--- a/gnupg/Pkgfile
+++ b/gnupg/Pkgfile
@@ -5,15 +5,13 @@
# Optional: openldap
name=gnupg
-version=2.4.3
+version=2.4.4
release=1
-source=(https://gnupg.org/ftp/gcrypt/$name/$name-$version.tar.bz2
- ldap.patch)
+source=(https://gnupg.org/ftp/gcrypt/$name/$name-$version.tar.bz2)
build () {
cd $name-$version
- patch -Np1 -i $SRC/ldap.patch
prt-get isinst openldap || PKGMK_GNUPG+=' --disable-ldap'
./configure $PKGMK_GNUPG \
diff --git a/gnupg/ldap.patch b/gnupg/ldap.patch
deleted file mode 100644
index cca0186a9..000000000
--- a/gnupg/ldap.patch
+++ /dev/null
@@ -1,3391 +0,0 @@
-diff --git a/dirmngr/server.c b/dirmngr/server.c
-index 51a149cb2..ee61f63d6 100644
---- a/dirmngr/server.c
-+++ b/dirmngr/server.c
-@@ -1,3384 +1,3386 @@
- /* server.c - LDAP and Keyserver access server
- * Copyright (C) 2002 Klarälvdalens Datakonsult AB
- * Copyright (C) 2003, 2004, 2005, 2007, 2008, 2009, 2011, 2015 g10 Code GmbH
- * Copyright (C) 2014, 2015, 2016 Werner Koch
- * Copyright (C) 2016 Bundesamt für Sicherheit in der Informationstechnik
- *
- * This file is part of GnuPG.
- *
- * GnuPG is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * GnuPG is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, see <https://www.gnu.org/licenses/>.
- *
- * SPDX-License-Identifier: GPL-3.0+
- */
-
- #include <config.h>
- #include <stdio.h>
- #include <stdlib.h>
- #include <stddef.h>
- #include <string.h>
- #include <assert.h>
- #include <sys/types.h>
- #include <sys/stat.h>
- #include <unistd.h>
- #include <errno.h>
- #ifdef HAVE_W32_SYSTEM
- # ifndef WINVER
- # define WINVER 0x0500 /* Same as in common/sysutils.c */
- # endif
- # include <winsock2.h>
- # include <sddl.h>
- #endif
-
- #include "dirmngr.h"
- #include <assuan.h>
-
- #include "crlcache.h"
- #include "crlfetch.h"
- #if USE_LDAP
- # include "ldapserver.h"
- #endif
- #include "ocsp.h"
- #include "certcache.h"
- #include "validate.h"
- #include "misc.h"
- #if USE_LDAP
- # include "ldap-wrapper.h"
- #endif
- #include "ks-action.h"
- #include "ks-engine.h"
- #if USE_LDAP
- # include "ldap-parse-uri.h"
- #endif
- #include "dns-stuff.h"
- #include "../common/mbox-util.h"
- #include "../common/zb32.h"
- #include "../common/server-help.h"
-
- /* To avoid DoS attacks we limit the size of a certificate to
- something reasonable. The DoS was actually only an issue back when
- Dirmngr was a system service and not a user service. */
- #define MAX_CERT_LENGTH (16*1024)
-
- /* The limit for the CERTLIST inquiry. We allow for up to 20
- * certificates but also take PEM encoding into account. */
- #define MAX_CERTLIST_LENGTH ((MAX_CERT_LENGTH * 20 * 4)/3)
-
- /* The same goes for OpenPGP keyblocks, but here we need to allow for
- much longer blocks; a 200k keyblock is not too unusual for keys
- with a lot of signatures (e.g. 0x5b0358a2). 9C31503C6D866396 even
- has 770 KiB as of 2015-08-23. To avoid adding a runtime option we
- now use 20MiB which should really be enough. Well, a key with
- several pictures could be larger (the parser as a 18MiB limit for
- attribute packets) but it won't be nice to the keyservers to send
- them such large blobs. */
- #define MAX_KEYBLOCK_LENGTH (20*1024*1024)
-
-
- #define PARM_ERROR(t) assuan_set_error (ctx, \
- gpg_error (GPG_ERR_ASS_PARAMETER), (t))
- #define set_error(e,t) (ctx ? assuan_set_error (ctx, gpg_error (e), (t)) \
- /**/: gpg_error (e))
-
-
-
- /* Control structure per connection. */
- struct server_local_s
- {
- /* Data used to associate an Assuan context with local server data */
- assuan_context_t assuan_ctx;
-
- /* The session id (a counter). */
- unsigned int session_id;
-
- /* Per-session LDAP servers. */
- ldap_server_t ldapservers;
-
- /* Per-session list of keyservers. */
- uri_item_t keyservers;
-
- /* If this flag is set to true this dirmngr process will be
- terminated after the end of this session. */
- int stopme;
-
- /* State variable private to is_tor_running. */
- int tor_state;
-
- /* If the first both flags are set the assuan logging of data lines
- * is suppressed. The count variable is used to show the number of
- * non-logged bytes. */
- size_t inhibit_data_logging_count;
- unsigned int inhibit_data_logging : 1;
- unsigned int inhibit_data_logging_now : 1;
- };
-
-
- /* Cookie definition for assuan data line output. */
- static gpgrt_ssize_t data_line_cookie_write (void *cookie,
- const void *buffer, size_t size);
- static int data_line_cookie_close (void *cookie);
- static es_cookie_io_functions_t data_line_cookie_functions =
- {
- NULL,
- data_line_cookie_write,
- NULL,
- data_line_cookie_close
- };
-
-
- /* Local prototypes */
- static const char *task_check_wkd_support (ctrl_t ctrl, const char *domain);
-
-
-
-
- /* Accessor for the local ldapservers variable. */
- ldap_server_t
- get_ldapservers_from_ctrl (ctrl_t ctrl)
- {
- if (ctrl && ctrl->server_local)
- return ctrl->server_local->ldapservers;
- else
- return NULL;
- }
-
- /* Release an uri_item_t list. */
- void
- release_uri_item_list (uri_item_t list)
- {
- while (list)
- {
- uri_item_t tmp = list->next;
- http_release_parsed_uri (list->parsed_uri);
- xfree (list);
- list = tmp;
- }
- }
-
- /* Release all configured keyserver info from CTRL. */
- void
- release_ctrl_keyservers (ctrl_t ctrl)
- {
- if (! ctrl->server_local)
- return;
-
- release_uri_item_list (ctrl->server_local->keyservers);
- ctrl->server_local->keyservers = NULL;
- }
-
-
-
- /* Helper to print a message while leaving a command. */
- static gpg_error_t
- leave_cmd (assuan_context_t ctx, gpg_error_t err)
- {
- if (err)
- {
- const char *name = assuan_get_command_name (ctx);
- if (!name)
- name = "?";
- if (gpg_err_source (err) == GPG_ERR_SOURCE_DEFAULT)
- log_error ("command '%s' failed: %s\n", name,
- gpg_strerror (err));
- else
- log_error ("command '%s' failed: %s <%s>\n", name,
- gpg_strerror (err), gpg_strsource (err));
- }
- return err;
- }
-
-
- /* This is a wrapper around assuan_send_data which makes debugging the
- output in verbose mode easier. */
- static gpg_error_t
- data_line_write (assuan_context_t ctx, const void *buffer_arg, size_t size)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- const char *buffer = buffer_arg;
- gpg_error_t err;
-
- /* If we do not want logging, enable it here. */
- if (ctrl && ctrl->server_local && ctrl->server_local->inhibit_data_logging)
- ctrl->server_local->inhibit_data_logging_now = 1;
-
- if (opt.verbose && buffer && size)
- {
- /* Ease reading of output by sending a physical line at each LF. */
- const char *p;
- size_t n, nbytes;
-
- nbytes = size;
- do
- {
- p = memchr (buffer, '\n', nbytes);
- n = p ? (p - buffer) + 1 : nbytes;
- err = assuan_send_data (ctx, buffer, n);
- if (err)
- {
- gpg_err_set_errno (EIO);
- goto leave;
- }
- buffer += n;
- nbytes -= n;
- if (nbytes && (err=assuan_send_data (ctx, NULL, 0))) /* Flush line. */
- {
- gpg_err_set_errno (EIO);
- goto leave;
- }
- }
- while (nbytes);
- }
- else
- {
- err = assuan_send_data (ctx, buffer, size);
- if (err)
- {
- gpg_err_set_errno (EIO); /* For use by data_line_cookie_write. */
- goto leave;
- }
- }
-
- leave:
- if (ctrl && ctrl->server_local && ctrl->server_local->inhibit_data_logging)
- {
- ctrl->server_local->inhibit_data_logging_now = 0;
- ctrl->server_local->inhibit_data_logging_count += size;
- }
-
- return err;
- }
-
-
- /* A write handler used by es_fopencookie to write assuan data
- lines. */
- static gpgrt_ssize_t
- data_line_cookie_write (void *cookie, const void *buffer, size_t size)
- {
- assuan_context_t ctx = cookie;
-
- if (data_line_write (ctx, buffer, size))
- return -1;
- return (gpgrt_ssize_t)size;
- }
-
-
- static int
- data_line_cookie_close (void *cookie)
- {
- assuan_context_t ctx = cookie;
-
- if (DBG_IPC)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
-
- if (ctrl && ctrl->server_local
- && ctrl->server_local->inhibit_data_logging
- && ctrl->server_local->inhibit_data_logging_count)
- log_debug ("(%zu bytes sent via D lines not shown)\n",
- ctrl->server_local->inhibit_data_logging_count);
- }
- if (assuan_send_data (ctx, NULL, 0))
- {
- gpg_err_set_errno (EIO);
- return -1;
- }
-
- return 0;
- }
-
-
- /* Copy the % and + escaped string S into the buffer D and replace the
- escape sequences. Note, that it is sufficient to allocate the
- target string D as long as the source string S, i.e.: strlen(s)+1.
- Note further that if S contains an escaped binary Nul the resulting
- string D will contain the 0 as well as all other characters but it
- will be impossible to know whether this is the original EOS or a
- copied Nul. */
- static void
- strcpy_escaped_plus (char *d, const unsigned char *s)
- {
- while (*s)
- {
- if (*s == '%' && s[1] && s[2])
- {
- s++;
- *d++ = xtoi_2 ( s);
- s += 2;
- }
- else if (*s == '+')
- *d++ = ' ', s++;
- else
- *d++ = *s++;
- }
- *d = 0;
- }
-
-
- /* This function returns true if a Tor server is running. The status
- * is cached for the current connection. */
- static int
- is_tor_running (ctrl_t ctrl)
- {
- /* Check whether we can connect to the proxy. */
-
- if (!ctrl || !ctrl->server_local)
- return 0; /* Ooops. */
-
- if (!ctrl->server_local->tor_state)
- {
- assuan_fd_t sock;
-
- sock = assuan_sock_connect_byname (NULL, 0, 0, NULL, ASSUAN_SOCK_TOR);
- if (sock == ASSUAN_INVALID_FD)
- ctrl->server_local->tor_state = -1; /* Not running. */
- else
- {
- assuan_sock_close (sock);
- ctrl->server_local->tor_state = 1; /* Running. */
- }
- }
- return (ctrl->server_local->tor_state > 0);
- }
-
-
- /* Return an error if the assuan context does not belong to the owner
- of the process or to root. On error FAILTEXT is set as Assuan
- error string. */
- static gpg_error_t
- check_owner_permission (assuan_context_t ctx, const char *failtext)
- {
- #ifdef HAVE_W32_SYSTEM
- /* Under Windows the dirmngr is always run under the control of the
- user. */
- (void)ctx;
- (void)failtext;
- #else
- gpg_err_code_t ec;
- assuan_peercred_t cred;
-
- ec = gpg_err_code (assuan_get_peercred (ctx, &cred));
- if (!ec && cred->uid && cred->uid != getuid ())
- ec = GPG_ERR_EPERM;
- if (ec)
- return set_error (ec, failtext);
- #endif
- return 0;
- }
-
-
-
- /* Common code for get_cert_local and get_issuer_cert_local. */
- static ksba_cert_t
- do_get_cert_local (ctrl_t ctrl, const char *name, const char *command)
- {
- unsigned char *value;
- size_t valuelen;
- int rc;
- char *buf;
- ksba_cert_t cert;
-
- buf = name? strconcat (command, " ", name, NULL) : xtrystrdup (command);
- if (!buf)
- rc = gpg_error_from_syserror ();
- else
- {
- rc = assuan_inquire (ctrl->server_local->assuan_ctx, buf,
- &value, &valuelen, MAX_CERT_LENGTH);
- xfree (buf);
- }
- if (rc)
- {
- log_error (_("assuan_inquire(%s) failed: %s\n"),
- command, gpg_strerror (rc));
- return NULL;
- }
-
- if (!valuelen)
- {
- xfree (value);
- return NULL;
- }
-
- rc = ksba_cert_new (&cert);
- if (!rc)
- {
- rc = ksba_cert_init_from_mem (cert, value, valuelen);
- if (rc)
- {
- ksba_cert_release (cert);
- cert = NULL;
- }
- }
- xfree (value);
- return cert;
- }
-
-
-
- /* Ask back to return a certificate for NAME, given as a regular gpgsm
- * certificate identifier (e.g. fingerprint or one of the other
- * methods). Alternatively, NULL may be used for NAME to return the
- * current target certificate. Either return the certificate in a
- * KSBA object or NULL if it is not available. */
- ksba_cert_t
- get_cert_local (ctrl_t ctrl, const char *name)
- {
- if (!ctrl || !ctrl->server_local || !ctrl->server_local->assuan_ctx)
- {
- if (opt.debug)
- log_debug ("get_cert_local called w/o context\n");
- return NULL;
- }
- return do_get_cert_local (ctrl, name, "SENDCERT");
-
- }
-
-
- /* Ask back to return the issuing certificate for NAME, given as a
- * regular gpgsm certificate identifier (e.g. fingerprint or one
- * of the other methods). Alternatively, NULL may be used for NAME to
- * return the current target certificate. Either return the certificate
- * in a KSBA object or NULL if it is not available. */
- ksba_cert_t
- get_issuing_cert_local (ctrl_t ctrl, const char *name)
- {
- if (!ctrl || !ctrl->server_local || !ctrl->server_local->assuan_ctx)
- {
- if (opt.debug)
- log_debug ("get_issuing_cert_local called w/o context\n");
- return NULL;
- }
- return do_get_cert_local (ctrl, name, "SENDISSUERCERT");
- }
-
-
- /* Ask back to return a certificate with subject NAME and a
- * subjectKeyIdentifier of KEYID. */
- ksba_cert_t
- get_cert_local_ski (ctrl_t ctrl, const char *name, ksba_sexp_t keyid)
- {
- unsigned char *value;
- size_t valuelen;
- int rc;
- char *buf;
- ksba_cert_t cert;
- char *hexkeyid;
-
- if (!ctrl || !ctrl->server_local || !ctrl->server_local->assuan_ctx)
- {
- if (opt.debug)
- log_debug ("get_cert_local_ski called w/o context\n");
- return NULL;
- }
- if (!name || !keyid)
- {
- log_debug ("get_cert_local_ski called with insufficient arguments\n");
- return NULL;
- }
-
- hexkeyid = serial_hex (keyid);
- if (!hexkeyid)
- {
- log_debug ("serial_hex() failed\n");
- return NULL;
- }
-
- buf = strconcat ("SENDCERT_SKI ", hexkeyid, " /", name, NULL);
- if (!buf)
- {
- log_error ("can't allocate enough memory: %s\n", strerror (errno));
- xfree (hexkeyid);
- return NULL;
- }
- xfree (hexkeyid);
-
- rc = assuan_inquire (ctrl->server_local->assuan_ctx, buf,
- &value, &valuelen, MAX_CERT_LENGTH);
- xfree (buf);
- if (rc)
- {
- log_error (_("assuan_inquire(%s) failed: %s\n"), "SENDCERT_SKI",
- gpg_strerror (rc));
- return NULL;
- }
-
- if (!valuelen)
- {
- xfree (value);
- return NULL;
- }
-
- rc = ksba_cert_new (&cert);
- if (!rc)
- {
- rc = ksba_cert_init_from_mem (cert, value, valuelen);
- if (rc)
- {
- ksba_cert_release (cert);
- cert = NULL;
- }
- }
- xfree (value);
- return cert;
- }
-
-
- /* Ask the client via an inquiry to check the istrusted status of the
- certificate specified by the hexified fingerprint HEXFPR. Returns
- 0 if the certificate is trusted by the client or an error code. */
- gpg_error_t
- get_istrusted_from_client (ctrl_t ctrl, const char *hexfpr)
- {
- unsigned char *value;
- size_t valuelen;
- int rc;
- char request[100];
-
- if (!ctrl || !ctrl->server_local || !ctrl->server_local->assuan_ctx
- || !hexfpr)
- return gpg_error (GPG_ERR_INV_ARG);
-
- snprintf (request, sizeof request, "ISTRUSTED %s", hexfpr);
- rc = assuan_inquire (ctrl->server_local->assuan_ctx, request,
- &value, &valuelen, 100);
- if (rc)
- {
- log_error (_("assuan_inquire(%s) failed: %s\n"),
- request, gpg_strerror (rc));
- return rc;
- }
- /* The expected data is: "1" or "1 cruft" (not a C-string). */
- if (valuelen && *value == '1' && (valuelen == 1 || spacep (value+1)))
- rc = 0;
- else
- rc = gpg_error (GPG_ERR_NOT_TRUSTED);
- xfree (value);
- return rc;
- }
-
-
-
-
- /* Ask the client to return the certificate associated with the
- current command. This is sometimes needed because the client usually
- sends us just the cert ID, assuming that the request can be
- satisfied from the cache, where the cert ID is used as key. */
- static int
- inquire_cert_and_load_crl (assuan_context_t ctx)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err;
- unsigned char *value = NULL;
- size_t valuelen;
- ksba_cert_t cert = NULL;
-
- err = assuan_inquire( ctx, "SENDCERT", &value, &valuelen, 0);
- if (err)
- return err;
-
- /* { */
- /* FILE *fp = fopen ("foo.der", "r"); */
- /* value = xmalloc (2000); */
- /* valuelen = fread (value, 1, 2000, fp); */
- /* fclose (fp); */
- /* } */
-
- if (!valuelen) /* No data returned; return a comprehensible error. */
- return gpg_error (GPG_ERR_MISSING_CERT);
-
- err = ksba_cert_new (&cert);
- if (err)
- goto leave;
- err = ksba_cert_init_from_mem (cert, value, valuelen);
- if(err)
- goto leave;
- xfree (value); value = NULL;
-
- err = crl_cache_reload_crl (ctrl, cert);
-
- leave:
- ksba_cert_release (cert);
- xfree (value);
- return err;
- }
-
-
- /* Handle OPTION commands. */
- static gpg_error_t
- option_handler (assuan_context_t ctx, const char *key, const char *value)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err = 0;
-
- if (!strcmp (key, "force-crl-refresh"))
- {
- int i = *value? atoi (value) : 0;
- ctrl->force_crl_refresh = i;
- }
- else if (!strcmp (key, "audit-events"))
- {
- int i = *value? atoi (value) : 0;
- ctrl->audit_events = i;
- }
- else if (!strcmp (key, "http-proxy"))
- {
- xfree (ctrl->http_proxy);
- if (!*value || !strcmp (value, "none"))
- ctrl->http_proxy = NULL;
- else if (!(ctrl->http_proxy = xtrystrdup (value)))
- err = gpg_error_from_syserror ();
- }
- else if (!strcmp (key, "honor-keyserver-url-used"))
- {
- /* Return an error if we are running in Tor mode. */
- if (dirmngr_use_tor ())
- err = gpg_error (GPG_ERR_FORBIDDEN);
- }
- else if (!strcmp (key, "http-crl"))
- {
- int i = *value? atoi (value) : 0;
- ctrl->http_no_crl = !i;
- }
- else
- err = gpg_error (GPG_ERR_UNKNOWN_OPTION);
-
- return err;
- }
-
-
-
- static const char hlp_dns_cert[] =
- "DNS_CERT <subtype> <name>\n"
- "DNS_CERT --pka <user_id>\n"
- "DNS_CERT --dane <user_id>\n"
- "\n"
- "Return the CERT record for <name>. <subtype> is one of\n"
- " * Return the first record of any supported subtype\n"
- " PGP Return the first record of subtype PGP (3)\n"
- " IPGP Return the first record of subtype IPGP (6)\n"
- "If the content of a certificate is available (PGP) it is returned\n"
- "by data lines. Fingerprints and URLs are returned via status lines.\n"
- "In --pka mode the fingerprint and if available an URL is returned.\n"
- "In --dane mode the key is returned from RR type 61";
- static gpg_error_t
- cmd_dns_cert (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err = 0;
- int pka_mode, dane_mode;
- char *mbox = NULL;
- char *namebuf = NULL;
- char *encodedhash = NULL;
- const char *name;
- int certtype;
- char *p;
- void *key = NULL;
- size_t keylen;
- unsigned char *fpr = NULL;
- size_t fprlen;
- char *url = NULL;
-
- pka_mode = has_option (line, "--pka");
- dane_mode = has_option (line, "--dane");
- line = skip_options (line);
-
- if (pka_mode && dane_mode)
- {
- err = PARM_ERROR ("either --pka or --dane may be given");
- goto leave;
- }
-
- if (pka_mode || dane_mode)
- ; /* No need to parse here - we do this later. */
- else
- {
- p = strchr (line, ' ');
- if (!p)
- {
- err = PARM_ERROR ("missing arguments");
- goto leave;
- }
- *p++ = 0;
- if (!strcmp (line, "*"))
- certtype = DNS_CERTTYPE_ANY;
- else if (!strcmp (line, "IPGP"))
- certtype = DNS_CERTTYPE_IPGP;
- else if (!strcmp (line, "PGP"))
- certtype = DNS_CERTTYPE_PGP;
- else
- {
- err = PARM_ERROR ("unknown subtype");
- goto leave;
- }
- while (spacep (p))
- p++;
- line = p;
- if (!*line)
- {
- err = PARM_ERROR ("name missing");
- goto leave;
- }
- }
-
- if (pka_mode || dane_mode)
- {
- char *domain; /* Points to mbox. */
- char hashbuf[32]; /* For SHA-1 and SHA-256. */
-
- /* We lowercase ascii characters but the DANE I-D does not allow
- this. FIXME: Check after the release of the RFC whether to
- change this. */
- mbox = mailbox_from_userid (line, 0);
- if (!mbox || !(domain = strchr (mbox, '@')))
- {
- err = set_error (GPG_ERR_INV_USER_ID, "no mailbox in user id");
- goto leave;
- }
- *domain++ = 0;
-
- if (pka_mode)
- {
- gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf, mbox, strlen (mbox));
- encodedhash = zb32_encode (hashbuf, 8*20);
- if (!encodedhash)
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
- namebuf = strconcat (encodedhash, "._pka.", domain, NULL);
- if (!namebuf)
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
- name = namebuf;
- certtype = DNS_CERTTYPE_IPGP;
- }
- else
- {
- /* Note: The hash is truncated to 28 bytes and we lowercase
- the result only for aesthetic reasons. */
- gcry_md_hash_buffer (GCRY_MD_SHA256, hashbuf, mbox, strlen (mbox));
- encodedhash = bin2hex (hashbuf, 28, NULL);
- if (!encodedhash)
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
- ascii_strlwr (encodedhash);
- namebuf = strconcat (encodedhash, "._openpgpkey.", domain, NULL);
- if (!namebuf)
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
- name = namebuf;
- certtype = DNS_CERTTYPE_RR61;
- }
- }
- else
- name = line;
-
- err = get_dns_cert (ctrl, name, certtype, &key, &keylen, &fpr, &fprlen, &url);
- if (err)
- goto leave;
-
- if (key)
- {
- err = data_line_write (ctx, key, keylen);
- if (err)
- goto leave;
- }
-
- if (fpr)
- {
- char *tmpstr;
-
- tmpstr = bin2hex (fpr, fprlen, NULL);
- if (!tmpstr)
- err = gpg_error_from_syserror ();
- else
- {
- err = assuan_write_status (ctx, "FPR", tmpstr);
- xfree (tmpstr);
- }
- if (err)
- goto leave;
- }
-
- if (url)
- {
- err = assuan_write_status (ctx, "URL", url);
- if (err)
- goto leave;
- }
-
-
- leave:
- xfree (key);
- xfree (fpr);
- xfree (url);
- xfree (mbox);
- xfree (namebuf);
- xfree (encodedhash);
- return leave_cmd (ctx, err);
- }
-
-
-
- /* Core of cmd_wkd_get and task_check_wkd_support. If CTX is NULL
- * this function will not write anything to the assuan output. */
- static gpg_error_t
- proc_wkd_get (ctrl_t ctrl, assuan_context_t ctx, char *line)
- {
- gpg_error_t err = 0;
- char *mbox = NULL;
- char *domainbuf = NULL;
- char *domain; /* Points to mbox or domainbuf. This is used to
- * connect to the host. */
- char *domain_orig;/* Points to mbox. This is the used for the
- * query; i.e. the domain part of the
- * addrspec. */
- char sha1buf[20];
- char *uri = NULL;
- char *encodedhash = NULL;
- int opt_submission_addr;
- int opt_policy_flags;
- int is_wkd_query; /* True if this is a real WKD query. */
- int no_log = 0;
- char portstr[20] = { 0 };
- int subdomain_mode = 0;
-
- opt_submission_addr = has_option (line, "--submission-address");
- opt_policy_flags = has_option (line, "--policy-flags");
- if (has_option (line, "--quick"))
- ctrl->timeout = opt.connect_quick_timeout;
- line = skip_options (line);
- is_wkd_query = !(opt_policy_flags || opt_submission_addr);
-
- mbox = mailbox_from_userid (line, 0);
- if (!mbox || !(domain = strchr (mbox, '@')))
- {
- err = set_error (GPG_ERR_INV_USER_ID, "no mailbox in user id");
- goto leave;
- }
- *domain++ = 0;
- domain_orig = domain;
-
-
- /* Let's check whether we already know that the domain does not
- * support WKD. */
- if (is_wkd_query)
- {
- if (domaininfo_is_wkd_not_supported (domain_orig))
- {
- err = gpg_error (GPG_ERR_NO_DATA);
- dirmngr_status_printf (ctrl, "NOTE", "wkd_cached_result %u", err);
- goto leave;
- }
- }
-
-
- /* First try the new "openpgp" subdomain. We check that the domain
- * is valid because it is later used as an unescaped filename part
- * of the URI. */
- if (is_valid_domain_name (domain_orig))
- {
- dns_addrinfo_t aibuf;
-
- domainbuf = strconcat ( "openpgpkey.", domain_orig, NULL);
- if (!domainbuf)
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
-
- /* FIXME: We should put a cache into dns-stuff because the same
- * query (with a different port and socket type, though) will be
- * done later by http function. */
- err = resolve_dns_name (ctrl, domainbuf, 0, 0, 0, &aibuf, NULL);
- if (err)
- {
- err = 0;
- xfree (domainbuf);
- domainbuf = NULL;
- }
- else /* Got a subdomain. */
- {
- free_dns_addrinfo (aibuf);
- subdomain_mode = 1;
- domain = domainbuf;
- }
- }
-
- /* Check for SRV records unless we have a subdomain. */
- if (!subdomain_mode)
- {
- struct srventry *srvs;
- unsigned int srvscount;
- size_t domainlen, targetlen;
- int i;
-
- err = get_dns_srv (ctrl, domain, "openpgpkey", NULL, &srvs, &srvscount);
- if (err)
- {
- /* Ignore server failed becuase there are too many resolvers
- * which do not work as expected. */
- if (gpg_err_code (err) == GPG_ERR_SERVER_FAILED)
- err = 0; /*(srvcount is guaranteed to be 0)*/
- else
- goto leave;
- }
-
- /* Check for rogue DNS names. */
- for (i = 0; i < srvscount; i++)
- {
- if (!is_valid_domain_name (srvs[i].target))
- {
- err = gpg_error (GPG_ERR_DNS_ADDRESS);
- log_error ("rogue openpgpkey SRV record for '%s'\n", domain);
- xfree (srvs);
- goto leave;
- }
- }
-
- /* Find the first target which also ends in DOMAIN or is equal
- * to DOMAIN. */
- domainlen = strlen (domain);
- for (i = 0; i < srvscount; i++)
- {
- if (DBG_DNS)
- log_debug ("srv: trying '%s:%hu'\n", srvs[i].target, srvs[i].port);
- targetlen = strlen (srvs[i].target);
- if ((targetlen > domainlen + 1
- && srvs[i].target[targetlen - domainlen - 1] == '.'
- && !ascii_strcasecmp (srvs[i].target + targetlen - domainlen,
- domain))
- || (targetlen == domainlen
- && !ascii_strcasecmp (srvs[i].target, domain)))
- {
- /* found. */
- domainbuf = xtrystrdup (srvs[i].target);
- if (!domainbuf)
- {
- err = gpg_error_from_syserror ();
- xfree (srvs);
- goto leave;
- }
- domain = domainbuf;
- if (srvs[i].port)
- snprintf (portstr, sizeof portstr, ":%hu", srvs[i].port);
- break;
- }
- }
- xfree (srvs);
- }
-
- /* Prepare the hash of the local part. */
- gcry_md_hash_buffer (GCRY_MD_SHA1, sha1buf, mbox, strlen (mbox));
- encodedhash = zb32_encode (sha1buf, 8*20);
- if (!encodedhash)
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
-
- if (opt_submission_addr)
- {
- uri = strconcat ("https://",
- domain,
- portstr,
- "/.well-known/openpgpkey/",
- subdomain_mode? domain_orig : "",
- subdomain_mode? "/" : "",
- "submission-address",
- NULL);
- }
- else if (opt_policy_flags)
- {
- uri = strconcat ("https://",
- domain,
- portstr,
- "/.well-known/openpgpkey/",
- subdomain_mode? domain_orig : "",
- subdomain_mode? "/" : "",
- "policy",
- NULL);
- }
- else
- {
- char *escapedmbox;
-
- escapedmbox = http_escape_string (mbox, "%;?&=+#");
- if (escapedmbox)
- {
- uri = strconcat ("https://",
- domain,
- portstr,
- "/.well-known/openpgpkey/",
- subdomain_mode? domain_orig : "",
- subdomain_mode? "/" : "",
- "hu/",
- encodedhash,
- "?l=",
- escapedmbox,
- NULL);
- xfree (escapedmbox);
- no_log = 1;
- if (uri)
- {
- err = dirmngr_status_printf (ctrl, "SOURCE", "https://%s%s",
- domain, portstr);
- if (err)
- goto leave;
- }
- }
- }
- if (!uri)
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
-
- /* Setup an output stream and perform the get. */
- {
- estream_t outfp;
-
- outfp = ctx? es_fopencookie (ctx, "w", data_line_cookie_functions) : NULL;
- if (!outfp && ctx)
- err = set_error (GPG_ERR_ASS_GENERAL,
- "error setting up a data stream");
- else
- {
- if (ctrl->server_local)
- {
- if (no_log)
- ctrl->server_local->inhibit_data_logging = 1;
- ctrl->server_local->inhibit_data_logging_now = 0;
- ctrl->server_local->inhibit_data_logging_count = 0;
- }
- err = ks_action_fetch (ctrl, uri, outfp);
- es_fclose (outfp);
- if (ctrl->server_local)
- ctrl->server_local->inhibit_data_logging = 0;
-
- /* Register the result under the domain name of MBOX. */
- switch (gpg_err_code (err))
- {
- case 0:
- domaininfo_set_wkd_supported (domain_orig);
- break;
-
- case GPG_ERR_NO_NAME:
- /* There is no such domain. */
- domaininfo_set_no_name (domain_orig);
- break;
-
- case GPG_ERR_NO_DATA:
- if (is_wkd_query && ctrl->server_local)
- {
- /* Mark that and schedule a check. */
- domaininfo_set_wkd_not_found (domain_orig);
- workqueue_add_task (task_check_wkd_support, domain_orig,
- ctrl->server_local->session_id, 1);
- }
- else if (opt_policy_flags) /* No policy file - no support. */
- domaininfo_set_wkd_not_supported (domain_orig);
- break;
-
- default:
- /* Don't register other errors. */
- break;
- }
- }
- }
-
- leave:
- xfree (uri);
- xfree (encodedhash);
- xfree (mbox);
- xfree (domainbuf);
- return err;
- }
-
-
- static const char hlp_wkd_get[] =
- "WKD_GET [--submission-address|--policy-flags] <user_id>\n"
- "\n"
- "Return the key or other info for <user_id>\n"
- "from the Web Key Directory.";
- static gpg_error_t
- cmd_wkd_get (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err;
-
- err = proc_wkd_get (ctrl, ctx, line);
-
- return leave_cmd (ctx, err);
- }
-
-
- /* A task to check whether DOMAIN supports WKD. This is done by
- * checking whether the policy flags file can be read. */
- static const char *
- task_check_wkd_support (ctrl_t ctrl, const char *domain)
- {
- char *string;
-
- if (!ctrl || !domain)
- return "check_wkd_support";
-
- string = strconcat ("--policy-flags foo@", domain, NULL);
- if (!string)
- log_error ("%s: %s\n", __func__, gpg_strerror (gpg_error_from_syserror ()));
- else
- {
- proc_wkd_get (ctrl, NULL, string);
- xfree (string);
- }
-
- return NULL;
- }
-
-
-
- static const char hlp_ldapserver[] =
- "LDAPSERVER [--clear] <data>\n"
- "\n"
- "Add a new LDAP server to the list of configured LDAP servers.\n"
- "DATA is in the same format as expected in the configure file.\n"
- "An optional prefix \"ldap:\" is allowed. With no args all\n"
- "configured ldapservers are listed. Option --clear removes all\n"
- "servers configured in this session.";
- static gpg_error_t
- cmd_ldapserver (assuan_context_t ctx, char *line)
- {
- #if USE_LDAP
- ctrl_t ctrl = assuan_get_pointer (ctx);
- ldap_server_t server;
- ldap_server_t *last_next_p;
- int clear_flag;
-
- clear_flag = has_option (line, "--clear");
- line = skip_options (line);
- while (spacep (line))
- line++;
-
- if (clear_flag)
- {
- #if USE_LDAP
- ldapserver_list_free (ctrl->server_local->ldapservers);
- #endif /*USE_LDAP*/
- ctrl->server_local->ldapservers = NULL;
- }
-
- if (!*line && clear_flag)
- return leave_cmd (ctx, 0);
-
- if (!*line)
- {
- /* List all ldapservers. */
- struct ldapserver_iter ldapserver_iter;
- char *tmpstr;
- char portstr[20];
-
- for (ldapserver_iter_begin (&ldapserver_iter, ctrl);
- !ldapserver_iter_end_p (&ldapserver_iter);
- ldapserver_iter_next (&ldapserver_iter))
- {
- server = ldapserver_iter.server;
- if (server->port)
- snprintf (portstr, sizeof portstr, "%d", server->port);
- else
- *portstr = 0;
-
- tmpstr = xtryasprintf ("ldap:%s:%s:%s:%s:%s:%s%s:",
- server->host? server->host : "",
- portstr,
- server->user? server->user : "",
- server->pass? "*****": "",
- server->base? server->base : "",
- server->starttls ? "starttls" :
- server->ldap_over_tls ? "ldaptls" : "none",
- server->ntds ? ",ntds" : "");
- if (!tmpstr)
- return leave_cmd (ctx, gpg_error_from_syserror ());
- dirmngr_status (ctrl, "LDAPSERVER", tmpstr, NULL);
- xfree (tmpstr);
- }
- return leave_cmd (ctx, 0);
- }
-
- /* Skip an "ldap:" prefix unless it is a valid ldap url. */
- if (!strncmp (line, "ldap:", 5) && !(line[5] == '/' && line[6] == '/'))
- line += 5;
-
- server = ldapserver_parse_one (line, NULL, 0);
- if (! server)
- return leave_cmd (ctx, gpg_error (GPG_ERR_INV_ARG));
-
- last_next_p = &ctrl->server_local->ldapservers;
- while (*last_next_p)
- last_next_p = &(*last_next_p)->next;
- *last_next_p = server;
- return leave_cmd (ctx, 0);
- #else
- (void)line;
- return leave_cmd (ctx, gpg_error (GPG_ERR_NOT_IMPLEMENTED));
- #endif
- }
-
-
- static const char hlp_isvalid[] =
- "ISVALID [--only-ocsp] [--force-default-responder]"
- " <certificate_id> [<certificate_fpr>]\n"
- "\n"
- "This command checks whether the certificate identified by the\n"
- "certificate_id is valid. This is done by consulting CRLs or\n"
- "whatever has been configured. Note, that the returned error codes\n"
- "are from gpg-error.h. The command may callback using the inquire\n"
- "function. See the manual for details.\n"
- "\n"
- "The CERTIFICATE_ID is a hex encoded string consisting of two parts,\n"
- "delimited by a single dot. The first part is the SHA-1 hash of the\n"
- "issuer name and the second part the serial number.\n"
- "\n"
- "If an OCSP check is desired CERTIFICATE_FPR with the hex encoded\n"
- "fingerprint of the certificate is required. In this case an OCSP\n"
- "request is done before consulting the CRL.\n"
- "\n"
- "If the option --only-ocsp is given, no fallback to a CRL check will\n"
- "be used.\n"
- "\n"
- "If the option --force-default-responder is given, only the default\n"
- "OCSP responder will be used and any other methods of obtaining an\n"
- "OCSP responder URL won't be used.";
- static gpg_error_t
- cmd_isvalid (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- char *issuerhash, *serialno, *fpr;
- gpg_error_t err;
- int did_inquire = 0;
- int ocsp_mode = 0;
- int only_ocsp;
- int force_default_responder;
-
- only_ocsp = has_option (line, "--only-ocsp");
- force_default_responder = has_option (line, "--force-default-responder");
- line = skip_options (line);
-
- /* We need to work on a copy of the line because that same Assuan
- * context may be used for an inquiry. That is because Assuan
- * reuses its line buffer. */
- issuerhash = xstrdup (line);
-
- serialno = strchr (issuerhash, '.');
- if (!serialno)
- {
- xfree (issuerhash);
- return leave_cmd (ctx, PARM_ERROR (_("serialno missing in cert ID")));
- }
- *serialno++ = 0;
- if (strlen (issuerhash) != 40)
- {
- xfree (issuerhash);
- return leave_cmd (ctx, PARM_ERROR ("cert ID is too short"));
- }
-
- fpr = strchr (serialno, ' ');
- while (fpr && spacep (fpr))
- fpr++;
- if (fpr && *fpr)
- {
- char *endp = strchr (fpr, ' ');
- if (endp)
- *endp = 0;
- if (strlen (fpr) != 40)
- {
- xfree (issuerhash);
- return leave_cmd (ctx, PARM_ERROR ("fingerprint too short"));
- }
- ocsp_mode = 1;
- }
-
-
- again:
- if (ocsp_mode)
- {
- gnupg_isotime_t revoked_at;
- const char *reason;
-
- /* Note, that we currently ignore the supplied fingerprint FPR;
- * instead ocsp_isvalid does an inquire to ask for the cert.
- * The fingerprint may eventually be used to lookup the
- * certificate in a local cache. */
- if (!opt.allow_ocsp)
- err = gpg_error (GPG_ERR_NOT_SUPPORTED);
- else
- err = ocsp_isvalid (ctrl, NULL, NULL, force_default_responder,
- revoked_at, &reason);
-
- if (gpg_err_code (err) == GPG_ERR_CERT_REVOKED)
- dirmngr_status_printf (ctrl, "REVOCATIONINFO", "%s %s",
- revoked_at, reason);
-
- if (gpg_err_code (err) == GPG_ERR_CONFIGURATION
- && gpg_err_source (err) == GPG_ERR_SOURCE_DIRMNGR)
- {
- /* No default responder configured - fallback to CRL. */
- if (!only_ocsp)
- log_info ("falling back to CRL check\n");
- ocsp_mode = 0;
- goto again;
- }
- }
- else if (only_ocsp)
- err = gpg_error (GPG_ERR_NO_CRL_KNOWN);
- else if (opt.fake_crl && (err = fakecrl_isvalid (ctrl, issuerhash, serialno)))
- {
- /* We already got the error code. */
- }
- else
- {
- switch (crl_cache_isvalid (ctrl,
- issuerhash, serialno,
- ctrl->force_crl_refresh))
- {
- case CRL_CACHE_VALID:
- err = 0;
- break;
- case CRL_CACHE_INVALID:
- err = gpg_error (GPG_ERR_CERT_REVOKED);
- break;
- case CRL_CACHE_DONTKNOW:
- if (did_inquire)
- err = gpg_error (GPG_ERR_NO_CRL_KNOWN);
- else if (!(err = inquire_cert_and_load_crl (ctx)))
- {
- did_inquire = 1;
- goto again;
- }
- break;
- case CRL_CACHE_NOTTRUSTED:
- err = gpg_error (GPG_ERR_NOT_TRUSTED);
- break;
- case CRL_CACHE_CANTUSE:
- err = gpg_error (GPG_ERR_INV_CRL_OBJ);
- break;
- default:
- log_fatal ("crl_cache_isvalid returned invalid code\n");
- }
- }
-
- xfree (issuerhash);
- return leave_cmd (ctx, err);
- }
-
-
- /* If the line contains a SHA-1 fingerprint as the first argument,
- return the FPR buffer on success. The function checks that the
- fingerprint consists of valid characters and prints and error
- message if it does not and returns NULL. Fingerprints are
- considered optional and thus no explicit error is returned. NULL is
- also returned if there is no fingerprint at all available.
- FPR must be a caller provided buffer of at least 20 bytes.
-
- Note that colons within the fingerprint are allowed to separate 2
- hex digits; this allows for easier cutting and pasting using the
- usual fingerprint rendering.
- */
- static unsigned char *
- get_fingerprint_from_line (const char *line, unsigned char *fpr)
- {
- const char *s;
- int i;
-
- for (s=line, i=0; *s && *s != ' '; s++ )
- {
- if ( hexdigitp (s) && hexdigitp (s+1) )
- {
- if ( i >= 20 )
- return NULL; /* Fingerprint too long. */
- fpr[i++] = xtoi_2 (s);
- s++;
- }
- else if ( *s != ':' )
- return NULL; /* Invalid. */
- }
- if ( i != 20 )
- return NULL; /* Fingerprint to short. */
- return fpr;
- }
-
-
-
- static const char hlp_checkcrl[] =
- "CHECKCRL [<fingerprint>]\n"
- "\n"
- "Check whether the certificate with FINGERPRINT (SHA-1 hash of the\n"
- "entire X.509 certificate blob) is valid or not by consulting the\n"
- "CRL responsible for this certificate. If the fingerprint has not\n"
- "been given or the certificate is not known, the function \n"
- "inquires the certificate using an\n"
- "\n"
- " INQUIRE TARGETCERT\n"
- "\n"
- "and the caller is expected to return the certificate for the\n"
- "request (which should match FINGERPRINT) as a binary blob.\n"
- "Processing then takes place without further interaction; in\n"
- "particular dirmngr tries to locate other required certificate by\n"
- "its own mechanism which includes a local certificate store as well\n"
- "as a list of trusted root certificates.\n"
- "\n"
- "The return value is the usual gpg-error code or 0 for ducesss;\n"
- "i.e. the certificate validity has been confirmed by a valid CRL.";
- static gpg_error_t
- cmd_checkcrl (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err;
- unsigned char fprbuffer[20], *fpr;
- ksba_cert_t cert;
-
- fpr = get_fingerprint_from_line (line, fprbuffer);
- cert = fpr? get_cert_byfpr (fpr) : NULL;
-
- if (!cert)
- {
- /* We do not have this certificate yet or the fingerprint has
- not been given. Inquire it from the client. */
- unsigned char *value = NULL;
- size_t valuelen;
-
- err = assuan_inquire (ctrl->server_local->assuan_ctx, "TARGETCERT",
- &value, &valuelen, MAX_CERT_LENGTH);
- if (err)
- {
- log_error (_("assuan_inquire failed: %s\n"), gpg_strerror (err));
- goto leave;
- }
-
- if (!valuelen) /* No data returned; return a comprehensible error. */
- err = gpg_error (GPG_ERR_MISSING_CERT);
- else
- {
- err = ksba_cert_new (&cert);
- if (!err)
- err = ksba_cert_init_from_mem (cert, value, valuelen);
- }
- xfree (value);
- if(err)
- goto leave;
- }
-
- log_assert (cert);
-
- err = crl_cache_cert_isvalid (ctrl, cert, ctrl->force_crl_refresh);
- if (gpg_err_code (err) == GPG_ERR_NO_CRL_KNOWN)
- {
- err = crl_cache_reload_crl (ctrl, cert);
- if (!err)
- err = crl_cache_cert_isvalid (ctrl, cert, 0);
- }
-
- leave:
- ksba_cert_release (cert);
- return leave_cmd (ctx, err);
- }
-
-
- static const char hlp_checkocsp[] =
- "CHECKOCSP [--force-default-responder] [<fingerprint>]\n"
- "\n"
- "Check whether the certificate with FINGERPRINT (SHA-1 hash of the\n"
- "entire X.509 certificate blob) is valid or not by asking an OCSP\n"
- "responder responsible for this certificate. The optional\n"
- "fingerprint may be used for a quick check in case an OCSP check has\n"
- "been done for this certificate recently (we always cache OCSP\n"
- "responses for a couple of minutes). If the fingerprint has not been\n"
- "given or there is no cached result, the function inquires the\n"
- "certificate using an\n"
- "\n"
- " INQUIRE TARGETCERT\n"
- "\n"
- "and the caller is expected to return the certificate for the\n"
- "request (which should match FINGERPRINT) as a binary blob.\n"
- "Processing then takes place without further interaction; in\n"
- "particular dirmngr tries to locate other required certificates by\n"
- "its own mechanism which includes a local certificate store as well\n"
- "as a list of trusted root certificates.\n"
- "\n"
- "If the option --force-default-responder is given, only the default\n"
- "OCSP responder will be used and any other methods of obtaining an\n"
- "OCSP responder URL won't be used.\n"
- "\n"
- "The return value is the usual gpg-error code or 0 for ducesss;\n"
- "i.e. the certificate validity has been confirmed by a valid CRL.";
- static gpg_error_t
- cmd_checkocsp (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err;
- unsigned char fprbuffer[20], *fpr;
- ksba_cert_t cert;
- int force_default_responder;
- gnupg_isotime_t revoked_at;
- const char *reason;
-
- force_default_responder = has_option (line, "--force-default-responder");
- line = skip_options (line);
-
- fpr = get_fingerprint_from_line (line, fprbuffer);
- cert = fpr? get_cert_byfpr (fpr) : NULL;
-
- if (!cert)
- {
- /* We do not have this certificate yet or the fingerprint has
- not been given. Inquire it from the client. */
- unsigned char *value = NULL;
- size_t valuelen;
-
- err = assuan_inquire (ctrl->server_local->assuan_ctx, "TARGETCERT",
- &value, &valuelen, MAX_CERT_LENGTH);
- if (err)
- {
- log_error (_("assuan_inquire failed: %s\n"), gpg_strerror (err));
- goto leave;
- }
-
- if (!valuelen) /* No data returned; return a comprehensible error. */
- err = gpg_error (GPG_ERR_MISSING_CERT);
- else
- {
- err = ksba_cert_new (&cert);
- if (!err)
- err = ksba_cert_init_from_mem (cert, value, valuelen);
- }
- xfree (value);
- if(err)
- goto leave;
- }
-
- log_assert (cert);
-
- if (!opt.allow_ocsp)
- err = gpg_error (GPG_ERR_NOT_SUPPORTED);
- else
- err = ocsp_isvalid (ctrl, cert, NULL, force_default_responder,
- revoked_at, &reason);
-
- if (gpg_err_code (err) == GPG_ERR_CERT_REVOKED)
- dirmngr_status_printf (ctrl, "REVOCATIONINFO", "%s %s",
- revoked_at, reason);
-
-
- leave:
- ksba_cert_release (cert);
- return leave_cmd (ctx, err);
- }
-
-
-
- static int
- lookup_cert_by_url (assuan_context_t ctx, const char *url)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err = 0;
- unsigned char *value = NULL;
- size_t valuelen;
-
- /* Fetch single certificate given it's URL. */
- err = fetch_cert_by_url (ctrl, url, &value, &valuelen);
- if (err)
- {
- log_error (_("fetch_cert_by_url failed: %s\n"), gpg_strerror (err));
- goto leave;
- }
-
- /* Send the data, flush the buffer and then send an END. */
- err = assuan_send_data (ctx, value, valuelen);
- if (!err)
- err = assuan_send_data (ctx, NULL, 0);
- if (!err)
- err = assuan_write_line (ctx, "END");
- if (err)
- {
- log_error (_("error sending data: %s\n"), gpg_strerror (err));
- goto leave;
- }
-
- leave:
-
- return err;
- }
-
-
- /* Send the certificate, flush the buffer and then send an END. */
- static gpg_error_t
- return_one_cert (void *opaque, ksba_cert_t cert)
- {
- assuan_context_t ctx = opaque;
- gpg_error_t err;
- const unsigned char *der;
- size_t derlen;
-
- der = ksba_cert_get_image (cert, &derlen);
- if (!der)
- err = gpg_error (GPG_ERR_INV_CERT_OBJ);
- else
- {
- err = assuan_send_data (ctx, der, derlen);
- if (!err)
- err = assuan_send_data (ctx, NULL, 0);
- if (!err)
- err = assuan_write_line (ctx, "END");
- }
- if (err)
- log_error (_("error sending data: %s\n"), gpg_strerror (err));
- return err;
- }
-
-
- /* Lookup certificates from the internal cache or using the ldap
- servers. */
- static int
- lookup_cert_by_pattern (assuan_context_t ctx, char *line,
- int single, int cache_only)
- {
- gpg_error_t err = 0;
- char *p;
- strlist_t sl, list = NULL;
- int truncated = 0, truncation_forced = 0;
- int count = 0;
- int local_count = 0;
- #if USE_LDAP
- ctrl_t ctrl = assuan_get_pointer (ctx);
- unsigned char *value = NULL;
- size_t valuelen;
- struct ldapserver_iter ldapserver_iter;
- cert_fetch_context_t fetch_context;
- #endif /*USE_LDAP*/
- int any_no_data = 0;
-
- /* Break the line down into an STRLIST */
- for (p=line; *p; line = p)
- {
- while (*p && *p != ' ')
- p++;
- if (*p)
- *p++ = 0;
-
- if (*line)
- {
- sl = xtrymalloc (sizeof *sl + strlen (line));
- if (!sl)
- {
- err = gpg_error_from_errno (errno);
- goto leave;
- }
- memset (sl, 0, sizeof *sl);
- strcpy_escaped_plus (sl->d, line);
- sl->next = list;
- list = sl;
- }
- }
-
- /* First look through the internal cache. The certificates returned
- here are not counted towards the truncation limit. */
- if (single && !cache_only)
- ; /* Do not read from the local cache in this case. */
- else
- {
- for (sl=list; sl; sl = sl->next)
- {
- err = get_certs_bypattern (sl->d, return_one_cert, ctx);
- if (!err)
- local_count++;
- if (!err && single)
- goto ready;
-
- if (gpg_err_code (err) == GPG_ERR_NO_DATA
- || gpg_err_code (err) == GPG_ERR_NOT_FOUND)
- {
- err = 0;
- if (cache_only)
- any_no_data = 1;
- }
- else if (gpg_err_code (err) == GPG_ERR_INV_NAME && !cache_only)
- {
- /* No real fault because the internal pattern lookup
- can't yet cope with all types of pattern. */
- err = 0;
- }
- if (err)
- goto ready;
- }
- }
-
- /* Loop over all configured servers unless we want only the
- certificates from the cache. */
- #if USE_LDAP
- for (ldapserver_iter_begin (&ldapserver_iter, ctrl);
- !cache_only && !ldapserver_iter_end_p (&ldapserver_iter)
- && ldapserver_iter.server->host && !truncation_forced;
- ldapserver_iter_next (&ldapserver_iter))
- {
- ldap_server_t ldapserver = ldapserver_iter.server;
-
- if (DBG_LOOKUP)
- log_debug ("cmd_lookup: trying %s:%d base=%s\n",
- ldapserver->host, ldapserver->port,
- ldapserver->base?ldapserver->base : "[default]");
-
- /* Fetch certificates matching pattern */
- err = start_cert_fetch (ctrl, &fetch_context, list, ldapserver);
- if ( gpg_err_code (err) == GPG_ERR_NO_DATA )
- {
- if (DBG_LOOKUP)
- log_debug ("cmd_lookup: no data\n");
- err = 0;
- any_no_data = 1;
- continue;
- }
- if (err)
- {
- log_error (_("start_cert_fetch failed: %s\n"), gpg_strerror (err));
- goto leave;
- }
-
- /* Fetch the certificates for this query. */
- while (!truncation_forced)
- {
- xfree (value); value = NULL;
- err = fetch_next_cert (fetch_context, &value, &valuelen);
- if (gpg_err_code (err) == GPG_ERR_NO_DATA )
- {
- err = 0;
- any_no_data = 1;
- break; /* Ready. */
- }
- if (gpg_err_code (err) == GPG_ERR_TRUNCATED)
- {
- truncated = 1;
- err = 0;
- break; /* Ready. */
- }
- if (gpg_err_code (err) == GPG_ERR_EOF)
- {
- err = 0;
- break; /* Ready. */
- }
- if (!err && !value)
- {
- err = gpg_error (GPG_ERR_BUG);
- goto leave;
- }
- if (err)
- {
- log_error (_("fetch_next_cert failed: %s\n"),
- gpg_strerror (err));
- end_cert_fetch (fetch_context);
- goto leave;
- }
-
- if (DBG_LOOKUP)
- log_debug ("cmd_lookup: returning one cert%s\n",
- truncated? " (truncated)":"");
-
- /* Send the data, flush the buffer and then send an END line
- as a certificate delimiter. */
- err = assuan_send_data (ctx, value, valuelen);
- if (!err)
- err = assuan_send_data (ctx, NULL, 0);
- if (!err)
- err = assuan_write_line (ctx, "END");
- if (err)
- {
- log_error (_("error sending data: %s\n"), gpg_strerror (err));
- end_cert_fetch (fetch_context);
- goto leave;
- }
-
- if (++count >= opt.max_replies )
- {
- truncation_forced = 1;
- log_info (_("max_replies %d exceeded\n"), opt.max_replies );
- }
- if (single)
- break;
- }
-
- end_cert_fetch (fetch_context);
- }
- #endif /*USE_LDAP*/
-
- ready:
- if (truncated || truncation_forced)
- {
- char str[50];
-
- sprintf (str, "%d", count);
- assuan_write_status (ctx, "TRUNCATED", str);
- }
-
- if (!err && !count && !local_count && any_no_data)
- err = gpg_error (GPG_ERR_NO_DATA);
-
- leave:
- free_strlist (list);
- return err;
- }
-
-
- static const char hlp_lookup[] =
- "LOOKUP [--url] [--single] [--cache-only] <pattern>\n"
- "\n"
- "Lookup certificates matching PATTERN. With --url the pattern is\n"
- "expected to be one URL.\n"
- "\n"
- "If --url is not given: To allow for multiple patterns (which are ORed)\n"
- "quoting is required: Spaces are translated to \"+\" or \"%20\";\n"
- "obviously this requires that the usual escape quoting rules are applied.\n"
- "\n"
- "If --url is given no special escaping is required because URLs are\n"
- "already escaped this way.\n"
- "\n"
- "If --single is given the first and only the first match will be\n"
- "returned. If --cache-only is _not_ given, no local query will be\n"
- "done.\n"
- "\n"
- "If --cache-only is given no external lookup is done so that only\n"
- "certificates from the cache may get returned.";
- static gpg_error_t
- cmd_lookup (assuan_context_t ctx, char *line)
- {
- gpg_error_t err;
- int lookup_url, single, cache_only;
-
- lookup_url = has_leading_option (line, "--url");
- single = has_leading_option (line, "--single");
- cache_only = has_leading_option (line, "--cache-only");
- line = skip_options (line);
-
- if (lookup_url && cache_only)
- err = gpg_error (GPG_ERR_NOT_FOUND);
- else if (lookup_url && single)
- err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
- else if (lookup_url)
- err = lookup_cert_by_url (ctx, line);
- else
- err = lookup_cert_by_pattern (ctx, line, single, cache_only);
-
- return leave_cmd (ctx, err);
- }
-
-
- static const char hlp_loadcrl[] =
- "LOADCRL [--url] <filename|url>\n"
- "\n"
- "Load the CRL in the file with name FILENAME into our cache. Note\n"
- "that FILENAME should be given with an absolute path because\n"
- "Dirmngrs cwd is not known. With --url the CRL is directly loaded\n"
- "from the given URL.\n"
- "\n"
- "This command is usually used by gpgsm using the invocation \"gpgsm\n"
- "--call-dirmngr loadcrl <filename>\". A direct invocation of Dirmngr\n"
- "is not useful because gpgsm might need to callback gpgsm to ask for\n"
- "the CA's certificate.";
- static gpg_error_t
- cmd_loadcrl (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err = 0;
- int use_url = has_leading_option (line, "--url");
-
- line = skip_options (line);
-
- if (use_url)
- {
- ksba_reader_t reader;
-
- err = crl_fetch (ctrl, line, &reader);
- if (err)
- log_error (_("fetching CRL from '%s' failed: %s\n"),
- line, gpg_strerror (err));
- else
- {
- err = crl_cache_insert (ctrl, line, reader);
- if (err)
- log_error (_("processing CRL from '%s' failed: %s\n"),
- line, gpg_strerror (err));
- crl_close_reader (reader);
- }
- }
- else
- {
- char *buf;
-
- buf = xtrymalloc (strlen (line)+1);
- if (!buf)
- err = gpg_error_from_syserror ();
- else
- {
- strcpy_escaped_plus (buf, line);
- err = crl_cache_load (ctrl, buf);
- xfree (buf);
- }
- }
-
- return leave_cmd (ctx, err);
- }
-
-
- static const char hlp_listcrls[] =
- "LISTCRLS\n"
- "\n"
- "List the content of all CRLs in a readable format. This command is\n"
- "usually used by gpgsm using the invocation \"gpgsm --call-dirmngr\n"
- "listcrls\". It may also be used directly using \"dirmngr\n"
- "--list-crls\".";
- static gpg_error_t
- cmd_listcrls (assuan_context_t ctx, char *line)
- {
- gpg_error_t err;
- estream_t fp;
-
- (void)line;
-
- fp = es_fopencookie (ctx, "w", data_line_cookie_functions);
- if (!fp)
- err = set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream");
- else
- {
- err = crl_cache_list (fp);
- es_fclose (fp);
- }
- return leave_cmd (ctx, err);
- }
-
-
- static const char hlp_cachecert[] =
- "CACHECERT\n"
- "\n"
- "Put a certificate into the internal cache. This command might be\n"
- "useful if a client knows in advance certificates required for a\n"
- "test and wants to make sure they get added to the internal cache.\n"
- "It is also helpful for debugging. To get the actual certificate,\n"
- "this command immediately inquires it using\n"
- "\n"
- " INQUIRE TARGETCERT\n"
- "\n"
- "and the caller is expected to return the certificate for the\n"
- "request as a binary blob.";
- static gpg_error_t
- cmd_cachecert (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err;
- ksba_cert_t cert = NULL;
- unsigned char *value = NULL;
- size_t valuelen;
-
- (void)line;
-
- err = assuan_inquire (ctrl->server_local->assuan_ctx, "TARGETCERT",
- &value, &valuelen, MAX_CERT_LENGTH);
- if (err)
- {
- log_error (_("assuan_inquire failed: %s\n"), gpg_strerror (err));
- goto leave;
- }
-
- if (!valuelen) /* No data returned; return a comprehensible error. */
- err = gpg_error (GPG_ERR_MISSING_CERT);
- else
- {
- err = ksba_cert_new (&cert);
- if (!err)
- err = ksba_cert_init_from_mem (cert, value, valuelen);
- }
- xfree (value);
- if(err)
- goto leave;
-
- err = cache_cert (cert);
-
- leave:
- ksba_cert_release (cert);
- return leave_cmd (ctx, err);
- }
-
-
- static const char hlp_validate[] =
- "VALIDATE [--systrust] [--tls] [--no-crl]\n"
- "\n"
- "Validate a certificate using the certificate validation function\n"
- "used internally by dirmngr. This command is only useful for\n"
- "debugging. To get the actual certificate, this command immediately\n"
- "inquires it using\n"
- "\n"
- " INQUIRE TARGETCERT\n"
- "\n"
- "and the caller is expected to return the certificate for the\n"
- "request as a binary blob. The option --tls modifies this by asking\n"
- "for list of certificates with\n"
- "\n"
- " INQUIRE CERTLIST\n"
- "\n"
- "Here the first certificate is the target certificate, the remaining\n"
- "certificates are suggested intermediary certificates. All certificates\n"
- "need to be PEM encoded.\n"
- "\n"
- "The option --systrust changes the behaviour to include the system\n"
- "provided root certificates as trust anchors. The option --no-crl\n"
- "skips CRL checks";
- static gpg_error_t
- cmd_validate (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err;
- ksba_cert_t cert = NULL;
- certlist_t certlist = NULL;
- unsigned char *value = NULL;
- size_t valuelen;
- int systrust_mode, tls_mode, no_crl;
-
- systrust_mode = has_option (line, "--systrust");
- tls_mode = has_option (line, "--tls");
- no_crl = has_option (line, "--no-crl");
- line = skip_options (line);
-
- if (tls_mode)
- err = assuan_inquire (ctrl->server_local->assuan_ctx, "CERTLIST",
- &value, &valuelen, MAX_CERTLIST_LENGTH);
- else
- err = assuan_inquire (ctrl->server_local->assuan_ctx, "TARGETCERT",
- &value, &valuelen, MAX_CERT_LENGTH);
- if (err)
- {
- log_error (_("assuan_inquire failed: %s\n"), gpg_strerror (err));
- goto leave;
- }
-
- if (!valuelen) /* No data returned; return a comprehensible error. */
- err = gpg_error (GPG_ERR_MISSING_CERT);
- else if (tls_mode)
- {
- estream_t fp;
-
- fp = es_fopenmem_init (0, "rb", value, valuelen);
- if (!fp)
- err = gpg_error_from_syserror ();
- else
- {
- err = read_certlist_from_stream (&certlist, fp);
- es_fclose (fp);
- if (!err && !certlist)
- err = gpg_error (GPG_ERR_MISSING_CERT);
- if (!err)
- {
- /* Extract the first certificate from the list. */
- cert = certlist->cert;
- ksba_cert_ref (cert);
- }
- }
- }
- else
- {
- err = ksba_cert_new (&cert);
- if (!err)
- err = ksba_cert_init_from_mem (cert, value, valuelen);
- }
- xfree (value);
- if(err)
- goto leave;
-
- if (!tls_mode)
- {
- /* If we have this certificate already in our cache, use the
- * cached version for validation because this will take care of
- * any cached results. We don't need to do this in tls mode
- * because this has already been done for certificate in a
- * certlist_t. */
- unsigned char fpr[20];
- ksba_cert_t tmpcert;
-
- cert_compute_fpr (cert, fpr);
- tmpcert = get_cert_byfpr (fpr);
- if (tmpcert)
- {
- ksba_cert_release (cert);
- cert = tmpcert;
- }
- }
-
- /* Quick hack to make verification work by inserting the supplied
- * certs into the cache. */
- if (tls_mode && certlist)
- {
- certlist_t cl;
-
- for (cl = certlist->next; cl; cl = cl->next)
- cache_cert (cl->cert);
- }
-
- err = validate_cert_chain (ctrl, cert, NULL,
- (VALIDATE_FLAG_TRUST_CONFIG
- | (tls_mode ? VALIDATE_FLAG_TLS : 0)
- | (systrust_mode ? VALIDATE_FLAG_TRUST_SYSTEM : 0)
- | (no_crl ? VALIDATE_FLAG_NOCRLCHECK : 0)),
- NULL);
-
- leave:
- ksba_cert_release (cert);
- release_certlist (certlist);
- return leave_cmd (ctx, err);
- }
-
-
-
- /* Parse an keyserver URI and store it in a new uri item which is
- returned at R_ITEM. On error return an error code. */
- static gpg_error_t
- make_keyserver_item (const char *uri, uri_item_t *r_item)
- {
- /* We used to have DNS CNAME redirection from the URLs below to
- * sks-keyserver. pools. The idea was to allow for a quick way to
- * switch to a different set of pools. The problem with that
- * approach is that TLS needs to verify the hostname and - because
- * DNS is not secured - it can only check the user supplied hostname
- * and not a hostname from a CNAME RR. Thus the final server all
- * need to have certificates with the actual pool name as well as
- * for keys.gnupg.net - that would render the advantage of
- * keys.gnupg.net useless and so we better give up on this. Because
- * the keys.gnupg.net URL are still in widespread use we do a static
- * mapping here.
- */
- if (!strcmp (uri, "hkps://keys.gnupg.net")
- || !strcmp (uri, "keys.gnupg.net"))
- uri = "hkps://keyserver.ubuntu.com";
- else if (!strcmp (uri, "https://keys.gnupg.net"))
- uri = "hkps://keyserver.ubuntu.com";
- else if (!strcmp (uri, "hkp://keys.gnupg.net"))
- uri = "hkp://keyserver.ubuntu.com";
- else if (!strcmp (uri, "http://keys.gnupg.net"))
- uri = "hkp://keyserver.ubuntu.com:80";
- else if (!strcmp (uri, "hkps://http-keys.gnupg.net")
- || !strcmp (uri, "http-keys.gnupg.net"))
- uri = "hkps://keyserver.ubuntu.com";
- else if (!strcmp (uri, "https://http-keys.gnupg.net"))
- uri = "hkps://keyserver.ubuntu.com";
- else if (!strcmp (uri, "hkp://http-keys.gnupg.net"))
- uri = "hkp://keyserver.ubuntu.com";
- else if (!strcmp (uri, "http://http-keys.gnupg.net"))
- uri = "hkp://keyserver.ubuntu.com:80";
-
- return ks_action_parse_uri (uri, r_item);
- }
-
-
- /* If no keyserver is stored in CTRL but a global keyserver has been
- set, put that global keyserver into CTRL. We need use this
- function to help migrate from the old gpg based keyserver
- configuration to the new dirmngr based configuration. */
- static gpg_error_t
- ensure_keyserver (ctrl_t ctrl)
- {
- gpg_error_t err;
- uri_item_t item;
- uri_item_t onion_items = NULL;
- uri_item_t plain_items = NULL;
- uri_item_t ui;
- strlist_t sl;
-
- if (ctrl->server_local->keyservers)
- return 0; /* Already set for this session. */
- if (!opt.keyserver)
- {
- /* No global option set. Fall back to default: */
- return make_keyserver_item (DIRMNGR_DEFAULT_KEYSERVER,
- &ctrl->server_local->keyservers);
- }
-
- for (sl = opt.keyserver; sl; sl = sl->next)
- {
- err = make_keyserver_item (sl->d, &item);
- if (err)
- goto leave;
- if (item->parsed_uri->onion)
- {
- item->next = onion_items;
- onion_items = item;
- }
- else
- {
- item->next = plain_items;
- plain_items = item;
- }
- }
-
- /* Decide which to use. Note that the session has no keyservers
- yet set. */
- if (onion_items && !onion_items->next && plain_items && !plain_items->next)
- {
- /* If there is just one onion and one plain keyserver given, we take
- only one depending on whether Tor is running or not. */
- if (!dirmngr_never_use_tor_p () && is_tor_running (ctrl))
- {
- ctrl->server_local->keyservers = onion_items;
- onion_items = NULL;
- }
- else
- {
- ctrl->server_local->keyservers = plain_items;
- plain_items = NULL;
- }
- }
- else if (dirmngr_never_use_tor_p () || !is_tor_running (ctrl))
- {
- /* Tor is not running. It does not make sense to add Onion
- addresses. */
- ctrl->server_local->keyservers = plain_items;
- plain_items = NULL;
- }
- else
- {
- /* In all other cases add all keyservers. */
- ctrl->server_local->keyservers = onion_items;
- onion_items = NULL;
- for (ui = ctrl->server_local->keyservers; ui && ui->next; ui = ui->next)
- ;
- if (ui)
- ui->next = plain_items;
- else
- ctrl->server_local->keyservers = plain_items;
- plain_items = NULL;
- }
-
- leave:
- release_uri_item_list (onion_items);
- release_uri_item_list (plain_items);
-
- return err;
- }
-
-
- static const char hlp_keyserver[] =
- "KEYSERVER [<options>] [<uri>|<host>]\n"
- "Options are:\n"
- " --help\n"
- " --clear Remove all configured keyservers\n"
- " --resolve Resolve HKP host names and rotate\n"
- " --hosttable Print table of known hosts and pools\n"
- " --dead Mark <host> as dead\n"
- " --alive Mark <host> as alive\n"
- "\n"
- "If called without arguments list all configured keyserver URLs.\n"
- "If called with an URI add this as keyserver. Note that keyservers\n"
- "are configured on a per-session base. A default keyserver may already be\n"
- "present, thus the \"--clear\" option must be used to get full control.\n"
- "If \"--clear\" and an URI are used together the clear command is\n"
- "obviously executed first. A RESET command does not change the list\n"
- "of configured keyservers.";
- static gpg_error_t
- cmd_keyserver (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err = 0;
- int clear_flag, add_flag, help_flag, host_flag, resolve_flag;
- int dead_flag, alive_flag;
- uri_item_t item = NULL; /* gcc 4.4.5 is not able to detect that it
- is always initialized. */
-
- clear_flag = has_option (line, "--clear");
- help_flag = has_option (line, "--help");
- resolve_flag = has_option (line, "--resolve");
- host_flag = has_option (line, "--hosttable");
- dead_flag = has_option (line, "--dead");
- alive_flag = has_option (line, "--alive");
- line = skip_options (line);
- add_flag = !!*line;
-
- if (help_flag)
- {
- err = ks_action_help (ctrl, line);
- goto leave;
- }
-
- if (resolve_flag)
- {
- err = ensure_keyserver (ctrl);
- if (err)
- {
- assuan_set_error (ctx, err,
- "Bad keyserver configuration in dirmngr.conf");
- goto leave;
- }
- err = ks_action_resolve (ctrl, ctrl->server_local->keyservers);
- if (err)
- goto leave;
- }
-
- if (alive_flag && dead_flag)
- {
- err = set_error (GPG_ERR_ASS_PARAMETER, "no support for zombies");
- goto leave;
- }
- if (dead_flag)
- {
- err = check_owner_permission (ctx, "no permission to use --dead");
- if (err)
- goto leave;
- }
- if (alive_flag || dead_flag)
- {
- if (!*line)
- {
- err = set_error (GPG_ERR_ASS_PARAMETER, "name of host missing");
- goto leave;
- }
-
- err = ks_hkp_mark_host (ctrl, line, alive_flag);
- if (err)
- goto leave;
- }
-
- if (host_flag)
- {
- err = ks_hkp_print_hosttable (ctrl);
- if (err)
- goto leave;
- }
- if (resolve_flag || host_flag || alive_flag || dead_flag)
- goto leave;
-
- if (add_flag)
- {
- err = make_keyserver_item (line, &item);
- if (err)
- goto leave;
- }
- if (clear_flag)
- release_ctrl_keyservers (ctrl);
- if (add_flag)
- {
- item->next = ctrl->server_local->keyservers;
- ctrl->server_local->keyservers = item;
- }
-
- if (!add_flag && !clear_flag && !help_flag)
- {
- /* List configured keyservers. However, we first add a global
- keyserver. */
- uri_item_t u;
-
- err = ensure_keyserver (ctrl);
- if (err)
- {
- assuan_set_error (ctx, err,
- "Bad keyserver configuration in dirmngr.conf");
- goto leave;
- }
-
- for (u=ctrl->server_local->keyservers; u; u = u->next)
- dirmngr_status (ctrl, "KEYSERVER", u->uri, NULL);
- }
- err = 0;
-
- leave:
- return leave_cmd (ctx, err);
- }
-
-
-
- static const char hlp_ks_search[] =
- "KS_SEARCH {<pattern>}\n"
- "\n"
- "Search the configured OpenPGP keyservers (see command KEYSERVER)\n"
- "for keys matching PATTERN";
- static gpg_error_t
- cmd_ks_search (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err;
- strlist_t list, sl;
- char *p;
- estream_t outfp;
-
- if (has_option (line, "--quick"))
- ctrl->timeout = opt.connect_quick_timeout;
- line = skip_options (line);
-
- /* Break the line down into an strlist. Each pattern is
- percent-plus escaped. */
- list = NULL;
- for (p=line; *p; line = p)
- {
- while (*p && *p != ' ')
- p++;
- if (*p)
- *p++ = 0;
- if (*line)
- {
- sl = xtrymalloc (sizeof *sl + strlen (line));
- if (!sl)
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
- sl->flags = 0;
- strcpy_escaped_plus (sl->d, line);
- sl->next = list;
- list = sl;
- }
- }
-
- err = ensure_keyserver (ctrl);
- if (err)
- goto leave;
-
- /* Setup an output stream and perform the search. */
- outfp = es_fopencookie (ctx, "w", data_line_cookie_functions);
- if (!outfp)
- err = set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream");
- else
- {
- err = ks_action_search (ctrl, ctrl->server_local->keyservers,
- list, outfp);
- es_fclose (outfp);
- }
-
- leave:
- free_strlist (list);
- return leave_cmd (ctx, err);
- }
-
-
-
- static const char hlp_ks_get[] =
- "KS_GET [--quick] [--newer=TIME] [--ldap] [--first|--next] {<pattern>}\n"
- "\n"
- "Get the keys matching PATTERN from the configured OpenPGP keyservers\n"
- "(see command KEYSERVER). Each pattern should be a keyid, a fingerprint,\n"
- "or an exact name indicated by the '=' prefix. Option --quick uses a\n"
- "shorter timeout; --ldap will use only ldap servers. With --first only\n"
- "the first item is returned; --next is used to return the next item\n"
- "Option --newer works only with certain LDAP servers.";
- static gpg_error_t
- cmd_ks_get (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err;
- strlist_t list = NULL;
- strlist_t sl;
- const char *s;
- char *p;
- estream_t outfp;
- unsigned int flags = 0;
- gnupg_isotime_t opt_newer;
-
- *opt_newer = 0;
-
- if (has_option (line, "--quick"))
- ctrl->timeout = opt.connect_quick_timeout;
- if (has_option (line, "--ldap"))
- flags |= KS_GET_FLAG_ONLY_LDAP;
- if (has_option (line, "--first"))
- flags |= KS_GET_FLAG_FIRST;
- if (has_option (line, "--next"))
- flags |= KS_GET_FLAG_NEXT;
- if ((s = option_value (line, "--newer"))
- && !string2isotime (opt_newer, s))
- {
- err = set_error (GPG_ERR_SYNTAX, "invalid time format");
- goto leave;
- }
- line = skip_options (line);
-
- /* Break the line into a strlist. Each pattern is by
- definition percent-plus escaped. However we only support keyids
- and fingerprints and thus the client has no need to apply the
- escaping. */
- for (p=line; *p; line = p)
- {
- while (*p && *p != ' ')
- p++;
- if (*p)
- *p++ = 0;
- if (*line)
- {
- sl = xtrymalloc (sizeof *sl + strlen (line));
- if (!sl)
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
- sl->flags = 0;
- strcpy_escaped_plus (sl->d, line);
- sl->next = list;
- list = sl;
- }
- }
-
- if ((flags & KS_GET_FLAG_FIRST) && !(flags & KS_GET_FLAG_ONLY_LDAP))
- {
- err = PARM_ERROR ("--first is only supported with --ldap");
- goto leave;
- }
-
- if (list && list->next && (flags & KS_GET_FLAG_FIRST))
- {
- /* ks_action_get loops over the pattern and we can't easily keep
- * this state. */
- err = PARM_ERROR ("Only one pattern allowed with --first");
- goto leave;
- }
-
- if (!list && (flags & KS_GET_FLAG_FIRST))
- {
- /* Need to add a dummy pattern if no pattern is given. */
- if (!add_to_strlist_try (&list, ""))
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
- }
-
-
- if ((flags & KS_GET_FLAG_NEXT))
- {
- if (list || (flags & ~KS_GET_FLAG_NEXT))
- {
- err = PARM_ERROR ("No pattern or other options allowed with --next");
- goto leave;
- }
- /* Add a dummy pattern. */
- if (!add_to_strlist_try (&list, ""))
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
- }
-
-
- err = ensure_keyserver (ctrl);
- if (err)
- goto leave;
-
- /* Setup an output stream and perform the get. */
- outfp = es_fopencookie (ctx, "w", data_line_cookie_functions);
- if (!outfp)
- err = set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream");
- else
- {
- ctrl->server_local->inhibit_data_logging = 1;
- ctrl->server_local->inhibit_data_logging_now = 0;
- ctrl->server_local->inhibit_data_logging_count = 0;
- err = ks_action_get (ctrl, ctrl->server_local->keyservers,
- list, flags, opt_newer, outfp);
- es_fclose (outfp);
- ctrl->server_local->inhibit_data_logging = 0;
- }
-
- leave:
- free_strlist (list);
- return leave_cmd (ctx, err);
- }
-
-
- static const char hlp_ks_fetch[] =
- "KS_FETCH <URL>\n"
- "\n"
- "Get the key(s) from URL.";
- static gpg_error_t
- cmd_ks_fetch (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err;
- estream_t outfp;
-
- if (has_option (line, "--quick"))
- ctrl->timeout = opt.connect_quick_timeout;
- line = skip_options (line);
-
- err = ensure_keyserver (ctrl); /* FIXME: Why do we needs this here? */
- if (err)
- goto leave;
-
- /* Setup an output stream and perform the get. */
- outfp = es_fopencookie (ctx, "w", data_line_cookie_functions);
- if (!outfp)
- err = set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream");
- else
- {
- ctrl->server_local->inhibit_data_logging = 1;
- ctrl->server_local->inhibit_data_logging_now = 0;
- ctrl->server_local->inhibit_data_logging_count = 0;
- err = ks_action_fetch (ctrl, line, outfp);
- es_fclose (outfp);
- ctrl->server_local->inhibit_data_logging = 0;
- }
-
- leave:
- return leave_cmd (ctx, err);
- }
-
-
-
- static const char hlp_ks_put[] =
- "KS_PUT\n"
- "\n"
- "Send a key to the configured OpenPGP keyservers. The actual key material\n"
- "is then requested by Dirmngr using\n"
- "\n"
- " INQUIRE KEYBLOCK\n"
- "\n"
- "The client shall respond with a binary version of the keyblock (e.g.,\n"
- "the output of `gpg --export KEYID'). For LDAP\n"
- "keyservers Dirmngr may ask for meta information of the provided keyblock\n"
- "using:\n"
- "\n"
- " INQUIRE KEYBLOCK_INFO\n"
- "\n"
- "The client shall respond with a colon delimited info lines (the output\n"
- "of 'gpg --list-keys --with-colons KEYID').\n";
- static gpg_error_t
- cmd_ks_put (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err;
- unsigned char *value = NULL;
- size_t valuelen;
- unsigned char *info = NULL;
- size_t infolen;
-
- /* No options for now. */
- line = skip_options (line);
-
- err = ensure_keyserver (ctrl);
- if (err)
- goto leave;
-
- /* Ask for the key material. */
- err = assuan_inquire (ctx, "KEYBLOCK",
- &value, &valuelen, MAX_KEYBLOCK_LENGTH);
- if (err)
- {
- log_error (_("assuan_inquire failed: %s\n"), gpg_strerror (err));
- goto leave;
- }
-
- if (!valuelen) /* No data returned; return a comprehensible error. */
- {
- err = gpg_error (GPG_ERR_MISSING_CERT);
- goto leave;
- }
-
- /* Ask for the key meta data. */
- err = assuan_inquire (ctx, "KEYBLOCK_INFO",
- &info, &infolen, MAX_KEYBLOCK_LENGTH);
- if (err)
- {
- log_error (_("assuan_inquire failed: %s\n"), gpg_strerror (err));
- goto leave;
- }
-
- /* Send the key. */
- err = ks_action_put (ctrl, ctrl->server_local->keyservers,
- value, valuelen, info, infolen);
-
- leave:
- xfree (info);
- xfree (value);
- return leave_cmd (ctx, err);
- }
-
-
-
- static const char hlp_ad_query[] =
- "AD_QUERY [--first|--next] [--] <filter> \n"
- "\n"
- "Query properties from a Windows Active Directory.\n"
- "Options:\n"
- "\n"
- " --rootdse - Query the root using serverless binding,\n"
- " --subst - Substitute variables in the filter\n"
- " --attr=<attribs> - Comma delimited list of attributes\n"
- " to return.\n"
- " --help - List supported variables\n"
- "\n"
- "Extended filter syntax is allowed:\n"
- " ^[<base>][&<scope>]&[<filter>]\n"
- "Usual escaping rules apply. An ampersand in <base> must\n"
- "doubled. <scope> may be \"base\", \"one\", or \"sub\"."
- ;
- static gpg_error_t
- cmd_ad_query (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err;
- unsigned int flags = 0;
- const char *filter;
- estream_t outfp = NULL;
- char *p;
- char **opt_attr = NULL;
- const char *s;
- gnupg_isotime_t opt_newer;
- int opt_help = 0;
-
- *opt_newer = 0;
-
- /* No options for now. */
- if (has_option (line, "--first"))
- flags |= KS_GET_FLAG_FIRST;
- if (has_option (line, "--next"))
- flags |= KS_GET_FLAG_NEXT;
- if (has_option (line, "--rootdse"))
- flags |= KS_GET_FLAG_ROOTDSE;
- if (has_option (line, "--subst"))
- flags |= KS_GET_FLAG_SUBST;
- if (has_option (line, "--help"))
- opt_help = 1;
- if ((s = option_value (line, "--newer"))
- && !string2isotime (opt_newer, s))
- {
- err = set_error (GPG_ERR_SYNTAX, "invalid time format");
- goto leave;
- }
- err = get_option_value (line, "--attr", &p);
- if (err)
- goto leave;
- if (p)
- {
- opt_attr = strtokenize (p, ",");
- if (!opt_attr)
- {
- err = gpg_error_from_syserror ();
- xfree (p);
- goto leave;
- }
- xfree (p);
- }
- line = skip_options (line);
- filter = line;
-
- if (opt_help)
- {
-+#if USE_LDAP
- ks_ldap_help_variables (ctrl);
-+#endif
- err = 0;
- goto leave;
- }
-
- if ((flags & KS_GET_FLAG_NEXT))
- {
- if (*filter || (flags & ~KS_GET_FLAG_NEXT))
- {
- err = PARM_ERROR ("No filter or other options allowed with --next");
- goto leave;
- }
- }
-
- /* Setup an output stream and perform the get. */
- outfp = es_fopencookie (ctx, "w", data_line_cookie_functions);
- if (!outfp)
- {
- err = set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream");
- goto leave;
- }
-
- ctrl->server_local->inhibit_data_logging = 1;
- ctrl->server_local->inhibit_data_logging_now = 0;
- ctrl->server_local->inhibit_data_logging_count = 0;
-
- err = ks_action_query (ctrl,
- (flags & KS_GET_FLAG_ROOTDSE)? NULL : "ldap:///",
- flags, filter, opt_attr, opt_newer, outfp);
-
- leave:
- es_fclose (outfp);
- xfree (opt_attr);
- ctrl->server_local->inhibit_data_logging = 0;
- return leave_cmd (ctx, err);
- }
-
-
-
- static const char hlp_loadswdb[] =
- "LOADSWDB [--force]\n"
- "\n"
- "Load and verify the swdb.lst from the Net.";
- static gpg_error_t
- cmd_loadswdb (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err;
-
- err = dirmngr_load_swdb (ctrl, has_option (line, "--force"));
-
- return leave_cmd (ctx, err);
- }
-
-
-
- static const char hlp_getinfo[] =
- "GETINFO <what>\n"
- "\n"
- "Multi purpose command to return certain information. \n"
- "Supported values of WHAT are:\n"
- "\n"
- "version - Return the version of the program\n"
- "pid - Return the process id of the server\n"
- "tor - Return OK if running in Tor mode\n"
- "dnsinfo - Return info about the DNS resolver\n"
- "socket_name - Return the name of the socket\n"
- "session_id - Return the current session_id\n"
- "workqueue - Inspect the work queue\n"
- "stats - Print stats\n"
- "getenv NAME - Return value of envvar NAME\n";
- static gpg_error_t
- cmd_getinfo (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- gpg_error_t err;
- char numbuf[50];
-
- if (!strcmp (line, "version"))
- {
- const char *s = VERSION;
- err = assuan_send_data (ctx, s, strlen (s));
- }
- else if (!strcmp (line, "pid"))
- {
- snprintf (numbuf, sizeof numbuf, "%lu", (unsigned long)getpid ());
- err = assuan_send_data (ctx, numbuf, strlen (numbuf));
- }
- else if (!strcmp (line, "socket_name"))
- {
- const char *s = dirmngr_get_current_socket_name ();
- err = assuan_send_data (ctx, s, strlen (s));
- }
- else if (!strcmp (line, "session_id"))
- {
- snprintf (numbuf, sizeof numbuf, "%u", ctrl->server_local->session_id);
- err = assuan_send_data (ctx, numbuf, strlen (numbuf));
- }
- else if (!strcmp (line, "tor"))
- {
- int use_tor;
-
- use_tor = dirmngr_use_tor ();
- if (use_tor)
- {
- if (!is_tor_running (ctrl))
- err = assuan_write_status (ctx, "NO_TOR", "Tor not running");
- else
- err = 0;
- if (!err)
- assuan_set_okay_line (ctx, use_tor == 1 ? "- Tor mode is enabled"
- /**/ : "- Tor mode is enforced");
- }
- else
- err = set_error (GPG_ERR_FALSE, "Tor mode is NOT enabled");
- }
- else if (!strcmp (line, "dnsinfo"))
- {
- if (standard_resolver_p ())
- assuan_set_okay_line
- (ctx, "- Forced use of System resolver (w/o Tor support)");
- else
- {
- #ifdef USE_LIBDNS
- assuan_set_okay_line (ctx, (recursive_resolver_p ()
- ? "- Libdns recursive resolver"
- : "- Libdns stub resolver"));
- #else
- assuan_set_okay_line (ctx, "- System resolver (w/o Tor support)");
- #endif
- }
- err = 0;
- }
- else if (!strcmp (line, "workqueue"))
- {
- workqueue_dump_queue (ctrl);
- err = 0;
- }
- else if (!strcmp (line, "stats"))
- {
- cert_cache_print_stats (ctrl);
- domaininfo_print_stats (ctrl);
- err = 0;
- }
- else if (!strncmp (line, "getenv", 6)
- && (line[6] == ' ' || line[6] == '\t' || !line[6]))
- {
- line += 6;
- while (*line == ' ' || *line == '\t')
- line++;
- if (!*line)
- err = gpg_error (GPG_ERR_MISSING_VALUE);
- else
- {
- const char *s = getenv (line);
- if (!s)
- {
- err = set_error (GPG_ERR_NOT_FOUND, "No such envvar");
- goto leave;
- }
- err = assuan_send_data (ctx, s, strlen (s));
- }
- }
- #ifdef HAVE_W32_SYSTEM
- else if (!strcmp (line, "sid"))
- {
- PSID mysid;
- char *sidstr;
-
- mysid = w32_get_user_sid ();
- if (!mysid)
- {
- err = set_error (GPG_ERR_NOT_FOUND, "Error getting my SID");
- goto leave;
- }
-
- if (!ConvertSidToStringSid (mysid, &sidstr))
- {
- err = set_error (GPG_ERR_BUG, "Error converting SID to a string");
- goto leave;
- }
- err = assuan_send_data (ctx, sidstr, strlen (sidstr));
- LocalFree (sidstr);
- }
- #endif /*HAVE_W32_SYSTEM*/
- else
- err = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT");
-
- leave:
- return leave_cmd (ctx, err);
- }
-
-
-
- static const char hlp_killdirmngr[] =
- "KILLDIRMNGR\n"
- "\n"
- "This command allows a user - given sufficient permissions -\n"
- "to kill this dirmngr process.\n";
- static gpg_error_t
- cmd_killdirmngr (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
-
- (void)line;
-
- ctrl->server_local->stopme = 1;
- assuan_set_flag (ctx, ASSUAN_FORCE_CLOSE, 1);
- return 0;
- }
-
-
- static const char hlp_reloaddirmngr[] =
- "RELOADDIRMNGR\n"
- "\n"
- "This command is an alternative to SIGHUP\n"
- "to reload the configuration.";
- static gpg_error_t
- cmd_reloaddirmngr (assuan_context_t ctx, char *line)
- {
- (void)ctx;
- (void)line;
-
- dirmngr_sighup_action ();
- return 0;
- }
-
-
- static const char hlp_flushcrls[] =
- "FLUSHCRLS\n"
- "\n"
- "Remove all cached CRLs from memory and\n"
- "the file system.";
- static gpg_error_t
- cmd_flushcrls (assuan_context_t ctx, char *line)
- {
- (void)line;
-
- return leave_cmd (ctx, crl_cache_flush () ? GPG_ERR_GENERAL : 0);
- }
-
-
-
- /* Tell the assuan library about our commands. */
- static int
- register_commands (assuan_context_t ctx)
- {
- static struct {
- const char *name;
- assuan_handler_t handler;
- const char * const help;
- } table[] = {
- { "DNS_CERT", cmd_dns_cert, hlp_dns_cert },
- { "WKD_GET", cmd_wkd_get, hlp_wkd_get },
- { "LDAPSERVER", cmd_ldapserver, hlp_ldapserver },
- { "ISVALID", cmd_isvalid, hlp_isvalid },
- { "CHECKCRL", cmd_checkcrl, hlp_checkcrl },
- { "CHECKOCSP", cmd_checkocsp, hlp_checkocsp },
- { "LOOKUP", cmd_lookup, hlp_lookup },
- { "LOADCRL", cmd_loadcrl, hlp_loadcrl },
- { "LISTCRLS", cmd_listcrls, hlp_listcrls },
- { "CACHECERT", cmd_cachecert, hlp_cachecert },
- { "VALIDATE", cmd_validate, hlp_validate },
- { "KEYSERVER", cmd_keyserver, hlp_keyserver },
- { "KS_SEARCH", cmd_ks_search, hlp_ks_search },
- { "KS_GET", cmd_ks_get, hlp_ks_get },
- { "KS_FETCH", cmd_ks_fetch, hlp_ks_fetch },
- { "KS_PUT", cmd_ks_put, hlp_ks_put },
- { "AD_QUERY", cmd_ad_query, hlp_ad_query },
- { "GETINFO", cmd_getinfo, hlp_getinfo },
- { "LOADSWDB", cmd_loadswdb, hlp_loadswdb },
- { "KILLDIRMNGR",cmd_killdirmngr,hlp_killdirmngr },
- { "RELOADDIRMNGR",cmd_reloaddirmngr,hlp_reloaddirmngr },
- { "FLUSHCRLS", cmd_flushcrls, hlp_flushcrls },
- { NULL, NULL }
- };
- int i, j, rc;
-
- for (i=j=0; table[i].name; i++)
- {
- rc = assuan_register_command (ctx, table[i].name, table[i].handler,
- table[i].help);
- if (rc)
- return rc;
- }
- return 0;
- }
-
-
- /* Note that we do not reset the list of configured keyservers. */
- static gpg_error_t
- reset_notify (assuan_context_t ctx, char *line)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
- (void)line;
-
- #if USE_LDAP
- ldapserver_list_free (ctrl->server_local->ldapservers);
- #endif /*USE_LDAP*/
- ctrl->server_local->ldapservers = NULL;
- return 0;
- }
-
-
- /* This function is called by our assuan log handler to test whether a
- * log message shall really be printed. The function must return
- * false to inhibit the logging of MSG. CAT gives the requested log
- * category. MSG might be NULL. */
- int
- dirmngr_assuan_log_monitor (assuan_context_t ctx, unsigned int cat,
- const char *msg)
- {
- ctrl_t ctrl = assuan_get_pointer (ctx);
-
- (void)cat;
- (void)msg;
-
- if (!ctrl || !ctrl->server_local)
- return 1; /* Can't decide - allow logging. */
-
- if (!ctrl->server_local->inhibit_data_logging)
- return 1; /* Not requested - allow logging. */
-
- /* Disallow logging if *_now is true. */
- return !ctrl->server_local->inhibit_data_logging_now;
- }
-
-
- /* Startup the server and run the main command loop. With FD = -1,
- * use stdin/stdout. SESSION_ID is either 0 or a unique number
- * identifying a session. */
- void
- start_command_handler (assuan_fd_t fd, unsigned int session_id)
- {
- static const char hello[] = "Dirmngr " VERSION " at your service";
- static char *hello_line;
- int rc;
- assuan_context_t ctx;
- ctrl_t ctrl;
-
- ctrl = xtrycalloc (1, sizeof *ctrl);
- if (ctrl)
- ctrl->server_local = xtrycalloc (1, sizeof *ctrl->server_local);
- if (!ctrl || !ctrl->server_local)
- {
- log_error (_("can't allocate control structure: %s\n"),
- strerror (errno));
- xfree (ctrl);
- return;
- }
-
- dirmngr_init_default_ctrl (ctrl);
-
- rc = assuan_new (&ctx);
- if (rc)
- {
- log_error (_("failed to allocate assuan context: %s\n"),
- gpg_strerror (rc));
- dirmngr_exit (2);
- }
-
- if (fd == ASSUAN_INVALID_FD)
- {
- assuan_fd_t filedes[2];
-
- filedes[0] = assuan_fdopen (0);
- filedes[1] = assuan_fdopen (1);
- rc = assuan_init_pipe_server (ctx, filedes);
- }
- else
- {
- rc = assuan_init_socket_server (ctx, fd, ASSUAN_SOCKET_SERVER_ACCEPTED);
- }
-
- if (rc)
- {
- assuan_release (ctx);
- log_error (_("failed to initialize the server: %s\n"),
- gpg_strerror(rc));
- dirmngr_exit (2);
- }
-
- rc = register_commands (ctx);
- if (rc)
- {
- log_error (_("failed to the register commands with Assuan: %s\n"),
- gpg_strerror(rc));
- dirmngr_exit (2);
- }
-
-
- if (!hello_line)
- {
- hello_line = xtryasprintf
- ("Home: %s\n"
- "Config: %s\n"
- "%s",
- gnupg_homedir (),
- opt.config_filename? opt.config_filename : "[none]",
- hello);
- }
-
- ctrl->server_local->assuan_ctx = ctx;
- assuan_set_pointer (ctx, ctrl);
-
- assuan_set_hello_line (ctx, hello_line);
- assuan_register_option_handler (ctx, option_handler);
- assuan_register_reset_notify (ctx, reset_notify);
-
- ctrl->server_local->session_id = session_id;
-
- for (;;)
- {
- rc = assuan_accept (ctx);
- if (rc == -1)
- break;
- if (rc)
- {
- log_info (_("Assuan accept problem: %s\n"), gpg_strerror (rc));
- break;
- }
-
- #ifndef HAVE_W32_SYSTEM
- if (opt.verbose)
- {
- assuan_peercred_t peercred;
-
- if (!assuan_get_peercred (ctx, &peercred))
- log_info ("connection from process %ld (%ld:%ld)\n",
- (long)peercred->pid, (long)peercred->uid,
- (long)peercred->gid);
- }
- #endif
-
- rc = assuan_process (ctx);
- if (rc)
- {
- log_info (_("Assuan processing failed: %s\n"), gpg_strerror (rc));
- continue;
- }
- }
-
-
- #if USE_LDAP
- ldap_wrapper_connection_cleanup (ctrl);
-
- ldapserver_list_free (ctrl->server_local->ldapservers);
- #endif /*USE_LDAP*/
- ctrl->server_local->ldapservers = NULL;
-
- release_ctrl_keyservers (ctrl);
-
- ctrl->server_local->assuan_ctx = NULL;
- assuan_release (ctx);
-
- if (ctrl->server_local->stopme)
- dirmngr_exit (0);
-
- if (ctrl->refcount)
- log_error ("oops: connection control structure still referenced (%d)\n",
- ctrl->refcount);
- else
- {
- #if USE_LDAP
- ks_ldap_free_state (ctrl->ks_get_state);
- ctrl->ks_get_state = NULL;
- #endif
- release_ctrl_ocsp_certs (ctrl);
- xfree (ctrl->server_local);
- dirmngr_deinit_default_ctrl (ctrl);
- xfree (ctrl);
- }
- }
-
-
- /* Send a status line back to the client. KEYWORD is the status
- keyword, the optional string arguments are blank separated added to
- the line, the last argument must be a NULL. */
- gpg_error_t
- dirmngr_status (ctrl_t ctrl, const char *keyword, ...)
- {
- gpg_error_t err = 0;
- va_list arg_ptr;
- assuan_context_t ctx;
-
- va_start (arg_ptr, keyword);
-
- if (ctrl->server_local && (ctx = ctrl->server_local->assuan_ctx))
- {
- err = vprint_assuan_status_strings (ctx, keyword, arg_ptr);
- }
-
- va_end (arg_ptr);
- return err;
- }
-
-
- /* Print a help status line. The function splits text at LFs. */
- gpg_error_t
- dirmngr_status_help (ctrl_t ctrl, const char *text)
- {
- gpg_error_t err = 0;
- assuan_context_t ctx;
-
- if (ctrl->server_local && (ctx = ctrl->server_local->assuan_ctx))
- {
- char buf[950], *p;
- size_t n;
-
- do
- {
- p = buf;
- n = 0;
- for ( ; *text && *text != '\n' && n < DIM (buf)-2; n++)
- *p++ = *text++;
- if (*text == '\n')
- text++;
- *p = 0;
- err = assuan_write_status (ctx, "#", buf);
- }
- while (!err && *text);
- }
-
- return err;
- }
-
-
- /* Print a help status line using a printf like format. The function
- * splits text at LFs. With CTRL beeing NULL, the function behaves
- * like log_info. */
- gpg_error_t
- dirmngr_status_helpf (ctrl_t ctrl, const char *format, ...)
- {
- va_list arg_ptr;
- gpg_error_t err;
- char *buf;
-
- va_start (arg_ptr, format);
- if (ctrl)
- {
- buf = es_vbsprintf (format, arg_ptr);
- err = buf? 0 : gpg_error_from_syserror ();
- if (!err)
- err = dirmngr_status_help (ctrl, buf);
- es_free (buf);
- }
- else
- {
- log_logv (GPGRT_LOGLVL_INFO, format, arg_ptr);
- err = 0;
- }
- va_end (arg_ptr);
- return err;
- }
-
-
- /* This function is similar to print_assuan_status but takes a CTRL
- * arg instead of an assuan context as first argument. */
- gpg_error_t
- dirmngr_status_printf (ctrl_t ctrl, const char *keyword,
- const char *format, ...)
- {
- gpg_error_t err;
- va_list arg_ptr;
- assuan_context_t ctx;
-
- if (!ctrl || !ctrl->server_local || !(ctx = ctrl->server_local->assuan_ctx))
- return 0;
-
- va_start (arg_ptr, format);
- err = vprint_assuan_status (ctx, keyword, format, arg_ptr);
- va_end (arg_ptr);
- return err;
- }
-
-
- /* Send a tick progress indicator back. Fixme: This is only done for
- the currently active channel. */
- gpg_error_t
- dirmngr_tick (ctrl_t ctrl)
- {
- static time_t next_tick = 0;
- gpg_error_t err = 0;
- time_t now = time (NULL);
-
- if (!next_tick)
- {
- next_tick = now + 1;
- }
- else if ( now > next_tick )
- {
- if (ctrl)
- {
- err = dirmngr_status (ctrl, "PROGRESS", "tick", "? 0 0", NULL);
- if (err)
- {
- /* Take this as in indication for a cancel request. */
- err = gpg_error (GPG_ERR_CANCELED);
- }
- now = time (NULL);
- }
-
- next_tick = now + 1;
- }
- return err;
- }
1
0
commit 7847c802cf4839a0ef7852df2d931ae1a480dc65
Author: Tim Biermann <tbier(a)posteo.de>
Date: Thu Jan 25 19:51:14 2024 +0100
gst-libav: 1.22.8 -> 1.22.9
diff --git a/gst-libav/.signature b/gst-libav/.signature
index 4431ba158..69f977730 100644
--- a/gst-libav/.signature
+++ b/gst-libav/.signature
@@ -1,5 +1,5 @@
untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/bT2aSU61Pjov25paRCsajKKtKl9Q4PlOdczc6kzPr1poJC5aNw/wDwVAixTGmoZ5biw2Fy9wBXjIYr1fktw0wA=
-SHA256 (Pkgfile) = 111cac274803e838c77cf322ea41237433482bfe0ef677059df31c24eaa14606
+RWSE3ohX2g5d/UaFtuI4lYioyQR+quqhs3v4C3q/2oxWejkaKeuG8QJWjb0IvxpH24WdkwHiieVn97EzTgQxNVP9APOCxc5G8AI=
+SHA256 (Pkgfile) = 247c47252bdf2c05f021670efea431ec03816a2d328d4ec970aebc275a91898f
SHA256 (.footprint) = 2b4603029b15032a74098cf497de9777c10b2c1d1fcca733daa90fdac79a1073
-SHA256 (gst-libav-1.22.8.tar.xz) = be39349bc07ab4cdbd9a5fd6ea9848c601c7560ba5a0577ad5200b83bd424981
+SHA256 (gst-libav-1.22.9.tar.xz) = 192f7d27d21c1e7c72c339a2647a9b0c247fedc62ea5029115f8c3e22ebb87d8
diff --git a/gst-libav/Pkgfile b/gst-libav/Pkgfile
index faab7423a..040cbdedf 100644
--- a/gst-libav/Pkgfile
+++ b/gst-libav/Pkgfile
@@ -4,7 +4,7 @@
# Depends on: ffmpeg gst-plugins-base
name=gst-libav
-version=1.22.8
+version=1.22.9
release=1
source=(https://gstreamer.freedesktop.org/src/$name/$name-$version.tar.xz)
1
0
commit f1ba5540bc808b78e63ca575b8a4e5478b07b1af
Author: Tim Biermann <tbier(a)posteo.de>
Date: Thu Jan 25 19:51:11 2024 +0100
gst-plugins-base: 1.22.8 -> 1.22.9
diff --git a/gst-plugins-base/.footprint b/gst-plugins-base/.footprint
index 35863f857..d24b17c20 100644
--- a/gst-plugins-base/.footprint
+++ b/gst-plugins-base/.footprint
@@ -263,41 +263,41 @@ drwxr-xr-x root/root usr/lib/gstreamer-1.0/include/gst/gl/
-rwxr-xr-x root/root usr/lib/gstreamer-1.0/libgstximagesink.so
-rwxr-xr-x root/root usr/lib/gstreamer-1.0/libgstxvimagesink.so
lrwxrwxrwx root/root usr/lib/libgstallocators-1.0.so -> libgstallocators-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstallocators-1.0.so.0 -> libgstallocators-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstallocators-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstallocators-1.0.so.0 -> libgstallocators-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstallocators-1.0.so.0.2209.0
lrwxrwxrwx root/root usr/lib/libgstapp-1.0.so -> libgstapp-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstapp-1.0.so.0 -> libgstapp-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstapp-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstapp-1.0.so.0 -> libgstapp-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstapp-1.0.so.0.2209.0
lrwxrwxrwx root/root usr/lib/libgstaudio-1.0.so -> libgstaudio-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstaudio-1.0.so.0 -> libgstaudio-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstaudio-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstaudio-1.0.so.0 -> libgstaudio-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstaudio-1.0.so.0.2209.0
lrwxrwxrwx root/root usr/lib/libgstfft-1.0.so -> libgstfft-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstfft-1.0.so.0 -> libgstfft-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstfft-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstfft-1.0.so.0 -> libgstfft-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstfft-1.0.so.0.2209.0
lrwxrwxrwx root/root usr/lib/libgstgl-1.0.so -> libgstgl-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstgl-1.0.so.0 -> libgstgl-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstgl-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstgl-1.0.so.0 -> libgstgl-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstgl-1.0.so.0.2209.0
lrwxrwxrwx root/root usr/lib/libgstpbutils-1.0.so -> libgstpbutils-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstpbutils-1.0.so.0 -> libgstpbutils-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstpbutils-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstpbutils-1.0.so.0 -> libgstpbutils-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstpbutils-1.0.so.0.2209.0
lrwxrwxrwx root/root usr/lib/libgstriff-1.0.so -> libgstriff-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstriff-1.0.so.0 -> libgstriff-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstriff-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstriff-1.0.so.0 -> libgstriff-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstriff-1.0.so.0.2209.0
lrwxrwxrwx root/root usr/lib/libgstrtp-1.0.so -> libgstrtp-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstrtp-1.0.so.0 -> libgstrtp-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstrtp-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstrtp-1.0.so.0 -> libgstrtp-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstrtp-1.0.so.0.2209.0
lrwxrwxrwx root/root usr/lib/libgstrtsp-1.0.so -> libgstrtsp-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstrtsp-1.0.so.0 -> libgstrtsp-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstrtsp-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstrtsp-1.0.so.0 -> libgstrtsp-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstrtsp-1.0.so.0.2209.0
lrwxrwxrwx root/root usr/lib/libgstsdp-1.0.so -> libgstsdp-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstsdp-1.0.so.0 -> libgstsdp-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstsdp-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstsdp-1.0.so.0 -> libgstsdp-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstsdp-1.0.so.0.2209.0
lrwxrwxrwx root/root usr/lib/libgsttag-1.0.so -> libgsttag-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgsttag-1.0.so.0 -> libgsttag-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgsttag-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgsttag-1.0.so.0 -> libgsttag-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgsttag-1.0.so.0.2209.0
lrwxrwxrwx root/root usr/lib/libgstvideo-1.0.so -> libgstvideo-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstvideo-1.0.so.0 -> libgstvideo-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstvideo-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstvideo-1.0.so.0 -> libgstvideo-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstvideo-1.0.so.0.2209.0
drwxr-xr-x root/root usr/lib/pkgconfig/
-rw-r--r-- root/root usr/lib/pkgconfig/gstreamer-allocators-1.0.pc
-rw-r--r-- root/root usr/lib/pkgconfig/gstreamer-app-1.0.pc
diff --git a/gst-plugins-base/.signature b/gst-plugins-base/.signature
index 1d0879a16..b610a3bc6 100644
--- a/gst-plugins-base/.signature
+++ b/gst-plugins-base/.signature
@@ -1,5 +1,5 @@
untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/TdKIQPuiJBVrRJV5L2CS2E+83a9mItR7UeLB+M4IKHcivnP57g8p6ry7y3UTK9ChHHi+KOc/dgmzxb6VzfgkwA=
-SHA256 (Pkgfile) = 3097a3bfa65dd8d21f1c177df13cfa2c19f3cc0ef3e167baf78cdc59ce2738b5
-SHA256 (.footprint) = 386d23e244fd49e6476e02072889fa75d85b82e4da72dde79ab97dc28d421b1c
-SHA256 (gst-plugins-base-1.22.8.tar.xz) = eb6792e5c73c6defb9159c36ea6e4b78a2f8af6512678b4bd3b02c8d2d492acf
+RWSE3ohX2g5d/RV6NhEKRLw5Wf2fn+jtXGz1g0yt7mZb8rpnPMhcZHFUVp/EW/8I+DzPZ33lTwYMj02shbqR6t2NnnpCRAOAdAc=
+SHA256 (Pkgfile) = afef78e725172f01080e9cad07ceae526a206d2105190ea3bd6f86416548940b
+SHA256 (.footprint) = 6a9f9f082e0dce1d98f1670e256ceb0de0a78981a1952fd1d91e63a7ffbeb136
+SHA256 (gst-plugins-base-1.22.9.tar.xz) = fac3e0dd2d8e9370388b34bf8c21b89d5f63bc3cfc12cd7fdc8fc6c1cba03334
diff --git a/gst-plugins-base/Pkgfile b/gst-plugins-base/Pkgfile
index 59510a526..25773eb7a 100644
--- a/gst-plugins-base/Pkgfile
+++ b/gst-plugins-base/Pkgfile
@@ -5,7 +5,7 @@
# Optional: cdparanoia libglvnd wayland-protocols
name=gst-plugins-base
-version=1.22.8
+version=1.22.9
release=1
source=(https://gstreamer.freedesktop.org/src/$name/$name-$version.tar.xz)
1
0
commit 038d283f3ca61db1d2e295c3c3495367d28f503d
Author: Tim Biermann <tbier(a)posteo.de>
Date: Thu Jan 25 19:51:08 2024 +0100
gstreamer: 1.22.8 -> 1.22.9
diff --git a/gstreamer/.footprint b/gstreamer/.footprint
index 14a9b9efe..2517d71cc 100644
--- a/gstreamer/.footprint
+++ b/gstreamer/.footprint
@@ -149,20 +149,20 @@ drwxr-xr-x root/root usr/lib/gstreamer-1.0/
-rwxr-xr-x root/root usr/lib/gstreamer-1.0/libgstcoreelements.so
-rwxr-xr-x root/root usr/lib/gstreamer-1.0/libgstcoretracers.so
lrwxrwxrwx root/root usr/lib/libgstbase-1.0.so -> libgstbase-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstbase-1.0.so.0 -> libgstbase-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstbase-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstbase-1.0.so.0 -> libgstbase-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstbase-1.0.so.0.2209.0
lrwxrwxrwx root/root usr/lib/libgstcheck-1.0.so -> libgstcheck-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstcheck-1.0.so.0 -> libgstcheck-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstcheck-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstcheck-1.0.so.0 -> libgstcheck-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstcheck-1.0.so.0.2209.0
lrwxrwxrwx root/root usr/lib/libgstcontroller-1.0.so -> libgstcontroller-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstcontroller-1.0.so.0 -> libgstcontroller-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstcontroller-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstcontroller-1.0.so.0 -> libgstcontroller-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstcontroller-1.0.so.0.2209.0
lrwxrwxrwx root/root usr/lib/libgstnet-1.0.so -> libgstnet-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstnet-1.0.so.0 -> libgstnet-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstnet-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstnet-1.0.so.0 -> libgstnet-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstnet-1.0.so.0.2209.0
lrwxrwxrwx root/root usr/lib/libgstreamer-1.0.so -> libgstreamer-1.0.so.0
-lrwxrwxrwx root/root usr/lib/libgstreamer-1.0.so.0 -> libgstreamer-1.0.so.0.2208.0
--rwxr-xr-x root/root usr/lib/libgstreamer-1.0.so.0.2208.0
+lrwxrwxrwx root/root usr/lib/libgstreamer-1.0.so.0 -> libgstreamer-1.0.so.0.2209.0
+-rwxr-xr-x root/root usr/lib/libgstreamer-1.0.so.0.2209.0
drwxr-xr-x root/root usr/lib/pkgconfig/
-rw-r--r-- root/root usr/lib/pkgconfig/gstreamer-1.0.pc
-rw-r--r-- root/root usr/lib/pkgconfig/gstreamer-base-1.0.pc
@@ -176,7 +176,7 @@ drwxr-xr-x root/root usr/share/gdb/
drwxr-xr-x root/root usr/share/gdb/auto-load/
drwxr-xr-x root/root usr/share/gdb/auto-load/usr/
drwxr-xr-x root/root usr/share/gdb/auto-load/usr/lib/
--rw-r--r-- root/root usr/share/gdb/auto-load/usr/lib/libgstreamer-1.0.so.0.2208.0-gdb.py
+-rw-r--r-- root/root usr/share/gdb/auto-load/usr/lib/libgstreamer-1.0.so.0.2209.0-gdb.py
drwxr-xr-x root/root usr/share/gir-1.0/
-rw-r--r-- root/root usr/share/gir-1.0/Gst-1.0.gir
-rw-r--r-- root/root usr/share/gir-1.0/GstBase-1.0.gir
diff --git a/gstreamer/.signature b/gstreamer/.signature
index 1b772aada..5745dab79 100644
--- a/gstreamer/.signature
+++ b/gstreamer/.signature
@@ -1,5 +1,5 @@
untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/XRTh3UFLD3pm8LWYzqm/zgKUjwFhZgYuoMsREkU4KZLgZSqZKjejEy/1ZT9/8l2KXD10G8yyOTxOOke9nTwGgI=
-SHA256 (Pkgfile) = 7bd246eea13ebaf83a1aa70f7b0d8c2cbb8113fc1a5b10da53dcf1896bfe6de5
-SHA256 (.footprint) = b16ce82151e242a7908c5456bfa812bc5a697fa53b4a238648996ac64954f1f6
-SHA256 (gstreamer-1.22.8.tar.xz) = ad4e3db1771139b1db17b1afa7c05db083ae0100bd4da244b71f162dcce41bfc
+RWSE3ohX2g5d/Vcx6TwhcP6W36Va4Rki/hr9NmAQOErwAAahxynj9MrvKgBd2kJCwM3kr/4kJN7ZbXN8aHIHINaNnFSgcN0bCQU=
+SHA256 (Pkgfile) = 5f6c666d375a5ed2d9a42459e2fa8003fd407852c2a45bdfb36bab1ef18feb7d
+SHA256 (.footprint) = 77c14812f3d61439c40a8a780e6789f6749838d1e15933baed0b307e1fdffa50
+SHA256 (gstreamer-1.22.9.tar.xz) = 1e7124d347e8cdc80f08ec1d370c201be513002af1102bb20e83c5279cb48ebd
diff --git a/gstreamer/Pkgfile b/gstreamer/Pkgfile
index f25201c58..e748af649 100644
--- a/gstreamer/Pkgfile
+++ b/gstreamer/Pkgfile
@@ -4,7 +4,7 @@
# Depends on: gobject-introspection libcap
name=gstreamer
-version=1.22.8
+version=1.22.9
release=1
source=(https://gstreamer.freedesktop.org/src/$name/$name-$version.tar.xz)
1
0
commit b3c9bff611c943bd58ab1848759809ad1852d348
Author: Juergen Daubert <jue(a)jue.li>
Date: Thu Jan 25 18:28:32 2024 +0100
ruby-sqlite3: updated to version 1.7.1
diff --git a/ruby-sqlite3/.footprint b/ruby-sqlite3/.footprint
index 35994b966..4c99f34c8 100644
--- a/ruby-sqlite3/.footprint
+++ b/ruby-sqlite3/.footprint
@@ -6,27 +6,27 @@ drwxr-xr-x root/root usr/lib/ruby/gems/3.3/
drwxr-xr-x root/root usr/lib/ruby/gems/3.3/extensions/
drwxr-xr-x root/root usr/lib/ruby/gems/3.3/extensions/x86_64-linux/
drwxr-xr-x root/root usr/lib/ruby/gems/3.3/extensions/x86_64-linux/3.3/
-drwxr-xr-x root/root usr/lib/ruby/gems/3.3/extensions/x86_64-linux/3.3/sqlite3-1.7.0/
--rw-r--r-- root/root usr/lib/ruby/gems/3.3/extensions/x86_64-linux/3.3/sqlite3-1.7.0/gem.build_complete (EMPTY)
--rw-r--r-- root/root usr/lib/ruby/gems/3.3/extensions/x86_64-linux/3.3/sqlite3-1.7.0/gem_make.out
--rw-r--r-- root/root usr/lib/ruby/gems/3.3/extensions/x86_64-linux/3.3/sqlite3-1.7.0/mkmf.log
-drwxr-xr-x root/root usr/lib/ruby/gems/3.3/extensions/x86_64-linux/3.3/sqlite3-1.7.0/sqlite3/
--rwxr-xr-x root/root usr/lib/ruby/gems/3.3/extensions/x86_64-linux/3.3/sqlite3-1.7.0/sqlite3/sqlite3_native.so
+drwxr-xr-x root/root usr/lib/ruby/gems/3.3/extensions/x86_64-linux/3.3/sqlite3-1.7.1/
+-rw-r--r-- root/root usr/lib/ruby/gems/3.3/extensions/x86_64-linux/3.3/sqlite3-1.7.1/gem.build_complete (EMPTY)
+-rw-r--r-- root/root usr/lib/ruby/gems/3.3/extensions/x86_64-linux/3.3/sqlite3-1.7.1/gem_make.out
+-rw-r--r-- root/root usr/lib/ruby/gems/3.3/extensions/x86_64-linux/3.3/sqlite3-1.7.1/mkmf.log
+drwxr-xr-x root/root usr/lib/ruby/gems/3.3/extensions/x86_64-linux/3.3/sqlite3-1.7.1/sqlite3/
+-rwxr-xr-x root/root usr/lib/ruby/gems/3.3/extensions/x86_64-linux/3.3/sqlite3-1.7.1/sqlite3/sqlite3_native.so
drwxr-xr-x root/root usr/lib/ruby/gems/3.3/gems/
-drwxr-xr-x root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.0/
-drwxr-xr-x root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.0/lib/
--rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.0/lib/sqlite3.rb
-drwxr-xr-x root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.0/lib/sqlite3/
--rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.0/lib/sqlite3/constants.rb
--rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.0/lib/sqlite3/database.rb
--rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.0/lib/sqlite3/errors.rb
--rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.0/lib/sqlite3/pragmas.rb
--rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.0/lib/sqlite3/resultset.rb
--rwxr-xr-x root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.0/lib/sqlite3/sqlite3_native.so
--rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.0/lib/sqlite3/statement.rb
--rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.0/lib/sqlite3/translator.rb
--rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.0/lib/sqlite3/value.rb
--rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.0/lib/sqlite3/version.rb
+drwxr-xr-x root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.1/
+drwxr-xr-x root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.1/lib/
+-rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.1/lib/sqlite3.rb
+drwxr-xr-x root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.1/lib/sqlite3/
+-rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.1/lib/sqlite3/constants.rb
+-rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.1/lib/sqlite3/database.rb
+-rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.1/lib/sqlite3/errors.rb
+-rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.1/lib/sqlite3/pragmas.rb
+-rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.1/lib/sqlite3/resultset.rb
+-rwxr-xr-x root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.1/lib/sqlite3/sqlite3_native.so
+-rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.1/lib/sqlite3/statement.rb
+-rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.1/lib/sqlite3/translator.rb
+-rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.1/lib/sqlite3/value.rb
+-rw-rw-r-- root/root usr/lib/ruby/gems/3.3/gems/sqlite3-1.7.1/lib/sqlite3/version.rb
drwxr-xr-x root/root usr/lib/ruby/gems/3.3/plugins/
drwxr-xr-x root/root usr/lib/ruby/gems/3.3/specifications/
--rw-r--r-- root/root usr/lib/ruby/gems/3.3/specifications/sqlite3-1.7.0.gemspec
+-rw-r--r-- root/root usr/lib/ruby/gems/3.3/specifications/sqlite3-1.7.1.gemspec
diff --git a/ruby-sqlite3/.signature b/ruby-sqlite3/.signature
index 56af6f637..f3479a7a4 100644
--- a/ruby-sqlite3/.signature
+++ b/ruby-sqlite3/.signature
@@ -1,5 +1,5 @@
untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/dvp9t/cU9OBJQOEghiAU9gwA5PIJQcxz5aDcTYYdnuZcd4Y8gkF5Jl4/Lin1s5/htZ9YwILjnvuVhV3jMPK5Aw=
-SHA256 (Pkgfile) = 62046d27e02f0db107baaec89db98d79dd559b3c60ee0b2d79540e1d1e3f7a2c
-SHA256 (.footprint) = f205983434a86b0cc943d3568b98a57e0c27e1c1407563d638bad1374b9412e0
-SHA256 (sqlite3-1.7.0.gem) = 894b5965591fb2db7d95572e93942f4fddd1762d37ec4fbc198b36426fcdae3c
+RWSE3ohX2g5d/eWea/vgkSCuT1i/Y6bEedXNzKwf1uEcOpRoU1nCitLqJakY0/Uiyl3CrXw6Z+uekJcfFEhdPYQ/RHNMVzronQ0=
+SHA256 (Pkgfile) = d59a0c2cd24a6773cc915147c1d3b756eaba0b9b2312fb82fa25d1e2be5b118f
+SHA256 (.footprint) = 8886f71eb15c5a7fc8729955c32ce8d1119cd8a83f5b78cad78ce134eb3e470b
+SHA256 (sqlite3-1.7.1.gem) = 993d9220e086b53d9ee8d12394cd8f570e5c8bd567b7ee9703152837ccab6fee
diff --git a/ruby-sqlite3/Pkgfile b/ruby-sqlite3/Pkgfile
index 6db04c350..15719d408 100644
--- a/ruby-sqlite3/Pkgfile
+++ b/ruby-sqlite3/Pkgfile
@@ -4,8 +4,8 @@
# Depends on: ruby ruby-mini_portile2 sqlite3
name=ruby-sqlite3
-version=1.7.0
-release=2
+version=1.7.1
+release=1
source=(https://rubygems.org/downloads/sqlite3-$version.gem)
build () {
1
0