security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-10 13:04:23 +01:00
Code Activity

* gpgkeys_ldap.c (delete_one_attr): Removed. (make_one_attr): Delete

Browse Source 
functionality added.  Optional deduping functionality added (currently
only used for pgpSignerID). (build_attrs): Translate sig entries into
pgpSignerID.  Properly build the timestamp for pgpKeyCreateTime and
pgpKeyExpireTime.
This commit is contained in:
David Shaw 2004-02-24 03:57:21 +00:00
parent 643665c963
commit 17ce0c5267
2 changed files with 84 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
keyserver/ChangeLog
View File

@ -1,3 +1,11 @@
2004-02-23 David Shaw <dshaw@jabberwocky.com>
* gpgkeys_ldap.c (delete_one_attr): Removed.
(make_one_attr): Delete functionality added. Optional deduping
functionality added (currently only used for pgpSignerID).
(build_attrs): Translate sig entries into pgpSignerID. Properly
build the timestamp for pgpKeyCreateTime and pgpKeyExpireTime.
2004-02-22 David Shaw <dshaw@jabberwocky.com> 2004-02-22 David Shaw <dshaw@jabberwocky.com>
* gpgkeys_ldap.c (delete_one_attr): New function to replace * gpgkeys_ldap.c (delete_one_attr): New function to replace

156
keyserver/gpgkeys_ldap.c
View File

@ -232,8 +232,15 @@ epoch2ldaptime(time_t stamp)
return strdup(buf); return strdup(buf);
} }
/* Passing a NULL for value effectively deletes that attribute. This
doesn't mean "delete" in the sense of removing something from the
modlist, but "delete" in the LDAP sense of adding a modlist item
that specifies LDAP_MOD_REPLACE and a null attribute for the given
attribute. LDAP_MOD_DELETE doesn't work here as we don't know if
the attribute in question exists or not. */
static int static int
make_one_attr(LDAPMod ***modlist,char *attr,const char *value) make_one_attr(LDAPMod ***modlist,int unique,char *attr,const char *value)
{ {
LDAPMod **m; LDAPMod **m;
int nummods=0; int nummods=0;
@ -241,14 +248,24 @@ make_one_attr(LDAPMod ***modlist,char *attr,const char *value)
/* Search modlist for the attribute we're playing with. */ /* Search modlist for the attribute we're playing with. */
for(m=*modlist;*m;m++) for(m=*modlist;*m;m++)
{ {
if(strcmp((*m)->mod_type,attr)==0) if(strcasecmp((*m)->mod_type,attr)==0)
{ {
char **ptr=(*m)->mod_values; char **ptr=(*m)->mod_values;
int numvalues=0; int numvalues=0;
/* We have this attribute already, so when the REPLACE
happens, the server attributes will be replaced
anyway. */
if(!value)
return 1;
if(ptr) if(ptr)
while(*ptr++) for(ptr=(*m)->mod_values;*ptr;ptr++)
numvalues++; {
if(unique && strcmp(*ptr,value)==0)
return 1;
numvalues++;
}
ptr=realloc((*m)->mod_values,sizeof(char *)*(numvalues+2)); ptr=realloc((*m)->mod_values,sizeof(char *)*(numvalues+2));
if(!ptr) if(!ptr)
@ -281,60 +298,36 @@ make_one_attr(LDAPMod ***modlist,char *attr,const char *value)
return 0; return 0;
grow[nummods]->mod_op=LDAP_MOD_REPLACE; grow[nummods]->mod_op=LDAP_MOD_REPLACE;
grow[nummods]->mod_type=attr; grow[nummods]->mod_type=attr;
grow[nummods]->mod_values=malloc(sizeof(char *)*2); if(value)
if(!grow[nummods]->mod_values)
{ {
grow[nummods]=NULL; grow[nummods]->mod_values=malloc(sizeof(char *)*2);
return 0; if(!grow[nummods]->mod_values)
} {
grow[nummods]=NULL;
return 0;
}
/* Is this the right thing? Can a UTF8-encoded user ID have /* Is this the right thing? Can a UTF8-encoded user ID have
embedded nulls? */ embedded nulls? */
grow[nummods]->mod_values[0]=strdup(value); grow[nummods]->mod_values[0]=strdup(value);
if(!grow[nummods]->mod_values[0]) if(!grow[nummods]->mod_values[0])
{ {
free(grow[nummods]->mod_values); free(grow[nummods]->mod_values);
grow[nummods]=NULL; grow[nummods]=NULL;
return 0; return 0;
} }
grow[nummods]->mod_values[1]=NULL;
}
else
grow[nummods]->mod_values=NULL;
grow[nummods]->mod_values[1]=NULL;
grow[nummods+1]=NULL; grow[nummods+1]=NULL;
} }
return 1; return 1;
} }
/* This doesn't mean "delete" in the sense of removing something from
the modlist, but "delete" in the LDAP sense of adding a modlist
item that specifies LDAP_MOD_REPLACE and a null attribute for the
given attribute. LDAP_MOD_DELETE doesn't work here as we don't
know if the attribute in question exists or not. */
static int
delete_one_attr(LDAPMod ***modlist,char *attr)
{
LDAPMod **grow;
int nummods=0;
for(grow=*modlist;*grow;grow++)
nummods++;
grow=realloc(*modlist,sizeof(LDAPMod *)*(nummods+2));
if(!grow)
return 0;
*modlist=grow;
grow[nummods]=malloc(sizeof(LDAPMod));
if(!grow[nummods])
return 0;
grow[nummods]->mod_op=LDAP_MOD_REPLACE;
grow[nummods]->mod_type=attr;
grow[nummods]->mod_values=NULL;
grow[nummods+1]=NULL;
return 1;
}
static void static void
build_attrs(LDAPMod ***modlist,char *line) build_attrs(LDAPMod ***modlist,char *line)
{ {
@ -362,8 +355,8 @@ build_attrs(LDAPMod ***modlist,char *line)
if(strlen(tok)==16) if(strlen(tok)==16)
{ {
make_one_attr(modlist,"pgpCertID",tok); make_one_attr(modlist,0,"pgpCertID",tok);
make_one_attr(modlist,"pgpKeyID",&tok[8]); make_one_attr(modlist,0,"pgpKeyID",&tok[8]);
} }
else else
return; return;
@ -375,11 +368,11 @@ build_attrs(LDAPMod ***modlist,char *line)
switch(atoi(tok)) switch(atoi(tok))
{ {
case 1: case 1:
make_one_attr(modlist,"pgpKeyType","RSA"); make_one_attr(modlist,0,"pgpKeyType","RSA");
break; break;
case 17: case 17:
make_one_attr(modlist,"pgpKeyType","DSS/DH"); make_one_attr(modlist,0,"pgpKeyType","DSS/DH");
break; break;
} }
@ -397,7 +390,7 @@ build_attrs(LDAPMod ***modlist,char *line)
if(val<99999 && val>0) if(val<99999 && val>0)
{ {
sprintf(padded,"%05u",atoi(tok)); sprintf(padded,"%05u",atoi(tok));
make_one_attr(modlist,"pgpKeySize",padded); make_one_attr(modlist,0,"pgpKeySize",padded);
} }
} }
@ -410,7 +403,7 @@ build_attrs(LDAPMod ***modlist,char *line)
char *stamp=epoch2ldaptime(atoi(tok)); char *stamp=epoch2ldaptime(atoi(tok));
if(stamp) if(stamp)
{ {
make_one_attr(modlist,"pgpKeyCreateTime",tok); make_one_attr(modlist,0,"pgpKeyCreateTime",stamp);
free(stamp); free(stamp);
} }
} }
@ -424,7 +417,7 @@ build_attrs(LDAPMod ***modlist,char *line)
char *stamp=epoch2ldaptime(atoi(tok)); char *stamp=epoch2ldaptime(atoi(tok));
if(stamp) if(stamp)
{ {
make_one_attr(modlist,"pgpKeyExpireTime",tok); make_one_attr(modlist,0,"pgpKeyExpireTime",stamp);
free(stamp); free(stamp);
} }
} }
@ -454,8 +447,8 @@ build_attrs(LDAPMod ***modlist,char *line)
"(&(pgpUserID=*isabella*)(pgpDisabled=0))" "(&(pgpUserID=*isabella*)(pgpDisabled=0))"
*/ */
make_one_attr(modlist,"pgpDisabled",disabled?"1":"0"); make_one_attr(modlist,0,"pgpDisabled",disabled?"1":"0");
make_one_attr(modlist,"pgpRevoked",revoked?"1":"0"); make_one_attr(modlist,0,"pgpRevoked",revoked?"1":"0");
} }
else if(ascii_strcasecmp("uid",record)==0) else if(ascii_strcasecmp("uid",record)==0)
{ {
@ -490,7 +483,17 @@ build_attrs(LDAPMod ***modlist,char *line)
/* We don't care about the other info provided in the uid: line /* We don't care about the other info provided in the uid: line
since the LDAP schema doesn't need it. */ since the LDAP schema doesn't need it. */
make_one_attr(modlist,"pgpUserID",userid); make_one_attr(modlist,0,"pgpUserID",userid);
}
else if(ascii_strcasecmp("sig",record)==0)
{
char *tok;
if((tok=strsep(&line,":"))==NULL)
return;
if(strlen(tok)==16)
make_one_attr(modlist,1,"pgpSignerID",tok);
} }
} }
@ -503,10 +506,7 @@ free_mod_values(LDAPMod *mod)
return; return;
for(ptr=mod->mod_values;*ptr;ptr++) for(ptr=mod->mod_values;*ptr;ptr++)
{ free(*ptr);
// printf("freeing %s with %s as item\n",mod->mod_type,*ptr);
free(*ptr);
}
free(mod->mod_values); free(mod->mod_values);
} }
@ -531,16 +531,16 @@ send_key(int *eof)
/* Going on the assumption that modify operations are more frequent /* Going on the assumption that modify operations are more frequent
than adds, I'm setting up the modify operations here first. */ than adds, I'm setting up the modify operations here first. */
delete_one_attr(&modlist,"pgpDisabled"); make_one_attr(&modlist,0,"pgpDisabled",NULL);
delete_one_attr(&modlist,"pgpKeyID"); make_one_attr(&modlist,0,"pgpKeyID",NULL);
delete_one_attr(&modlist,"pgpKeyType"); make_one_attr(&modlist,0,"pgpKeyType",NULL);
delete_one_attr(&modlist,"pgpUserID"); make_one_attr(&modlist,0,"pgpUserID",NULL);
delete_one_attr(&modlist,"pgpKeyCreateTime"); make_one_attr(&modlist,0,"pgpKeyCreateTime",NULL);
delete_one_attr(&modlist,"pgpSignerID"); make_one_attr(&modlist,0,"pgpSignerID",NULL);
delete_one_attr(&modlist,"pgpRevoked"); make_one_attr(&modlist,0,"pgpRevoked",NULL);
delete_one_attr(&modlist,"pgpSubKeyID"); make_one_attr(&modlist,0,"pgpSubKeyID",NULL);
delete_one_attr(&modlist,"pgpKeySize"); make_one_attr(&modlist,0,"pgpKeySize",NULL);
delete_one_attr(&modlist,"pgpKeyExpireTime"); make_one_attr(&modlist,0,"pgpKeyExpireTime",NULL);
/* Assemble the INFO stuff into LDAP attributes */ /* Assemble the INFO stuff into LDAP attributes */
@ -562,7 +562,6 @@ send_key(int *eof)
if(strlen(keyid)!=16) if(strlen(keyid)!=16)
{ {
printf("bad\n");
*eof=1; *eof=1;
ret=KEYSERVER_KEY_INCOMPLETE; ret=KEYSERVER_KEY_INCOMPLETE;
goto fail; goto fail;
@ -597,10 +596,7 @@ send_key(int *eof)
break; break;
} }
else else
{ build_attrs(&modlist,line);
build_attrs(&modlist,line);
// printf("line %s\n",line);
}
if(!end) if(!end)
{ {
@ -663,8 +659,8 @@ send_key(int *eof)
goto fail; goto fail;
} }
make_one_attr(&modlist,"objectClass","pgpKeyInfo"); make_one_attr(&modlist,0,"objectClass","pgpKeyInfo");
make_one_attr(&modlist,"pgpKey",key); make_one_attr(&modlist,0,"pgpKey",key);
/* If it's not there, we just turn around and send an add command /* If it's not there, we just turn around and send an add command
for the same key. Otherwise, the modify brings the server copy for the same key. Otherwise, the modify brings the server copy