security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

dirmngr: New options --first and --next for KS_GET.

Browse source 
* dirmngr/server.c (cmd_ks_get): Add option --first and --next.
(start_command_handler): Free that new ldap state.
* dirmngr/ks-engine-ldap.c (struct ks_engine_ldap_local_s): New.
(ks_ldap_new_state, ks_ldap_clear_state): New.
(ks_ldap_free_state): New.
(return_one_keyblock): New.  Mostly factored out from ....
(ks_ldap_get): here.  Implement --first/--next feature.

* dirmngr/ks-action.c (ks_action_get): Rename arg ldap_only to
ks_get_flags.
* dirmngr/ks-engine.h (KS_GET_FLAG_ONLY_LDAP): New.
(KS_GET_FLAG_FIRST): New.
(KS_GET_FLAG_NEXT): New.

* dirmngr/dirmngr.h (struct server_control_s): Add member
ks_get_state.
(struct ks_engine_ldap_local_s): New forward reference.
--

This feature allows to fetch keyblock by keyblock from an LDAP server.
This way tools can process and maybe filter each keyblock in a more
flexible way.  Here is an example where two keyblocks for one mail
address are returned:

  $ gpg-connect-agent --dirmngr
  > ks_get --ldap --first  <foo@example.org>
  [... First keyblock is returned ]
  OK
  > ks_get --next
  [ ... Next keyblock is returned ]
  OK
  > ks_get --next
  ERR 167772218 No data <Dirmngr>

GnuPG_bug_id: 6224
Backported-from-master: 4de98d4468
This commit is contained in:
Werner Koch 2022-10-04 12:44:29 +02:00
parent 2b2f8a1a0c
commit 20cb9319d9
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
6 changed files with 352 additions and 140 deletions
Download patch file Download diff file Expand all files Collapse all files

7
dirmngr/ks-action.c
View file

@ -241,7 +241,7 @@ ks_action_search (ctrl_t ctrl, uri_item_t keyservers,
keyservers and write the result to the provided output stream. */
gpg_error_t
ks_action_get (ctrl_t ctrl, uri_item_t keyservers,
strlist_t patterns, int ldap_only, estream_t outfp)
strlist_t patterns, unsigned int ks_get_flags, estream_t outfp)
{
gpg_error_t err = 0;
gpg_error_t first_err = 0;
@ -268,7 +268,7 @@ ks_action_get (ctrl_t ctrl, uri_item_t keyservers,
|| strcmp (uri->parsed_uri->scheme, "https") == 0);
int is_ldap = 0;
if (ldap_only)
if ((ks_get_flags & KS_GET_FLAG_ONLY_LDAP))
is_hkp_s = is_http_s = 0;
#if USE_LDAP
@ -285,7 +285,8 @@ ks_action_get (ctrl_t ctrl, uri_item_t keyservers,
{
#if USE_LDAP
if (is_ldap)
err = ks_ldap_get (ctrl, uri->parsed_uri, sl->d, &infp);
err = ks_ldap_get (ctrl, uri->parsed_uri, sl->d, ks_get_flags,
&infp);
else
#endif
if (is_hkp_s)