mirror of git://git.gnupg.org/gnupg.git
dirmngr: Add warning on the use of --add-servers.
* tools/gpgconf-comp.c (known_options_dirmngr): Degrade add-servers to expert mode.
This commit is contained in:
parent
ff31dde456
commit
210575d882
|
@ -433,7 +433,12 @@ make_url (char **url, const char *dn, const char *filter)
|
||||||
gpg_error_t err;
|
gpg_error_t err;
|
||||||
char *u_dn, *u_filter;
|
char *u_dn, *u_filter;
|
||||||
char const attrs[] = (USERCERTIFICATE ","
|
char const attrs[] = (USERCERTIFICATE ","
|
||||||
/* USERSMIMECERTIFICATE "," */
|
/* In 2005 wk mentioned in the changelog that
|
||||||
|
* work on the userSMIMECertificate has
|
||||||
|
* started but it seems that no further
|
||||||
|
* progress was made or the whole thing was
|
||||||
|
* simply forgotten. */
|
||||||
|
/* USERSMIMECERTIFICATE "," */
|
||||||
CACERTIFICATE ","
|
CACERTIFICATE ","
|
||||||
X509CACERT );
|
X509CACERT );
|
||||||
|
|
||||||
|
|
|
@ -434,17 +434,22 @@ out. The default are 15 seconds. 0 will never timeout.
|
||||||
@opindex add-servers
|
@opindex add-servers
|
||||||
This option makes dirmngr add any servers it discovers when validating
|
This option makes dirmngr add any servers it discovers when validating
|
||||||
certificates against CRLs to the internal list of servers to consult for
|
certificates against CRLs to the internal list of servers to consult for
|
||||||
certificates and CRLs.
|
certificates and CRLs. This option should in general not be used.
|
||||||
|
|
||||||
This option is useful when trying to validate a certificate that has
|
This option might be useful when trying to validate a certificate that
|
||||||
a CRL distribution point that points to a server that is not already
|
has a CRL distribution point that points to a server that is not
|
||||||
listed in the ldapserverlist. Dirmngr will always go to this server and
|
already listed in the ldapserverlist. Dirmngr will always go to this
|
||||||
try to download the CRL, but chances are high that the certificate used
|
server and try to download the CRL, but chances are high that the
|
||||||
to sign the CRL is located on the same server. So if dirmngr doesn't add
|
certificate used to sign the CRL is located on the same server. So if
|
||||||
that new server to list, it will often not be able to verify the
|
dirmngr doesn't add that new server to list, it will often not be able
|
||||||
signature of the CRL unless the @code{--add-servers} option is used.
|
to verify the signature of the CRL unless the @code{--add-servers}
|
||||||
|
option is used.
|
||||||
|
|
||||||
Note: The current version of dirmngr has this option disabled by default.
|
Caveat emptor: Using this option may enable denial-of-service attacks
|
||||||
|
and leak search requests to unknown third parties. This is because
|
||||||
|
arbitrary servers are added to the internal list of LDAP servers which
|
||||||
|
in turn is used for all unspecific LDAP queries as well as a fallback
|
||||||
|
for queries which did not return a result.
|
||||||
|
|
||||||
|
|
||||||
@item --allow-ocsp
|
@item --allow-ocsp
|
||||||
|
|
|
@ -470,7 +470,7 @@ static known_option_t known_options_dirmngr[] =
|
||||||
{ "ignore-ldap-dp", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED },
|
{ "ignore-ldap-dp", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED },
|
||||||
{ "ldap-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC },
|
{ "ldap-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC },
|
||||||
{ "only-ldap-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED },
|
{ "only-ldap-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED },
|
||||||
{ "add-servers", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED },
|
{ "add-servers", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT },
|
||||||
{ "ldaptimeout", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC },
|
{ "ldaptimeout", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC },
|
||||||
{ "max-replies", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC },
|
{ "max-replies", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC },
|
||||||
{ "allow-ocsp", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC },
|
{ "allow-ocsp", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC },
|
||||||
|
|
Loading…
Reference in New Issue