security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

dirmngr: Fix lost flags during LDAP upload 

* dirmngr/ldapserver.c (ldapserver_parse_one): Turn LINE into a const.
Use strtokenize instead of strtok style parsing.
--

This fixes a problem with resulted in a General Error for the second
key to be uploaded in the same session.  But only if the colon format
to specify a keyserver with flags was used.
This commit is contained in:
Werner Koch 2022-09-28 15:40:22 +02:00
parent 6300035ba1
commit 32ce7ac0c6
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 39 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
dirmngr/ldapserver.c
View File

@ -47,38 +47,37 @@ ldapserver_list_free (ldap_server_t servers)
/* Parse a single LDAP server configuration line. Returns the server
or NULL in case of errors. The configuration line is assumed to be
colon seprated with these fields:
1. field: Hostname
2. field: Portnumber
3. field: Username
4. field: Password
5. field: Base DN
6. field: Flags
Flags are:
starttls := Use STARTTLS with a default port of 389
ldaptls := Tunnel LDAP trough a TLS tunnel with default port 636
plain := Switch to plain unsecured LDAP.
(The last of these 3 flags is the effective one)
ntds := Use Active Directory authentication
areconly := Use option LDAP_OPT_AREC_EXCLUSIVE
FILENAME and LINENO are used for diagnostic purposes only.
*/
* or NULL in case of errors. The configuration line is assumed to be
* colon seprated with these fields:
*
* 1. field: Hostname
* 2. field: Portnumber
* 3. field: Username
* 4. field: Password
* 5. field: Base DN
* 6. field: Flags
*
* Flags are:
*
* starttls := Use STARTTLS with a default port of 389
* ldaptls := Tunnel LDAP trough a TLS tunnel with default port 636
* plain := Switch to plain unsecured LDAP.
* (The last of these 3 flags is the effective one)
* ntds := Use Active Directory authentication
* areconly := Use option LDAP_OPT_AREC_EXCLUSIVE
*
* FILENAME and LINENO are used for diagnostic purposes only.
*/
ldap_server_t
ldapserver_parse_one (char *line,
ldapserver_parse_one (const char *line,
const char *filename, unsigned int lineno)
{
char *p;
char *endp;
ldap_server_t server;
int fieldno;
int fail = 0;
char **fields = NULL;
/* Parse the colon separated fields. */
server = xtrycalloc (1, sizeof *server);
if (!server)
{
@ -86,32 +85,35 @@ ldapserver_parse_one (char *line,
goto leave;
}
for (fieldno = 1, p = line; p; p = endp, fieldno++ )
fields = strtokenize (line, ":");
if (!fields)
{
fail = 1;
goto leave;
}
for (fieldno=0; (p = fields[fieldno]); fieldno++)
{
endp = strchr (p, ':');
if (endp)
*endp++ = '\0';
trim_spaces (p);
switch (fieldno)
{
case 1:
case 0:
server->host = xtrystrdup (p);
if (!server->host)
fail = 1;
break;
case 2:
case 1:
if (*p)
server->port = atoi (p);
break;
case 3:
case 2:
server->user = xtrystrdup (p);
if (!server->user)
fail = 1;
break;
case 4:
case 3:
if (*p && !server->user)
{
if (filename)
@ -129,7 +131,7 @@ ldapserver_parse_one (char *line,
}
break;
case 5:
case 4:
if (*p)
{
server->base = xtrystrdup (p);
@ -138,7 +140,7 @@ ldapserver_parse_one (char *line,
}
break;
case 6:
case 5:
{
char **flags = NULL;
int i;
@ -211,6 +213,7 @@ ldapserver_parse_one (char *line,
ldapserver_list_free (server);
server = NULL;
}
xfree (fields);
return server;
}

2
dirmngr/ldapserver.h
View File

@ -26,7 +26,7 @@
void ldapserver_list_free (ldap_server_t servers);
ldap_server_t ldapserver_parse_one (char *line,
ldap_server_t ldapserver_parse_one (const char *line,
const char *filename, unsigned int lineno);