From 37a899d0e4fd49512d522e7f6f86b6968309fece Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Mon, 14 Dec 2020 15:15:17 +0100
Subject: [PATCH] dirmngr: Fix adding keys to an LDAP server.

* dirmngr/ks-engine-ldap.c (ks_ldap_put): Extract attribites into
addlist.
--

The code used the wrong list which resulting in adding attributes
marked for deletion.  In particular Active Directory does not accept
such an data and rejects them.  The bug was introduced into 2.1 while
porting the code from the old keyserver helpers to dirmngr.

Fixes-commit: 51341badb623927f2a358588c725a356fc77dbe7
Signed-off-by: Werner Koch <wk@gnupg.org>
---
 dirmngr/ks-engine-ldap.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dirmngr/ks-engine-ldap.c b/dirmngr/ks-engine-ldap.c
index 2a462faa8..11c922eac 100644
--- a/dirmngr/ks-engine-ldap.c
+++ b/dirmngr/ks-engine-ldap.c
@@ -1993,7 +1993,7 @@ ks_ldap_put (ctrl_t ctrl, parsed_uri_t uri,
 
       *newline = '\0';
 
-      extract_attributes (&modlist, info);
+      extract_attributes (&addlist, info);
 
       infolen = infolen - ((uintptr_t) newline - (uintptr_t) info + 1);
       info = newline + 1;
@@ -2040,7 +2040,7 @@ ks_ldap_put (ctrl_t ctrl, parsed_uri_t uri,
     char **certid;
     char *dn;
 
-    certid = modlist_lookup (modlist, "pgpCertID");
+    certid = modlist_lookup (addlist, "pgpCertID");
     if (/* We should have a value.  */
 	! certid
 	/* Exactly one.  */