dirmngr: Use --ldaptimeout for OpenPGP LDAP keyservers.

* dirmngr/ks-engine-ldap.c (my_ldap_connect): Use LDAP_OPT_TIMEOUT. * dirmngr/dirmngr.c (main): Move --ldaptimeout setting to ... (parse_rereadable_options): here. -- Note that this has not yet been tested. In fact a test with OpenLDAP using a modified route got stuck in the connection attempt. Maybe it works on Windows - will be tested later. Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit 317d5947b8)
2025-07-03 22:56:33 +02:00 · 2021-05-26 19:06:10 +02:00 · 2021-05-26 19:06:10 +02:00 · 3e05f99e8d
commit 3e05f99e8d
parent 52cf32ce2f
3 changed files with 27 additions and 9 deletions
--- a/dirmngr/ks-engine-ldap.c
+++ b/dirmngr/ks-engine-ldap.c
@ -313,7 +313,7 @@ ks_ldap_help (ctrl_t ctrl, parsed_uri_t uri)
 {
  const char data[] =
    "Handler for LDAP URLs:\n"
-    "  ldap://HOST:PORT/[BASEDN]???[bindname=BINDNAME,password=PASSWORD]\n"
+    "  ldap://HOST:PORT/[BASEDN]????[bindname=BINDNAME,password=PASSWORD]\n"
    "\n"
    "Note: basedn, bindname and password need to be percent escaped. In\n"
    "particular, spaces need to be replaced with %20 and commas with %2c.\n"
@ -643,6 +643,20 @@ my_ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
 	goto out;
      }
  }
+  if (opt.ldaptimeout)
+    {
+      int ver = opt.ldaptimeout;
+
+      lerr = ldap_set_option (ldap_conn, LDAP_OPT_TIMELIMIT, &ver);
+      if (lerr != LDAP_SUCCESS)
+        {
+          log_error ("ks-ldap: unable to set LDAP timelimit to %us: %s\n",
+                     opt.ldaptimeout, ldap_err2string (lerr));
+          err = ldap_err_to_gpg_err (lerr);
+          goto out;
+        }
+
+    }
 #endif