security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

gpg: New AKL method "ntds"

Browse source 
* dirmngr/ks-engine-ldap.c (keyspec_to_ldap_filter): Change the new
support for KEYDB_SEARCH_MODE_MAIL.
(ks_ldap_get): Add a debug.
* g10/options.h (AKL_NTDS): New.
* g10/keyserver.c (keyserver_import_ntds): New.
(keyserver_get_chunk): Allow KEYDB_SEARCH_MODE_MAIL.
* g10/getkey.c (parse_auto_key_locate): Support "ntds".
(get_pubkey_byname): Ditto.
This commit is contained in:
Werner Koch 2020-12-17 18:18:52 +01:00
parent 776bef74c7
commit 559efd23e9
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
8 changed files with 90 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

9
g10/getkey.c
View file

@ -1202,6 +1202,13 @@ get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode,
glo_ctrl.in_auto_key_retrieve--;
break;
case AKL_NTDS:
mechanism_string = "NTDS";
glo_ctrl.in_auto_key_retrieve++;
rc = keyserver_import_ntds (ctrl, name, &fpr, &fpr_len);
glo_ctrl.in_auto_key_retrieve--;
break;
case AKL_KEYSERVER:
/* Strictly speaking, we don't need to only use a valid
* mailbox for the getname search, but it helps cut down
@ -4194,6 +4201,8 @@ parse_auto_key_locate (const char *options_arg)
akl->type = AKL_DANE;
else if (ascii_strcasecmp (tok, "wkd") == 0)
akl->type = AKL_WKD;
else if (ascii_strcasecmp (tok, "ntds") == 0)
akl->type = AKL_NTDS;
else if ((akl->spec = parse_keyserver_uri (tok, 1)))
akl->type = AKL_SPEC;
else

11
g10/gpgv.c
View file

@ -468,6 +468,17 @@ keyserver_import_name (const char *name,struct keyserver_spec *spec)
return -1;
}
int
keyserver_import_ntds (ctrl_t ctrl, const char *mbox,
unsigned char **fpr, size_t *fprlen)
{
(void)ctrl;
(void)mbox;
(void)fpr;
(void)fprlen;
return -1;
}
int
keyserver_import_ldap (const char *name)
{

2
g10/keyserver-internal.h
View file

@ -47,6 +47,8 @@ gpg_error_t keyserver_import_pka (ctrl_t ctrl, const char *name,
unsigned char **fpr,size_t *fpr_len);
gpg_error_t keyserver_import_wkd (ctrl_t ctrl, const char *name, int quick,
unsigned char **fpr, size_t *fpr_len);
int keyserver_import_ntds (ctrl_t ctrl, const char *name,
unsigned char **fpr,size_t *fpr_len);
int keyserver_import_name (ctrl_t ctrl,
const char *name,unsigned char **fpr,size_t *fpr_len,
struct keyserver_spec *keyserver);

34
g10/keyserver.c
View file

@ -1159,6 +1159,21 @@ keyserver_import_name (ctrl_t ctrl, const char *name,
}
/* Import the keys that match exactly MBOX */
int
keyserver_import_ntds (ctrl_t ctrl, const char *mbox,
unsigned char **fpr, size_t *fprlen)
{
KEYDB_SEARCH_DESC desc = { 0 };
struct keyserver_spec keyserver = { NULL, "ldap:///" };
desc.mode = KEYDB_SEARCH_MODE_MAIL;
desc.u.name = mbox;
return keyserver_get (ctrl, &desc, 1, &keyserver, 0, fpr, fprlen);
}
int
keyserver_import_fprint (ctrl_t ctrl, const byte *fprint,size_t fprint_len,
struct keyserver_spec *keyserver, int quick)
@ -1690,6 +1705,25 @@ keyserver_get_chunk (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int ndesc,
quiet = 1;
}
}
else if(desc[idx].mode == KEYDB_SEARCH_MODE_MAIL)
{
n = 1 + strlen (desc[idx].u.name) + 1 + 1;
if (idx && linelen + n > MAX_KS_GET_LINELEN)
break; /* Declare end of this chunk. */
linelen += n;
if (desc[idx].u.name[0] == '<')
pattern[npat] = xtrystrdup (desc[idx].u.name);
else
pattern[npat] = strconcat ("<", desc[idx].u.name, ">", NULL);
if (!pattern[npat])
err = gpg_error_from_syserror ();
else
{
npat++;
quiet = 1;
}
}
else if (desc[idx].mode == KEYDB_SEARCH_MODE_NONE)
continue;
else

1
g10/options.h
View file

@ -255,6 +255,7 @@ struct
AKL_DANE,
AKL_WKD,
AKL_LDAP,
AKL_NTDS,
AKL_KEYSERVER,
AKL_SPEC
} type;

11
g10/test-stubs.c
View file

@ -233,6 +233,17 @@ keyserver_import_name (const char *name,struct keyserver_spec *spec)
return -1;
}
int
keyserver_import_ntds (ctrl_t ctrl, const char *mbox,
unsigned char **fpr, size_t *fprlen)
{
(void)ctrl;
(void)mbox;
(void)fpr;
(void)fprlen;
return -1;
}
int
keyserver_import_ldap (const char *name)
{