mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
dirmngr: Minor cleanups.
* dirmngr/ks-engine-ldap.c [__riscos__]: Remove doubled util.h. (ldap_to_gpg_err): s/GPG_ERR_GENERAL/GPG_ERR_INTERNAL/. (tm2ldaptime): Use snprintf. (ldap_connect): Get error code prior to log_error and and use modern function. Use xfree, xtrustrdup etc. (modlist_lookup): Use GNUPG_GCC_A_USED. (modlist_free): Use xfree. -- sprintf has been replaced by snprintf to avoid warnings on some platforms. xfree et al. is required so that replacement functions are used if defined. For example the Libgcrypt functions which may not be fully compatible with standard free. Impossible conditions should use GPG_ERR_INTERNAL. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
99ef9cd7f5
commit
6c701af121
@ -49,10 +49,6 @@
|
|||||||
#include "ks-engine.h"
|
#include "ks-engine.h"
|
||||||
#include "ldap-parse-uri.h"
|
#include "ldap-parse-uri.h"
|
||||||
|
|
||||||
#ifdef __riscos__
|
|
||||||
# include "util.h"
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifndef HAVE_TIMEGM
|
#ifndef HAVE_TIMEGM
|
||||||
time_t timegm(struct tm *tm);
|
time_t timegm(struct tm *tm);
|
||||||
#endif
|
#endif
|
||||||
@ -220,7 +216,7 @@ ldap_to_gpg_err (LDAP *ld)
|
|||||||
#else
|
#else
|
||||||
/* We should never get here since the LDAP library should always
|
/* We should never get here since the LDAP library should always
|
||||||
have either ldap_get_option or ld_errno, but just in case... */
|
have either ldap_get_option or ld_errno, but just in case... */
|
||||||
return GPG_ERR_GENERAL;
|
return GPG_ERR_INTERNAL;
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -265,7 +261,7 @@ tm2ldaptime (struct tm *tm)
|
|||||||
tmp.tm_year += 1900;
|
tmp.tm_year += 1900;
|
||||||
tmp.tm_mon ++;
|
tmp.tm_mon ++;
|
||||||
|
|
||||||
sprintf (buf, "%04d%02d%02d%02d%02d%02dZ",
|
snprintf (buf, sizeof buf, "%04d%02d%02d%02d%02d%02dZ",
|
||||||
tmp.tm_year,
|
tmp.tm_year,
|
||||||
tmp.tm_mon,
|
tmp.tm_mon,
|
||||||
tmp.tm_mday,
|
tmp.tm_mday,
|
||||||
@ -435,7 +431,7 @@ keyspec_to_ldap_filter (const char *keyspec, char **filter, int only_exact)
|
|||||||
|
|
||||||
If no LDAP error occured, you still need to check that *basednp is
|
If no LDAP error occured, you still need to check that *basednp is
|
||||||
valid. If it is NULL, then the server does not appear to be an
|
valid. If it is NULL, then the server does not appear to be an
|
||||||
OpenPGP Keyserver. In this case, you also do not need to free
|
OpenPGP Keyserver. In this case, you also do not need to xfree
|
||||||
*pgpkeyattrp. */
|
*pgpkeyattrp. */
|
||||||
static int
|
static int
|
||||||
ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
|
ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
|
||||||
@ -476,9 +472,9 @@ ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
|
|||||||
ldap_conn = ldap_init (uri->host, uri->port);
|
ldap_conn = ldap_init (uri->host, uri->port);
|
||||||
if (! ldap_conn)
|
if (! ldap_conn)
|
||||||
{
|
{
|
||||||
|
err = gpg_err_code_from_syserror ();
|
||||||
log_error ("Failed to open connection to LDAP server (%s://%s:%d)\n",
|
log_error ("Failed to open connection to LDAP server (%s://%s:%d)\n",
|
||||||
uri->scheme, uri->host, uri->port);
|
uri->scheme, uri->host, uri->port);
|
||||||
err = gpg_err_code_from_errno (errno);
|
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -516,7 +512,7 @@ ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
|
|||||||
/* XXX: We need an option to determine whether to abort if the
|
/* XXX: We need an option to determine whether to abort if the
|
||||||
certificate is bad or not. Right now we conservatively
|
certificate is bad or not. Right now we conservatively
|
||||||
default to checking the certificate and aborting. */
|
default to checking the certificate and aborting. */
|
||||||
int check_cert = LDAP_OPT_X_TLS_HARD; // LDAP_OPT_X_TLS_NEVER
|
int check_cert = LDAP_OPT_X_TLS_HARD; /* LDAP_OPT_X_TLS_NEVER */
|
||||||
|
|
||||||
err = ldap_set_option (ldap_conn,
|
err = ldap_set_option (ldap_conn,
|
||||||
LDAP_OPT_X_TLS_REQUIRE_CERT, &check_cert);
|
LDAP_OPT_X_TLS_REQUIRE_CERT, &check_cert);
|
||||||
@ -587,10 +583,13 @@ ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
|
|||||||
char **vals;
|
char **vals;
|
||||||
LDAPMessage *si_res;
|
LDAPMessage *si_res;
|
||||||
|
|
||||||
char *object = xasprintf ("cn=pgpServerInfo,%s", context[i]);
|
{
|
||||||
|
char *object = xasprintf ("cn=pgpServerInfo,%s",
|
||||||
|
context[i]);
|
||||||
err = ldap_search_s (ldap_conn, object, LDAP_SCOPE_BASE,
|
err = ldap_search_s (ldap_conn, object, LDAP_SCOPE_BASE,
|
||||||
"(objectClass=*)", attr2, 0, &si_res);
|
"(objectClass=*)", attr2, 0, &si_res);
|
||||||
free (object);
|
xfree (object);
|
||||||
|
}
|
||||||
|
|
||||||
if (err == LDAP_SUCCESS)
|
if (err == LDAP_SUCCESS)
|
||||||
{
|
{
|
||||||
@ -598,7 +597,7 @@ ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
|
|||||||
"pgpBaseKeySpaceDN");
|
"pgpBaseKeySpaceDN");
|
||||||
if (vals)
|
if (vals)
|
||||||
{
|
{
|
||||||
basedn = strdup (vals[0]);
|
basedn = xtrystrdup (vals[0]);
|
||||||
ldap_value_free (vals);
|
ldap_value_free (vals);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -649,7 +648,7 @@ ldap_connect (parsed_uri_t uri, LDAP **ldap_connp,
|
|||||||
vals = ldap_get_values (ldap_conn, si_res, "baseKeySpaceDN");
|
vals = ldap_get_values (ldap_conn, si_res, "baseKeySpaceDN");
|
||||||
if (vals)
|
if (vals)
|
||||||
{
|
{
|
||||||
basedn = strdup (vals[0]);
|
basedn = xtrystrdup (vals[0]);
|
||||||
ldap_value_free (vals);
|
ldap_value_free (vals);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1361,8 +1360,6 @@ modlist_add (LDAPMod ***modlistp, char *attr, const char *value)
|
|||||||
{
|
{
|
||||||
modlist[nummods]->mod_values = xmalloc (sizeof(char *) * 2);
|
modlist[nummods]->mod_values = xmalloc (sizeof(char *) * 2);
|
||||||
|
|
||||||
/* XXX: Is this the right thing? Can a UTF8-encoded user ID
|
|
||||||
have embedded nulls? */
|
|
||||||
modlist[nummods]->mod_values[0] = xstrdup (value);
|
modlist[nummods]->mod_values[0] = xstrdup (value);
|
||||||
modlist[nummods]->mod_values[1] = NULL;
|
modlist[nummods]->mod_values[1] = NULL;
|
||||||
}
|
}
|
||||||
@ -1394,7 +1391,7 @@ modlist_lookup (LDAPMod **modlist, const char *attr)
|
|||||||
|
|
||||||
/* Dump a modlist to a file. This is useful for debugging. */
|
/* Dump a modlist to a file. This is useful for debugging. */
|
||||||
static estream_t modlist_dump (LDAPMod **modlist, estream_t output)
|
static estream_t modlist_dump (LDAPMod **modlist, estream_t output)
|
||||||
__attribute__ ((used));
|
GNUPG_GCC_A_USED;
|
||||||
|
|
||||||
static estream_t
|
static estream_t
|
||||||
modlist_dump (LDAPMod **modlist, estream_t output)
|
modlist_dump (LDAPMod **modlist, estream_t output)
|
||||||
@ -1488,14 +1485,14 @@ modlist_free (LDAPMod **modlist)
|
|||||||
if (mod->mod_values)
|
if (mod->mod_values)
|
||||||
{
|
{
|
||||||
for (ptr = mod->mod_values; *ptr; ptr++)
|
for (ptr = mod->mod_values; *ptr; ptr++)
|
||||||
free (*ptr);
|
xfree (*ptr);
|
||||||
|
|
||||||
free (mod->mod_values);
|
xfree (mod->mod_values);
|
||||||
}
|
}
|
||||||
|
|
||||||
free (mod);
|
xfree (mod);
|
||||||
}
|
}
|
||||||
free (modlist);
|
xfree (modlist);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Append two onto the end of one. Two is not freed, but its pointers
|
/* Append two onto the end of one. Two is not freed, but its pointers
|
||||||
@ -1633,7 +1630,8 @@ extract_attributes (LDAPMod ***modlist, char *line)
|
|||||||
|
|
||||||
if (is_pub)
|
if (is_pub)
|
||||||
{
|
{
|
||||||
int disabled = 0, revoked = 0;
|
int disabled = 0;
|
||||||
|
int revoked = 0;
|
||||||
char *flags;
|
char *flags;
|
||||||
for (flags = fields[1]; *flags; flags ++)
|
for (flags = fields[1]; *flags; flags ++)
|
||||||
switch (*flags)
|
switch (*flags)
|
||||||
|
@ -127,7 +127,7 @@ ldap_parse_uri (parsed_uri_t *purip, const char *uri)
|
|||||||
|
|
||||||
len = 0;
|
len = 0;
|
||||||
|
|
||||||
#define add(s) { if (s) len += strlen (s) + 1; }
|
#define add(s) do { if (s) len += strlen (s) + 1; } while (0)
|
||||||
|
|
||||||
add (scheme);
|
add (scheme);
|
||||||
add (host);
|
add (host);
|
||||||
@ -166,6 +166,11 @@ ldap_parse_uri (parsed_uri_t *purip, const char *uri)
|
|||||||
if (password)
|
if (password)
|
||||||
{
|
{
|
||||||
puri->query = calloc (sizeof (*puri->query), 1);
|
puri->query = calloc (sizeof (*puri->query), 1);
|
||||||
|
if (!puri->query)
|
||||||
|
{
|
||||||
|
err = gpg_err_code_from_syserror ();
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
puri->query->name = "password";
|
puri->query->name = "password";
|
||||||
copy (puri->query->value, password);
|
copy (puri->query->value, password);
|
||||||
puri->query->valuelen = strlen (password) + 1;
|
puri->query->valuelen = strlen (password) + 1;
|
||||||
@ -221,7 +226,8 @@ ldap_escape_filter (const char *filter)
|
|||||||
case ')':
|
case ')':
|
||||||
case '\\':
|
case '\\':
|
||||||
case '/':
|
case '/':
|
||||||
sprintf (&escaped[escaped_i], "%%%02x", filter[filter_i]);
|
snprintf (&escaped[escaped_i], 4, "%%%02x",
|
||||||
|
((const unsigned char *)filter)[filter_i]);
|
||||||
escaped_i += 3;
|
escaped_i += 3;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user