mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-03 22:56:33 +02:00
gpgsm: Allow sepcification of ldaps servers.
* sm/gpgsm.h (struct keyserver_spec): Add field use_ldaps. * sm/gpgsm.c (parse_keyserver_line): Parse flags. * sm/call-dirmngr.c (prepare_dirmngr): Send ldaps flag to the dirmngr. * dirmngr/dirmngr.h (struct ldap_server_s): Add field use_ldaps. * dirmngr/ldapserver.c (ldapserver_parse_one): Parse flags. * dirmngr/ldap.c (start_cert_fetch_ldap): Call wrapper with --tls. * dirmngr/dirmngr_ldap.c: New option --tls. (fetch_ldap): Make use of that option. -- There was no way to specify an LDAPS server in dirmngr_ldapserver.socnf or with gpgsm's --keyserver option. This patch fixes this. Eventually we should allow to replace host and port by a partial URI in the same way ldap_initialize does it. For backward compatibility we do not yet do that. Although the dirmngr code accepts an URL (eg. taken from a certificate), I can't see how the scheme was ever used. Thus the patch also detects an ldaps scheme and uses this. That part has not been tested, though. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch
parent
2b9d399cf0
commit
6e1c99bc39
9 changed files with 145 additions and 17 deletions
|
|
@ -55,6 +55,7 @@ ldapserver_list_free (ldap_server_t servers)
|
|||
3. field: Username
|
||||
4. field: Password
|
||||
5. field: Base DN
|
||||
6. field: Flags
|
||||
|
||||
FILENAME and LINENO are used for diagnostic purposes only.
|
||||
*/
|
||||
|
|
@ -64,9 +65,11 @@ ldapserver_parse_one (char *line,
|
|||
{
|
||||
char *p;
|
||||
char *endp;
|
||||
const char *s;
|
||||
ldap_server_t server;
|
||||
int fieldno;
|
||||
int fail = 0;
|
||||
int i;
|
||||
|
||||
/* Parse the colon separated fields. */
|
||||
server = xcalloc (1, sizeof *server);
|
||||
|
|
@ -115,6 +118,32 @@ ldapserver_parse_one (char *line,
|
|||
server->base = xstrdup (p);
|
||||
break;
|
||||
|
||||
case 6:
|
||||
{
|
||||
char **flags = NULL;
|
||||
|
||||
flags = strtokenize (p, ",");
|
||||
if (!flags)
|
||||
log_fatal ("strtokenize failed: %s\n",
|
||||
gpg_strerror (gpg_error_from_syserror ()));
|
||||
|
||||
for (i=0; (s = flags[i]); i++)
|
||||
{
|
||||
if (!*s)
|
||||
;
|
||||
else if (!ascii_strcasecmp (s, "ldaps"))
|
||||
server->use_ldaps = 1;
|
||||
else if (!ascii_strcasecmp (s, "ldap"))
|
||||
server->use_ldaps = 0;
|
||||
else
|
||||
log_info (_("%s:%u: ignoring unknown flag '%s'\n"),
|
||||
filename, lineno, s);
|
||||
}
|
||||
|
||||
xfree (flags);
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
/* (We silently ignore extra fields.) */
|
||||
break;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue