* gpgkeys_ldap.c (ldap2epochtime): LDAP timestamps are UTC, so do not

correct for timezones. (main): Find the basekeyspacedn before we try to start TLS, so we can give a better error message when a user tries to use TLS with a LDAP keyserver.
2025-03-24 22:09:57 +01:00 · 2004-02-19 21:32:15 +00:00 · 2004-02-19 21:32:15 +00:00 · 7f148010ab
commit 7f148010ab
parent 06d21d80f6
2 changed files with 40 additions and 10 deletions
--- a/keyserver/ChangeLog
+++ b/keyserver/ChangeLog
@ -1,5 +1,11 @@
 2004-02-19  David Shaw  <dshaw@jabberwocky.com>

+	* gpgkeys_ldap.c (ldap2epochtime): LDAP timestamps are UTC, so do
+	not correct for timezones.
+	(main): Find the basekeyspacedn before we try to start TLS, so we
+	can give a better error message when a user tries to use TLS with
+	a LDAP keyserver.
+
 	* Makefile.am: Add automake conditionals to symlink gpgkeys_ldaps
 	to gpgkeys_ldap when needed.

--- a/keyserver/gpgkeys_ldap.c
+++ b/keyserver/gpgkeys_ldap.c
@ -503,6 +503,7 @@ time_t
 ldap2epochtime(const char *timestr)
 {
  struct tm pgptime;
+  time_t answer;

  memset(&pgptime,0,sizeof(pgptime));

@ -520,7 +521,26 @@ ldap2epochtime(const char *timestr)
  pgptime.tm_isdst=-1;
  pgptime.tm_mon--;

-  return mktime(&pgptime);
+  /* mktime takes the timezone into account, and we can't have that.
+     I'd use timegm, but it's not portable. */
+
+#ifdef HAVE_TIMEGM
+  answer=timegm(&pgptime);
+#else
+  {
+    char *zone=getenv("TZ");
+    setenv("TZ","UTC",1);
+    tzset();
+    answer=mktime(&pgptime);
+    if(zone)
+      setenv("TZ",zone,1);
+    else
+      unsetenv("TZ");
+    tzset();
+  }
+#endif
+
+  return answer;
 }

 void
@ -1203,11 +1223,19 @@ main(int argc,char *argv[])
 	}
    }

+  if((err=find_basekeyspacedn()))
+    {
+      fprintf(console,"gpgkeys: unable to retrieve LDAP base: %s\n",
+	      ldap_err2string(err));
+      fail_all(keylist,action,ldap_err_to_gpg_err(err));
+      goto fail;
+    }
+
  /* use_tls: 0=don't use, 1=try silently to use, 2=try loudly to use,
     3=force use. */
  if(use_tls)
    {
-      if(!real_ldap && use_tls)
+      if(!real_ldap)
      	{
      	  if(use_tls>=2)
 	    fprintf(console,"gpgkeys: unable to start TLS: %s\n",
@ -1255,6 +1283,10 @@ main(int argc,char *argv[])
 	}
    }

+  /* The LDAP keyserver doesn't require this, but it might be useful
+     if someone stores keys on a V2 LDAP server somewhere.  (V3
+     doesn't require a bind). */
+
  err=ldap_simple_bind_s(ldap,NULL,NULL);
  if(err!=0)
    {
@ -1264,14 +1296,6 @@ main(int argc,char *argv[])
      goto fail;
    }

-  if((err=find_basekeyspacedn()))
-    {
-      fprintf(console,"gpgkeys: unable to retrieve LDAP base: %s\n",
-	      ldap_err2string(err));
-      fail_all(keylist,action,ldap_err_to_gpg_err(err));
-      goto fail;
-    }
-
  switch(action)
    {
    case GET: