security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity

sm: New option --ldapserver as an alias for --keyserver.

Browse Source 
* sm/gpgsm.c (opts): Add option --ldapserver and make --keyserver an
alias.
--

We should use "keyserver" for OpenPGP and thus it is better to allow
for "ldapserver" here - it is the same convention as now used in
dirmngr.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit d6df1bf84969bf5f5781e33bc1c2f6cb2aee0093)
This commit is contained in:
Werner Koch 2021-06-09 10:34:14 +02:00
parent 14528ec66b
commit 89df86157e
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 11 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
doc/gpgsm.texi
View File

@ -358,35 +358,16 @@ Outputs additional information while running.
You can increase the verbosity by giving several
verbose commands to @command{gpgsm}, such as @samp{-vv}.
@item --keyserver @var{string}
@item --ldapserver @var{string}
@itemx --keyserver @var{string}
@opindex ldapserver
@opindex keyserver
Add an LDAP server to use for certificate and CRL lookup. This option
can be given multiple times to configure more than one LDAP server.
Note that the @command{dirmngr} can in addition be configured with a
default list of LDAP servers to be used after those configured with
this option. The syntax of @var{string} is:
@sc{hostname:port:username:password:base_dn:flags}
The only defined flag is @code{ldaps} to specify that a TLS
connections shall be used. Flags are comma delimited; unknown flags
are ignored.
Note that all parts of that string are expected to be UTF-8 encoded.
This may lead to problems if the @sc{password} has originally been
encoded as Latin-1; in such a case better configure such an LDAP server
using the global configuration of @command{dirmngr}.
Here is an example which uses the default port, no username, no
password, and requests a TLS connection:
@c man:.RS
@example
--keyserver ldap.pca.dfn.de::::o=DFN-Verein,c=DE:ldaps
@end example
@c man:.RE
Add an LDAP server to use for X.509 certificate and CRL lookup. This
option can be given multiple times to configure more than one LDAP
server. Note that in general @command{dirmngr} should be configured
with the list of LDAP servers; if this option is also configured here,
it is used in addition to those configured in dirmngr. For the syntax
see the description of dirmngr's ldapserver option.
@item --policy-file @var{filename}
@opindex policy-file

3
sm/gpgsm.c
View File

@ -348,8 +348,9 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_s (oKeyring, "keyring",
N_("|FILE|add keyring to the list of keyrings")),
ARGPARSE_s_n (oNoDefKeyring, "no-default-keyring", "@"),
ARGPARSE_s_s (oKeyServer, "keyserver",
ARGPARSE_s_s (oKeyServer, "ldapserver",
N_("|SPEC|use this keyserver to lookup keys")),
ARGPARSE_s_s (oKeyServer, "keyserver", "@"),
ARGPARSE_s_n (oUseKeyboxd, "use-keyboxd", "@"),