From 89df86157e3580aae7e391382f4a5451a192fc68 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 9 Jun 2021 10:34:14 +0200 Subject: [PATCH] sm: New option --ldapserver as an alias for --keyserver. * sm/gpgsm.c (opts): Add option --ldapserver and make --keyserver an alias. -- We should use "keyserver" for OpenPGP and thus it is better to allow for "ldapserver" here - it is the same convention as now used in dirmngr. Signed-off-by: Werner Koch (cherry picked from commit d6df1bf84969bf5f5781e33bc1c2f6cb2aee0093) --- doc/gpgsm.texi | 37 +++++++++---------------------------- sm/gpgsm.c | 3 ++- 2 files changed, 11 insertions(+), 29 deletions(-) diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi index 1d3a7e07e..52f939e1e 100644 --- a/doc/gpgsm.texi +++ b/doc/gpgsm.texi @@ -358,35 +358,16 @@ Outputs additional information while running. You can increase the verbosity by giving several verbose commands to @command{gpgsm}, such as @samp{-vv}. - -@item --keyserver @var{string} +@item --ldapserver @var{string} +@itemx --keyserver @var{string} +@opindex ldapserver @opindex keyserver -Add an LDAP server to use for certificate and CRL lookup. This option -can be given multiple times to configure more than one LDAP server. -Note that the @command{dirmngr} can in addition be configured with a -default list of LDAP servers to be used after those configured with -this option. The syntax of @var{string} is: - -@sc{hostname:port:username:password:base_dn:flags} - -The only defined flag is @code{ldaps} to specify that a TLS -connections shall be used. Flags are comma delimited; unknown flags -are ignored. - -Note that all parts of that string are expected to be UTF-8 encoded. -This may lead to problems if the @sc{password} has originally been -encoded as Latin-1; in such a case better configure such an LDAP server -using the global configuration of @command{dirmngr}. - -Here is an example which uses the default port, no username, no -password, and requests a TLS connection: - -@c man:.RS -@example ---keyserver ldap.pca.dfn.de::::o=DFN-Verein,c=DE:ldaps -@end example -@c man:.RE - +Add an LDAP server to use for X.509 certificate and CRL lookup. This +option can be given multiple times to configure more than one LDAP +server. Note that in general @command{dirmngr} should be configured +with the list of LDAP servers; if this option is also configured here, +it is used in addition to those configured in dirmngr. For the syntax +see the description of dirmngr's ldapserver option. @item --policy-file @var{filename} @opindex policy-file diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 940d65fec..67cfe2490 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -348,8 +348,9 @@ static gpgrt_opt_t opts[] = { ARGPARSE_s_s (oKeyring, "keyring", N_("|FILE|add keyring to the list of keyrings")), ARGPARSE_s_n (oNoDefKeyring, "no-default-keyring", "@"), - ARGPARSE_s_s (oKeyServer, "keyserver", + ARGPARSE_s_s (oKeyServer, "ldapserver", N_("|SPEC|use this keyserver to lookup keys")), + ARGPARSE_s_s (oKeyServer, "keyserver", "@"), ARGPARSE_s_n (oUseKeyboxd, "use-keyboxd", "@"),