security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-02 12:01:32 +01:00
Code Activity

sm: New option --ldapserver as an alias for --keyserver.

Browse Source 
* sm/gpgsm.c (opts): Add option --ldapserver and make --keyserver an
alias.
--

We should use "keyserver" for OpenPGP and thus it is better to allow
for "ldapserver" here - it is the same convention as now used in
dirmngr.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit d6df1bf84969bf5f5781e33bc1c2f6cb2aee0093)
This commit is contained in:
Werner Koch 2021-06-09 10:34:14 +02:00
parent 14528ec66b
commit 89df86157e
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 11 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
doc/gpgsm.texi
View File

@ -358,35 +358,16 @@ Outputs additional information while running.
You can increase the verbosity by giving several You can increase the verbosity by giving several
verbose commands to @command{gpgsm}, such as @samp{-vv}. verbose commands to @command{gpgsm}, such as @samp{-vv}.
@item --ldapserver @var{string}
@item --keyserver @var{string} @itemx --keyserver @var{string}
@opindex ldapserver
@opindex keyserver @opindex keyserver
Add an LDAP server to use for certificate and CRL lookup. This option Add an LDAP server to use for X.509 certificate and CRL lookup. This
can be given multiple times to configure more than one LDAP server. option can be given multiple times to configure more than one LDAP
Note that the @command{dirmngr} can in addition be configured with a server. Note that in general @command{dirmngr} should be configured
default list of LDAP servers to be used after those configured with with the list of LDAP servers; if this option is also configured here,
this option. The syntax of @var{string} is: it is used in addition to those configured in dirmngr. For the syntax
see the description of dirmngr's ldapserver option.
@sc{hostname:port:username:password:base_dn:flags}
The only defined flag is @code{ldaps} to specify that a TLS
connections shall be used. Flags are comma delimited; unknown flags
are ignored.
Note that all parts of that string are expected to be UTF-8 encoded.
This may lead to problems if the @sc{password} has originally been
encoded as Latin-1; in such a case better configure such an LDAP server
using the global configuration of @command{dirmngr}.
Here is an example which uses the default port, no username, no
password, and requests a TLS connection:
@c man:.RS
@example
--keyserver ldap.pca.dfn.de::::o=DFN-Verein,c=DE:ldaps
@end example
@c man:.RE
@item --policy-file @var{filename} @item --policy-file @var{filename}
@opindex policy-file @opindex policy-file

3
sm/gpgsm.c
View File

@ -348,8 +348,9 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_s (oKeyring, "keyring", ARGPARSE_s_s (oKeyring, "keyring",
N_("|FILE|add keyring to the list of keyrings")), N_("|FILE|add keyring to the list of keyrings")),
ARGPARSE_s_n (oNoDefKeyring, "no-default-keyring", "@"), ARGPARSE_s_n (oNoDefKeyring, "no-default-keyring", "@"),
ARGPARSE_s_s (oKeyServer, "keyserver", ARGPARSE_s_s (oKeyServer, "ldapserver",
N_("|SPEC|use this keyserver to lookup keys")), N_("|SPEC|use this keyserver to lookup keys")),
ARGPARSE_s_s (oKeyServer, "keyserver", "@"),
ARGPARSE_s_n (oUseKeyboxd, "use-keyboxd", "@"), ARGPARSE_s_n (oUseKeyboxd, "use-keyboxd", "@"),