security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-11 21:48:50 +01:00
Code Activity

* gpgkeys_ldap.c: Replacement prototypes for setenv and unsetenv.

Browse Source 
(search_key): Catch a SIZELIMIT_EXCEEDED error and show the user whatever
the server did give us. (find_basekeyspacedn): There is no guarantee that
namingContexts will be readable.

* Makefile.am: Link gpgkeys_ldap with libutil.a to get the replacement
functions (and eventually translations, etc).
This commit is contained in:
David Shaw 2004-02-20 14:59:02 +00:00
parent 7f148010ab
commit 925b982a0b
3 changed files with 65 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
keyserver/ChangeLog
View File

@ -1,3 +1,14 @@
2004-02-20 David Shaw <dshaw@jabberwocky.com>
* gpgkeys_ldap.c: Replacement prototypes for setenv and unsetenv.
(search_key): Catch a SIZELIMIT_EXCEEDED error and show the user
whatever the server did give us.
(find_basekeyspacedn): There is no guarantee that namingContexts
will be readable.
* Makefile.am: Link gpgkeys_ldap with libutil.a to get the
replacement functions (and eventually translations, etc).
2004-02-19 David Shaw <dshaw@jabberwocky.com> 2004-02-19 David Shaw <dshaw@jabberwocky.com>
* gpgkeys_ldap.c (ldap2epochtime): LDAP timestamps are UTC, so do * gpgkeys_ldap.c (ldap2epochtime): LDAP timestamps are UTC, so do

3
keyserver/Makefile.am
View File

@ -27,7 +27,8 @@ libexec_PROGRAMS = @GPGKEYS_LDAP@ @GPGKEYS_HKP@
libexec_SCRIPTS = @GPGKEYS_MAILTO@ libexec_SCRIPTS = @GPGKEYS_MAILTO@
noinst_SCRIPTS = gpgkeys_test noinst_SCRIPTS = gpgkeys_test
gpgkeys_ldap_LDADD = @LDAPLIBS@ @NETLIBS@ @GETOPT@ @W32LIBS@ gpgkeys_ldap_LDADD = ../util/libutil.a @LDAPLIBS@ @NETLIBS@ @LIBINTL@ \
@CAPLIBS@ @GETOPT@ @W32LIBS@
gpgkeys_hkp_LDADD = ../util/libutil.a @NETLIBS@ @SRVLIBS@ @LIBINTL@ \ gpgkeys_hkp_LDADD = ../util/libutil.a @NETLIBS@ @SRVLIBS@ @LIBINTL@ \
@CAPLIBS@ @GETOPT@ @W32LIBS@ @CAPLIBS@ @GETOPT@ @W32LIBS@

89
keyserver/gpgkeys_ldap.c
View File

@ -52,6 +52,14 @@ static char *pgpkeystr="pgpKey";
static FILE *input=NULL,*output=NULL,*console=NULL; static FILE *input=NULL,*output=NULL,*console=NULL;
static LDAP *ldap=NULL; static LDAP *ldap=NULL;
#if !HAVE_SETENV
int setenv(const char *name, const char *value, int overwrite);
#endif
#if !HAVE_UNSETENV
int unsetenv(const char *name);
#endif
struct keylist struct keylist
{ {
char str[MAX_LINE]; char str[MAX_LINE];
@ -592,7 +600,7 @@ search_key(char *searchkey)
err=ldap_search_s(ldap,basekeyspacedn, err=ldap_search_s(ldap,basekeyspacedn,
LDAP_SCOPE_SUBTREE,search,attrs,0,&res); LDAP_SCOPE_SUBTREE,search,attrs,0,&res);
if(err!=0) if(err!=LDAP_SUCCESS && err!=LDAP_SIZELIMIT_EXCEEDED)
{ {
int errtag=ldap_err_to_gpg_err(err); int errtag=ldap_err_to_gpg_err(err);
@ -627,6 +635,9 @@ search_key(char *searchkey)
each=ldap_next_entry(ldap,each); each=ldap_next_entry(ldap,each);
} }
if(err==LDAP_SIZELIMIT_EXCEEDED)
fprintf(console,"gpgkeys: search results exceeded server limit. First %d results shown.\n",count);
free_keylist(dupelist); free_keylist(dupelist);
dupelist=NULL; dupelist=NULL;
@ -825,57 +836,61 @@ find_basekeyspacedn(void)
if(err==LDAP_SUCCESS) if(err==LDAP_SUCCESS)
{ {
context=ldap_get_values(ldap,res,"namingContexts"); context=ldap_get_values(ldap,res,"namingContexts");
attr[0]="pgpBaseKeySpaceDN"; if(context)
attr[1]="pgpVersion";
attr[2]="pgpSoftware";
real_ldap=1;
/* We found some, so try each namingContext as the search base
and look for pgpBaseKeySpaceDN. Because we found this, we
know we're talking to a regular-ish LDAP server and not a
LDAP keyserver. */
for(i=0;context[i] && !basekeyspacedn;i++)
{ {
char **vals; attr[0]="pgpBaseKeySpaceDN";
LDAPMessage *si_res; attr[1]="pgpVersion";
err=ldap_search_s(ldap,context[i],LDAP_SCOPE_ONELEVEL, attr[2]="pgpSoftware";
"(cn=pgpServerInfo)",attr,0,&si_res);
if(err!=LDAP_SUCCESS)
return err;
vals=ldap_get_values(ldap,si_res,"pgpBaseKeySpaceDN"); real_ldap=1;
if(vals)
/* We found some, so try each namingContext as the search base
and look for pgpBaseKeySpaceDN. Because we found this, we
know we're talking to a regular-ish LDAP server and not a
LDAP keyserver. */
for(i=0;context[i] && !basekeyspacedn;i++)
{ {
/* This is always "OU=ACTIVE,O=PGP KEYSPACE,C=US", but char **vals;
it might not be in the future. */ LDAPMessage *si_res;
err=ldap_search_s(ldap,context[i],LDAP_SCOPE_ONELEVEL,
"(cn=pgpServerInfo)",attr,0,&si_res);
if(err!=LDAP_SUCCESS)
return err;
basekeyspacedn=strdup(vals[0]); vals=ldap_get_values(ldap,si_res,"pgpBaseKeySpaceDN");
ldap_value_free(vals);
}
if(verbose>1)
{
vals=ldap_get_values(ldap,si_res,"pgpSoftware");
if(vals) if(vals)
{ {
fprintf(console,"Server: \t%s\n",vals[0]); /* This is always "OU=ACTIVE,O=PGP KEYSPACE,C=US", but
it might not be in the future. */
basekeyspacedn=strdup(vals[0]);
ldap_value_free(vals); ldap_value_free(vals);
} }
vals=ldap_get_values(ldap,si_res,"pgpVersion"); if(verbose>1)
if(vals)
{ {
fprintf(console,"Version:\t%s\n",vals[0]); vals=ldap_get_values(ldap,si_res,"pgpSoftware");
ldap_value_free(vals); if(vals)
{
fprintf(console,"Server: \t%s\n",vals[0]);
ldap_value_free(vals);
}
vals=ldap_get_values(ldap,si_res,"pgpVersion");
if(vals)
{
fprintf(console,"Version:\t%s\n",vals[0]);
ldap_value_free(vals);
}
} }
ldap_msgfree(si_res);
} }
ldap_msgfree(si_res); ldap_value_free(context);
} }
ldap_value_free(context);
ldap_msgfree(res); ldap_msgfree(res);
} }
else else