security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-11 23:59:50 +02:00
Code Activity

* gpgkeys_ldap.c (main): Don't try and error out before making a ldaps

Browse Source 
connection to the NAI keyserver since we cannot tell if it is a NAI
keyserver until we connect.  Fail if we cannot find a base keyspace DN.
Fix a false success message for TLS being enabled.
This commit is contained in:
David Shaw 2004-07-28 02:36:45 +00:00
parent 25ac11084b
commit a32297863b
2 changed files with 27 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
keyserver/ChangeLog
View File

@ -1,3 +1,11 @@
2004-07-27 David Shaw <dshaw@jabberwocky.com>
* gpgkeys_ldap.c (main): Don't try and error out before making a
ldaps connection to the NAI keyserver since we cannot tell if it
is a NAI keyserver until we connect. Fail if we cannot find a
base keyspace DN. Fix a false success message for TLS being
enabled.
2004-07-20 Werner Koch <wk@gnupg.org> 2004-07-20 Werner Koch <wk@gnupg.org>
* gpgkeys_ldap.c [_WIN32]: Include Windows specific header files. * gpgkeys_ldap.c [_WIN32]: Include Windows specific header files.

47
keyserver/gpgkeys_ldap.c
View File

@ -1699,38 +1699,28 @@ main(int argc,char *argv[])
if(use_ssl) if(use_ssl)
{ {
if(!real_ldap)
{
fprintf(console,"gpgkeys: unable to make SSL connection: %s\n",
"not supported by the NAI LDAP keyserver");
fail_all(keylist,action,KEYSERVER_INTERNAL_ERROR);
goto fail;
}
else
{
#if defined(LDAP_OPT_X_TLS_HARD) && defined(HAVE_LDAP_SET_OPTION) #if defined(LDAP_OPT_X_TLS_HARD) && defined(HAVE_LDAP_SET_OPTION)
int ssl=LDAP_OPT_X_TLS_HARD; int ssl=LDAP_OPT_X_TLS_HARD;
err=ldap_set_option(ldap,LDAP_OPT_X_TLS,&ssl); err=ldap_set_option(ldap,LDAP_OPT_X_TLS,&ssl);
if(err!=LDAP_SUCCESS) if(err!=LDAP_SUCCESS)
{ {
fprintf(console,"gpgkeys: unable to make SSL connection: %s\n",
ldap_err2string(err));
fail_all(keylist,action,ldap_err_to_gpg_err(err));
goto fail;
}
#else
fprintf(console,"gpgkeys: unable to make SSL connection: %s\n", fprintf(console,"gpgkeys: unable to make SSL connection: %s\n",
"not built with LDAPS support"); ldap_err2string(err));
fail_all(keylist,action,KEYSERVER_INTERNAL_ERROR); fail_all(keylist,action,ldap_err_to_gpg_err(err));
goto fail; goto fail;
#endif
} }
#else
fprintf(console,"gpgkeys: unable to make SSL connection: %s\n",
"not built with LDAPS support");
fail_all(keylist,action,KEYSERVER_INTERNAL_ERROR);
goto fail;
#endif
} }
if((err=find_basekeyspacedn())) if((err=find_basekeyspacedn()) || !basekeyspacedn)
{ {
fprintf(console,"gpgkeys: unable to retrieve LDAP base: %s\n", fprintf(console,"gpgkeys: unable to retrieve LDAP base: %s\n",
ldap_err2string(err)); err?ldap_err2string(err):"not found");
fail_all(keylist,action,ldap_err_to_gpg_err(err)); fail_all(keylist,action,ldap_err_to_gpg_err(err));
goto fail; goto fail;
} }
@ -1761,10 +1751,11 @@ main(int argc,char *argv[])
if(err==LDAP_SUCCESS) if(err==LDAP_SUCCESS)
err=ldap_start_tls_s(ldap,NULL,NULL); err=ldap_start_tls_s(ldap,NULL,NULL);
if(err!=LDAP_SUCCESS && use_tls>=2) if(err!=LDAP_SUCCESS)
{ {
fprintf(console,"gpgkeys: unable to start TLS: %s\n", if(use_tls==2 || verbose>2)
ldap_err2string(err)); fprintf(console,"gpgkeys: unable to start TLS: %s\n",
ldap_err2string(err));
/* Are we forcing it? */ /* Are we forcing it? */
if(use_tls==3) if(use_tls==3)
{ {
@ -1772,7 +1763,7 @@ main(int argc,char *argv[])
goto fail; goto fail;
} }
} }
else if(verbose>1) else if(err==LDAP_SUCCESS && verbose>1)
fprintf(console,"gpgkeys: TLS started successfully.\n"); fprintf(console,"gpgkeys: TLS started successfully.\n");
#else #else
if(use_tls>=2) if(use_tls>=2)