security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

dirmngr: Minor cleanup for better readability. 

* dirmngr/ldap.c (start_default_fetch_ldap): Rename to
start_cacert_fetch_ldap and remove arg attr.  Instead use
"cACertificate" directly.
* dirmngr/crlfetch.c (ca_cert_fetch): Change the only caller.
(start_cert_fetch_ldap): Rename arg for clarity.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2020-10-05 17:21:55 +02:00
parent 210575d882
commit b258f8de7e
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
3 changed files with 29 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dirmngr/crlfetch.c
View File

@ -302,7 +302,7 @@ ca_cert_fetch (ctrl_t ctrl, cert_fetch_context_t *context, const char *dn)
return gpg_error (GPG_ERR_NOT_SUPPORTED); return gpg_error (GPG_ERR_NOT_SUPPORTED);
} }
#if USE_LDAP #if USE_LDAP
return start_default_fetch_ldap (ctrl, context, dn, "cACertificate"); return start_cacert_fetch_ldap (ctrl, context, dn);
#else #else
(void)ctrl; (void)ctrl;
(void)context; (void)context;

6
dirmngr/crlfetch.h
View File

@ -69,9 +69,9 @@ gpg_error_t attr_fetch_ldap (ctrl_t ctrl,
ksba_reader_t *reader); ksba_reader_t *reader);
gpg_error_t start_default_fetch_ldap (ctrl_t ctrl, gpg_error_t start_cacert_fetch_ldap (ctrl_t ctrl,
cert_fetch_context_t *context, cert_fetch_context_t *context,
const char *dn, const char *attr); const char *dn);
gpg_error_t start_cert_fetch_ldap( ctrl_t ctrl, gpg_error_t start_cert_fetch_ldap( ctrl_t ctrl,
cert_fetch_context_t *context, cert_fetch_context_t *context,
strlist_t patterns, strlist_t patterns,

50
dirmngr/ldap.c
View File

@ -468,18 +468,19 @@ make_url (char **url, const char *dn, const char *filter)
} }
/* Prepare an LDAP query to return the attribute ATTR for the DN. All /* Prepare an LDAP query to return the cACertificate attribute for DN.
configured default servers are queried until one responds. This * All configured default servers are queried until one responds.
function returns an error code or 0 and a CONTEXT on success. */ * This function returns an error code or 0 and stored a newly
* allocated contect object at CONTEXT on success. */
gpg_error_t gpg_error_t
start_default_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context, start_cacert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *r_context,
const char *dn, const char *attr) const char *dn)
{ {
gpg_error_t err; gpg_error_t err;
struct ldapserver_iter iter; struct ldapserver_iter iter;
*context = xtrycalloc (1, sizeof **context); *r_context = xtrycalloc (1, sizeof **r_context);
if (!*context) if (!*r_context)
return gpg_error_from_errno (errno); return gpg_error_from_errno (errno);
/* FIXME; we might want to look at the Base SN to try matching /* FIXME; we might want to look at the Base SN to try matching
@ -493,30 +494,30 @@ start_default_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context,
err = run_ldap_wrapper (ctrl, err = run_ldap_wrapper (ctrl,
0, 0,
1, 1, /* --multi (record format) */
opt.ldap_proxy, opt.ldap_proxy,
server->host, server->port, server->host, server->port,
server->user, server->pass, server->user, server->pass,
dn, "objectClass=*", attr, NULL, dn, "objectClass=*", "cACertificate", NULL,
&(*context)->reader); &(*r_context)->reader);
if (!err) if (!err)
break; /* Probably found a result. */ break; /* Probably found a result. */
} }
if (err) if (err)
{ {
xfree (*context); xfree (*r_context);
*context = NULL; *r_context = NULL;
} }
return err; return err;
} }
/* Prepare an LDAP query to return certificates matching PATTERNS using /* Prepare an LDAP query to return certificates matching PATTERNS
the SERVER. This function returns an error code or 0 and a CONTEXT * using the SERVER. This function returns an error code or 0 and
on success. */ * stores a newly allocated object at R_CONTEXT on success. */
gpg_error_t gpg_error_t
start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context, start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *r_context,
strlist_t patterns, const ldap_server_t server) strlist_t patterns, const ldap_server_t server)
{ {
gpg_error_t err; gpg_error_t err;
@ -532,7 +533,7 @@ start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context,
char portbuf[30], timeoutbuf[30]; char portbuf[30], timeoutbuf[30];
int use_ldaps = 0; int use_ldaps = 0;
*context = NULL; *r_context = NULL;
if (opt.ldap_proxy && !(proxy = xtrystrdup (opt.ldap_proxy))) if (opt.ldap_proxy && !(proxy = xtrystrdup (opt.ldap_proxy)))
{ {
@ -646,19 +647,19 @@ start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context,
} }
argv[argc] = NULL; argv[argc] = NULL;
*context = xtrycalloc (1, sizeof **context); *r_context = xtrycalloc (1, sizeof **r_context);
if (!*context) if (!*r_context)
{ {
err = gpg_error_from_errno (errno); err = gpg_error_from_errno (errno);
goto leave; goto leave;
} }
err = ldap_wrapper (ctrl, &(*context)->reader, (const char**)argv); err = ldap_wrapper (ctrl, &(*r_context)->reader, (const char**)argv);
if (err) if (err)
{ {
xfree (*context); xfree (*r_context);
*context = NULL; *r_context = NULL;
} }
leave: leave:
@ -718,8 +719,7 @@ fetch_next_cert_ldap (cert_fetch_context_t context,
n = buf32_to_ulong (hdr+1); n = buf32_to_ulong (hdr+1);
if (*hdr == 'V' && okay) if (*hdr == 'V' && okay)
{ {
#if 0 /* That code is not yet ready. */ #if 0 /* That code to extra a cert from a CMS object is not yet ready. */
if (is_cms) if (is_cms)
{ {
/* The certificate needs to be parsed from CMS data. */ /* The certificate needs to be parsed from CMS data. */
@ -766,7 +766,7 @@ fetch_next_cert_ldap (cert_fetch_context_t context,
any = 1; any = 1;
} }
else else
#endif #endif /* End unfinished code to extract from a CMS object. */
{ {
*value = xtrymalloc (n); *value = xtrymalloc (n);
if (!*value) if (!*value)