security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-10 13:04:23 +01:00
Code Activity

* gpgkeys_ldap.c (main): Add binddn and bindpw so users can pass

Browse Source 
credentials to a remote LDAP server.
This commit is contained in:
David Shaw 2006-02-22 03:49:49 +00:00
parent 79ec50f77d
commit c68649e1b1
2 changed files with 78 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
keyserver/ChangeLog
View File

@ -1,5 +1,8 @@
2006-02-21 David Shaw <dshaw@jabberwocky.com> 2006-02-21 David Shaw <dshaw@jabberwocky.com>
* gpgkeys_ldap.c (main): Add binddn and bindpw so users can pass
credentials to a remote LDAP server.
* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt, * curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
curl_easy_perform): Mingw has 'stderr' as a macro? curl_easy_perform): Mingw has 'stderr' as a macro?

91
keyserver/gpgkeys_ldap.c
View File

@ -1714,7 +1714,7 @@ int
main(int argc,char *argv[]) main(int argc,char *argv[])
{ {
int port=0,arg,err,ret=KEYSERVER_INTERNAL_ERROR; int port=0,arg,err,ret=KEYSERVER_INTERNAL_ERROR;
char line[MAX_LINE]; char line[MAX_LINE],*binddn=NULL,*bindpw=NULL;
int failed=0,use_ssl=0,use_tls=0,bound=0; int failed=0,use_ssl=0,use_tls=0,bound=0;
struct keylist *keylist=NULL,*keyptr=NULL; struct keylist *keylist=NULL,*keyptr=NULL;
@ -1850,6 +1850,50 @@ main(int argc,char *argv[])
real_ldap=1; real_ldap=1;
} }
} }
else if(strncasecmp(start,"binddn",6)==0)
{
if(no)
{
free(binddn);
binddn=NULL;
}
else if(start[6]=='=')
{
free(binddn);
binddn=strdup(&start[7]);
if(!binddn)
{
fprintf(console,"gpgkeys: out of memory while creating "
"bind DN\n");
ret=KEYSERVER_NO_MEMORY;
goto fail;
}
real_ldap=1;
}
}
else if(strncasecmp(start,"bindpw",6)==0)
{
if(no)
{
free(bindpw);
bindpw=NULL;
}
else if(start[6]=='=')
{
free(bindpw);
bindpw=strdup(&start[7]);
if(!bindpw)
{
fprintf(console,"gpgkeys: out of memory while creating "
"bind password\n");
ret=KEYSERVER_NO_MEMORY;
goto fail;
}
real_ldap=1;
}
}
continue; continue;
} }
@ -2098,25 +2142,40 @@ main(int argc,char *argv[])
} }
} }
#if 0 /* By default we don't bind as there is usually no need to. For
/* The LDAP keyserver doesn't require this, but it might be useful cases where the server needs some authentication, the user can
if someone stores keys on a V2 LDAP server somewhere. (V3 use binddn and bindpw for auth. */
doesn't require a bind). Leave this out for now since it is not
clear if anyone's server we're likely to use really cares, plus
there are some servers that don't allow it. */
err=ldap_simple_bind_s(ldap,NULL,NULL); if(binddn)
if(err!=0)
{ {
fprintf(console,"gpgkeys: internal LDAP bind error: %s\n", #ifdef HAVE_LDAP_SET_OPTION
ldap_err2string(err)); int ver=LDAP_VERSION3;
fail_all(keylist,ldap_err_to_gpg_err(err));
goto fail; err=ldap_set_option(ldap,LDAP_OPT_PROTOCOL_VERSION,&ver);
} if(err!=LDAP_SUCCESS)
else {
bound=1; fprintf(console,"gpgkeys: unable to go to LDAP 3: %s\n",
ldap_err2string(err));
fail_all(keylist,ldap_err_to_gpg_err(err));
goto fail;
}
#endif #endif
if(opt->verbose>2)
fprintf(console,"gpgkeys: LDAP bind to %s, pw %s\n",binddn,
bindpw?">not shown<":">none<");
err=ldap_simple_bind_s(ldap,binddn,bindpw);
if(err!=LDAP_SUCCESS)
{
fprintf(console,"gpgkeys: internal LDAP bind error: %s\n",
ldap_err2string(err));
fail_all(keylist,ldap_err_to_gpg_err(err));
goto fail;
}
else
bound=1;
}
if(opt->action==KS_GET) if(opt->action==KS_GET)
{ {
keyptr=keylist; keyptr=keylist;