1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

* gpgkeys_ldap.c (main): Add binddn and bindpw so users can pass

credentials to a remote LDAP server.
This commit is contained in:
David Shaw 2006-02-22 03:49:49 +00:00
parent 79ec50f77d
commit c68649e1b1
2 changed files with 78 additions and 16 deletions

View File

@ -1,5 +1,8 @@
2006-02-21 David Shaw <dshaw@jabberwocky.com>
* gpgkeys_ldap.c (main): Add binddn and bindpw so users can pass
credentials to a remote LDAP server.
* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
curl_easy_perform): Mingw has 'stderr' as a macro?

View File

@ -1714,7 +1714,7 @@ int
main(int argc,char *argv[])
{
int port=0,arg,err,ret=KEYSERVER_INTERNAL_ERROR;
char line[MAX_LINE];
char line[MAX_LINE],*binddn=NULL,*bindpw=NULL;
int failed=0,use_ssl=0,use_tls=0,bound=0;
struct keylist *keylist=NULL,*keyptr=NULL;
@ -1850,6 +1850,50 @@ main(int argc,char *argv[])
real_ldap=1;
}
}
else if(strncasecmp(start,"binddn",6)==0)
{
if(no)
{
free(binddn);
binddn=NULL;
}
else if(start[6]=='=')
{
free(binddn);
binddn=strdup(&start[7]);
if(!binddn)
{
fprintf(console,"gpgkeys: out of memory while creating "
"bind DN\n");
ret=KEYSERVER_NO_MEMORY;
goto fail;
}
real_ldap=1;
}
}
else if(strncasecmp(start,"bindpw",6)==0)
{
if(no)
{
free(bindpw);
bindpw=NULL;
}
else if(start[6]=='=')
{
free(bindpw);
bindpw=strdup(&start[7]);
if(!bindpw)
{
fprintf(console,"gpgkeys: out of memory while creating "
"bind password\n");
ret=KEYSERVER_NO_MEMORY;
goto fail;
}
real_ldap=1;
}
}
continue;
}
@ -2098,25 +2142,40 @@ main(int argc,char *argv[])
}
}
#if 0
/* The LDAP keyserver doesn't require this, but it might be useful
if someone stores keys on a V2 LDAP server somewhere. (V3
doesn't require a bind). Leave this out for now since it is not
clear if anyone's server we're likely to use really cares, plus
there are some servers that don't allow it. */
/* By default we don't bind as there is usually no need to. For
cases where the server needs some authentication, the user can
use binddn and bindpw for auth. */
err=ldap_simple_bind_s(ldap,NULL,NULL);
if(err!=0)
if(binddn)
{
fprintf(console,"gpgkeys: internal LDAP bind error: %s\n",
ldap_err2string(err));
fail_all(keylist,ldap_err_to_gpg_err(err));
goto fail;
}
else
bound=1;
#ifdef HAVE_LDAP_SET_OPTION
int ver=LDAP_VERSION3;
err=ldap_set_option(ldap,LDAP_OPT_PROTOCOL_VERSION,&ver);
if(err!=LDAP_SUCCESS)
{
fprintf(console,"gpgkeys: unable to go to LDAP 3: %s\n",
ldap_err2string(err));
fail_all(keylist,ldap_err_to_gpg_err(err));
goto fail;
}
#endif
if(opt->verbose>2)
fprintf(console,"gpgkeys: LDAP bind to %s, pw %s\n",binddn,
bindpw?">not shown<":">none<");
err=ldap_simple_bind_s(ldap,binddn,bindpw);
if(err!=LDAP_SUCCESS)
{
fprintf(console,"gpgkeys: internal LDAP bind error: %s\n",
ldap_err2string(err));
fail_all(keylist,ldap_err_to_gpg_err(err));
goto fail;
}
else
bound=1;
}
if(opt->action==KS_GET)
{
keyptr=keylist;