From e1fc053dc1ad260922428cf864071e829e6c30f2 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Thu, 27 Jan 2022 15:07:02 +0100 Subject: [PATCH] gpgconf: Tweak the use of ldapserver. * tools/gpgconf-comp.c (known_options_gpgsm): Make "keyserver" invisible. (known_options_dirmngr): Add "ldapserver". * sm/gpgsm.c (oKeyServer_deprecated): New. (opts): Assign "ldapserver" to the new option and makr it as obsolete. -- We want to use "ldapserver" in dirmngr but need to keep using "keyserver" in gpgsm for existant versions of Kleopatra etc. GnuPG-bug-id: 5801 --- doc/gpgsm.texi | 16 +++++++--------- sm/gpgsm.c | 9 ++++++--- tools/gpgconf-comp.c | 4 +++- 3 files changed, 16 insertions(+), 13 deletions(-) diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi index d3d83e4a5..9363ec21d 100644 --- a/doc/gpgsm.texi +++ b/doc/gpgsm.texi @@ -347,16 +347,14 @@ Outputs additional information while running. You can increase the verbosity by giving several verbose commands to @command{gpgsm}, such as @samp{-vv}. -@item --ldapserver @var{string} -@itemx --keyserver @var{string} -@opindex ldapserver +@item --keyserver @var{string} @opindex keyserver -Add an LDAP server to use for X.509 certificate and CRL lookup. This -option can be given multiple times to configure more than one LDAP -server. Note that in general @command{dirmngr} should be configured -with the list of LDAP servers; if this option is also configured here, -it is used in addition to those configured in dirmngr. For the syntax -see the description of dirmngr's ldapserver option. +This is a deprecated option. It was used to add an LDAP server to use +for X.509 certificate and CRL lookup. The alias @option{--ldapserver} +existed from version 2.2.28 to 2.2.33 but is now entirely ignored. + +LDAP servers must be given in the configuration for @command{dirmngr}. + @item --policy-file @var{filename} @opindex policy-file diff --git a/sm/gpgsm.c b/sm/gpgsm.c index b64324706..8ee0e18c1 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -188,6 +188,7 @@ enum cmd_and_opt_values { oSkipVerify, oValidationModel, oKeyServer, + oKeyServer_deprecated, oEncryptTo, oNoEncryptTo, oLoggerFD, @@ -334,11 +335,9 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oKeyring, "keyring", N_("|FILE|add keyring to the list of keyrings")), ARGPARSE_s_n (oNoDefKeyring, "no-default-keyring", "@"), - ARGPARSE_s_s (oKeyServer, "ldapserver", - N_("|SPEC|use this keyserver to lookup keys")), + ARGPARSE_s_s (oKeyServer_deprecated, "ldapserver", "@"), ARGPARSE_s_s (oKeyServer, "keyserver", "@"), - ARGPARSE_header ("ImportExport", N_("Options controlling key import and export")), @@ -1376,6 +1375,10 @@ main ( int argc, char **argv) append_to_strlist (&opt.keyserver, pargs.r.ret_str); break; + case oKeyServer_deprecated: + obsolete_option (configname, pargs.lineno, "ldapserver"); + break; + case oIgnoreCertExtension: add_to_strlist (&opt.ignored_cert_extensions, pargs.r.ret_str); break; diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c index 35ae3e7c0..9b0cc7d1f 100644 --- a/tools/gpgconf-comp.c +++ b/tools/gpgconf-comp.c @@ -438,7 +438,7 @@ static known_option_t known_options_gpgsm[] = { "encrypt-to", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC }, { "disable-dirmngr", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT }, { "p12-charset", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED }, - { "keyserver", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC, + { "keyserver", GC_OPT_FLAG_LIST, GC_LEVEL_INVISIBLE, GC_ARG_TYPE_LDAP_SERVER }, { "compliance", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT }, { "debug-level", GC_OPT_FLAG_ARG_OPT, GC_LEVEL_ADVANCED }, @@ -482,6 +482,8 @@ static known_option_t known_options_dirmngr[] = { "force", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC }, { "use-tor", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC }, { "keyserver", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC }, + { "ldapserver", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC, + GC_ARG_TYPE_LDAP_SERVER }, { "disable-http", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED }, { "ignore-http-dp", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED }, { "http-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED },