1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

61 Commits

Author SHA1 Message Date
David Shaw
e396cd2c7c * gpgkeys_ldap.c (make_one_attr, build_attrs, send_key): Don't allow
duplicate attributes as OpenLDAP is now enforcing this.
2006-02-22 04:19:21 +00:00
David Shaw
c68649e1b1 * gpgkeys_ldap.c (main): Add binddn and bindpw so users can pass
credentials to a remote LDAP server.
2006-02-22 03:49:49 +00:00
David Shaw
da9a10d2b0 * ksutil.h, ksutil.c (parse_ks_options): New keyserver command "getname".
* gpgkeys_hkp.c (main, get_name), gpgkeys_ldap.c (main, get_name): Use it
here to do direct name (rather than key ID) fetches.
2005-12-23 20:51:48 +00:00
David Shaw
aec65a94d8 * ksutil.h, ksutil.c (parse_ks_options): Remove exact-name and
exact-email.  (classify_ks_search): Mimic the gpg search modes instead
with *, =, <, and @.

* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Call them
here.  Suggested by Jason Harris.
2005-08-26 04:24:46 +00:00
David Shaw
70bf6d9204 * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option exact-name.
The last of exact-name and exact-email overrides the earlier.

* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it here to
do a name-only search.
2005-08-18 21:14:16 +00:00
David Shaw
2d353af65d * gpgkeys_ldap.c (ldap_quote): \-quote a string for LDAP.
* gpgkeys_ldap.c (search_key): Use it here to escape reserved characters
in searches.
2005-08-18 17:40:04 +00:00
David Shaw
e9b444a9d0 * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option
exact-email.

* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it here
to do an email-only search.
2005-08-18 04:17:20 +00:00
Werner Koch
7d4043ca57 Updated FSF street address and preparations for a release candidate. 2005-05-31 08:39:18 +00:00
David Shaw
1517f0e945 * gpgkeys_ldap.c, ksutil.h, ksutil.c (print_nocr): Moved from
gpgkeys_ldap.c.  Print a string, but strip out any CRs.

* gpgkeys_finger.c (get_key), gpgkeys_hkp.c (get_key), gpgkeys_http.c
(get_key): Use it here when outputting key material to canonicalize
line endings.
2005-03-22 23:41:08 +00:00
David Shaw
8885f0b0cc * gpgkeys_ldap.c (main): Fix three wrong calls to fail_all(). Noted
by Stefan Bellon.
2005-03-19 14:24:36 +00:00
David Shaw
efa0dd21a2 * gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_ldap.c: Start using
parse_ks_options and remove a lot of common code.

* ksutil.h, ksutil.c (parse_ks_options): Parse OPAQUE, and default
debug with no arguments to 1.
2005-03-17 16:42:41 +00:00
David Shaw
dee66f5cc9 * gpgkeys_ldap.c: Include lber.h if configure determines we need it. 2005-03-17 04:02:17 +00:00
David Shaw
2833a0eadc * curl-shim.c (curl_easy_perform): Fix compile warning.
* curl-shim.h, gpgkeys_curl.c (main), gpgkeys_ldap.c (main): Add
ca-cert-file option, to pass in the SSL cert.
2005-02-12 03:15:02 +00:00
David Shaw
5d257ee60e * gpgkeys_ldap.c (print_nocr): New. (get_key): Call it here to
canonicalize line endings.

* gpgkeys_curl.c (writer): Discard everything outside the BEGIN and
END lines when retrieving keys.  Canonicalize line endings.  (main):
Accept FTPS.
2005-01-24 18:23:56 +00:00
David Shaw
2b10681641 * gpgkeys_ldap.c (main): Add "check-cert" option to disable SSL
certificate checking (which is on by default).

* gpgkeys_curl.c (main): Add "debug" option to match the LDAP helper.
Add "check-cert" option to disable SSL certificate checking (which is
on by default).
2005-01-22 03:27:19 +00:00
David Shaw
996c82ffd6 * ksutil.h, gpgkeys_curl.c, gpgkeys_hkp.c, gpgkeys_ldap.c,
gpgkeys_finger.c, gpgkeys_http.c: Part 2 of the cleanup.  Move all the
various defines to ksutil.h.
2005-01-13 23:37:26 +00:00
David Shaw
0a42f97e43 * gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: Part 1
of a minor cleanup to use #defines instead of hard-coded sizes.
2005-01-13 23:22:10 +00:00
David Shaw
97b8f41b08 * gpgkeys_curl.c (main): New "follow-redirects" option. Takes an optional
numeric value for the maximum number of redirects to allow.  Defaults to
5.

* gpgkeys_curl.c (main), gpgkeys_finger.c (main), gpgkeys_hkp.c (main),
gpgkeys_http.c (main), gpgkeys_ldap.c (main): Make sure that a "timeout"
option passed with no arguments is properly handled.
2004-12-22 19:19:10 +00:00
Werner Koch
e170c54cf8 * gpgkeys_ldap.c (main, show_help): Kludge to implement standard
GNU options. Factored help printing out.
* gpgkeys_finger.c (main, show_help): Ditto.
* gpgkeys_hkp.c (main, show_help): Ditto.
* gpgkeys_http.c (main, show_help): Ditto.
* gpgkeys_test.in, gpgkeys_mailto.in: Implement --version and --help.
2004-10-15 12:19:06 +00:00
David Shaw
d603b7c3a1 * gpgkeys_ldap.c (main), gpgkeys_hkp.c (main), gpgkeys_http.c (main),
gpgkeys_finger.c (main): Call timeout functions before performing an
action that could block for a long time.

* ksutil.h, ksutil.c: New.  Right now just contains timeout functions.
2004-10-13 18:30:29 +00:00
David Shaw
e3fd0f0c60 * gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c: Fix a
few occurances of "filename" to `filename'.
2004-10-11 20:33:22 +00:00
David Shaw
6c5507fff0 * gpgkeys_ldap.c (get_key, search_key), gpgkeys_hkp.c (get_key,
search_key), gpgkeys_http.c (get_key): Do not give informational logs
since this is now done inside gpg.
2004-08-23 19:54:40 +00:00
David Shaw
357afb5084 * gpgkeys_ldap.c (get_key): Factor out informational display into new
function build_info().
2004-08-23 16:59:11 +00:00
David Shaw
b27b7aea6d * gpgkeys_ldap.c (build_attrs): Properly terminate user ID strings that
got shrunk due to encoding.
2004-08-23 14:24:05 +00:00
David Shaw
4615a538bf * gpgkeys_ldap.c (find_basekeyspacedn): Use LDAP_SCOPE_BASE along with a
full DN rather than LDAP_SCOPE_ONELEVEL plus a filter to find the
pgpServerInfo object.  Some LDAP setups don't like the search. (main):
Stop binding to the server since it seems no server really requires it,
and some require it not be there.
2004-08-23 03:13:27 +00:00
David Shaw
f7a793ae28 * gpgkeys_ldap.c (main): Add "debug" option. This is only really useful
with OpenLDAP, but it's practically vital to debug SSL and TLS setups.
Add "basedn" option.  This allows users to override the autodetection for
base DN.  SSL overrides TLS, so TLS will not be started on SSL connections
(starting an already started car).
2004-07-29 14:01:04 +00:00
David Shaw
a2914a1592 * gpgkeys_ldap.c (build_attrs): Add "pgpKeySize" and "pgpSubKeyID"
attributes so we can do subkey searches.

* gpgkeys_ldap.c (main): Under certain error conditions, we might try and
unbind twice.  Don't.
2004-07-28 19:55:21 +00:00
David Shaw
4552115bbb * gpgkeys_ldap.c (join_two_modlists): New. (send_key): Use new function so
we can try a modify operation first, and fail over to an add if that
fails.  Add cannot cope with the NULLs at the head of the modify request,
so we jump into the list in the middle.
2004-07-28 19:45:23 +00:00
David Shaw
a32297863b * gpgkeys_ldap.c (main): Don't try and error out before making a ldaps
connection to the NAI keyserver since we cannot tell if it is a NAI
keyserver until we connect.  Fail if we cannot find a base keyspace DN.
Fix a false success message for TLS being enabled.
2004-07-28 02:36:45 +00:00
Werner Koch
5d4fb57347 * configure.ac (AM_GNU_GETTEXT_VERSION): New.
(min_automake_version): New.

* LINGUAS: Added all languages we supported in 1.2.5.
Copied all po files from 1.2.5.

* autogen.sh: Updated to the modern version, grepping the required
tool versions from configure.ac.
2004-07-27 15:12:00 +00:00
David Shaw
d8aa22f172 * gpgkeys_ldap.c (ldap2epochtime): We can always rely on timegm() being
available now, since it's a replacement function.
2004-05-21 15:46:53 +00:00
David Shaw
0d7cae4663 * gpgkeys_ldap.c (send_key): List pgpCertID as one of the deleted
attributes.  This guarantees that if something goes wrong, we won't be
able to complete the transaction, thus leaving any key already existing on
the server intact.
2004-02-26 01:29:26 +00:00
David Shaw
17ce0c5267 * gpgkeys_ldap.c (delete_one_attr): Removed. (make_one_attr): Delete
functionality added.  Optional deduping functionality added (currently
only used for pgpSignerID). (build_attrs): Translate sig entries into
pgpSignerID.  Properly build the timestamp for pgpKeyCreateTime and
pgpKeyExpireTime.
2004-02-24 03:57:21 +00:00
David Shaw
07a10b451e * gpgkeys_ldap.c (delete_one_attr): New function to replace attributes
with NULL (a "delete" that works even for nonexistant attributes).
(send_key): Use it here to remove attributes so a modify operation starts
with a clean playing field.  Bias sends to modify before add, since (I
suspect) people update their existing keys more often than they make and
send new keys to the server.
2004-02-23 03:43:45 +00:00
David Shaw
3b9d7a6430 * gpgkeys_ldap.c (epoch2ldaptime): New. Converse of ldap2epochtime.
(make_one_attr): New. Build a modification list in memory to send to the
LDAP server. (build_attrs): New. Parse INFO lines sent over by gpg.
(free_mod_values): New.  Unwinds a modification list.
(send_key_keyserver): Renamed from old send_key(). (send_key): New
function to send a key to a LDAP server. (main): Use send_key() for real
LDAP servers, send_key_keyserver() otherwise.
2004-02-22 00:08:53 +00:00
David Shaw
925b982a0b * gpgkeys_ldap.c: Replacement prototypes for setenv and unsetenv.
(search_key): Catch a SIZELIMIT_EXCEEDED error and show the user whatever
the server did give us. (find_basekeyspacedn): There is no guarantee that
namingContexts will be readable.

* Makefile.am: Link gpgkeys_ldap with libutil.a to get the replacement
functions (and eventually translations, etc).
2004-02-20 14:59:02 +00:00
David Shaw
7f148010ab * gpgkeys_ldap.c (ldap2epochtime): LDAP timestamps are UTC, so do not
correct for timezones. (main): Find the basekeyspacedn before we try to
start TLS, so we can give a better error message when a user tries to use
TLS with a LDAP keyserver.
2004-02-19 21:32:15 +00:00
David Shaw
21301028c4 * Makefile.am: Add automake conditionals to symlink gpgkeys_ldaps to
gpgkeys_ldap when needed.

* gpgkeys_ldap.c (main): Add support for LDAPS and TLS connections.
These are only useful and usable when talking to real LDAP keyservers.
Add new "tls" option to tune TLS use from off, to try quietly, to try
loudly, or to require TLS.
2004-02-19 20:09:12 +00:00
David Shaw
7e7364973d * gpgkeys_ldap.c (find_basekeyspacedn): New function to figure out what
kind of LDAP server we're talking to (either real LDAP or the LDAP
keyserver), and return the baseKeySpaceDN to find keys under. (main): Call
it from here, and remove the old code that only handled the LDAP
keyserver.
2004-02-19 15:09:14 +00:00
David Shaw
f3de3a5eb9 * gpgkeys_ldap.c (ldap_to_gpg_err): Make sure that LDAP_OPT_ERROR_NUMBER
is defined before we use it.

* gpgkeys_mailto.in: Fix VERSION number.
2004-02-18 23:05:47 +00:00
David Shaw
580faa8675 * gpgkeys_hkp.c (search_key): Catch a mangled input file (useful if
something other than GnuPG is calling the program). (main): Avoid possible
pre-string write.  Noted by Christian Biere.

* gpgkeys_ldap.c (main): Avoid possible pre-string write.
2004-01-12 04:09:37 +00:00
Stefan Bellon
02ae08d6ef cleaned up RISC OS code and removed lots of unnecessary stuff 2003-12-28 14:12:16 +00:00
David Shaw
0a86b45b9d * gpgkeys_hkp.c, gpgkeys_ldap.c: #include <getopt.h> if it is available.
Also include extern references for optarg and optind since there is no
guarantee that any header file will include them.  Standards?  We don't
need no stinkin' standards

* Makefile.am: Use @GETOPT@ to pull in libiberty on those platforms that
need it.
2003-05-31 03:52:02 +00:00
David Shaw
2e4e257f42 * gpgkeys_ldap.c (main), gpgkeys_hkp.c (main): Use new keyserver protocol
version.
2002-11-18 00:43:33 +00:00
David Shaw
d06a95a535 * gpgkeys_ldap.c (get_key): The deduping code requires "pgpcertid", but
that was not available when running without verbose on.  Noted by Stefan.
2002-11-14 14:30:53 +00:00
David Shaw
659e1e9931 * gpgkeys_ldap.c (get_key): Fix typo in deduping code. 2002-11-10 21:32:11 +00:00
David Shaw
ec0d9a416e * gpgkeys_ldap.c (key_in_keylist, add_key_to_keylist, free_keylist,
get_key, search_key): The LDAP keyserver doesn't remove duplicates, so
remove them locally.  Do not include the key modification time in the
search response.
2002-11-05 22:08:02 +00:00
David Shaw
f7b357ebfe * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key): Properly handle an
input file that does not include any key data at all.
2002-11-04 13:59:08 +00:00
David Shaw
be1d2a4038 * gpgkeys_hkp.c (main), gpgkeys_ldap.c (main): Add -V flag to output
protocol and program version.
2002-10-24 22:33:22 +00:00
David Shaw
943566f53f * gpgkeys_ldap.c (get_key): Don't print keysize unless it's >0.
(printquoted): Use %-encoding instead of \-encoding. (search_key): Use new
keyserver key listing format.
2002-10-14 19:02:11 +00:00