security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Activity
gnupg/dirmngr
History
Werner Koch 2b4cddf908
dirmngr: Allow for non-URL specified ldap keyservers. 
* dirmngr/server.c (cmd_ldapserver): Strip an optional prefix.
(make_keyserver_item): Handle non-URL ldap specs.
* dirmngr/dirmngr.h (struct ldap_server_s): Add fields starttls,
ldap_over_tls, and ntds.

* dirmngr/ldapserver.c (ldapserver_parse_one): Add for an empty host
string.  Improve error messages for the non-file case.  Support flags.
* dirmngr/ks-action.c (ks_action_help): Handle non-URL ldap specs.
(ks_action_search, ks_action_get, ks_action_put): Ditto.
* dirmngr/ks-engine-ldap.c: Include ldapserver.h.
(ks_ldap_help): Handle non-URL ldap specs.
(my_ldap_connect): Add args r_host and r_use_tls.  Rewrite to support
URLs and non-URL specified keyservers.
(ks_ldap_get): Adjust for changes in my_ldap_connect.
(ks_ldap_search): Ditto.
(ks_ldap_put): Ditto.
--

The idea here is to unify our use of URLS or colon delimited ldap
keyserver specification.  The requirement for percent escaping, for
example the bindname in an URLs, is cumbersome and prone to errors.
This we allow our classic colon delimited format as an alternative.
That format makes it also easy to specify flags to tell dirmngr
whether to use starttls or ldap-over-tls.  The code is nearly 100%
compatible to existing specification.  There is one ambiguity if the
hostname for CRL/X509 searches is just "ldap"; this can be solved by
prefixing it with "ldap:" (already implemented in gpgsm).

GnuPG-bug-id: 5405, 5452
 		2021-05-26 14:48:27 +02:00
..
ChangeLog-2011 Fix spelling. 2017-02-21 13:11:46 -05:00
ChangeLog-2011-ks Remove the obsolete keyserver directory from the repo. 2015-04-20 18:20:45 +02:00
Makefile.am w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
OAUTHORS Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
ONEWS Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
cdb.h Tweaks for gpgconf. 2010-12-14 19:17:58 +00:00
cdblib.c g10, sm, dirmngr, common: Add comment for fall through. 2017-05-10 11:13:12 +09:00
certcache.c w32: Silence a compiler warning in dirmngr.c 2021-04-29 19:45:00 +02:00
certcache.h dirmngr: Use system certs if --hkp-cacert is not used. 2017-09-18 22:49:05 +02:00
crlcache.c common: New functions gnupg_opendir et al. 2020-10-23 11:24:09 +02:00
crlcache.h move some file encodings to UTF-8 2016-09-17 15:57:31 +09:00
crlfetch.c dirmngr: Minor cleanup for better readability. 2020-10-05 17:21:55 +02:00
crlfetch.h dirmngr: Minor cleanup for better readability. 2020-10-05 17:21:55 +02:00
dirmngr-client.c Backport of the new option parser from 2.3 2020-12-04 12:12:20 +01:00
dirmngr-err.h Some work on porting dirmngr (unfinished) 2010-07-16 13:19:45 +00:00
dirmngr-status.h dirmngr: Factor some prototypes out to dirmngr-status.h. 2019-11-18 18:44:30 +01:00
dirmngr-w32info.rc w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
dirmngr.c dirmngr: Fix backport of the new option parser from 2.3 2020-12-18 11:21:18 +01:00
dirmngr.h dirmngr: Allow for non-URL specified ldap keyservers. 2021-05-26 14:48:27 +02:00
dirmngr.w32-manifest.in w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
dirmngr_ldap.c Backport of the new option parser from 2.3 2020-12-04 12:12:20 +01:00
dns-stuff.c dirmngr: Fixed typo in recently added diagnostic. 2019-11-18 18:44:28 +01:00
dns-stuff.h dirmngr: Use IPv4 or IPv6 interface only if available. 2019-11-12 20:31:34 +01:00
dns.c dirmngr: dns: Fix allocation of string buffer in stack. 2020-05-21 14:37:03 +09:00
dns.h dirmngr: dns: Fix allocation of string buffer in stack. 2020-05-21 14:37:03 +09:00
domaininfo.c dirmngr: Improve domaininfo cache update algorithm. 2019-04-02 13:25:48 +02:00
http-common.c dirmngr: Fix commit de6d8313 2017-03-03 17:17:26 +01:00
http-common.h dirmngr: Rearrange files to fix de6d831. 2017-03-02 18:35:03 +01:00
http-ntbtls.c dirmngr: Align the gnutls use of CAs with the ntbtls code. 2020-09-10 11:04:15 +02:00
http.c dirmngr: Support pseudo URI scheme "opaque". 2021-05-26 10:02:49 +02:00
http.h dirmngr: Support pseudo URI scheme "opaque". 2021-05-26 10:02:49 +02:00
ks-action.c dirmngr: Allow for non-URL specified ldap keyservers. 2021-05-26 14:48:27 +02:00
ks-action.h gpg: Lookup a missing public key of the current card via LDAP. 2021-05-03 20:28:33 +02:00
ks-engine-finger.c dirmngr: Implement HTTP connect timeouts of 15 or 2 seconds. 2017-06-08 09:37:36 +02:00
ks-engine-hkp.c dirmngr: Support pseudo URI scheme "opaque". 2021-05-26 10:02:49 +02:00
ks-engine-http.c dirmngr,gpg: Better diagnostic in case of bad TLS certificates. 2019-11-18 18:44:36 +01:00
ks-engine-kdns.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
ks-engine-ldap.c dirmngr: Allow for non-URL specified ldap keyservers. 2021-05-26 14:48:27 +02:00
ks-engine.h dirmngr: Allow redirection from https to http for CRLs 2018-04-25 12:38:04 +02:00
ldap-parse-uri.c dirmngr: Support new gpgNtds parameter in LDAP keyserver URLs. 2021-02-17 17:31:36 +01:00
ldap-parse-uri.h Remove -I option to common. 2017-03-07 20:25:54 +09:00
ldap-url.c dirmngr: Simplify strtok macro. 2014-03-07 19:00:31 +01:00
ldap-url.h Merged Dirmngr with GnuPG. 2010-06-09 16:53:51 +00:00
ldap-wrapper-ce.c dirmngr: Use the LDAP wrapper process also for Windows. 2018-04-27 12:05:31 +02:00
ldap-wrapper.c dirmngr: Sleep in the ldap wrapper thread. 2018-04-30 08:46:03 +02:00
ldap-wrapper.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
ldap.c dirmngr: Minor cleanup for better readability. 2020-10-05 17:21:55 +02:00
ldapserver.c dirmngr: Allow for non-URL specified ldap keyservers. 2021-05-26 14:48:27 +02:00
ldapserver.h dirmngr: Allow for non-URL specified ldap keyservers. 2021-05-26 14:48:27 +02:00
loadswdb.c dirmngr: Allow redirection from https to http for CRLs 2018-04-25 12:38:04 +02:00
misc.c common: Change argument order of log_printhex. 2020-05-12 18:51:47 +02:00
misc.h dirmngr: Rearrange files to fix de6d831. 2017-03-02 18:35:03 +01:00
ocsp.c sm: Support rsaPSS verification also for CMS signatures. 2020-04-15 15:45:34 +02:00
ocsp.h Merged Dirmngr with GnuPG. 2010-06-09 16:53:51 +00:00
server.c dirmngr: Allow for non-URL specified ldap keyservers. 2021-05-26 14:48:27 +02:00
sks-keyservers.netCA.pem dirmngr: Add support for hkps keyservers. 2014-05-05 16:23:37 +02:00
t-dns-stuff.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
t-http-basic.c dirmngr: Avoid possible CSRF attacks via http redirects. 2018-11-23 09:23:26 +01:00
t-http.c dirmngr: Support pseudo URI scheme "opaque". 2021-05-26 10:02:49 +02:00
t-ldap-parse-uri.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-support.c dirmngr: Factor some prototypes out to dirmngr-status.h. 2019-11-18 18:44:30 +01:00
t-support.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
tls-ca.pem Move http module from common/ to dirmngr/. 2015-10-18 20:08:26 +02:00
validate.c sm,dirmngr: Restrict allowed parameters used with rsaPSS. 2020-04-15 15:45:58 +02:00
validate.h dirmngr: Add special treatment for the standard hkps pool to ntbtls. 2017-02-21 14:55:04 +01:00
w32-ldap-help.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
workqueue.c dirmngr: Add a background task framework. 2017-12-11 11:30:45 +01:00