security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity
gnupg/dirmngr
History
Werner Koch a660e10606
dirmngr: For KS_SEARCH return the fingerprint also with LDAP. 
* dirmngr/ks-engine-ldap.c (extract_keys): Return the fingerprint if
available.
(ks_ldap_search): Ditto.
(extract_keys): Make sure to free the ldap values also in corner
cases.
(my_ldap_value_free): New.
(ks_ldap_get): Ditto.
(ks_ldap_search): Ditto.
(my_ldap_connect): Ditto.
--

For background see these comments from gpgme:

/* The output for external keylistings in GnuPG is different from all
   the other key listings.  We catch this here with a special
   preprocessor that reformats the colon handler lines.  */
/* The format is:

   pub:<keyid>:<algo>:<keylen>:<creationdate>:<expirationdate>:<flags>

   as defined in 5.2. Machine Readable Indexes of the OpenPGP
   HTTP Keyserver Protocol (draft).  Modern versions of the SKS
   keyserver return the fingerprint instead of the keyid.  We
   detect this here and use the v4 fingerprint format to convert
   it to a key id.

   We want:
   pub:o<flags>:<keylen>:<algo>:<keyid>:<creatdate>:<expdate>::::::::
*/

Regarding the freeing of values: I was not able to find a
specification stating it is okay to pass NULL to ldap_value_free, thus
the new wrapper.  Also add robustness measures in case ldap_get_value
returns an empty array.

GnuPG-bug-id: 5441
Signed-off-by: Werner Koch <wk@gnupg.org>
 		2021-05-19 18:13:37 +02:00
..
ChangeLog-2011 Fix spelling. 2017-02-21 13:11:46 -05:00
ChangeLog-2011-ks Remove the obsolete keyserver directory from the repo. 2015-04-20 18:20:45 +02:00
Makefile.am build: New configure option --disable-tests 2020-08-20 10:54:17 +02:00
OAUTHORS Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
ONEWS Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
cdb.h headers: fix spelling 2018-10-25 16:53:05 -04:00
cdblib.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
certcache.c w32: Silence a compiler warning in dirmngr.c 2021-03-15 09:50:31 +01:00
certcache.h dirmngr: Use system certs if --hkp-cacert is not used. 2017-09-18 22:49:05 +02:00
crlcache.c common: New functions gnupg_opendir et al. 2020-10-21 17:00:32 +02:00
crlcache.h move some file encodings to UTF-8 2016-09-17 15:57:31 +09:00
crlfetch.c dirmngr: Minor cleanup for better readability. 2020-10-05 17:25:42 +02:00
crlfetch.h dirmngr: Minor cleanup for better readability. 2020-10-05 17:25:42 +02:00
dirmngr-client.c w32: Replace some fopen by es_fopen. 2020-11-11 15:23:22 +01:00
dirmngr-err.h Some work on porting dirmngr (unfinished) 2010-07-16 13:19:45 +00:00
dirmngr-status.h dirmngr: Print a WARNING status for DNS config problems. 2018-07-25 14:35:04 +02:00
dirmngr.c Support log-file option from common.conf for all daemon. 2021-04-20 10:50:10 +02:00
dirmngr.h build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:50:47 +01:00
dirmngr_ldap.c Use gpgrt's new option parser for the remaining daemons. 2020-02-21 21:45:13 +01:00
dns-stuff.c Require Libgcrypt 1.9 2021-01-19 10:33:03 +01:00
dns-stuff.h dirmngr: Use IPv4 or IPv6 interface only if available. 2019-11-12 20:35:12 +01:00
dns.c dns: Fix memory use-after-free. 2020-08-19 15:16:34 +09:00
dns.h dirmngr: dns: Fix allocation of string buffer in stack. 2020-05-20 19:44:38 +09:00
domaininfo.c dirmngr: Improve domaininfo cache update algorithm. 2019-04-02 13:22:32 +02:00
http-common.c dirmngr: Fix commit de6d8313 2017-03-03 17:17:26 +01:00
http-common.h dirmngr: Rearrange files to fix de6d831. 2017-03-02 18:35:03 +01:00
http-ntbtls.c dirmngr: Align the gnutls use of CAs with the ntbtls code. 2020-09-10 10:50:39 +02:00
http.c Replace all calls to access by gnupg_access 2020-10-20 12:15:55 +02:00
http.h dirmngr: Support "ldap:///" for the current AD user. 2020-12-17 18:25:11 +01:00
ks-action.c gpg: Lookup a missing public key of the current card via LDAP. 2021-04-16 20:21:23 +02:00
ks-action.h gpg: Lookup a missing public key of the current card via LDAP. 2021-04-16 20:21:23 +02:00
ks-engine-finger.c dirmngr: Print a WARNING status for DNS config problems. 2018-07-25 14:35:04 +02:00
ks-engine-hkp.c Require Libgcrypt 1.9 2021-01-19 10:33:03 +01:00
ks-engine-http.c dirmngr,gpg: Better diagnostic in case of bad TLS certificates. 2019-11-18 18:26:55 +01:00
ks-engine-kdns.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
ks-engine-ldap.c dirmngr: For KS_SEARCH return the fingerprint also with LDAP. 2021-05-19 18:13:37 +02:00
ks-engine.h dirmngr: Allow redirection from https to http for CRLs 2018-04-25 12:38:04 +02:00
ldap-parse-uri.c dirmngr: Support new gpgNtds parameter in LDAP keyserver URLs. 2021-02-17 17:40:02 +01:00
ldap-parse-uri.h Remove -I option to common. 2017-03-07 20:25:54 +09:00
ldap-url.c dirmngr: Simplify strtok macro. 2014-03-07 19:00:31 +01:00
ldap-url.h Merged Dirmngr with GnuPG. 2010-06-09 16:53:51 +00:00
ldap-wrapper.c Spelling cleanup. 2020-02-18 18:07:46 -05:00
ldap-wrapper.h dirmngr: Remove cruft from dirmngr_ldap 2019-11-11 20:49:04 +01:00
ldap.c dirmngr: Minor cleanup for better readability. 2020-10-05 17:25:42 +02:00
ldapserver.c gpgsm: Allow sepcification of ldaps servers. 2019-11-09 11:29:59 +01:00
ldapserver.h dirmngr: Rename an enum value for clarity. 2019-11-11 09:45:01 +01:00
loadswdb.c common,agent,dirmngr,g10,tools: Fix split_fields API. 2020-09-18 10:20:23 +09:00
misc.c dirmngr: Fix LDAP port parsing. 2018-11-05 09:00:02 +01:00
misc.h dirmngr: Rearrange files to fix de6d831. 2017-03-02 18:35:03 +01:00
ocsp.c sm: Support rsaPSS verification also for CMS signatures. 2020-04-14 15:46:04 +02:00
ocsp.h Merged Dirmngr with GnuPG. 2010-06-09 16:53:51 +00:00
server.c gpg: Lookup a missing public key of the current card via LDAP. 2021-04-16 20:21:23 +02:00
sks-keyservers.netCA.pem dirmngr: Add support for hkps keyservers. 2014-05-05 16:23:37 +02:00
t-dns-stuff.c dirmngr: Print a WARNING status for DNS config problems. 2018-07-25 14:35:04 +02:00
t-http-basic.c dirmngr: Avoid possible CSRF attacks via http redirects. 2018-11-22 22:36:07 +01:00
t-http.c dirmngr: Rework of the LDAP code, part 1. 2019-11-26 13:09:35 +01:00
t-ldap-parse-uri.c dirmngr: Rework of the LDAP code, part 1. 2019-11-26 13:09:35 +01:00
t-support.c dirmngr: Print a WARNING status for DNS config problems. 2018-07-25 14:35:04 +02:00
t-support.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
tls-ca.pem Move http module from common/ to dirmngr/. 2015-10-18 20:08:26 +02:00
validate.c sm,dirmngr: Restrict allowed parameters used with rsaPSS. 2020-04-15 11:06:59 +02:00
validate.h dirmngr: Add special treatment for the standard hkps pool to ntbtls. 2017-02-21 14:55:04 +01:00
w32-ldap-help.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
workqueue.c Spelling cleanup. 2020-02-18 18:07:46 -05:00