diff options
| author | Werner Koch <[email protected]> | 2022-09-28 07:43:25 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2022-09-28 07:55:15 +0000 |
| commit | d65a0335e5cb947dc527d62eccf7c2a3cdbcc788 (patch) | |
| tree | 2ecd32e007a031686f9eeea9e6eca819c13e7d40 /dirmngr/dirmngr_ldap.c | |
| parent | dirmngr: Support gpgMailbox for mode MAILSUB and MAILEND. (diff) | |
| download | gnupg-d65a0335e5cb947dc527d62eccf7c2a3cdbcc788.tar.gz gnupg-d65a0335e5cb947dc527d62eccf7c2a3cdbcc788.zip | |
dirmngr: New server flag "areconly" (A-record-only)
* dirmngr/dirmngr.h (struct ldap_server_s): Add field areconly.
* dirmngr/ldapserver.c (ldapserver_parse_one): Parse "areconly"
* dirmngr/ks-engine-ldap.c (my_ldap_connect): Implement this flag.
* dirmngr/dirmngr_ldap.c: Add option --areconly
(connect_ldap): Implement option.
* dirmngr/ldap.c (run_ldap_wrapper): Add and pass that option.
--
This flag is used to pass the Windows specific option
LDAP_OPT_AREC_EXCLUSIVE. It is ignored on other systems.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'dirmngr/dirmngr_ldap.c')
| -rw-r--r-- | dirmngr/dirmngr_ldap.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/dirmngr/dirmngr_ldap.c b/dirmngr/dirmngr_ldap.c index 9c9fcc508..c6a4dd11f 100644 --- a/dirmngr/dirmngr_ldap.c +++ b/dirmngr/dirmngr_ldap.c @@ -92,6 +92,7 @@ enum oStartTLS, oLdapTLS, oNtds, + oARecOnly, oOnlySearchTimeout, oLogWithPID }; @@ -109,6 +110,7 @@ static gpgrt_opt_t opts[] = { { oStartTLS, "starttls", 0, "use STARTLS for the conenction"}, { oLdapTLS, "ldaptls", 0, "use a TLS for the connection"}, { oNtds, "ntds", 0, "authenticate using AD"}, + { oARecOnly, "areconly", 0, "do only an A record lookup"}, { oHost, "host", 2, "|NAME|connect to host NAME"}, { oPort, "port", 1, "|N|connect to port N"}, { oUser, "user", 2, "|NAME|use NAME for authentication"}, @@ -134,6 +136,7 @@ static struct int starttls; int ldaptls; int ntds; + int areconly; estream_t outstream; /* Send output to this stream. */ @@ -234,6 +237,7 @@ main (int argc, char **argv) case oStartTLS: opt.starttls = 1; opt.ldaptls = 0; break; case oLdapTLS: opt.starttls = 0; opt.ldaptls = 1; break; case oNtds: opt.ntds = 1; break; + case oARecOnly: opt.areconly = 1; break; case oMulti: opt.multi = 1; break; case oUser: opt.user = pargs.r.ret_str; break; case oPass: opt.pass = pargs.r.ret_str; break; @@ -436,6 +440,17 @@ connect_ldap (LDAP **r_ld) opt.host, opt.port, ldap_err2string (lerr)); goto leave; } + if (opt.areconly) + { + lerr = ldap_set_option (ld, LDAP_OPT_AREC_EXCLUSIVE, LDAP_OPT_ON); + if (lerr != LDAP_SUCCESS) + { + log_error ("ldap: unable to set AREC_EXLUSIVE: %s\n", + ldap_err2string (lerr)); + err = ldap_err_to_gpg_err (lerr); + goto leave; + } + } #else /* Unix */ tmpstr = xtryasprintf ("%s://%s:%d", opt.ldaptls? "ldaps" : "ldap", |