aboutsummaryrefslogtreecommitdiffstats
path: root/dirmngr/dirmngr_ldap.c
diff options
context:
space:
mode:
Diffstat (limited to 'dirmngr/dirmngr_ldap.c')
-rw-r--r--dirmngr/dirmngr_ldap.c15
1 files changed, 15 insertions, 0 deletions
diff --git a/dirmngr/dirmngr_ldap.c b/dirmngr/dirmngr_ldap.c
index 9c9fcc508..c6a4dd11f 100644
--- a/dirmngr/dirmngr_ldap.c
+++ b/dirmngr/dirmngr_ldap.c
@@ -92,6 +92,7 @@ enum
oStartTLS,
oLdapTLS,
oNtds,
+ oARecOnly,
oOnlySearchTimeout,
oLogWithPID
};
@@ -109,6 +110,7 @@ static gpgrt_opt_t opts[] = {
{ oStartTLS, "starttls", 0, "use STARTLS for the conenction"},
{ oLdapTLS, "ldaptls", 0, "use a TLS for the connection"},
{ oNtds, "ntds", 0, "authenticate using AD"},
+ { oARecOnly, "areconly", 0, "do only an A record lookup"},
{ oHost, "host", 2, "|NAME|connect to host NAME"},
{ oPort, "port", 1, "|N|connect to port N"},
{ oUser, "user", 2, "|NAME|use NAME for authentication"},
@@ -134,6 +136,7 @@ static struct
int starttls;
int ldaptls;
int ntds;
+ int areconly;
estream_t outstream; /* Send output to this stream. */
@@ -234,6 +237,7 @@ main (int argc, char **argv)
case oStartTLS: opt.starttls = 1; opt.ldaptls = 0; break;
case oLdapTLS: opt.starttls = 0; opt.ldaptls = 1; break;
case oNtds: opt.ntds = 1; break;
+ case oARecOnly: opt.areconly = 1; break;
case oMulti: opt.multi = 1; break;
case oUser: opt.user = pargs.r.ret_str; break;
case oPass: opt.pass = pargs.r.ret_str; break;
@@ -436,6 +440,17 @@ connect_ldap (LDAP **r_ld)
opt.host, opt.port, ldap_err2string (lerr));
goto leave;
}
+ if (opt.areconly)
+ {
+ lerr = ldap_set_option (ld, LDAP_OPT_AREC_EXCLUSIVE, LDAP_OPT_ON);
+ if (lerr != LDAP_SUCCESS)
+ {
+ log_error ("ldap: unable to set AREC_EXLUSIVE: %s\n",
+ ldap_err2string (lerr));
+ err = ldap_err_to_gpg_err (lerr);
+ goto leave;
+ }
+ }
#else /* Unix */
tmpstr = xtryasprintf ("%s://%s:%d",
opt.ldaptls? "ldaps" : "ldap",
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-08 02:07:12 +0000