aboutsummaryrefslogtreecommitdiffstats
path: root/dirmngr/ks-engine-ldap.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--dirmngr/ks-engine-ldap.c14
1 files changed, 9 insertions, 5 deletions
diff --git a/dirmngr/ks-engine-ldap.c b/dirmngr/ks-engine-ldap.c
index 9bb604707..789f9706b 100644
--- a/dirmngr/ks-engine-ldap.c
+++ b/dirmngr/ks-engine-ldap.c
@@ -54,6 +54,7 @@
#define SERVERINFO_SCHEMAV2 4 /* Version 2 of the Schema. */
#define SERVERINFO_NTDS 8 /* Server is an Active Directory. */
#define SERVERINFO_GENERIC 16 /* Connected in generic mode. */
+#define SERVERINFO_CNFPR 32 /* Server uses CN=fingerprint. */
/* The page size requested from the server. */
@@ -648,7 +649,10 @@ interrogate_ldap_dn (LDAP *ldap_conn, const char *basedn_search,
*r_serverinfo |= SERVERINFO_SCHEMAV2;
if (nfields > 1
&& !ascii_strcasecmp (fields[1], "ntds"))
- *r_serverinfo |= SERVERINFO_NTDS;
+ *r_serverinfo |= (SERVERINFO_NTDS|SERVERINFO_CNFPR);
+ else if (nfields > 1
+ && !ascii_strcasecmp (fields[1], "cnfpr"))
+ *r_serverinfo |= SERVERINFO_CNFPR;
}
}
my_ldap_value_free (vals);
@@ -2978,7 +2982,7 @@ ks_ldap_put (ctrl_t ctrl, parsed_uri_t uri,
char **attrval;
char *dn;
- if ((serverinfo & SERVERINFO_NTDS))
+ if ((serverinfo & SERVERINFO_CNFPR))
{
/* The modern way using a CN RDN with the fingerprint. This
* has the advantage that we won't have duplicate 64 bit
@@ -3101,12 +3105,12 @@ ks_ldap_del (ctrl_t ctrl, parsed_uri_t uri, strlist_t fprlist)
if (opt.verbose)
log_info ("%s: Using DN: %s,%s\n", __func__,
- (serverinfo & SERVERINFO_NTDS)? "CN=<fingerprint>"
- /* */ : "pgpCertID=<keyid>",
+ (serverinfo & SERVERINFO_CNFPR)? "CN=<fingerprint>"
+ /* */ : "pgpCertID=<keyid>",
basedn);
for (fpr = fprlist; fpr; fpr = fpr->next)
{
- if ((serverinfo & SERVERINFO_NTDS))
+ if ((serverinfo & SERVERINFO_CNFPR))
{
xfree (dn);
dn = xtryasprintf ("CN=%s,%s", fpr->d, basedn);
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-06 04:28:51 +0000