| Commit message (Collapse) | Author | Files | Lines |
|---|
|
search_key), gpgkeys_http.c (get_key): Do not give informational logs
since this is now done inside gpg.
|
|
function build_info().
|
|
got shrunk due to encoding.
|
|
full DN rather than LDAP_SCOPE_ONELEVEL plus a filter to find the
pgpServerInfo object. Some LDAP setups don't like the search. (main):
Stop binding to the server since it seems no server really requires it,
and some require it not be there.
|
|
with OpenLDAP, but it's practically vital to debug SSL and TLS setups.
Add "basedn" option. This allows users to override the autodetection for
base DN. SSL overrides TLS, so TLS will not be started on SSL connections
(starting an already started car).
|
|
attributes so we can do subkey searches.
* gpgkeys_ldap.c (main): Under certain error conditions, we might try and
unbind twice. Don't.
|
|
we can try a modify operation first, and fail over to an add if that
fails. Add cannot cope with the NULLs at the head of the modify request,
so we jump into the list in the middle.
|
|
connection to the NAI keyserver since we cannot tell if it is a NAI
keyserver until we connect. Fail if we cannot find a base keyspace DN.
Fix a false success message for TLS being enabled.
|
|
(min_automake_version): New.
* LINGUAS: Added all languages we supported in 1.2.5.
Copied all po files from 1.2.5.
* autogen.sh: Updated to the modern version, grepping the required
tool versions from configure.ac.
|
|
available now, since it's a replacement function.
|
|
attributes. This guarantees that if something goes wrong, we won't be
able to complete the transaction, thus leaving any key already existing on
the server intact.
|
|
functionality added. Optional deduping functionality added (currently
only used for pgpSignerID). (build_attrs): Translate sig entries into
pgpSignerID. Properly build the timestamp for pgpKeyCreateTime and
pgpKeyExpireTime.
|
|
with NULL (a "delete" that works even for nonexistant attributes).
(send_key): Use it here to remove attributes so a modify operation starts
with a clean playing field. Bias sends to modify before add, since (I
suspect) people update their existing keys more often than they make and
send new keys to the server.
|
|
(make_one_attr): New. Build a modification list in memory to send to the
LDAP server. (build_attrs): New. Parse INFO lines sent over by gpg.
(free_mod_values): New. Unwinds a modification list.
(send_key_keyserver): Renamed from old send_key(). (send_key): New
function to send a key to a LDAP server. (main): Use send_key() for real
LDAP servers, send_key_keyserver() otherwise.
|
|
(search_key): Catch a SIZELIMIT_EXCEEDED error and show the user whatever
the server did give us. (find_basekeyspacedn): There is no guarantee that
namingContexts will be readable.
* Makefile.am: Link gpgkeys_ldap with libutil.a to get the replacement
functions (and eventually translations, etc).
|
|
correct for timezones. (main): Find the basekeyspacedn before we try to
start TLS, so we can give a better error message when a user tries to use
TLS with a LDAP keyserver.
|
|
gpgkeys_ldap when needed.
* gpgkeys_ldap.c (main): Add support for LDAPS and TLS connections.
These are only useful and usable when talking to real LDAP keyservers.
Add new "tls" option to tune TLS use from off, to try quietly, to try
loudly, or to require TLS.
|
|
kind of LDAP server we're talking to (either real LDAP or the LDAP
keyserver), and return the baseKeySpaceDN to find keys under. (main): Call
it from here, and remove the old code that only handled the LDAP
keyserver.
|
|
is defined before we use it.
* gpgkeys_mailto.in: Fix VERSION number.
|
|
something other than GnuPG is calling the program). (main): Avoid possible
pre-string write. Noted by Christian Biere.
* gpgkeys_ldap.c (main): Avoid possible pre-string write.
|
|
|
|
Also include extern references for optarg and optind since there is no
guarantee that any header file will include them. Standards? We don't
need no stinkin' standards
* Makefile.am: Use @GETOPT@ to pull in libiberty on those platforms that
need it.
|
|
version.
|
|
that was not available when running without verbose on. Noted by Stefan.
|
|
|
|
get_key, search_key): The LDAP keyserver doesn't remove duplicates, so
remove them locally. Do not include the key modification time in the
search response.
|
|
input file that does not include any key data at all.
|
|
protocol and program version.
|
|
(printquoted): Use %-encoding instead of \-encoding. (search_key): Use new
keyserver key listing format.
|
|
case of error.
|
|
each item. (main): Call fail_all from here, as needed. Also add a
NO_MEMORY error in an appropriate place and fix error return code.
(ldap_err_to_gpg_err): Add KEYSERVER_UNREACHABLE.
* gpgkeys_hkp.c (fail_all): New function to unwind a keylist and error
each item. (main): Call fail_all from here. Also add a NO_MEMORY error in
an appropriate place. (get_key): Use new UNREACHABLE error for network
errors.
|
|
* gpgkeys_ldap.c (send_key): Removed non-constant initializers.
|
|
search_key, main): Some minor error reporting enhancements for use with
GPA (show reasons for KEY FAILED).
|
|
using variables as array initializers.
|
|
g10/hkp.c.
* gpgkeys_ldap.c (get_key): Fix cosmetic URL display problem (extra ":" at
the end).
|
|
|
|
string to determine whether to use pgpKey or pgpKeyV2.
|
|
as a URI, but only if verbose.
|
|
unparseable HKP response.
* gpgkeys_hkp.c (main): Warn on honor-http-proxy, broken-http-proxy, and
include-subkeys (not supported yet).
* gpgkeys_ldap.c (main), gpgkeys_hkp.c (http_connect, main): Fix some
shadowing warnings.
|
|
|
