| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
| |
can contain replacement files that can be linked to keyserver helpers
without bringing in the whole libutil.a. libutil.a contains a complete
copy of libcompat.a so we only need to link to one of them.
|
| |
|
|
|
|
| |
ksutil.h: Remove the need for strcasecmp as the field tags are always
lowercase.
|
| | |
|
| |
|
|
|
|
| |
send_key_keyserver): Improved version of previous fix. Force match on
spaces in string.
|
| |
|
|
|
|
| |
Fix string matching problem when the ascii armored form of the key happens
to match "KEY" at the beginning of the line.
|
| |
|
|
|
| |
encoding of characters > 127. Noted by Nalin Dahyabhai.
|
| |
|
|
|
| |
directly into place rather than mallocing temporary buffers.
|
| |
|
|
|
| |
using sprintf which is harder to read and modify.
|
| |
|
|
|
|
|
|
| |
and KS_SEARCH_KEYID_LONG to search for a key ID.
* gpgkeys_ldap.c (search_key): Use it here to flip from pgpUserID
searches to pgpKeyID or pgpCertID.
|
| |
|
|
|
| |
the regular old API that is compatible with other LDAP libraries.
|
| |
|
|
|
| |
libraries that have TLS.
|
| |
|
|
|
| |
duplicate attributes as OpenLDAP is now enforcing this.
|
| |
|
|
|
| |
credentials to a remote LDAP server.
|
| |
|
|
|
|
| |
* gpgkeys_hkp.c (main, get_name), gpgkeys_ldap.c (main, get_name): Use it
here to do direct name (rather than key ID) fetches.
|
| |
|
|
|
|
|
|
|
| |
exact-email. (classify_ks_search): Mimic the gpg search modes instead
with *, =, <, and @.
* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Call them
here. Suggested by Jason Harris.
|
| |
|
|
|
|
|
|
| |
The last of exact-name and exact-email overrides the earlier.
* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it here to
do a name-only search.
|
| |
|
|
|
|
| |
* gpgkeys_ldap.c (search_key): Use it here to escape reserved characters
in searches.
|
| |
|
|
|
|
|
|
| |
exact-email.
* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it here
to do an email-only search.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
gpgkeys_ldap.c. Print a string, but strip out any CRs.
* gpgkeys_finger.c (get_key), gpgkeys_hkp.c (get_key), gpgkeys_http.c
(get_key): Use it here when outputting key material to canonicalize
line endings.
|
| |
|
|
|
| |
by Stefan Bellon.
|
| |
|
|
|
|
|
|
| |
parse_ks_options and remove a lot of common code.
* ksutil.h, ksutil.c (parse_ks_options): Parse OPAQUE, and default
debug with no arguments to 1.
|
| | |
|
| |
|
|
|
|
| |
* curl-shim.h, gpgkeys_curl.c (main), gpgkeys_ldap.c (main): Add
ca-cert-file option, to pass in the SSL cert.
|
| |
|
|
|
|
|
|
|
| |
canonicalize line endings.
* gpgkeys_curl.c (writer): Discard everything outside the BEGIN and
END lines when retrieving keys. Canonicalize line endings. (main):
Accept FTPS.
|
| |
|
|
|
|
|
|
|
| |
certificate checking (which is on by default).
* gpgkeys_curl.c (main): Add "debug" option to match the LDAP helper.
Add "check-cert" option to disable SSL certificate checking (which is
on by default).
|
| |
|
|
|
|
| |
gpgkeys_finger.c, gpgkeys_http.c: Part 2 of the cleanup. Move all the
various defines to ksutil.h.
|
| |
|
|
|
| |
of a minor cleanup to use #defines instead of hard-coded sizes.
|
| |
|
|
|
|
|
|
|
|
| |
numeric value for the maximum number of redirects to allow. Defaults to
5.
* gpgkeys_curl.c (main), gpgkeys_finger.c (main), gpgkeys_hkp.c (main),
gpgkeys_http.c (main), gpgkeys_ldap.c (main): Make sure that a "timeout"
option passed with no arguments is properly handled.
|
| |
|
|
|
|
|
|
|
| |
GNU options. Factored help printing out.
* gpgkeys_finger.c (main, show_help): Ditto.
* gpgkeys_hkp.c (main, show_help): Ditto.
* gpgkeys_http.c (main, show_help): Ditto.
* gpgkeys_test.in, gpgkeys_mailto.in: Implement --version and --help.
|
| |
|
|
|
|
|
|
| |
gpgkeys_finger.c (main): Call timeout functions before performing an
action that could block for a long time.
* ksutil.h, ksutil.c: New. Right now just contains timeout functions.
|
| |
|
|
|
| |
few occurances of "filename" to `filename'.
|
| |
|
|
|
|
| |
search_key), gpgkeys_http.c (get_key): Do not give informational logs
since this is now done inside gpg.
|
| |
|
|
|
| |
function build_info().
|
| |
|
|
|
| |
got shrunk due to encoding.
|
| |
|
|
|
|
|
|
| |
full DN rather than LDAP_SCOPE_ONELEVEL plus a filter to find the
pgpServerInfo object. Some LDAP setups don't like the search. (main):
Stop binding to the server since it seems no server really requires it,
and some require it not be there.
|
| |
|
|
|
|
|
|
| |
with OpenLDAP, but it's practically vital to debug SSL and TLS setups.
Add "basedn" option. This allows users to override the autodetection for
base DN. SSL overrides TLS, so TLS will not be started on SSL connections
(starting an already started car).
|
| |
|
|
|
|
|
|
| |
attributes so we can do subkey searches.
* gpgkeys_ldap.c (main): Under certain error conditions, we might try and
unbind twice. Don't.
|
| |
|
|
|
|
|
| |
we can try a modify operation first, and fail over to an add if that
fails. Add cannot cope with the NULLs at the head of the modify request,
so we jump into the list in the middle.
|
| |
|
|
|
|
|
| |
connection to the NAI keyserver since we cannot tell if it is a NAI
keyserver until we connect. Fail if we cannot find a base keyspace DN.
Fix a false success message for TLS being enabled.
|
| |
|
|
|
|
|
|
|
|
|
| |
(min_automake_version): New.
* LINGUAS: Added all languages we supported in 1.2.5.
Copied all po files from 1.2.5.
* autogen.sh: Updated to the modern version, grepping the required
tool versions from configure.ac.
|
| |
|
|
|
| |
available now, since it's a replacement function.
|
| |
|
|
|
|
|
| |
attributes. This guarantees that if something goes wrong, we won't be
able to complete the transaction, thus leaving any key already existing on
the server intact.
|
| |
|
|
|
|
|
|
| |
functionality added. Optional deduping functionality added (currently
only used for pgpSignerID). (build_attrs): Translate sig entries into
pgpSignerID. Properly build the timestamp for pgpKeyCreateTime and
pgpKeyExpireTime.
|
| |
|
|
|
|
|
|
|
| |
with NULL (a "delete" that works even for nonexistant attributes).
(send_key): Use it here to remove attributes so a modify operation starts
with a clean playing field. Bias sends to modify before add, since (I
suspect) people update their existing keys more often than they make and
send new keys to the server.
|
| |
|
|
|
|
|
|
|
|
| |
(make_one_attr): New. Build a modification list in memory to send to the
LDAP server. (build_attrs): New. Parse INFO lines sent over by gpg.
(free_mod_values): New. Unwinds a modification list.
(send_key_keyserver): Renamed from old send_key(). (send_key): New
function to send a key to a LDAP server. (main): Use send_key() for real
LDAP servers, send_key_keyserver() otherwise.
|
| |
|
|
|
|
|
|
|
|
| |
(search_key): Catch a SIZELIMIT_EXCEEDED error and show the user whatever
the server did give us. (find_basekeyspacedn): There is no guarantee that
namingContexts will be readable.
* Makefile.am: Link gpgkeys_ldap with libutil.a to get the replacement
functions (and eventually translations, etc).
|
| |
|
|
|
|
|
| |
correct for timezones. (main): Find the basekeyspacedn before we try to
start TLS, so we can give a better error message when a user tries to use
TLS with a LDAP keyserver.
|
| |
|
|
|
|
|
|
|
|
| |
gpgkeys_ldap when needed.
* gpgkeys_ldap.c (main): Add support for LDAPS and TLS connections.
These are only useful and usable when talking to real LDAP keyservers.
Add new "tls" option to tune TLS use from off, to try quietly, to try
loudly, or to require TLS.
|
