* gpgkeys_ldap.c (ldap2epochtime): LDAP timestamps are UTC, so do not

correct for timezones. (main): Find the basekeyspacedn before we try to start TLS, so we can give a better error message when a user tries to use TLS with a LDAP keyserver.
author: David Shaw <[email protected]> 2004-02-19 21:32:15 +0000
committer: David Shaw <[email protected]> 2004-02-19 21:32:15 +0000
commit: 7f148010abbe395ee6e4977b628a145f2b2feab1 (patch)
tree: a104930acd7dc74f528288e44fe30dfb312864ab /keyserver/gpgkeys_ldap.c
parent: * configure.ac: Check for ln -s and add GPGKEYS_LDAP conditional, both for (diff)
download: gnupg-7f148010abbe395ee6e4977b628a145f2b2feab1.tar.gz
gnupg-7f148010abbe395ee6e4977b628a145f2b2feab1.zip
1 files changed, 34 insertions, 10 deletions
diff --git a/keyserver/gpgkeys_ldap.c b/keyserver/gpgkeys_ldap.c
index 37c0ffac3..3b418f462 100644
--- a/keyserver/gpgkeys_ldap.c
+++ b/keyserver/gpgkeys_ldap.c
@@ -503,6 +503,7 @@ time_t
 ldap2epochtime(const char *timestr)
 {
   struct tm pgptime;
+  time_t answer;
 
   memset(&pgptime,0,sizeof(pgptime));
 
@@ -520,7 +521,26 @@ ldap2epochtime(const char *timestr)
   pgptime.tm_isdst=-1;
   pgptime.tm_mon--;
 
-  return mktime(&pgptime);
+  /* mktime takes the timezone into account, and we can't have that.
+     I'd use timegm, but it's not portable. */
+
+#ifdef HAVE_TIMEGM
+  answer=timegm(&pgptime);
+#else
+  {
+    char *zone=getenv("TZ");
+    setenv("TZ","UTC",1);
+    tzset();
+    answer=mktime(&pgptime);
+    if(zone)
+      setenv("TZ",zone,1);
+    else
+      unsetenv("TZ");
+    tzset();
+  }
+#endif
+
+  return answer;
 }
 
 void
@@ -1203,11 +1223,19 @@ main(int argc,char *argv[])
 	}
     }
 
+  if((err=find_basekeyspacedn()))
+    {
+      fprintf(console,"gpgkeys: unable to retrieve LDAP base: %s\n",
+	      ldap_err2string(err));
+      fail_all(keylist,action,ldap_err_to_gpg_err(err));
+      goto fail;
+    }
+
   /* use_tls: 0=don't use, 1=try silently to use, 2=try loudly to use,
      3=force use. */
   if(use_tls)
     {
-      if(!real_ldap && use_tls)
+      if(!real_ldap)
       	{
       	  if(use_tls>=2)
 	    fprintf(console,"gpgkeys: unable to start TLS: %s\n",
@@ -1255,6 +1283,10 @@ main(int argc,char *argv[])
 	}
     }
 
+  /* The LDAP keyserver doesn't require this, but it might be useful
+     if someone stores keys on a V2 LDAP server somewhere.  (V3
+     doesn't require a bind). */
+
   err=ldap_simple_bind_s(ldap,NULL,NULL);
   if(err!=0)
     {
@@ -1264,14 +1296,6 @@ main(int argc,char *argv[])
       goto fail;
     }
 
-  if((err=find_basekeyspacedn()))
-    {
-      fprintf(console,"gpgkeys: unable to retrieve LDAP base: %s\n",
-	      ldap_err2string(err));
-      fail_all(keylist,action,ldap_err_to_gpg_err(err));
-      goto fail;
-    }
-
   switch(action)
     {
     case GET:
author	David Shaw <[email protected]>	2004-02-19 21:32:15 +0000
committer	David Shaw <[email protected]>	2004-02-19 21:32:15 +0000
commit	7f148010abbe395ee6e4977b628a145f2b2feab1 (patch)
tree	a104930acd7dc74f528288e44fe30dfb312864ab /keyserver/gpgkeys_ldap.c
parent	* configure.ac: Check for ln -s and add GPGKEYS_LDAP conditional, both for (diff)
download	gnupg-7f148010abbe395ee6e4977b628a145f2b2feab1.tar.gz gnupg-7f148010abbe395ee6e4977b628a145f2b2feab1.zip