From 3e05f99e8db5c4039d352d5bd9dde01ed9653f2f Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 26 May 2021 19:06:10 +0200 Subject: dirmngr: Use --ldaptimeout for OpenPGP LDAP keyservers. * dirmngr/ks-engine-ldap.c (my_ldap_connect): Use LDAP_OPT_TIMEOUT. * dirmngr/dirmngr.c (main): Move --ldaptimeout setting to ... (parse_rereadable_options): here. -- Note that this has not yet been tested. In fact a test with OpenLDAP using a modified route got stuck in the connection attempt. Maybe it works on Windows - will be tested later. Signed-off-by: Werner Koch (cherry picked from commit 317d5947b84ae2707e46b89fb0d8318c07174e13) --- doc/dirmngr.texi | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'doc/dirmngr.texi') diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi index 516433e11..f3f5637df 100644 --- a/doc/dirmngr.texi +++ b/doc/dirmngr.texi @@ -440,7 +440,7 @@ encoded as Latin-1. There is no other solution here than to put such a password in the binary encoding into the file (i.e. non-ascii characters won't show up readable).@footnote{The @command{gpgconf} tool might be helpful for frontends as it enables editing this configuration file using -percent-escaped strings.}jj +percent-escaped strings.} @item --ldapserver @var{spec} @@ -448,10 +448,12 @@ percent-escaped strings.}jj This is an alternative way to specify LDAP servers for CRL and X.509 certificate retrieval. If this option is used the servers configured in @file{dirmngr_ldapservers.conf} (or the file given by -@option{--ldapserverlist-file}) are cleared. Reloading dirmngr will -consider these again will in no case use those from -@file{dirmngr_ldapservers.conf} again. The @var{spec} is either a -proper LDAP URL or a colon delimited list of the form +@option{--ldapserverlist-file}) are cleared. Note that +@file{dirmngr_ldapservers.conf} is not read again by a reload +signal. However, @option{--ldapserver} options are read again. + +@var{spec} is either a proper LDAP URL or a colon delimited list of +the form @sc{hostname:port:username:password:base_dn:flags:} -- cgit v1.2.3