Home GnuPG
Diffusion GnuPG a660e1060630

dirmngr: For KS_SEARCH return the fingerprint also with LDAP.

Description

dirmngr: For KS_SEARCH return the fingerprint also with LDAP.

* dirmngr/ks-engine-ldap.c (extract_keys): Return the fingerprint if
available.
(ks_ldap_search): Ditto.
(extract_keys): Make sure to free the ldap values also in corner
cases.
(my_ldap_value_free): New.
(ks_ldap_get): Ditto.
(ks_ldap_search): Ditto.
(my_ldap_connect): Ditto.

For background see these comments from gpgme:

/* The output for external keylistings in GnuPG is different from all

the other key listings.  We catch this here with a special
preprocessor that reformats the colon handler lines.  */

/* The format is:

pub:<keyid>:<algo>:<keylen>:<creationdate>:<expirationdate>:<flags>

as defined in 5.2. Machine Readable Indexes of the OpenPGP
HTTP Keyserver Protocol (draft).  Modern versions of the SKS
keyserver return the fingerprint instead of the keyid.  We
detect this here and use the v4 fingerprint format to convert
it to a key id.

We want:
pub:o<flags>:<keylen>:<algo>:<keyid>:<creatdate>:<expdate>::::::::

*/

Regarding the freeing of values: I was not able to find a
specification stating it is okay to pass NULL to ldap_value_free, thus
the new wrapper. Also add robustness measures in case ldap_get_value
returns an empty array.

  • GnuPG-bug-id: T5441
  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance
wernerAuthored on May 19 2021, 5:18 PM
Parents
rG40da61b89b62: gpg: Improve speed of secret key listing.
Branches
Unknown
Tags
Unknown
Tasks
T5441: Kleopatra: LDAP Search only shows one key