Home GnuPG
Diffusion GnuPG cef53c875683

dirmngr: Allow the use of an ntds like schema on OpenLDAP et al.
cef53c875683
Actions

Description

dirmngr: Allow the use of an ntds like schema on OpenLDAP et al.

* dirmngr/ks-engine-ldap.c (SERVERINFO_CNFPR): New.  Replace all
SERVERINFO_NTDS with this one.
(interrogate_ldap_dn): Parse "cnfpr" flag and set SERVERINFO_CNFPR.
Set this flag also for "ntds".
* doc/ldap/gnupg-ldap-init.ldif (pgpVersion): Suggest the use of the
"cnfpr" flag.

Note that SERVERINFO_NTDS is currently not anymore used directly but
we keep it in case we need to do other NTDS specific things in the
future.

The advantage of using a fingerprint for referencing a key is that
there won't be any collisions in the keyid. Further this unifies the
schema with an LDS (Windows) installation where DNs must anyway be
unique. But take care the client needs to support this new flag.

Backported-from-master: 4061b34ef31e467870c01c9263b07fe5a76b9a45

Details

Provenance
wernerAuthored on Mon, Aug 4, 6:10 PM
Parents
rG7f5195530127: dirmngr: Implement command KS_DEL for ldap servers.
Branches
Unknown
Tags
Unknown
References
STABLE-BRANCH-2-2
Tasks
T7742: Extend the LDAP scheme for non-NTDS installations

Changes (1)

PathSize
dirmngr/

rGcef53c875683

View Options

dirmngr/ks-engine-ldap.c

Loading...