[git] GnuPG - branch, master, updated. gnupg-2.1.12-86-gb7e3dfc

by Werner Koch cvs at cvs.gnupg.org
Tue Jun 14 20:53:17 CEST 2016 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  b7e3dfcf139284d30921cf44e7bab43d4244cc37 (commit)
       via  f989b6ee0db96c36f13f093cbbcfd1d5b472d03c (commit)
      from  5faddcb2927a997e05fb34eb270982096d1fe3a4 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit b7e3dfcf139284d30921cf44e7bab43d4244cc37
Author: Werner Koch <wk at gnupg.org>
Date:   Tue Jun 14 20:51:22 2016 +0200

    ldap: Improve info output for v3 fallback
    
    * dirmngr/dirmngr_ldap.c (fetch_ldap): Do not use log_debug in an
    unprotected section.  Replace log_debug by log_info in verbose mode.
    --
    
    GnuPG-bug-id: 2376

diff --git a/dirmngr/dirmngr_ldap.c b/dirmngr/dirmngr_ldap.c
index 9e12f88..c5702b1 100644
--- a/dirmngr/dirmngr_ldap.c
+++ b/dirmngr/dirmngr_ldap.c
@@ -644,10 +644,11 @@ fetch_ldap (my_opt_t myopt, const char *url, const LDAPURLDesc *ludp)
 #ifdef LDAP_VERSION3
   if (ret == LDAP_PROTOCOL_ERROR)
     {
+      /* Protocol error could mean that the server only supports v3. */
       int version = LDAP_VERSION3;
-      /* Protocol error could mean that the server only supports v3 */
+      if (myopt->verbose)
+        log_info ("protocol error; retrying bind with v3 protocol\n");
       npth_unprotect ();
-      log_debug ("Protocol error, retrying bind with V3 Protocol. \n");
       ldap_set_option (ld, LDAP_OPT_PROTOCOL_VERSION, &version);
       ret = my_ldap_simple_bind_s (ld, myopt->user, myopt->pass);
       npth_protect ();

commit f989b6ee0db96c36f13f093cbbcfd1d5b472d03c
Author: Andre Heinecke <aheinecke at intevation.de>
Date:   Tue Jun 14 19:22:52 2016 +0200

    dirmngr: Try ldap protocol V3 as fallback
    
    * dirmngr/dirmngr_ldap.c (fetch_ldap): Try V3 Protocol in case
    default Protocol gives error.
    
    --
    Servers may have blocked V2 Protocol, in which case the
    bind will result in a Protocol Error. In that case we try
    again with v3 Protocol if the ldap libarary used to compile
    dirmngr supports V3.
    
    Signed-off-by: Andre Heinecke <aheinecke at intevation.de>

diff --git a/dirmngr/dirmngr_ldap.c b/dirmngr/dirmngr_ldap.c
index a31b14a..9e12f88 100644
--- a/dirmngr/dirmngr_ldap.c
+++ b/dirmngr/dirmngr_ldap.c
@@ -641,6 +641,18 @@ fetch_ldap (my_opt_t myopt, const char *url, const LDAPURLDesc *ludp)
   /* Fixme:  Can we use MYOPT->user or is it shared with other theeads?.  */
   ret = my_ldap_simple_bind_s (ld, myopt->user, myopt->pass);
   npth_protect ();
+#ifdef LDAP_VERSION3
+  if (ret == LDAP_PROTOCOL_ERROR)
+    {
+      int version = LDAP_VERSION3;
+      /* Protocol error could mean that the server only supports v3 */
+      npth_unprotect ();
+      log_debug ("Protocol error, retrying bind with V3 Protocol. \n");
+      ldap_set_option (ld, LDAP_OPT_PROTOCOL_VERSION, &version);
+      ret = my_ldap_simple_bind_s (ld, myopt->user, myopt->pass);
+      npth_protect ();
+    }
+#endif
   if (ret)
     {
       log_error (_("binding to '%s:%d' failed: %s\n"),

-----------------------------------------------------------------------

Summary of changes:
 dirmngr/dirmngr_ldap.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list