[Pkg-gnupg-commit] [gnupg2] 85/102: dirmngr: Try ldap protocol V3 as fallback

[Daniel Kahn Gillmor]

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch experimental
in repository gnupg2.

commit f989b6ee0db96c36f13f093cbbcfd1d5b472d03c
Author: Andre Heinecke <aheinecke at intevation.de>
Date:   Tue Jun 14 19:22:52 2016 +0200

    dirmngr: Try ldap protocol V3 as fallback
    
    * dirmngr/dirmngr_ldap.c (fetch_ldap): Try V3 Protocol in case
    default Protocol gives error.
    
    --
    Servers may have blocked V2 Protocol, in which case the
    bind will result in a Protocol Error. In that case we try
    again with v3 Protocol if the ldap libarary used to compile
    dirmngr supports V3.
    
    Signed-off-by: Andre Heinecke <aheinecke at intevation.de>
---
 dirmngr/dirmngr_ldap.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/dirmngr/dirmngr_ldap.c b/dirmngr/dirmngr_ldap.c
index a31b14a..9e12f88 100644
--- a/dirmngr/dirmngr_ldap.c
+++ b/dirmngr/dirmngr_ldap.c
@@ -641,6 +641,18 @@ fetch_ldap (my_opt_t myopt, const char *url, const LDAPURLDesc *ludp)
   /* Fixme:  Can we use MYOPT->user or is it shared with other theeads?.  */
   ret = my_ldap_simple_bind_s (ld, myopt->user, myopt->pass);
   npth_protect ();
+#ifdef LDAP_VERSION3
+  if (ret == LDAP_PROTOCOL_ERROR)
+    {
+      int version = LDAP_VERSION3;
+      /* Protocol error could mean that the server only supports v3 */
+      npth_unprotect ();
+      log_debug ("Protocol error, retrying bind with V3 Protocol. \n");
+      ldap_set_option (ld, LDAP_OPT_PROTOCOL_VERSION, &version);
+      ret = my_ldap_simple_bind_s (ld, myopt->user, myopt->pass);
+      npth_protect ();
+    }
+#endif
   if (ret)
     {
       log_error (_("binding to '%s:%d' failed: %s\n"),

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git