Ported changes from 1.4.

Add copyright notices.

2 files changed, 30 insertions, 9 deletions

diff --git a/keyserver/ChangeLog b/keyserver/ChangeLog
index 62c29d77a..c111aa52e 100644
--- a/keyserver/ChangeLog
+++ b/keyserver/ChangeLog
@@ -1,3 +1,15 @@
+2007-10-25  David Shaw  <dshaw@jabberwocky.com>  (wk)
+
+	From 1.4 (July):
+	
+	* gpgkeys_ldap.c (main): Fix bug in setting up whether to verify
+	peer SSL cert.  This used to work with older OpenLDAP, but is now
+	more strictly handled.
+
+	* gpgkeys_ldap.c (search_key, main): Fix bug where searching for
+	foo bar (no quotes) on the command line resulted in searching for
+	"foo\2Abar" due to LDAP quoting.  The proper search is "foo*bar".
+
 2007-06-11  Werner Koch  <wk@g10code.com>
 
 	* gpgkeys_hkp.c (send_key): Rename eof to r_eof as some Windows
@@ -1208,8 +1220,8 @@
 	gpgkeys_mailto (email keyserver helper)
 
 
- Copyright 1998, 1999, 2000, 2001, 2002, 2003,
-	   2004 Free Software Foundation, Inc.
+ Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
+	   2007 Free Software Foundation, Inc.
 
  This file is free software; as a special exception the author gives
  unlimited permission to copy and/or distribute it, with or without
diff --git a/keyserver/gpgkeys_ldap.c b/keyserver/gpgkeys_ldap.c
index df107ff9c..0186ce575 100644
--- a/keyserver/gpgkeys_ldap.c
+++ b/keyserver/gpgkeys_ldap.c
@@ -1,5 +1,6 @@
 /* gpgkeys_ldap.c - talk to a LDAP keyserver
- * Copyright (C) 2001, 2002, 2004, 2005, 2006 Free Software Foundation, Inc.
+ * Copyright (C) 2001, 2002, 2004, 2005, 2006
+ *               2007  Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -1288,18 +1289,25 @@ printquoted(FILE *stream,char *string,char delim)
 static int
 search_key(const char *searchkey)
 {
-  char **vals;
+  char **vals,*search;
   LDAPMessage *res,*each;
   int err,count=0;
   struct keylist *dupelist=NULL;
   /* The maximum size of the search, including the optional stuff and
      the trailing \0 */
-  char search[2+1+9+1+3+(MAX_LINE*3)+3+1+15+14+1+1+20];
   char *attrs[]={"pgpcertid","pgpuserid","pgprevoked","pgpdisabled",
 		 "pgpkeycreatetime","pgpkeyexpiretime","modifytimestamp",
 		 "pgpkeysize","pgpkeytype",NULL};
   enum ks_search_type search_type;
 
+  search=malloc(2+1+9+1+3+strlen(searchkey)+3+1+15+14+1+1+20);
+  if(!search)
+    {
+      fprintf(console,"gpgkeys: out of memory when building search list\n");
+      fprintf(output,"SEARCH %s FAILED %d\n",searchkey,KEYSERVER_NO_MEMORY);
+      return KEYSERVER_NO_MEMORY;
+    }
+
   fprintf(output,"SEARCH %s BEGIN\n",searchkey);
 
   search_type=classify_ks_search(&searchkey);
@@ -1354,7 +1362,7 @@ search_key(const char *searchkey)
       break;
     }
 
-  ldap_quote(search,searchkey);
+  strcat(search,searchkey);
 
   switch(search_type)
     {
@@ -1392,6 +1400,7 @@ search_key(const char *searchkey)
 
   err=ldap_search_s(ldap,basekeyspacedn,
 		    LDAP_SCOPE_SUBTREE,search,attrs,0,&res);
+  free(search);
   if(err!=LDAP_SUCCESS && err!=LDAP_SIZELIMIT_EXCEEDED)
     {
       int errtag=ldap_err_to_gpg_err(err);
@@ -2172,7 +2181,7 @@ main(int argc,char *argv[])
 	      else
 		ver=LDAP_OPT_X_TLS_NEVER;
 
-	      err=ldap_set_option(ldap,LDAP_OPT_X_TLS_REQUIRE_CERT,&ver);
+	      err=ldap_set_option(NULL,LDAP_OPT_X_TLS_REQUIRE_CERT,&ver);
 	    }
 #endif
 
@@ -2308,7 +2317,7 @@ main(int argc,char *argv[])
 	  keyptr=keyptr->next;
 	}
 
-      searchkey=malloc(len+1);
+      searchkey=malloc((len*3)+1);
       if(searchkey==NULL)
 	{
 	  ret=KEYSERVER_NO_MEMORY;
@@ -2321,7 +2330,7 @@ main(int argc,char *argv[])
       keyptr=keylist;
       while(keyptr!=NULL)
 	{
-	  strcat(searchkey,keyptr->str);
+	  ldap_quote(searchkey,keyptr->str);
 	  strcat(searchkey,"*");
 	  keyptr=keyptr->next;
 	}