Function: smime-cert-by-ldap-1

smime-cert-by-ldap-1 is a byte-compiled function defined in smime.el.gz.

Signature

(smime-cert-by-ldap-1 MAIL HOST)

Documentation

Get certificate for MAIL from the ldap server at HOST.

Source Code

;; Defined in /usr/src/emacs/lisp/gnus/smime.el.gz
(defun smime-cert-by-ldap-1 (mail host)
  "Get certificate for MAIL from the ldap server at HOST."
  (let ((ldapresult
	 (funcall
	  (progn
	    (require 'ldap)
	    'ldap-search)
	  (concat "mail=" mail)
	  host '("userCertificate") nil))
	(retbuf (generate-new-buffer (format "*certificate for %s*" mail)))
        ldapstr
	cert)
    (if (and (consp ldapresult)
             ;; FIXME: This seems to expect a format rather different from
             ;; the list of alists described in ldap.el.
             (setq ldapstr (cadr (caar ldapresult)))
             (> (length ldapstr) 0))
	(with-current-buffer retbuf
	  ;; Certificates on LDAP servers _should_ be in DER format,
	  ;; but there are some servers out there that distributes the
	  ;; certificates in PEM format (with or without
	  ;; header/footer) so we try to handle them anyway.
	  (if (or (string= (substring ldapstr 0 27)
			   "-----BEGIN CERTIFICATE-----")
		  (string= (substring ldapstr 0 3)
			   "MII"))
	      (setq cert
		    (replace-regexp-in-string
		     (concat "\\(\n\\|\r\\|-----BEGIN CERTIFICATE-----\\|"
			     "-----END CERTIFICATE-----\\)")
		     ""
		     ldapstr nil t))
	    (setq cert (base64-encode-string ldapstr t)))
	  (insert "-----BEGIN CERTIFICATE-----\n")
	  (let ((i 0) (len (length cert)))
	    (while (> (- len 64) i)
	      (insert (substring cert i (+ i 64)) "\n")
	      (setq i (+ i 64)))
	    (insert (substring cert i len) "\n"))
	  (insert "-----END CERTIFICATE-----\n"))
      (kill-buffer retbuf)
      (setq retbuf nil))
    retbuf))