enabling the ldap keyserver plugin on HP-UX
David Shaw
dshaw at jabberwocky.com
Mon Sep 9 07:50:01 CEST 2002
On Sat, Sep 07, 2002 at 07:29:04AM -0700, David Ellement wrote:
> On 020906, at 16:58:53, David Shaw wrote
> > On Fri, Sep 06, 2002 at 11:20:15AM -0700, David Ellement wrote:
> > > On 020906, at 06:44:31, David Shaw wrote
> > > > On Wed, Sep 04, 2002 at 09:44:52PM -0700, David Ellement wrote:
> > > > > So I assume I have a bad compile of one of openssl, openldap, or
> > > > > gpgkeys_ldap.
> > > >
> > > > Intesting. Let's check OpenLDAP sanity. What happens if you do:
> > > >
> > > > ldapsearch -h 64.94.85.200 -x -P2 '(pgpkeyid=394D0EC8)'
> > >
> > > That appears to work:
> >
> > Good, we're narrowing it down. Let's try gpgkeys_ldap next. I've
> > attached a file. Please run it like this:
> >
> > gpgkeys_ldap -o output.txt ldaptest.txt
> >
> > Let me know what happens, and if anything useful appears in output.txt
> > or on the console. Also: what version of OpenLDAP are you using, and
> > what configure options did you use when you built it?
>
>
> I'm beginning to understand what is going on. To pierce our firewall, I
> have to "socksify" some applications. I had built a "socksified"
> version of OpenLDAP (2.1.3 for hpux from hpux.cs.utah.edu), but I hadn't
> done that gpgkeys_ldap.
Aha :)
[..]
> Things are beginning to appear to work. However, while this works:
>
> gpg --keyserver ldap://64.94.85.200 --recv-keys 0xB2D7795E
>
> if I try:
>
> gpg --keyserver ldap://pgp.surfnet.nl:11370 --recv-keys 0xB2D7795E
>
> I still get the LDAP bind error.
Hmm. Try:
gpg --keyserver ldap://194.171.167.2:11370 --recv-keys 0xB2D7795E
If that works, then I suspect some issue with the resolver library
(194.171.167.2 == pgp.surfnet.nl). If that doesn't work, I suspect
some issue with the surfnet keyserver running on a nonstandard LDAP
port (standard LDAP is 389). Does your firewall allow 389 but not
11370?
David
--
David Shaw | dshaw at jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson
More information about the Gnupg-devel
mailing list