Fwd: using gnupg with a secure ldap (ldaps) keyserver

Sanchez the Cactus sanchezthecactus at yahoo.com
Wed Jul 28 01:07:50 CEST 2004


--- David Shaw <dshaw at jabberwocky.com> wrote:

> On Tue, Jul 27, 2004 at 03:03:55PM -0700, Sanchez the Cactus wrote:
> 
> > 1) the check at for !real_ldap (in the if(use_ssl) block of main) is
> > called before find_basekeyspacedn() is called, so real_ldap is set
> > to 0, and it prints out the first of the two not supported by the
> > NAI LDAP keyserver errors.  for now, i've just changed !real_ldap to
> > real_ldap, but I know that's not the right solution.
> 
> Yes, ignore that for now.  It's not the main problem.
> 
> > 2) find_basekeyspacedn() isn't working...  the call:
> > vals=ldap_get_values(ldap,si_res,"pgpBaseKeySpaceDN"); is returning
> > NULL, but I haven't had a chance to look into it more yet, though it
> > is using the context of "dc=company,dc=com", which I think is not
> > the right one.
> 
> No, it should be something like "o=PGP Keys", or at least including
> the "PGP Keys" as part of the string.  It's pretty clear what is going
> wrong, but it is not clear whether this is a problem with your LDAP
> server setup or in gpgkeys_ldap.
> 
> I think you said this was set up by your IT dept for PGP users as
> well.  Does it work with PGP?
> 
> David

Yes, it does work with PGP on windows.  Hardcoding the context to "ou=PGP
Keys,dc=company,dc=com" makes it work.  So either gpgkeys_ldap needs to know
this, or the server needs to provide that information somehow.  Not sure how
PGP manages to figure it out.

Thanks,
-Joe


		
__________________________________
Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!
http://promotions.yahoo.com/new_mail



More information about the Gnupg-users mailing list