OpenLDAP schema to store OpenPGP keys?
David Shaw
dshaw at jabberwocky.com
Thu Feb 23 14:03:36 CET 2006
On Thu, Feb 23, 2006 at 01:01:48PM +0100, Walter Haidinger wrote:
> On Thu, February 23, 2006 00:28, David Shaw wrote:
> >> Next release of 1.4.x or 1.9.x?
> >
> > 1.4.3. I've added the new feature, so you could probably grab the
> > gpgkeys_ldap.c from svn and use it in your 1.4.2 if you like. There
> > aren't significant changes to the keyserver protocol between the two.
> > Just replace the existing gpgkeys_ldap.c with the new one and
> > recompile.
>
> I've checked out rev. 4020 (gpg reports version 1.4.3rc1).
>
> First the good news: Anonymous access works, can send and receive
> keys just fine. The problem about the pgpKeysize is gone, although
> I did _not_ do any changes to the code. The CVS diffs show that you
> probably took care of this.
I did.
> There is a bug in the option parsing. Added a few diagnostics
> in main() of gpgkeys_ldap.c, which showed that binddn is already
> truncated after and including the first comma when you strdup() it
> from start[], i.e. any DN, like 'a,b,c,d' would be truncated to 'a'.
> Had a quick look but no obvious origin of the problem.
Not a bug - you're quoting it wrong in the shell. It takes a lot to
make the shell not eat stuff sometimes:
--keyserver-option "binddn=\"uid=user1,ou=PGP Users,dc=EXAMPLE,dc=COM\""
That is, quote the value, not the name=value. The parser in GPG
understands quotes.
David
More information about the Gnupg-users
mailing list