Fwd: using gnupg with a secure ldap (ldaps) keyserver
Sanchez the Cactus
sanchezthecactus at yahoo.com
Wed Jul 28 01:07:50 CEST 2004
--- David Shaw <dshaw at jabberwocky.com> wrote:
> On Tue, Jul 27, 2004 at 03:03:55PM -0700, Sanchez the Cactus wrote:
>
> > 1) the check at for !real_ldap (in the if(use_ssl) block of main) is
> > called before find_basekeyspacedn() is called, so real_ldap is set
> > to 0, and it prints out the first of the two not supported by the
> > NAI LDAP keyserver errors. for now, i've just changed !real_ldap to
> > real_ldap, but I know that's not the right solution.
>
> Yes, ignore that for now. It's not the main problem.
>
> > 2) find_basekeyspacedn() isn't working... the call:
> > vals=ldap_get_values(ldap,si_res,"pgpBaseKeySpaceDN"); is returning
> > NULL, but I haven't had a chance to look into it more yet, though it
> > is using the context of "dc=company,dc=com", which I think is not
> > the right one.
>
> No, it should be something like "o=PGP Keys", or at least including
> the "PGP Keys" as part of the string. It's pretty clear what is going
> wrong, but it is not clear whether this is a problem with your LDAP
> server setup or in gpgkeys_ldap.
>
> I think you said this was set up by your IT dept for PGP users as
> well. Does it work with PGP?
>
> David
Yes, it does work with PGP on windows. Hardcoding the context to "ou=PGP
Keys,dc=company,dc=com" makes it work. So either gpgkeys_ldap needs to know
this, or the server needs to provide that information somehow. Not sure how
PGP manages to figure it out.
Thanks,
-Joe
__________________________________
Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!
http://promotions.yahoo.com/new_mail
More information about the Gnupg-users
mailing list