searching for a key with gpg ldap

Ralf Hauser ralfhauser at gmx.ch
Thu Jun 15 12:14:22 CEST 2006 

Hi,

Leaving the TLS/SSL problem from the previous mail aside, with

gpg.1.4.3 --keyserver ldap://localhost:2389 --keyserver-options 'binddn="dn=micky"' --keyserver-options "debug=5" --keyserver-options bindpw=mouse --search-keys Test

on windows, a nice "bind" succeeds and the serverInfo is queried with success.

But then gpg presents:
   filter : '(pgpdisabled=0)

all others (e.g. http://sourceforge.net/projects/jxplorer/), however ask for
   filter: (pgpUserID=*test*)

Looking at the below 1.4.2. debug output, it appears that the first half of the query 
   "(&(pgpuserid=*Test*)(pgpdisabled=0))"
   
Never reaches my ldap server (directory.apache.org).


So, the questions are:
1) why doesn't gpg ask for the REAL SEARCH STRING ("pgpuserid=*Test*")?
2) what response might my ldap server give to "pgpdisabled=0" to satisfy gpg such that it might ask me also about "*Test*" in a following query.
Unsuccessful attempts are:
  - en empty result causes the gpg client to terminate the search
  - returning an arbitrary keys causes it to present that one and then stop search too
  - listing all keys irrespective of whether they contain "Test" or not is against the policy of our server


Somehow "pgpdisabled=0" to me looks like "dear server, give me all keys you don't consider as disabled"?

On the gpg side, the output of v1.4.3. is:
gpg: searching for "Test" from ldap server localhost
gpgkeys: not built with debugging support
search type is 0, and key is "Test"
gpg: key "Test" not found on keyserver

Any hints are highly appreciated!

   Ralf

P.S.: Version 1.4.2 (cygwin) output is probably more helpful:

Gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpg: searching for "Test" from ldap server localhost
gpgkeys: debug level 5
ldap_create
ldap_search
put_filter: "(objectClass=*)"
put_filter: simple
put_simple_filter: "objectClass=*"
ldap_send_initial_request
ldap_new_connection
ldap_int_open_connection
ldap_connect_to_host: TCP localhost:2389
ldap_new_socket: 4
ldap_prepare_socket: 4
ldap_connect_to_host: Trying 127.0.0.1:2389
ldap_connect_timeout: fd: 4 tm: -1 async: 0
ldap_ndelay_on: 4
ldap_is_sock_ready: 4
ldap_ndelay_off: 4
ldap_open_defconn: successful
ldap_send_server_request
ldap_result msgid 1
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList returns NULL
wait4msg (infinite timeout), msgid 1
wait4msg continue, msgid 1, all 1
** Connections:
* host: localhost  port: 2389  (default)
  refcnt: 2  status: Connected
  last used: Thu Jun 15 07:41:13 2006

** Outstanding Requests:
 * msgid 1,  origid 1, status InProgress
   outstanding referrals 0, parent count 0
** Response Queue:
   Empty
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList returns NULL
ldap_int_select
read1msg: msgid 1, all 1
ldap_read: message type search-entry msgid 1, original id 1 wait4msg continue, msgid 1, all 1
** Connections:
* host: localhost  port: 2389  (default)
  refcnt: 2  status: Connected
  last used: Thu Jun 15 07:41:13 2006

** Outstanding Requests:
 * msgid 1,  origid 1, status InProgress
   outstanding referrals 0, parent count 0
** Response Queue:
 * msgid 1,  type 100
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList returns NULL
ldap_int_select
read1msg: msgid 1, all 1
ldap_read: message type search-result msgid 1, original id 1 new result:  res_errno: 0, res_error: <>, res_matched: <>
read1msg:  0 new referrals
read1msg:  mark request completed, id = 1 request 1 done
res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 1, msgid 1) ldap_free_connection
ldap_free_connection: refcnt 1
adding response id 1 type 101:
ldap_parse_result
ldap_get_values
ldap_search
put_filter: "(objectClass=*)"
put_filter: simple
put_simple_filter: "objectClass=*"
ldap_send_initial_request
ldap_send_server_request
ldap_result msgid 2
ldap_chkResponseList for msgid=2, all=1
ldap_chkResponseList returns NULL
wait4msg (infinite timeout), msgid 2
wait4msg continue, msgid 2, all 1
** Connections:
* host: localhost  port: 2389  (default)
  refcnt: 2  status: Connected
  last used: Thu Jun 15 07:41:14 2006

** Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
** Response Queue:
   Empty
ldap_chkResponseList for msgid=2, all=1
ldap_chkResponseList returns NULL
ldap_int_select
read1msg: msgid 2, all 1
ldap_read: message type search-result msgid 2, original id 2 ldap_chase_referrals
read1msg:  V2 referral chased, mark request completed, id = 2 new result:  res_errno: 32, res_error: <failed on search operation>, res_matched: <ou=system>
read1msg:  0 new referrals
read1msg:  mark request completed, id = 2 request 2 done
res_errno: 32, res_error: <failed on search operation>, res_matched: <ou=system> ldap_free_request (origid 2, msgid 2) ldap_free_connection
ldap_free_connection: refcnt 1
ldap_parse_result
ldap_search
put_filter: "(objectClass=*)"
put_filter: simple
put_simple_filter: "objectClass=*"
ldap_send_initial_request
ldap_send_server_request
ldap_result msgid 3
ldap_chkResponseList for msgid=3, all=1
ldap_chkResponseList returns NULL
wait4msg (infinite timeout), msgid 3
wait4msg continue, msgid 3, all 1
** Connections:
* host: localhost  port: 2389  (default)
  refcnt: 2  status: Connected
  last used: Thu Jun 15 07:41:14 2006

** Outstanding Requests:
 * msgid 3,  origid 3, status InProgress
   outstanding referrals 0, parent count 0
** Response Queue:
   Empty
ldap_chkResponseList for msgid=3, all=1
ldap_chkResponseList returns NULL
ldap_int_select
read1msg: msgid 3, all 1
ldap_read: message type search-entry msgid 3, original id 3 wait4msg continue, msgid 3, all 1
** Connections:
* host: localhost  port: 2389  (default)
  refcnt: 2  status: Connected
  last used: Thu Jun 15 07:41:14 2006

** Outstanding Requests:
 * msgid 3,  origid 3, status InProgress
   outstanding referrals 0, parent count 0
** Response Queue:
 * msgid 3,  type 100
ldap_chkResponseList for msgid=3, all=1
ldap_chkResponseList returns NULL
ldap_int_select
read1msg: msgid 3, all 1
ldap_read: message type search-result msgid 3, original id 3 new result:  res_errno: 0, res_error: <>, res_matched: <>
read1msg:  0 new referrals
read1msg:  mark request completed, id = 3 request 3 done
res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 3, msgid 3) ldap_free_connection
ldap_free_connection: refcnt 1
adding response id 3 type 101:
ldap_parse_result
ldap_get_values
ldap_msgfree
ldap_msgfree
ldap_search
put_filter: "(&(pgpuserid=*Test*)(pgpdisabled=0))"
put_filter: AND
put_filter_list "(pgpuserid=*Test*)(pgpdisabled=0)"
put_filter: "(pgpuserid=*Test*)"
put_filter: simple
put_simple_filter: "pgpuserid=*Test*"
put_substring_filter "pgpuserid=*Test*"
put_filter: "(pgpdisabled=0)"
put_filter: simple
put_simple_filter: "pgpdisabled=0"
ldap_send_initial_request
ldap_send_server_request
ldap_result msgid 4
ldap_chkResponseList for msgid=4, all=1
ldap_chkResponseList returns NULL
wait4msg (infinite timeout), msgid 4
wait4msg continue, msgid 4, all 1
** Connections:
* host: localhost  port: 2389  (default)
  refcnt: 2  status: Connected
  last used: Thu Jun 15 07:41:14 2006

** Outstanding Requests:
 * msgid 4,  origid 4, status InProgress
   outstanding referrals 0, parent count 0
** Response Queue:
   Empty
ldap_chkResponseList for msgid=4, all=1
ldap_chkResponseList returns NULL
ldap_int_select
read1msg: msgid 4, all 1
ldap_read: message type search-result msgid 4, original id 4 new result:  res_errno: 0, res_error: <>, res_matched: <>
read1msg:  0 new referrals
read1msg:  mark request completed, id = 4 request 4 done
res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 4, msgid 4) ldap_free_connection
ldap_free_connection: refcnt 1
ldap_parse_result
ldap_msgfree
gpg: key "Test" not found on keyserver

More information about the Gnupg-users mailing list