LDAP - GPG interface
Shaun Savage
ssavage@infomatec.de
Thu, 19 Oct 2000 17:50:17 +0200
Werner Koch wrote:
Hi folks
I have gotten my first key exported to a LDAP server from gnupg. The
problem I have is I don't have a pgpserver so I had to use openldap as
my server and write the code for the server. The people at openldap
don't like the existing pgp-LDAP interface, so now I am writing my own
interface. The search will work from all systems but adding new keys
can only work with the new interface.
overview of changes
added a void* private to the iobuf structure.
added a file server.c and server.h to chain hkp.c hkp.h code
in g10.c replace hkp_export and hkp_import with server_export and
server_import
in export.c I save the first signature id in out->private.
all changes use the dn seq=9999,id=XXXXXXXXXXXXXXXX,$(basekeymaint)
the seq is just a unique number and the id is the first signature id.
The reason for these changes are I need a unique DN for each key
maintance packet and all changes require a signature.
gpg <---> LDAP <--- Directory.oc1 <--- LDAP <---> KeyMaintApp
|-----> Directory.oc2 ----->|
the maintance request come in and are stored in oc2. the KeyMaintApp
read the data checks validity and then update oc1.
all key searchs use oc1 as where to search.
I worked on key uploading into oc2 first. now I am going to work on
search for oc1. then KeyMaintApp, the finally other key maintance
actions.
the problem here is when someone uploads a key or changes a key they
will not know the result immediately. the will have to be email send
back from the KeyMaintApp.
Shaun savage