Dirmngr now supports hkps

Kristian Fiskerstrand kristian.fiskerstrand at sumptuouscapital.com
Tue May 6 19:45:46 CEST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 05/06/2014 04:33 PM, Werner Koch wrote:
> Hi,
> 
> Kristian announced at gnupg-users that SKS 1.15 has been released.
> I take this opportunity to tell that I pushed changes to GnuPG
> master which gives us hpks again.  Those who follow master may want
> to test these changes.  They require that GnuTLS 3.x is installed.

Thats great, I'll look into it for sure :)

One thing I noticed is that since commit
8412a5825c225c8ff14de3ffaad2e55e040b2eca `make -j4` fails on my
computer with ERROR described below. As of
84289e85c72ae58c321dfdb96816700a6b7f7122 this is working. Forcing -j1
allows building after this commit.

Also, if using --program-prefix='gpg2.1-' gpg fails to locate the
dirmngr,
gpg: failed to start the dirmngr '/usr/bin/dirmngr': No such file or
directory
creating a symlink for dirmngr (and for good measure dirmngr-client)
fixes this issue.

Out of curiosity (as I haven't had time to look deeply enough into the
source code yet), how does dirmngr handle SNI in the case of the hkps
pool being resolved to multiple client? Does it still present itself
as SNI=hkps.pool.sks-keyservers.net when contacting individual
servers? Otherwise (if the direct hostname is used) we might have
instances where the per-keyserver certificate is presented in such cases.


## ERROR ##

ssing-field-initializers -Wdeclaration-after-statement
- -Wno-pointer-sign -Wpoint
er-arith -Wno-psabi -c -o t_http-t-http.o `test -f 't-http.c' || echo
'./'`t-htt
p.c
make[3]: *** No rule to make target `../common/libcommontls.a', needed
by `t-http'.  Stop.
make[3]: *** Waiting for unfinished jobs....
make[3]: Leaving directory
`/var/tmp/portage/app-crypt/gnupg-9999/work/gnupg-9999/common'
make[2]: *** [all] Error 2

- -- 
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Nulla regula sine exceptione
No rule without exception
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJTaR/HAAoJEPw7F94F4TagZ9EP/0jXbmb6Z4EZLgjs5BqBifXx
FzC5eR7dwdeY4LqNAEfw56R6ndyY8I20u4STgdsZ2oiOsFpjCwrzq0E80TtE/MLY
0eOS4v0e6A5Ix6wujhOhXxh9l7p8Y0ySn6WIP/VqILHfsUe4seqTvB1k2rljwTXY
JmBk+EsfPjA/1sfk7SdKrjuZhNK5GsRtWT/KoFwgX0rbzH8fIMQLzOUoJ7PJ70hk
8F6hv0/ALh9QVBnpJO1aN/1JAgY+gVml0wMXqKxUReGUfiwDT9iy4PGpFTk7kAGR
mUxu/H3jxvOUBhk/ROFvUMe164K55YMWceSZYBEqEfXfnHC1Y9MS4mOI2TkzFHg3
flXPFgAoIfD//oZG9sOhSVo1duG08IkCTWe1wzaZF/PA+15oEMWOd2Oyh62cL8ei
WABl8nqyzgPcamAPU/40VnyFa2DqdheJiBsrjdKtVO1AjtkfzwtmME/3XdQE9Opo
st4wvTqJd+WbU8gNgPGI9ENqMw6iBMg9YxvrkjfZGO+3UCCBXVWBaH3h8liZtCRW
dwcjNFHaltIGgK41wBIuXWfZizzKljsmnYX0YrzCNxRZEQQodFqCH1dCaSUyStOe
bMr9CUelQeCLEcfIP+A5QTv1n4VuwuIxmdbXM6zhz+aZUT8XjVFfqMOHtSUMjoaf
VL1EBZ3sIH630TSRbW8F
=UeD3
-----END PGP SIGNATURE-----



More information about the Gnupg-devel mailing list