OpenLDAP schema to store OpenPGP keys?

David Shaw dshaw at jabberwocky.com
Tue Feb 21 23:20:55 CET 2006


On Tue, Feb 21, 2006 at 11:12:32PM +0100, Walter Haidinger wrote:
> On Tue, 21 Feb 2006, David Shaw wrote:
> 
> > > beause GnuPG looks for PGPServerInfo unter the base DN,
> > > not under dn="ou=PGP Keys,dc=DOMAIN,dc=COM".
> > 
> > Not exactly.  It looks for PGPServerInfo under each DN returned from
> > namingContexts in order.  It may well check for
> > "cn=PGPServerInfo,dc=DOMAIN,dc=COM" first, but once that fails, it'll
> > get to "cn=PGPServerInfo,ou=PGP Keys,dc=DOMAIN,dc=COM" next.
> 
> As far as I can tell from my slapd logs, it only checks for 
> "cn=PGPServerInfo,dc=DOMAIN,dc=COM" once and stops failing that.

What does:

 ldapsearch -h your-ldap-server -x -b "" -s base namingcontexts

return?


> > I developed this against a 2.0.x version, and it looks like something
> > has changed.  In gpgkeys_ldap.c, try adding:
> > 
> >   unique=1;
> > 
> > At the top of make_one_attr().
> 
> I'll try this. Is it ok to stick to 1.4.2?

Yes.

David



More information about the Gnupg-users mailing list