When a new key is being added to a ldap keyserver, dirmngr creates an LDAP object with only two attributes: pgpKey and pgpCertID. The rest of attributes is silently dropped. I have submitted a patch: https://dev.gnupg.org/D475
Description
Description
Details
Details
- Version
- 2.2.15
Related Objects
Related Objects
- Mentioned Here
- D475: Fix addition of new GPG keys to LDAP
Event Timeline
Comment Actions
See also D475.
While looking at this I figured that ks-engine-ldap links in all the stuff we do not want (i.e. a second crypto library) and due to the way it has been ported from the old ldap keyserver helper it does not make use of our LDAP infrastructure. Our LDAP code shall use the wapper so that we don't run into linkage problems with libldap, avoid spreading the code with npth_unprotect/protect, and to have a working timeout for all ldap calls. I wonder why the stuff works at all.
Comment Actions
The code has been reworked to also support the updated schema which also stores the fingerprints and a parsed down mail address. See gnupg/doc/ldap/ . These changes are in master and 2.2.26. Sorry for taking so long to fix that.