Page MenuHome GnuPG

Fix addition of new GPG keys to LDAP
Closed, ResolvedPublic


When a new key is being added to a ldap keyserver, dirmngr creates an LDAP object with only two attributes: pgpKey and pgpCertID. The rest of attributes is silently dropped. I have submitted a patch:



Event Timeline

See also D475.

While looking at this I figured that ks-engine-ldap links in all the stuff we do not want (i.e. a second crypto library) and due to the way it has been ported from the old ldap keyserver helper it does not make use of our LDAP infrastructure. Our LDAP code shall use the wapper so that we don't run into linkage problems with libldap, avoid spreading the code with npth_unprotect/protect, and to have a working timeout for all ldap calls. I wonder why the stuff works at all.

werner claimed this task.

The code has been reworked to also support the updated schema which also stores the fingerprints and a parsed down mail address. See gnupg/doc/ldap/ . These changes are in master and 2.2.26. Sorry for taking so long to fix that.