LDAP related stuff.
Details
Details
Description
Oct 9 2024
Oct 9 2024
• ebo edited projects for T5447: Add feature to delete a key from an LDAP server, added: vsd33; removed vsd33 (vsd-3.3.0).
• alexk added a project to T5447: Add feature to delete a key from an LDAP server: vsd33 (vsd-3.3.0).
May 27 2024
May 27 2024
• alexk added a comment to T5447: Add feature to delete a key from an LDAP server.
Also required for an actium feature with UI.
Sep 25 2023
Sep 25 2023
• werner edited projects for T5447: Add feature to delete a key from an LDAP server, added: Restricted Project; removed gnupg (gpg23).
Actually, a GUI to maintain the keys in an LDAP would be helpful for many sites.
Apr 21 2023
Apr 21 2023
• werner added a parent task for T6458: Support looking up userSMIMECertificate in LDAP: T6416: Remove LDAP code duplication in dirmngr.
Apr 19 2023
Apr 19 2023
Apr 12 2023
Apr 12 2023
• ebo moved T5441: Kleopatra: LDAP Search only shows one key from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Mar 17 2023
Mar 17 2023
Feb 27 2023
Feb 27 2023
The code has meanwhile been reworked and the mentioned test server is not anymore available
Nov 17 2022
Nov 17 2022
Oct 11 2022
Oct 11 2022
• gniibe changed the status of T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified from Open to Testing.
Sep 29 2022
Sep 29 2022
• gniibe added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.
Applied and pushed the change from @joeyberkovitz in rG3257385378bb: dirmngr: Interrogate LDAP server when base DN specified..
Sep 26 2022
Sep 26 2022
• werner added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.
BTW, I have also in mind to use an AD entry to figure out the used keyserver. It turned out that people don't like to modify the schema of their AD but instead use a separate LDS.
• gniibe added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.
To proceed, I pushed an initial part as rG993820c31521: dirmngr: Factor out interrogate_ldap_dn function., which doesn't change any behavior.
Then, the point of the change will be clearer.
Sep 19 2022
Sep 19 2022
joeyberkovitz added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.
just checking in about getting this patch reviewed
Jul 10 2022
Jul 10 2022
• ikloecker added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.
Due to vacation the review may take some time.
Jul 8 2022
Jul 8 2022
joeyberkovitz added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.
Any chance someone is able to review the posted patch?
Jul 5 2022
Jul 5 2022
• gniibe added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.
Let me know how best to submit it
joeyberkovitz added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.
I tried to submit the below patch to gnupg-devel@lists.gnupg.org, but get an Unrouteable address error. Let me know how best to submit it
Jun 29 2022
Jun 29 2022
• werner triaged T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified as Normal priority.
The first ideas sounds best to me. Patches please to the mailing list.
Apr 20 2022
Apr 20 2022
Mar 30 2022
Mar 30 2022
Aug 13 2021
Aug 13 2021
Jun 25 2021
Jun 25 2021
This has been solved in 2.2.26 commit rGc75fd75532
Jun 11 2021
Jun 11 2021
May 21 2021
May 21 2021
May 19 2021
May 19 2021
• werner added a comment to T5441: Kleopatra: LDAP Search only shows one key.
Having a fallback in Kleopatra makes sense because very old HKP keyservers don't return the fingerprint and LDAP keyservers not using the modernized schema do neither.
• aheinecke reassigned T5441: Kleopatra: LDAP Search only shows one key from • aheinecke to • werner.
I just talked with werner about that and he told me that GnuPG can return the fingerprint. And I also mentioned to him that kleopatra really assumes that a Fingerprint is always set for a valid key object.
• aheinecke added a comment to T5441: Kleopatra: LDAP Search only shows one key.
Should have linked the commit with a patch for Gpg4win here: 22bc52775bdb I mostly needed that as an immediate fix for someone testing with ldap servers a lot.
Jan 27 2021
Jan 27 2021
• aheinecke reopened T5068: LDAP keyserver does not support lookup by fingerprint as "Open".
• aheinecke changed the visibility for T5068: LDAP keyserver does not support lookup by fingerprint.
Jan 8 2021
Jan 8 2021
The code has been reworked to also support the updated schema which also stores the fingerprints and a parsed down mail address. See gnupg/doc/ldap/ . These changes are in master and 2.2.26. Sorry for taking so long to fix that.
Sep 15 2020
Sep 15 2020
Jul 2 2020
Jul 2 2020
• werner closed T4758: gnupg-2.2.18/dirmngr/ldap-parse-uri.c:57:27: style: Same expression on both sides of '||'. as Resolved.
Fixed; In master the code already uses our generic scheme parser.
Nov 26 2019
Nov 26 2019
• werner triaged T4758: gnupg-2.2.18/dirmngr/ldap-parse-uri.c:57:27: style: Same expression on both sides of '||'. as Normal priority.
The LDAP code is actually in very bad shape because @neal added it without utilizing the ldap wrapper and thus a timeout won't work reliable.
Nov 11 2019
Nov 11 2019
• werner edited projects for T4447: Fix addition of new GPG keys to LDAP, added: gnupg (gpg23); removed gnupg.
• werner added a comment to T4447: Fix addition of new GPG keys to LDAP.
See also D475.
May 17 2019
May 17 2019
Apr 25 2019
Apr 25 2019
Apr 5 2019
Apr 5 2019
Apr 3 2019
Apr 3 2019
Nov 5 2018
Nov 5 2018
Fixed in master and 2.2.
Oct 25 2018
Oct 25 2018
Oh, that is really old code dating back to dirmngr-1. There is only one user I will see whether I can replace it with the generic parser we have in http.c
Apr 18 2018
Apr 18 2018
jpi added a comment to T3806: error accessing ldaps key server (TLS vs. STARTTLS).
Thanks for looking into this issue :-)