Page MenuHome GnuPG
Projects dirmngr

dirmngrProject
ActivePublic
Watch Project

Members

  • This project does not have any members.
  • View All

Watchers

  • This project does not have any watchers.
  • View All

Recent Activity
View All

Tue, Mar 21

werner claimed T3054: dirmngr only using cAcertificate attr type when querying LDAP directory.

We need to extend dirmngr_ldap.c to take a list of attributes to return. We already have the --multi option which returns all attributes for latter filtering by the caller but the specified attr is also used and thus dirmngr's start_cacert_fetch_ldap() retruns only the requested caCertificate.

Tue, Mar 21, 4:52 PM · gnupg22, gnupg24, Active Directory, dirmngr

Fri, Mar 17

werner triaged T6416: Remove LDAP code duplication in dirmngr as Normal priority.
Fri, Mar 17, 2:36 PM · Feature Request, LDAP, dirmngr, gnupg24
chrisnelmes added a comment to T3610: dirmngr: Since 2.1 windows firewall asks about dirmngr access.

Hello All,

Fri, Mar 17, 2:27 PM · gpg4win, dirmngr

Mon, Feb 27

werner closed T3806: error accessing ldaps key server (TLS vs. STARTTLS) as Resolved.

The code has meanwhile been reworked and the mentioned test server is not anymore available

Mon, Feb 27, 5:30 PM · Too Old, LDAP, dirmngr, Bug Report

Jan 19 2023

werner removed a project from T4443: IPv6 address with scope not accepted as keyserver: gnupg (gpg23).
Jan 19 2023, 4:51 PM · gnupg24, dirmngr, dns, Bug Report
werner removed a project from T6014: Failed to search on certificate server. The error returned was: Syntax error in URI.: gnupg (gpg23).
Jan 19 2023, 4:46 PM · gnupg24, dirmngr, Bug Report
werner closed T6067: dirmngr 2.2 does not ask keyservers for fingerprints, a subtask of T5741: dirmngr does not ask keyservers for fingerprints, as Resolved.
Jan 19 2023, 4:41 PM · Restricted Project, dirmngr
werner closed T6067: dirmngr 2.2 does not ask keyservers for fingerprints as Resolved.
Jan 19 2023, 4:41 PM · gnupg (gpg22), Restricted Project, dirmngr

Dec 5 2022

ikloecker added a project to T3933: Kleopatra: Set allow-ocsp in dirmngr if OCSP is enabled through config dialog: kleopatra.
Dec 5 2022, 8:28 AM · kleopatra, dirmngr, S/MIME

Nov 17 2022

werner closed T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified as Resolved.
Nov 17 2022, 9:33 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Oct 11 2022

gniibe changed the status of T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified from Open to Testing.
Oct 11 2022, 8:16 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Sep 29 2022

gniibe added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

Applied and pushed the change from @joeyberkovitz in rG3257385378bb: dirmngr: Interrogate LDAP server when base DN specified..

Sep 29 2022, 3:10 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Sep 26 2022

werner added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

BTW, I have also in mind to use an AD entry to figure out the used keyserver. It turned out that people don't like to modify the schema of their AD but instead use a separate LDS.

Sep 26 2022, 9:41 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request
gniibe added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

To proceed, I pushed an initial part as rG993820c31521: dirmngr: Factor out interrogate_ldap_dn function., which doesn't change any behavior.
Then, the point of the change will be clearer.

Sep 26 2022, 9:03 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Sep 22 2022

werner removed a project from T6067: dirmngr 2.2 does not ask keyservers for fingerprints: Restricted Project.
Sep 22 2022, 10:54 AM · gnupg (gpg22), Restricted Project, dirmngr

Sep 19 2022

werner closed T2300: Second crlDP is not used if first is unavailable as Resolved.
Sep 19 2022, 8:25 PM · g10code, Feature Request, dirmngr
werner added a comment to T2300: Second crlDP is not used if first is unavailable.

What is a partial CRL; I have never seen that and IIRC the specification for that was not complete.

Sep 19 2022, 8:22 PM · g10code, Feature Request, dirmngr
aheinecke added a comment to T2300: Second crlDP is not used if first is unavailable.

For what it is worth, I think that my patch is more standard compliant then yours because it checks if there is a partial CRL.

Sep 19 2022, 4:43 PM · g10code, Feature Request, dirmngr
aheinecke reassigned T2300: Second crlDP is not used if first is unavailable from aheinecke to werner.

I think 289fbc550d18a7f9b26c794a2409ba820811f6b3 implemented this wish from 2016 :) @werner please read the full report and then close it as fixed if you agree. I find it a bit funny that we both came independently to the same conclusion, that it should be handled differently even if the standard says otherwise. Because the behavior from the standard does not make sense and is in contradiction to other parts where it says that each CRL must contain all revocations.

Sep 19 2022, 4:35 PM · g10code, Feature Request, dirmngr
joeyberkovitz added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

just checking in about getting this patch reviewed

Sep 19 2022, 3:41 PM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Sep 16 2022

werner closed T1141: dirmngr does not try all CRL DPs if first fetchable CRL is too old as Resolved.

That particular bug seems to have been solved a long time ago. I stumbled upon up while fixing a DP bug today.

Sep 16 2022, 4:43 PM · gnupg, Bug Report, dirmngr

Sep 14 2022

ebeiersdorfer added a comment to T6014: Failed to search on certificate server. The error returned was: Syntax error in URI..

Awesome, thanks all! From an end user perspective that would be a perfectly acceptable outcome, the warning just serves to confuse people. Appreciate the help!

Sep 14 2022, 9:28 PM · gnupg24, dirmngr, Bug Report
ikloecker edited projects for T6014: Failed to search on certificate server. The error returned was: Syntax error in URI., added: dirmngr; removed kleopatra.

I have created the spin-off T6202: Kleopatra: Suppress errors of WKD lookups to deal with not bothering Kleopatra's users with error messages when doing a WKD lookup in the background. This task is for improving dirmngr.

Sep 14 2022, 5:43 PM · gnupg24, dirmngr, Bug Report

Jul 29 2022

aheinecke closed T4523: Gpg4win: Multiple problems reported 05-2019, a subtask of T4538: Support PSS signed CRLs, as Invalid.
Jul 29 2022, 3:15 PM · dirmngr, S/MIME, libksba

Jul 26 2022

ikloecker changed the status of T6067: dirmngr 2.2 does not ask keyservers for fingerprints, a subtask of T5741: dirmngr does not ask keyservers for fingerprints, from Open to Testing.
Jul 26 2022, 9:54 AM · Restricted Project, dirmngr
ikloecker changed the status of T6067: dirmngr 2.2 does not ask keyservers for fingerprints from Open to Testing.

The fix has been merged to the 2.2 branch.

Jul 26 2022, 9:54 AM · gnupg (gpg22), Restricted Project, dirmngr

Jul 15 2022

ikloecker added a comment to T6067: dirmngr 2.2 does not ask keyservers for fingerprints.
In T6067#160368, @vitusb wrote:

Due to https://dev.gnupg.org/T5725#153224 ("The fingerprints are needed by Kleopatra as unique identifier for keys."), is this still implemented in that way ?

Jul 15 2022, 1:48 PM · gnupg (gpg22), Restricted Project, dirmngr
vitusb added a comment to T6067: dirmngr 2.2 does not ask keyservers for fingerprints.

What i don't understand is ...

Jul 15 2022, 11:18 AM · gnupg (gpg22), Restricted Project, dirmngr

Jul 10 2022

ikloecker added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

Due to vacation the review may take some time.

Jul 10 2022, 12:00 PM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Jul 8 2022

ikloecker added a comment to T6067: dirmngr 2.2 does not ask keyservers for fingerprints.

It will hopefully be fixed in 2.2.37.

Jul 8 2022, 10:36 PM · gnupg (gpg22), Restricted Project, dirmngr
vitusb added a comment to T6067: dirmngr 2.2 does not ask keyservers for fingerprints.

Hello,
thanx for fixing this issue ...

Jul 8 2022, 8:30 PM · gnupg (gpg22), Restricted Project, dirmngr
joeyberkovitz added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

Any chance someone is able to review the posted patch?

Jul 8 2022, 4:54 PM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Jul 7 2022

ikloecker reassigned T6067: dirmngr 2.2 does not ask keyservers for fingerprints from ikloecker to werner.
Jul 7 2022, 1:35 PM · gnupg (gpg22), Restricted Project, dirmngr
ikloecker added a parent task for T6067: dirmngr 2.2 does not ask keyservers for fingerprints: T6042: Cannot search on keyserver from kleopatra 3.1.22 inside an AppImage of GnuPG Desktop or GnuPG VS Desktop.
Jul 7 2022, 1:31 PM · gnupg (gpg22), Restricted Project, dirmngr
ikloecker created T6067: dirmngr 2.2 does not ask keyservers for fingerprints.
Jul 7 2022, 1:30 PM · gnupg (gpg22), Restricted Project, dirmngr

Jul 5 2022

gniibe added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

Let me know how best to submit it

Jul 5 2022, 4:36 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request
joeyberkovitz added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

I tried to submit the below patch to gnupg-devel@lists.gnupg.org, but get an Unrouteable address error. Let me know how best to submit it

Jul 5 2022, 3:27 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Jun 29 2022

werner triaged T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified as Normal priority.

The first ideas sounds best to me. Patches please to the mailing list.

Jun 29 2022, 5:16 PM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Apr 28 2022

werner closed T5751: Please remove pgp.surf.nl from default dirmngr config as Resolved.
Apr 28 2022, 8:50 AM · dirmngr, Keyserver

Apr 25 2022

werner closed T4729: WKD via http_proxy does not work if DNS is broken/unavailable as Resolved.

Was fixed in 2.3.5

Apr 25 2022, 4:53 PM · gnupg (gpg22), Restricted Project, dns, dirmngr

Apr 20 2022

werner triaged T5909: Make use of the LDAP revoked attribute as Normal priority.
Apr 20 2022, 8:46 AM · Feature Request, LDAP, OpenPGP, gpgme, dirmngr

Apr 14 2022

werner closed T5235: Delays in dirmngr http connections on Windows as Resolved.

We have not seen this problem anymore in recent versions. Thus closing.

Apr 14 2022, 3:02 PM · can't replicate, dirmngr, ntbtls, Windows, gnupg (gpg22)
werner closed T5639: dirmngr uses the wrong Let's encrypt chain as Resolved.

We have a solulion for this bug. For further improvements we will use T5882.

Apr 14 2022, 2:00 PM · gnupg (gpg22), dirmngr

Mar 30 2022

werner created T5909: Make use of the LDAP revoked attribute.
Mar 30 2022, 11:49 AM · Feature Request, LDAP, OpenPGP, gpgme, dirmngr

Mar 28 2022

werner closed T5902: GnuPG dirmngr sends incorrect l parameter to a WKD server as Resolved.

Good idea. Thanks. Goes onto 2.3 and 2.2

Mar 28 2022, 4:15 PM · dirmngr, gnupg, wkd, Bug Report
eehakkin created T5902: GnuPG dirmngr sends incorrect l parameter to a WKD server.
Mar 28 2022, 10:17 AM · dirmngr, gnupg, wkd, Bug Report

Mar 25 2022

gniibe removed a project from T5531: dirmngr --validate broken for DER encoded files: Restricted Project.
Mar 25 2022, 11:45 PM · gnupg (gpg23), dirmngr, Bug Report
fvogt closed T5531: dirmngr --validate broken for DER encoded files as Resolved.

Confirmed to work, thanks!

Mar 25 2022, 9:54 AM · gnupg (gpg23), dirmngr, Bug Report
gniibe added a comment to T5531: dirmngr --validate broken for DER encoded files.

it still shows the no certificate or invalid encoded error message:

Mar 25 2022, 12:42 AM · gnupg (gpg23), dirmngr, Bug Report

Mar 24 2022

fvogt added a comment to T5531: dirmngr --validate broken for DER encoded files.

I gave it a try. It works now, but it still shows the no certificate or invalid encoded error message:

Mar 24 2022, 9:50 AM · gnupg (gpg23), dirmngr, Bug Report