Page MenuHome GnuPG

dirmngrTag
ActivePublic

Members

  • This project does not have any members.
  • View All

Watchers

  • This project does not have any watchers.
  • View All

Details

Description

Bugs related to gnupg's dirmngr component.

Recent Activity

Thu, Feb 1

gc100 closed T6965: WKD fail: gpg/dimngr fails to retrieve public key as Resolved.

Fixed by changing server as noted above.

Thu, Feb 1, 9:00 PM · Support, dirmngr, Bug Report
gc100 added a comment to T6965: WKD fail: gpg/dimngr fails to retrieve public key.

Thanks for all the help @gniibe.

Thu, Feb 1, 8:59 PM · Support, dirmngr, Bug Report
gc100 added a comment to T6965: WKD fail: gpg/dimngr fails to retrieve public key.

It should not be removed as I believe it is required to be compliant:

Thu, Feb 1, 5:22 PM · Support, dirmngr, Bug Report
gniibe added projects to T6965: WKD fail: gpg/dimngr fails to retrieve public key: dirmngr, Support.

I'm afraid that your particular configuration would cause the problem of the negotiation.

Thu, Feb 1, 2:02 AM · Support, dirmngr, Bug Report

Jan 4 2024

werner closed T1839: Can't Encrypt with PIV-I Encryption Certificate - Unsupported Certificate as Resolved.

Note that we now have also an option instead of the workaround from 2015

Jan 4 2024, 4:18 PM · gnupg, dirmngr, S/MIME, Feature Request

Dec 11 2023

werner closed T6850: dirmngr fails `gpg --recv-key` in very non-obious way if local TOR node in SafeSocks mode is running as Wontfix.

For various reasons dirmngr requires and implements a full resolver and implements that. This way all DNS queries are passed through Tor. Thus this is a feature and not a bug. The error message could be better but we can only return what SOCKS tells us.

Dec 11 2023, 8:37 AM · gnupg, Tor, Not A Bug, dirmngr

Nov 28 2023

ntninja created T6850: dirmngr fails `gpg --recv-key` in very non-obious way if local TOR node in SafeSocks mode is running.
Nov 28 2023, 5:51 PM · gnupg, Tor, Not A Bug, dirmngr

Sep 26 2023

werner closed T2829: dirmngr: Timeouts are too long as Resolved.

Lot's of things changed in the meantime.

Sep 26 2023, 2:28 PM · gnupg, Bug Report, dirmngr
werner closed T4467: dirmngr keyserver option (and legacy gpg --keyserver) should assume `hkps://` or `hkp://` if no scheme is present as Wontfix.

HKP keyservers are anyway out of fashion and thus we won't put anymore effort into his part of the code.

Sep 26 2023, 2:27 PM · dirmngr
werner closed T2849: dirmngr fails to terminate on SIGTERM if an existing connection is open as Wontfix.
Sep 26 2023, 2:24 PM · Too Old, gnupg, Bug Report, dirmngr
werner closed T2740: dirmngr fails (and gets stuck failing) when network changes as Wontfix.

Lot's of changes since 2.4.

Sep 26 2023, 2:23 PM · Too Old, gnupg, Bug Report, dirmngr

Jul 4 2023

werner moved T6477: WKD redirects and dirmngr redirect rewriting from QA to gnupg-2.4.3 on the gnupg24 board.
Jul 4 2023, 2:39 PM · gnupg24 (gnupg-2.4.3), wkd, dirmngr

Jun 22 2023

werner added a comment to T2039: CRL issuingDistributionPoint support.

See for T6545 for a new request to support IDP.

Jun 22 2023, 11:46 AM · gnupg, Feature Request, dirmngr

Jun 15 2023

werner moved T6477: WKD redirects and dirmngr redirect rewriting from WiP to QA on the gnupg24 board.
Jun 15 2023, 3:12 PM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
werner added a comment to T6477: WKD redirects and dirmngr redirect rewriting.

I have now disabled the rewriting in the 2.4 branch. Those who want to keep the old behaviour may add

Jun 15 2023, 3:09 PM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
werner set the icon for dirmngr to Tag.
Jun 15 2023, 2:08 PM
werner edited Description on dirmngr.
Jun 15 2023, 2:07 PM
werner moved T6477: WKD redirects and dirmngr redirect rewriting from Backlog to WiP on the gnupg24 board.
Jun 15 2023, 2:03 PM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
werner claimed T6477: WKD redirects and dirmngr redirect rewriting.
Jun 15 2023, 2:03 PM · gnupg24 (gnupg-2.4.3), wkd, dirmngr

May 3 2023

werner added a comment to T6477: WKD redirects and dirmngr redirect rewriting.

I will review the issue. A likely outcome will be to follow your suggestion but to add an option for the old behaviour to avoid further security discussions.

May 3 2023, 8:29 AM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
werner triaged T6477: WKD redirects and dirmngr redirect rewriting as High priority.
May 3 2023, 8:27 AM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
Angel updated the task description for T6477: WKD redirects and dirmngr redirect rewriting.
May 3 2023, 4:53 AM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
Angel created T6477: WKD redirects and dirmngr redirect rewriting.
May 3 2023, 4:50 AM · gnupg24 (gnupg-2.4.3), wkd, dirmngr

Apr 21 2023

werner triaged T6458: Support looking up userSMIMECertificate in LDAP as Normal priority.
Apr 21 2023, 11:13 AM · LDAP, dirmngr, Feature Request
werner added a parent task for T6458: Support looking up userSMIMECertificate in LDAP: T6416: Remove LDAP code duplication in dirmngr.
Apr 21 2023, 11:13 AM · LDAP, dirmngr, Feature Request
werner added a subtask for T6416: Remove LDAP code duplication in dirmngr: T6458: Support looking up userSMIMECertificate in LDAP.
Apr 21 2023, 11:13 AM · Feature Request, LDAP, dirmngr, gnupg24

Apr 19 2023

pert created T6458: Support looking up userSMIMECertificate in LDAP.
Apr 19 2023, 3:43 AM · LDAP, dirmngr, Feature Request

Apr 16 2023

werner triaged T6449: Support fetching S/MIME certificates over DNS via SMIMEA record as Wishlist priority.
Apr 16 2023, 8:34 PM · Feature Request, dirmngr

Apr 14 2023

pert created T6449: Support fetching S/MIME certificates over DNS via SMIMEA record.
Apr 14 2023, 12:50 PM · Feature Request, dirmngr

Apr 5 2023

ebo moved T6067: dirmngr 2.2 does not ask keyservers for fingerprints from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 5 2023, 2:52 PM · gnupg (gpg22), Restricted Project, dirmngr
ebo moved T4729: WKD via http_proxy does not work if DNS is broken/unavailable from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 5 2023, 1:53 PM · gnupg (gpg22), Restricted Project, dns, dirmngr

Apr 3 2023

werner placed T3054: dirmngr only using cAcertificate attr type when querying LDAP directory up for grabs.
Apr 3 2023, 2:29 PM · Active Directory, dirmngr
werner closed T3054: dirmngr only using cAcertificate attr type when querying LDAP directory as Resolved.

After diligently reading the code I realized that this bug has long been fixed. For reference here is the patch I wrote to extend dirmngr_ldap during my tests:

Apr 3 2023, 2:28 PM · Active Directory, dirmngr

Mar 29 2023

werner closed T1971: LDAP: --refresh-keys is not implemented as Resolved.

This has been solved loooong ago.

Mar 29 2023, 9:18 AM · Bug Report, dirmngr, gnupg

Mar 21 2023

werner claimed T3054: dirmngr only using cAcertificate attr type when querying LDAP directory.

We need to extend dirmngr_ldap.c to take a list of attributes to return. We already have the --multi option which returns all attributes for latter filtering by the caller but the specified attr is also used and thus dirmngr's start_cacert_fetch_ldap() retruns only the requested caCertificate.

Mar 21 2023, 4:52 PM · Active Directory, dirmngr

Mar 17 2023

werner triaged T6416: Remove LDAP code duplication in dirmngr as Normal priority.
Mar 17 2023, 2:36 PM · Feature Request, LDAP, dirmngr, gnupg24
chrisnelmes added a comment to T3610: dirmngr: Since 2.1 windows firewall asks about dirmngr access.

Hello All,

Mar 17 2023, 2:27 PM · gpg4win, dirmngr

Feb 27 2023

werner closed T3806: error accessing ldaps key server (TLS vs. STARTTLS) as Resolved.

The code has meanwhile been reworked and the mentioned test server is not anymore available

Feb 27 2023, 5:30 PM · Too Old, LDAP, dirmngr, Bug Report

Jan 19 2023

werner removed a project from T4443: IPv6 address with scope not accepted as keyserver: gnupg (gpg23).
Jan 19 2023, 4:51 PM · gnupg24, dirmngr, dns, Bug Report
werner removed a project from T6014: Failed to search on certificate server. The error returned was: Syntax error in URI.: gnupg (gpg23).
Jan 19 2023, 4:46 PM · gnupg24, dirmngr, Bug Report
werner closed T6067: dirmngr 2.2 does not ask keyservers for fingerprints, a subtask of T5741: dirmngr does not ask keyservers for fingerprints, as Resolved.
Jan 19 2023, 4:41 PM · Restricted Project, dirmngr
werner closed T6067: dirmngr 2.2 does not ask keyservers for fingerprints as Resolved.
Jan 19 2023, 4:41 PM · gnupg (gpg22), Restricted Project, dirmngr

Dec 5 2022

ikloecker added a project to T3933: Kleopatra: Set allow-ocsp in dirmngr if OCSP is enabled through config dialog: kleopatra.
Dec 5 2022, 8:28 AM · kleopatra, dirmngr, S/MIME

Nov 17 2022

werner closed T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified as Resolved.
Nov 17 2022, 9:33 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Oct 11 2022

gniibe changed the status of T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified from Open to Testing.
Oct 11 2022, 8:16 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Sep 29 2022

gniibe added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

Applied and pushed the change from @joeyberkovitz in rG3257385378bb: dirmngr: Interrogate LDAP server when base DN specified..

Sep 29 2022, 3:10 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Sep 26 2022

werner added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

BTW, I have also in mind to use an AD entry to figure out the used keyserver. It turned out that people don't like to modify the schema of their AD but instead use a separate LDS.

Sep 26 2022, 9:41 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request
gniibe added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

To proceed, I pushed an initial part as rG993820c31521: dirmngr: Factor out interrogate_ldap_dn function., which doesn't change any behavior.
Then, the point of the change will be clearer.

Sep 26 2022, 9:03 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Sep 22 2022

werner removed a project from T6067: dirmngr 2.2 does not ask keyservers for fingerprints: Restricted Project.
Sep 22 2022, 10:54 AM · gnupg (gpg22), Restricted Project, dirmngr

Sep 19 2022

werner closed T2300: Second crlDP is not used if first is unavailable as Resolved.
Sep 19 2022, 8:25 PM · g10code, Feature Request, dirmngr