Page MenuHome GnuPG

dirmngrTag
ActivePublic

Members

  • This project does not have any members.
  • View All

Watchers

  • This project does not have any watchers.
  • View All

Details

Description

Bugs related to gnupg's dirmngr component.

Recent Activity

Tue, Nov 28

ntninja created T6850: dirmngr fails `gpg --recv-key` in very non-obious way if local TOR node in SafeSocks mode is running.
Tue, Nov 28, 5:51 PM · dirmngr, Bug Report

Sep 26 2023

werner closed T2829: dirmngr: Timeouts are too long as Resolved.

Lot's of things changed in the meantime.

Sep 26 2023, 2:28 PM · gnupg, Bug Report, dirmngr
werner closed T4467: dirmngr keyserver option (and legacy gpg --keyserver) should assume `hkps://` or `hkp://` if no scheme is present as Wontfix.

HKP keyservers are anyway out of fashion and thus we won't put anymore effort into his part of the code.

Sep 26 2023, 2:27 PM · dirmngr
werner closed T2849: dirmngr fails to terminate on SIGTERM if an existing connection is open as Wontfix.
Sep 26 2023, 2:24 PM · Too Old, gnupg, Bug Report, dirmngr
werner closed T2740: dirmngr fails (and gets stuck failing) when network changes as Wontfix.

Lot's of changes since 2.4.

Sep 26 2023, 2:23 PM · Too Old, gnupg, Bug Report, dirmngr

Jul 4 2023

werner moved T6477: WKD redirects and dirmngr redirect rewriting from QA to gnupg-2.4.3 on the gnupg24 board.
Jul 4 2023, 2:39 PM · gnupg24 (gnupg-2.4.3), wkd, dirmngr

Jun 22 2023

werner added a comment to T2039: CRL issuingDistributionPoint support.

See for T6545 for a new request to support IDP.

Jun 22 2023, 11:46 AM · gnupg, Feature Request, dirmngr

Jun 15 2023

werner moved T6477: WKD redirects and dirmngr redirect rewriting from WiP to QA on the gnupg24 board.
Jun 15 2023, 3:12 PM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
werner added a comment to T6477: WKD redirects and dirmngr redirect rewriting.

I have now disabled the rewriting in the 2.4 branch. Those who want to keep the old behaviour may add

Jun 15 2023, 3:09 PM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
werner set the icon for dirmngr to Tag.
Jun 15 2023, 2:08 PM
werner edited Description on dirmngr.
Jun 15 2023, 2:07 PM
werner moved T6477: WKD redirects and dirmngr redirect rewriting from Backlog to WiP on the gnupg24 board.
Jun 15 2023, 2:03 PM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
werner claimed T6477: WKD redirects and dirmngr redirect rewriting.
Jun 15 2023, 2:03 PM · gnupg24 (gnupg-2.4.3), wkd, dirmngr

May 3 2023

werner added a comment to T6477: WKD redirects and dirmngr redirect rewriting.

I will review the issue. A likely outcome will be to follow your suggestion but to add an option for the old behaviour to avoid further security discussions.

May 3 2023, 8:29 AM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
werner triaged T6477: WKD redirects and dirmngr redirect rewriting as High priority.
May 3 2023, 8:27 AM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
Angel updated the task description for T6477: WKD redirects and dirmngr redirect rewriting.
May 3 2023, 4:53 AM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
Angel created T6477: WKD redirects and dirmngr redirect rewriting.
May 3 2023, 4:50 AM · gnupg24 (gnupg-2.4.3), wkd, dirmngr

Apr 21 2023

werner triaged T6458: Support looking up userSMIMECertificate in LDAP as Normal priority.
Apr 21 2023, 11:13 AM · LDAP, dirmngr, Feature Request
werner added a parent task for T6458: Support looking up userSMIMECertificate in LDAP: T6416: Remove LDAP code duplication in dirmngr.
Apr 21 2023, 11:13 AM · LDAP, dirmngr, Feature Request
werner added a subtask for T6416: Remove LDAP code duplication in dirmngr: T6458: Support looking up userSMIMECertificate in LDAP.
Apr 21 2023, 11:13 AM · Feature Request, LDAP, dirmngr, gnupg24

Apr 19 2023

pert created T6458: Support looking up userSMIMECertificate in LDAP.
Apr 19 2023, 3:43 AM · LDAP, dirmngr, Feature Request

Apr 16 2023

werner triaged T6449: Support fetching S/MIME certificates over DNS via SMIMEA record as Wishlist priority.
Apr 16 2023, 8:34 PM · Feature Request, dirmngr

Apr 14 2023

pert created T6449: Support fetching S/MIME certificates over DNS via SMIMEA record.
Apr 14 2023, 12:50 PM · Feature Request, dirmngr

Apr 5 2023

ebo moved T6067: dirmngr 2.2 does not ask keyservers for fingerprints from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 5 2023, 2:52 PM · gnupg (gpg22), Restricted Project, dirmngr
ebo moved T4729: WKD via http_proxy does not work if DNS is broken/unavailable from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 5 2023, 1:53 PM · gnupg (gpg22), Restricted Project, dns, dirmngr

Apr 3 2023

werner placed T3054: dirmngr only using cAcertificate attr type when querying LDAP directory up for grabs.
Apr 3 2023, 2:29 PM · Active Directory, dirmngr
werner closed T3054: dirmngr only using cAcertificate attr type when querying LDAP directory as Resolved.

After diligently reading the code I realized that this bug has long been fixed. For reference here is the patch I wrote to extend dirmngr_ldap during my tests:

Apr 3 2023, 2:28 PM · Active Directory, dirmngr

Mar 29 2023

werner closed T1971: LDAP: --refresh-keys is not implemented as Resolved.

This has been solved loooong ago.

Mar 29 2023, 9:18 AM · Bug Report, dirmngr, gnupg

Mar 21 2023

werner claimed T3054: dirmngr only using cAcertificate attr type when querying LDAP directory.

We need to extend dirmngr_ldap.c to take a list of attributes to return. We already have the --multi option which returns all attributes for latter filtering by the caller but the specified attr is also used and thus dirmngr's start_cacert_fetch_ldap() retruns only the requested caCertificate.

Mar 21 2023, 4:52 PM · Active Directory, dirmngr

Mar 17 2023

werner triaged T6416: Remove LDAP code duplication in dirmngr as Normal priority.
Mar 17 2023, 2:36 PM · Feature Request, LDAP, dirmngr, gnupg24
chrisnelmes added a comment to T3610: dirmngr: Since 2.1 windows firewall asks about dirmngr access.

Hello All,

Mar 17 2023, 2:27 PM · gpg4win, dirmngr

Feb 27 2023

werner closed T3806: error accessing ldaps key server (TLS vs. STARTTLS) as Resolved.

The code has meanwhile been reworked and the mentioned test server is not anymore available

Feb 27 2023, 5:30 PM · Too Old, LDAP, dirmngr, Bug Report

Jan 19 2023

werner removed a project from T4443: IPv6 address with scope not accepted as keyserver: gnupg (gpg23).
Jan 19 2023, 4:51 PM · gnupg24, dirmngr, dns, Bug Report
werner removed a project from T6014: Failed to search on certificate server. The error returned was: Syntax error in URI.: gnupg (gpg23).
Jan 19 2023, 4:46 PM · gnupg24, dirmngr, Bug Report
werner closed T6067: dirmngr 2.2 does not ask keyservers for fingerprints, a subtask of T5741: dirmngr does not ask keyservers for fingerprints, as Resolved.
Jan 19 2023, 4:41 PM · Restricted Project, dirmngr
werner closed T6067: dirmngr 2.2 does not ask keyservers for fingerprints as Resolved.
Jan 19 2023, 4:41 PM · gnupg (gpg22), Restricted Project, dirmngr

Dec 5 2022

ikloecker added a project to T3933: Kleopatra: Set allow-ocsp in dirmngr if OCSP is enabled through config dialog: kleopatra.
Dec 5 2022, 8:28 AM · kleopatra, dirmngr, S/MIME

Nov 17 2022

werner closed T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified as Resolved.
Nov 17 2022, 9:33 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Oct 11 2022

gniibe changed the status of T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified from Open to Testing.
Oct 11 2022, 8:16 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Sep 29 2022

gniibe added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

Applied and pushed the change from @joeyberkovitz in rG3257385378bb: dirmngr: Interrogate LDAP server when base DN specified..

Sep 29 2022, 3:10 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Sep 26 2022

werner added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

BTW, I have also in mind to use an AD entry to figure out the used keyserver. It turned out that people don't like to modify the schema of their AD but instead use a separate LDS.

Sep 26 2022, 9:41 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request
gniibe added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

To proceed, I pushed an initial part as rG993820c31521: dirmngr: Factor out interrogate_ldap_dn function., which doesn't change any behavior.
Then, the point of the change will be clearer.

Sep 26 2022, 9:03 AM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Sep 22 2022

werner removed a project from T6067: dirmngr 2.2 does not ask keyservers for fingerprints: Restricted Project.
Sep 22 2022, 10:54 AM · gnupg (gpg22), Restricted Project, dirmngr

Sep 19 2022

werner closed T2300: Second crlDP is not used if first is unavailable as Resolved.
Sep 19 2022, 8:25 PM · g10code, Feature Request, dirmngr
werner added a comment to T2300: Second crlDP is not used if first is unavailable.

What is a partial CRL; I have never seen that and IIRC the specification for that was not complete.

Sep 19 2022, 8:22 PM · g10code, Feature Request, dirmngr
aheinecke added a comment to T2300: Second crlDP is not used if first is unavailable.

For what it is worth, I think that my patch is more standard compliant then yours because it checks if there is a partial CRL.

Sep 19 2022, 4:43 PM · g10code, Feature Request, dirmngr
aheinecke reassigned T2300: Second crlDP is not used if first is unavailable from aheinecke to werner.

I think 289fbc550d18a7f9b26c794a2409ba820811f6b3 implemented this wish from 2016 :) @werner please read the full report and then close it as fixed if you agree. I find it a bit funny that we both came independently to the same conclusion, that it should be handled differently even if the standard says otherwise. Because the behavior from the standard does not make sense and is in contradiction to other parts where it says that each CRL must contain all revocations.

Sep 19 2022, 4:35 PM · g10code, Feature Request, dirmngr
joeyberkovitz added a comment to T6047: Dirmngr - LDAP Schema V2 not used when Base DN is specified.

just checking in about getting this patch reviewed

Sep 19 2022, 3:41 PM · LDAP, dirmngr, gnupg (gpg23), Feature Request

Sep 16 2022

werner closed T1141: dirmngr does not try all CRL DPs if first fetchable CRL is too old as Resolved.

That particular bug seems to have been solved a long time ago. I stumbled upon up while fixing a DP bug today.

Sep 16 2022, 4:43 PM · gnupg, Bug Report, dirmngr

Sep 14 2022

ebeiersdorfer added a comment to T6014: Failed to search on certificate server. The error returned was: Syntax error in URI..

Awesome, thanks all! From an end user perspective that would be a perfectly acceptable outcome, the warning just serves to confuse people. Appreciate the help!

Sep 14 2022, 9:28 PM · gnupg24, dirmngr, Bug Report