FYI. Suggested a patch upstream [1] which should make this happen.
[1] http://lists.gnutls.org/pipermail/gnutls-devel/2014-March/006803.html On Sun, Mar 2, 2014 at 8:25 AM, Ramkumar Chinchani < [email protected]> wrote: > Hi Benny, > > Thanks for the code review. > > The problem is that in the following code snippet in the function > gnutls_openpgp_keyring_import() > > 174 do > 175 { > 176 err = > 177 cdk_stream_read (input, raw_data + written, raw_len - > written); > 178 > 179 if (err > 0) > 180 written += err; > 181 } > 182 while (written < raw_len && err != EOF && err > 0); > > > "err" comes with EOF in the very first iteration because of the incorrect > armor (base64 vs raw) > And this failure appears to be silent so there is no way of detecting the > failure in the caller and try a different armor. > > > > > On Thu, Feb 27, 2014 at 8:11 AM, Benny Baumann <[email protected]> wrote: > >> Hi, >> >> Am 27.02.2014 08:35, schrieb Ramkumar Chinchani: >> > Is there a way to export the entire keyring? in base64 format? >> gnupg exports all matching keys when given the --export option. Haven't >> checked though yet how to export the full keyring at once. >> > >> > If not, then I am likely pointing GnuTLSPGPKeyringFile to >> > ${HOME}/.gnupg/pubring.gpg which should be in RAW format? >> > >> > >> > diff --git a/src/gnutls_config.c b/src/gnutls_config.c >> > index 3300854..6b672f5 100644 >> > --- a/src/gnutls_config.c >> > +++ b/src/gnutls_config.c >> > @@ -509,7 +509,7 @@ const char *mgs_set_keyring_file(cmd_parms * >> > parms, void *dummy, >> > } >> > >> > rv = gnutls_openpgp_keyring_import(sc->pgp_list, &data, >> > - GNUTLS_OPENPGP_FMT_BASE64); >> > + GNUTLS_OPENPGP_FMT_RAW); >> > if (rv < 0) { >> > return apr_psprintf(parms->pool, "GnuTLS: Failed to load " >> > "Keyring File '%s': (%d) %s", file, rv, >> > >> > >> I'd prefer if the old behaviour stays and it additionally allows for >> binary keyrings to be loaded. That way you won't offend existing users >> of this feature. >> >> Regards, >> BenBE. >> >> >
_______________________________________________ mod_gnutls-devel mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/mod_gnutls-devel
