Re: stupid question on LDAP support

From: Murray S. Kucherawy <msk_at_blackops.org>
Date: Thu, 18 Feb 2010 21:47:49 -0800 (PST)

On Thu, 18 Feb 2010, Mike Markley wrote:
> So the query bits seem to work for now; I've defined a schema for
> domain, selector, and private key, and I can get all to return in
> querytest mode using $d in the query.
>
> Non-obvious (to me) questions:
> - Should this be working as a substitute for files in KeyList already?

Yes, it should. There's a unit test in the opendkim/tests directory that
tries to sign using KeyTable and SigningTable that tries it at least for
flat files and it seems to work.

> - When dkimf_db_get() returns a private key, what format are you
> expecting that in? It looks like (at least in querytest mode) it
> doesn't react well to getting back binary data right now (DER), so are
> you expecting PEM? Could just be a display bug, too, I guess.

It expects either a PEM-formatted key or a path to a file that contains
one. I actually hadn't thought of supporting DER or other formats. Can
you adapt to PEM easily enough or is that something we should accomodate?
Received on Fri Feb 19 2010 - 05:48:08 PST