[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
port 80 keyserver access, again (was Re: [Sks-devel] SKS and Apache2 :-)
|
From: |
Jason Harris |
|
Subject: |
port 80 keyserver access, again (was Re: [Sks-devel] SKS and Apache2 :-)) |
|
Date: |
Tue, 11 May 2004 16:18:00 -0400 |
|
User-agent: |
Mutt/1.4.2.1i |
On Tue, May 11, 2004 at 01:21:48PM -0600, Chris Kuethe wrote:
> On Tue, 11 May 2004, Jan Kesten wrote:
> > I tried out Apache2 and it reverse proxy feature and found something
> > interesting to make sks webqueries work with a restrictive firewall
> > blocking access to port 11371:
> I just use absolute paths, without the server name:
> <form action="/pks/lookup" method="get">
> That way the browser can figure it out... i'm still running apache 1,
> with this in my httpd.conf:
>
> <VirtualHost 129.128.11.77>
> Options Indexes
> ProxyPass / http://127.0.0.1:11371/
> ServerName pgp.cns.ualberta.ca
> </VirtualHost>
This can also be done with (a slightly modified version of) the PHP page
floating around, but it does require a change to GPG to fully work. Add:
sprintf( request, "Content-type: application/x-www-form-urlencoded\r\n");
iobuf_writestr( hd.fp_write, request );
just before:
sprintf( request, "Content-Length: %u\r\n",
(unsigned)iobuf_get_temp_length(temp) + 9 );
iobuf_writestr( hd.fp_write, request );
m_free( request );
in hkp.c, then use:
./gpg --keyserver hkp://keyserver.kjsl.com:80 -v --send <key>
to send me a key. --recv works _without_ modifying GPG, since
the PHP doesn't need to access "keytext" from the form/request.
On the Apache side, the trick is to add:
SetHandler application/x-httpd-php
to your .htaccess in /pks.
--
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
address@hidden _|_ web: http://keyserver.kjsl.com/~jharris/
Got photons? (TM), (C) 2004
pgpLl2PIND2zI.pgp
Description: PGP signature