Summary: | GnuPG 1.4.0 not refreshing keys via hkp:// over IPv6 network connection | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | M. McAdoo <mcadoo> |
Component: | Current packages | Assignee: | Crypto team [DISABLED] <crypto+disabled> |
Status: | RESOLVED UPSTREAM | ||
Severity: | major | CC: | ipv6 |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
Refresh key command line with "--debug-all" and "--keyserver-options verbose" enabled
Refresh key command line with "--debug-all" and "--keyserver-options verbose" enabled Ethereal capture of GnuPG transmission |
Description
M. McAdoo
2005-01-21 19:38:17 UTC
Created attachment 49198 [details]
Refresh key command line with "--debug-all" and "--keyserver-options verbose" enabled
Created attachment 49199 [details]
Refresh key command line with "--debug-all" and "--keyserver-options verbose" enabled
I could not replicate the problem. Can you attach the output of the following command for a comparison? strace -fe trace=network gpg --keyserver pgp.mit.edu --keyserver-options verbose --keyserver-options verbose --keyserver-options verbose --keyserver-options verbose --refresh-key A6DC7152E0F65B76 Also if this doesn't show anything try trace=file or trace=process. I've added gnupg-1.4.0-r2 which really doesn't change anything but can you please check using it. strace -fe trace=network gpg --keyserver pgp.mit.edu --keyserver-options verbose --keyserver-options verbose --keyserver-options verbose --keyserver-options verbose --refresh-key A6DC7152E0F65B76 gpg: refreshing 1 key from pgp.mit.edu Process 22013 attached gpg: requesting key E0F65B76 from hkp server pgp.mit.edu Host: pgp.mit.edu Command: GET gpgkeys: HTTP URL is `hkp://pgp.mit.edu/pks/lookup?op=get&options=mr&search=0xE0F65B76' [pid 22013] socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = 6 [pid 22013] connect(6, {sa_family=AF_INET6, sin6_port=htons(53), inet_pton(AF_INET6, "2001:5c0:8523:1::1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = 0 [pid 22013] send(6, "\303*\1\0\0\1\0\0\0\0\0\0\4_hkp\4_tcp\3pgp\3mit\3e"..., 39, 0) = 39 [pid 22013] recvfrom(6, "\303*\201\203\0\1\0\0\0\1\0\0\4_hkp\4_tcp\3pgp\3mit\3e"..., 512, 0, {sa_family=AF_INET6, sin6_port=htons(53), inet_pton(AF_INET6, "2001:5c0:8523:1::1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 111 [pid 22013] socket(PF_FILE, SOCK_STREAM, 0) = 6 [pid 22013] connect(6, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) [pid 22013] socket(PF_FILE, SOCK_STREAM, 0) = 6 [pid 22013] connect(6, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) [pid 22013] socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = 6 [pid 22013] connect(6, {sa_family=AF_INET6, sin6_port=htons(53), inet_pton(AF_INET6, "2001:5c0:8523:1::1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = 0 [pid 22013] send(6, "8\0\1\0\0\1\0\0\0\0\0\0\3pgp\3mit\3edu\0\0\34\0\1", 29, 0) = 29 [pid 22013] recvfrom(6, "8\0\201\200\0\1\0\2\0\0\0\0\3pgp\3mit\3edu\0\0\34\0\1\300"..., 1024, 0, {sa_family=AF_INET6, sin6_port=htons(53), inet_pton(AF_INET6, "2001:5c0:8523:1::1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 106 [pid 22013] socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = 6 [pid 22013] connect(6, {sa_family=AF_INET6, sin6_port=htons(53), inet_pton(AF_INET6, "2001:5c0:8523:1::1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = 0 [pid 22013] send(6, "\250&\1\0\0\1\0\0\0\0\0\0\3pgp\3mit\3edu\0\0\1\0\1", 29, 0) = 29 [pid 22013] recvfrom(6, "\250&\201\200\0\1\0\2\0\0\0\0\3pgp\3mit\3edu\0\0\1\0\1"..., 1024, 0, {sa_family=AF_INET6, sin6_port=htons(53), inet_pton(AF_INET6, "2001:5c0:8523:1::1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 94 [pid 22013] socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = 6 [pid 22013] connect(6, {sa_family=AF_INET6, sin6_port=htons(11371), inet_pton(AF_INET6, "3ffe:abcd:1234:9876::1207:e8b", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = 0 [pid 22013] getsockname(6, {sa_family=AF_INET6, sin6_port=htons(32930), inet_pton(AF_INET6, "2001:5c0:8523:1:20c:f1ff:feca:f32", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 0 [pid 22013] socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 6 [pid 22013] connect(6, {sa_family=AF_INET, sin_port=htons(11371), sin_addr=inet_addr("18.7.14.139")}, 16) = -1 ENETUNREACH (Network is unreachable) [pid 22013] socket(PF_INET6, SOCK_STREAM, IPPROTO_TCP) = 6 [pid 22013] connect(6, {sa_family=AF_INET6, sin6_port=htons(11371), inet_pton(AF_INET6, "3ffe:abcd:1234:9876::1207:e8b", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = 0 [pid 22013] shutdown(6, 1 /* send */) = 0 gpgkeys: HKP fetch error: eof Process 22013 detached --- SIGCHLD (Child exited) @ 0 (0) --- gpg: no valid OpenPGP data found. gpg: Total number processed: 0 strace -fe trace=process gpg --keyserver pgp.mit.edu --keyserver-options verbose --keyserver-options verbose --keyserver-options verbose --keyserver-options verbose --refresh-key A6DC7152E0F65B76 execve("/usr/bin/gpg", ["gpg", "--keyserver", "pgp.mit.edu", "--keyserver-options", "verbose", "--keyserver-options", "verbose", "--keyserver-options", "verbose", "--keyserver-options", "verbose", "--refresh-key", "A6DC7152E0F65B76"], [/* 55 vars */]) = 0 gpg: refreshing 1 key from pgp.mit.edu clone(Process 22019 attached child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb7e7f708) = 22019 gpg: requesting key E0F65B76 from hkp server pgp.mit.edu [pid 22019] execve("/usr/libexec/gnupg/gpgkeys_hkp", ["gpgkeys_hkp"], [/* 55 vars */]) = 0 Host: pgp.mit.edu Command: GET gpgkeys: HTTP URL is `hkp://pgp.mit.edu/pks/lookup?op=get&options=mr&search=0xE0F65B76' gpgkeys: HKP fetch error: eof [pid 22019] exit_group(0) = ? Process 22019 detached --- SIGCHLD (Child exited) @ 0 (0) --- gpg: no valid OpenPGP data found. gpg: Total number processed: 0 waitpid(22019, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0) = 22019 exit_group(2) = ? strace -fe trace=file gpg --keyserver pgp.mit.edu --keyserver-options verbose --keyserver-options verbose --keyserver-options verbose --keyserver-options verbose --refresh-key A6DC7152E0F65B76 execve("/usr/bin/gpg", ["gpg", "--keyserver", "pgp.mit.edu", "--keyserver-options", "verbose", "--keyserver-options", "verbose", "--keyserver-options", "verbose", "--keyserver-options", "verbose", "--refresh-key", "A6DC7152E0F65B76"], [/* 53 vars */]) = 0 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=145975, ...}) = 0 open("/usr/lib/libbz2.so.1.0", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0755, st_size=103952, ...}) = 0 open("/lib/libdl.so.2", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0755, st_size=10712, ...}) = 0 open("/lib/tls/libc.so.6", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0755, st_size=1284912, ...}) = 0 open("/dev/urandom", O_RDONLY) = 3 open("/usr/lib/gconv/gconv-modules.cache", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=21544, ...}) = 0 access("/home/mcadoo/.gnupg/gpg.conf-1.4.0", R_OK) = -1 ENOENT (No such file or directory) access("/home/mcadoo/.gnupg/gpg.conf-1.4", R_OK) = -1 ENOENT (No such file or directory) access("/home/mcadoo/.gnupg/gpg.conf-1", R_OK) = -1 ENOENT (No such file or directory) access("/home/mcadoo/.gnupg/gpg.conf", R_OK) = 0 access("/home/mcadoo/.gnupg/options", R_OK) = -1 ENOENT (No such file or directory) stat64("~/.gnupg", 0xbfffe3a0) = -1 ENOENT (No such file or directory) stat64("/home/mcadoo/.gnupg/gpg.conf", {st_mode=S_IFREG|0600, st_size=8078, ...}) = 0 stat64("/home/mcadoo/.gnupg", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 open("/home/mcadoo/.gnupg/gpg.conf", O_RDONLY|O_LARGEFILE) = 3 fstat64(3, {st_mode=S_IFREG|0600, st_size=8078, ...}) = 0 access("/home/mcadoo/.gnupg/random_seed", F_OK) = 0 open("/home/mcadoo/.gnupg/secring.gpg", O_RDONLY|O_LARGEFILE) = 3 fstat64(3, {st_mode=S_IFREG|0600, st_size=1838, ...}) = 0 access("/home/mcadoo/.gnupg/secring.gpg", F_OK) = 0 open("/home/mcadoo/.gnupg/pubring.gpg", O_RDONLY|O_LARGEFILE) = 3 fstat64(3, {st_mode=S_IFREG|0600, st_size=500566, ...}) = 0 access("/home/mcadoo/.gnupg/pubring.gpg", F_OK) = 0 open("/home/mcadoo/.gnupg/pubring.gpg", O_RDONLY|O_LARGEFILE) = 3 open("/home/mcadoo/.gnupg/pubring.gpg", O_RDONLY|O_LARGEFILE) = 4 gpg: refreshing 1 key from pgp.mit.edu Process 22033 attached [pid 22032] fstat64(6, {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0 gpg: requesting key E0F65B76 from hkp server pgp.mit.edu [pid 22033] execve("/usr/libexec/gnupg/gpgkeys_hkp", ["gpgkeys_hkp"], [/* 53 vars */]) = 0 [pid 22033] access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) [pid 22033] open("/etc/ld.so.cache", O_RDONLY) = 6 [pid 22033] fstat64(6, {st_mode=S_IFREG|0644, st_size=145975, ...}) = 0 [pid 22033] open("/lib/libresolv.so.2", O_RDONLY) = 6 [pid 22033] fstat64(6, {st_mode=S_IFREG|0755, st_size=73156, ...}) = 0 [pid 22033] open("/lib/tls/libc.so.6", O_RDONLY) = 6 [pid 22033] fstat64(6, {st_mode=S_IFREG|0755, st_size=1284912, ...}) = 0 [pid 22033] open("/dev/urandom", O_RDONLY) = 6 [pid 22033] fstat64(0, {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0 [pid 22033] fstat64(1, {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0 Host: pgp.mit.edu Command: GET gpgkeys: HTTP URL is `hkp://pgp.mit.edu/pks/lookup?op=get&options=mr&search=0xE0F65B76' [pid 22033] open("/etc/resolv.conf", O_RDONLY) = 6 [pid 22033] fstat64(6, {st_mode=S_IFREG|0644, st_size=132, ...}) = 0 [pid 22033] open("/etc/nsswitch.conf", O_RDONLY) = 6 [pid 22033] fstat64(6, {st_mode=S_IFREG|0644, st_size=497, ...}) = 0 [pid 22033] open("/etc/ld.so.cache", O_RDONLY) = 6 [pid 22033] fstat64(6, {st_mode=S_IFREG|0644, st_size=145975, ...}) = 0 [pid 22033] open("/lib/libnss_files.so.2", O_RDONLY) = 6 [pid 22033] fstat64(6, {st_mode=S_IFREG|0755, st_size=39636, ...}) = 0 [pid 22033] open("/etc/hosts", O_RDONLY) = 6 [pid 22033] fstat64(6, {st_mode=S_IFREG|0644, st_size=33333, ...}) = 0 [pid 22033] open("/etc/hosts", O_RDONLY) = 6 [pid 22033] fstat64(6, {st_mode=S_IFREG|0644, st_size=33333, ...}) = 0 [pid 22033] open("/etc/ld.so.cache", O_RDONLY) = 6 [pid 22033] fstat64(6, {st_mode=S_IFREG|0644, st_size=145975, ...}) = 0 [pid 22033] open("/lib/libnss_dns.so.2", O_RDONLY) = 6 [pid 22033] fstat64(6, {st_mode=S_IFREG|0755, st_size=18424, ...}) = 0 gpgkeys: HKP fetch error: eof Process 22033 detached gpg: no valid OpenPGP data found. --- SIGCHLD (Child exited) @ 0 (0) --- gpg: Total number processed: 0 Lets compare this. Mine: strace -fe trace=network gpg --keyserver pgp.mit.edu --keyserver-options verbose --keyserver-options verbose --keyserver-options verbose --keyserver-options verbose --refresh-key A6DC7152E0F65B76 gpg: WARNING: using insecure memory! gpg: please see http://www.gnupg.org/faq.html for more information gpg: refreshing 1 key from pgp.mit.edu Process 26982 attached gpg: requesting key E0F65B76 from hkp server pgp.mit.edu Host: pgp.mit.edu Command: GET gpgkeys: HTTP URL is `hkp://pgp.mit.edu/pks/lookup?op=get&options=mr&search=0xE0F65B76' [pid 26982] socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 6 [pid 26982] connect(6, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("10.10.10.254")}, 28) = 0 [pid 26982] send(6, "\233\24\1\0\0\1\0\0\0\0\0\0\4_hkp\4_tcp\3pgp\3mit\3e"..., 39, 0) = 39 [pid 26982] recvfrom(6, "\233\24\201\203\0\1\0\0\0\1\0\0\4_hkp\4_tcp\3pgp\3mit\3"..., 512, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("10.10.10.254")}, [16]) = 97 [pid 26982] socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 6 [pid 26982] connect(6, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("10.10.10.254")}, 28) = 0 [pid 26982] send(6, "\233\25\1\0\0\1\0\0\0\0\0\0\3pgp\3mit\3edu\0\0\34\0\1", 29, 0) = 29 [pid 26982] recvfrom(6, "\233\25\201\200\0\1\0\1\0\1\0\0\3pgp\3mit\3edu\0\0\34\0"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("10.10.10.254")}, [16]) = 115 [pid 26982] socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 6 [pid 26982] connect(6, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("10.10.10.254")}, 28) = 0 [pid 26982] send(6, "\233\26\1\0\0\1\0\0\0\0\0\0\3pgp\3mit\3edu\0\0\1\0\1", 29, 0) = 29 [pid 26982] recvfrom(6, "\233\26\201\200\0\1\0\2\0\3\0\3\3pgp\3mit\3edu\0\0\1\0"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("10.10.10.254")}, [16]) = 182 ^^ DNS Lookups [pid 26982] socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 6 [pid 26982] connect(6, {sa_family=AF_INET, sin_port=htons(11371), sin_addr=inet_addr("18.7.14.139")}, 16) = 0 [pid 26982] shutdown(6, 1 /* send */) = 0 Process 26982 detached --- SIGCHLD (Child exited) @ 0 (0) --- gpg: key E0F65B76: duplicated user ID detected - merged gpg: key E0F65B76: "Grant Goodyear <g2boojum@hotmail.com>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 M. McAdoo's ignoring DNS stuff [pid 22013] connect(6, {sa_family=AF_INET, sin_port=htons(11371), sin_addr=inet_addr("18.7.14.139")}, 16) = -1 ENETUNREACH (Network is unreachable) Seems to try IPv4 first [pid 22013] socket(PF_INET6, SOCK_STREAM, IPPROTO_TCP) = 6 [pid 22013] connect(6, {sa_family=AF_INET6, sin6_port=htons(11371), inet_pton(AF_INET6, "3ffe:abcd:1234:9876::1207:e8b", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = 0 IPv6 seems to connect ok. note last 32 bits of the address 0x12 = 18 0x07 = 7 0x0E = 14 0x8B = 139 [pid 22013] shutdown(6, 1 /* send */) = 0 gpgkeys: HKP fetch error: eof Process 22013 detached --- SIGCHLD (Child exited) @ 0 (0) --- gpg: no valid OpenPGP data found. gpg: Total number processed: 0 Taking a full trace after the DNS lookups yeilds: strace -f gpg --keyserver pgp.mit.edu --keyserver-options verbose --keyserver-options verbose --keyserver-options verbose --keyserver-options verbose --refresh-key A6DC7152E0F65B76 [pid 27073] connect(6, {sa_family=AF_INET, sin_port=htons(11371), sin_addr=inet_addr("18.7.14.139")}, 16) = 0 [pid 27073] write(6, "GET /pks/lookup?op=get&options=m"..., 87) = 87 [pid 27073] write(6, "\r\n", 2) = 2 [pid 27073] shutdown(6, 1 /* send */) = 0 [pid 27073] read(6, "HTTP/1.0 200 OK\r\nServer: pks_www"..., 8192) = 1400 [pid 27073] read(6, "OOGwES6CB6M7GpZuGTj8uvtIqkItxU0h"..., 8192) = 1400 [pid 27073] read(6, "ECF4AACgkQ\nptxxUuD2W3aHkACfX7SZZ"..., 8192) = 1400 [pid 27073] write(1, "VERSION 1\nPROGRAM 1.4.0\n\nKEY 0xD"..., 4096 <unfinished ...> [pid 27072] <... read resumed> "VERSION 1\nPROGRAM 1.4.0\n\nKEY 0xD"..., 8192) = 4096 [pid 27073] <... write resumed> ) = 4096 [pid 27072] read(7, <unfinished ...> [pid 27073] read(6, "b1/IoSiq1YeZBvnTQIhGBBERAgAGBQJA"..., 8192) = 1400 [pid 27073] read(6, "KCRDg\nF4e3wx3t2OBOAJ9KsTB6i3WUFT"..., 8192) = 1400 [pid 27073] read(6, "CK-----\n", 8192) = 8 [pid 27073] write(1, "9vanVtQGhvdG1h\naWwuY29tPohGBBARA"..., 2963 <unfinished ...> [pid 27072] <... read resumed> "9vanVtQGhvdG1h\naWwuY29tPohGBBARA"..., 8192) = 2963 [pid 27073] <... write resumed> ) = 2963 [pid 27072] time( <unfinished ...> [pid 27073] munmap(0x40016000, 4096 <unfinished ...> [pid 27072] <... time resumed> NULL) = 1106517649 [pid 27073] <... munmap resumed> ) = 0 [pid 27072] time( <unfinished ...> [pid 27073] exit_group(0) = ? Process 27073 detached Because of the gpgkeys: HKP fetch error: eof you got I'd assume something is missing in the reads/writes. Can you please try: strace -f gpg --keyserver pgp.mit.edu --keyserver-options verbose --keyserver-options verbose --keyserver-options verbose --keyserver-options verbose --refresh-key A6DC7152E0F65B76 And paste the output after the DNS lookups. Please leave out all the time lookups info trailing the process detachment. Sorry I don't have a IPv6 network to test on. CCing ipv6 herd to see if anyone there can help (please) [pid 28215] connect(6, {sa_family=AF_INET, sin_port=htons(11371), sin_addr=inet_addr("18.7.14.139")}, 16) = -1 ENETUNREACH (Network is unreachable) [pid 28215] close(6) = 0 [pid 28215] socket(PF_INET6, SOCK_STREAM, IPPROTO_TCP) = 6 [pid 28215] connect(6, {sa_family=AF_INET6, sin6_port=htons(11371), inet_pton(AF_INET6, "3ffe:abcd:1234:9876::1207:e8b", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = 0 [pid 28215] write(6, "GET /pks/lookup?op=get&options=m"..., 87) = 87 [pid 28215] write(6, "\r\n", 2) = 2 [pid 28215] shutdown(6, 1 /* send */) = 0 [pid 28215] read(6, "", 8192) = 0 [pid 28215] close(6) = 0 [pid 28215] write(2, "gpgkeys: HKP fetch error: eof\n", 30gpgkeys: HKP fetch error: eof ) = 30 [pid 28215] write(1, "VERSION 1\nPROGRAM 1.4.0\n\nKEY 0xD"..., 134 <unfinished ...> [pid 28214] <... read resumed> "VERSION 1\nPROGRAM 1.4.0\n\nKEY 0xD"..., 8192) = 134 [pid 28215] <... write resumed> ) = 134 [pid 28215] munmap(0xb7fe8000, 4096) = 0 [pid 28215] exit_group(0) = ? Process 28215 detached using something like ethereal or tcpdump - does the server actually send you a response. Does the normal tcp handshaking occur? another thought - do ipv6 keyservers exist? want to try one? Created attachment 49449 [details]
Ethereal capture of GnuPG transmission
It does look like there is a handshaking going on. But when it comes to
showtime, nada.
As to whether there is IPv6 addressable keyservers, I have not been able to get
a strainght answer via web searches or prodding on IRC in the #gnupg channel.
The dump file will show that I am trying to communicate to subkeys.pgp.net, not
pgp.mit.edu. When I mention that I was using that address, I was "glared" at.
Also, I notice that putting the resolved IPv6 address result in an error.
Using the IPv4 address does not result in the error.
gpg: refreshing 1 key from [3ffe:abcd:1234:9876::1207:e8b]
gpg: DBG: set_exec_path method 0: PATH=/usr/libexec/gnupg
gpg: DBG: execlp: gpgkeys_[3ffe
gpg: unable to execute program `gpgkeys_[3ffe': No such file or directory
gpg: refreshing 1 key from 18.7.14.139
gpg: DBG: set_exec_path method 0: PATH=/usr/libexec/gnupg
gpg: DBG: execlp: gpgkeys_hkp
gpg: DBG: iobuf-3.0: fdopen `[fd 7]'
gpg: DBG: iobuf-3.0: ioctl `file_filter(fd)' no_cache=1
gpg: DBG: iobuf-3.0: ioctl `file_filter(fd)' no_cache=1
gpg: requesting key 7A3220C7 from hkp server 18.7.14.139
gpg: DBG: iobuf-3.0: underflow: req=8192
Host: 18.7.14.139
Command: GET
This would just show that currently, GnuPG is unable to direcly handle an IPv6
address from the commandline. That though would probably be an upstream issue.
yep - sounds right - I'll post to gnupg-dev. You can follow at http://lists.gnupg.org/pipermail/gnupg-devel/2005-January/thread.html or subscribe to the list http://lists.gnupg.org/mailman/listinfo/gnupg-devel IPv6 server maybe http://www.earth.li/projectpurple/progs/onak.html Success! But with stipulations. First, the server has to have an IPv6 connection. Second, only via HKP, not HTTP. I used the keyserver.linux.it found in the GnuPG-devel list. The other one, keyserver.stack.nl, did not work since it was only accessible over HTTP. Both servers using HTTP resulted with error: gpgkeys: key <long_hex_string> not found on keyserver Process 581 detached --- SIGCHLD (Child exited) @ 0 (0) --- gpg: no valid OpenPGP data found. gpg: Total number processed: 0 So a workaround has been found. But it could be curious to know why accessing a keyserver through 6to4 router fails. My router follows the Gentoo IPv6 Router guide very closely, especially the 6to4 config and it's bogus prefix for totd and pTRTd. The hardest part of this bug was finding a IPv6 accessible keyserver. Thanks for the help. great. Glad you found a work around. The execution of a program with part of a ipv6 address still needs to be addressed upstream. As for IPv6inIPv4 hard to say wheither it's a server implementation issue. I haven't looked at the internals of hkp keyserving so it could be some IPv6 address passing there(?) passing there. |