Page MenuHome GnuPG
Create Task
Maniphest T1788

Keyserver (hkp) DNS SRV support missing from 2.1.0
Closed, ResolvedPublic
Actions

Description

_pgpkey-http._tcp.au.gnupg.net. SRV 0 0 11371 keyserver.zap.org.au.
_pgpkey-http._tcp.au.gnupg.net. SRV 0 0 11371 svcs4.riverwillow.net.au.
_pgpkey-http._tcp.au.gnupg.net. SRV 1 0 11371 keys.keysigning.org.
_pgpkey-http._tcp.au.gnupg.net. SRV 0 0 11371 keyserver.oeg.com.au.

$ gpg --no-options --keyserver hkp://au.gnupg.net --search-keys 0xA29A84A2
gpg: error searching keyserver: Unknown host
gpg: keyserver search failed: Unknown host

Note that using a DNS label which has A and/or AAAA records in addition to SRV
records (e.g. keys.au.gnupg.net) works because although dirmngr ignores the SRV
records, it finds the address records.

This SRV support was present in the old libcurl implementations and still works
in 2.0.26 and 1.4.18.

Also note that I found the following in dirmngr/ks-engine-hkp.c:

  813:  else
  814:    {
  815:      /*fixme_do_srv_lookup ()*/
  816:    }

See also this thread in the gnupg-devel mailing list:

http://lists.gnupg.org/pipermail/gnupg-devel/2014-December/029185.html

Details

Version
2.1.0

Related Objects

Event Timeline

JohnMarshall set Version to 2.1.0.Dec 12 2014, 12:24 AM
JohnMarshall added projects: dirmngr, Bug Report.
JohnMarshall added a subscriber: JohnMarshall.
werner added a subscriber: werner.Dec 15 2014, 8:24 AM

As noted on the ML we do our own selection from the pool and consider only A and
AAAA records. This needs to be changed of course. Unfortunately this won't go
into 2.1.1.

justus closed this task as Resolved.Nov 23 2015, 2:07 PM
justus claimed this task.

Fixed in c9f5aa15.