Page MenuHome GnuPG

Keyserver (hkp) DNS SRV support missing from 2.1.0
Closed, ResolvedPublic

Description

_pgpkey-http._tcp.au.gnupg.net. SRV 0 0 11371 keyserver.zap.org.au.
_pgpkey-http._tcp.au.gnupg.net. SRV 0 0 11371 svcs4.riverwillow.net.au.
_pgpkey-http._tcp.au.gnupg.net. SRV 1 0 11371 keys.keysigning.org.
_pgpkey-http._tcp.au.gnupg.net. SRV 0 0 11371 keyserver.oeg.com.au.

$ gpg --no-options --keyserver hkp://au.gnupg.net --search-keys 0xA29A84A2
gpg: error searching keyserver: Unknown host
gpg: keyserver search failed: Unknown host

Note that using a DNS label which has A and/or AAAA records in addition to SRV
records (e.g. keys.au.gnupg.net) works because although dirmngr ignores the SRV
records, it finds the address records.

This SRV support was present in the old libcurl implementations and still works
in 2.0.26 and 1.4.18.

Also note that I found the following in dirmngr/ks-engine-hkp.c:

  813:  else
  814:    {
  815:      /*fixme_do_srv_lookup ()*/
  816:    }

See also this thread in the gnupg-devel mailing list:

http://lists.gnupg.org/pipermail/gnupg-devel/2014-December/029185.html

Details

Version
2.1.0

Event Timeline

As noted on the ML we do our own selection from the pool and consider only A and
AAAA records. This needs to be changed of course. Unfortunately this won't go
into 2.1.1.

justus claimed this task.

Fixed in c9f5aa15.