Page MenuHome GnuPG
Create Task
Maniphest T1832

gpg --send-keys fails silently if keyserver unavailable
Closed, ResolvedPublic
Actions

Description

When sending keys to the server using gpg --send-keys, if the server is
unavailable, the operation will simply fail silently, just like if the operation
succeeded.

The same thing is true for --search-keys and --recv-keys : They simply return
that search returned no result, without returning any error.

To give you an example of the consequence of this, I was tinkering with GnuPg to
create a new key pair but changed my mind about the settings for my new after
having already sent it to the server. I revoked my key and sent it again using
--send-keys...and then deleted the key pair having no use for it. I only
noticed later that the key was still valid on the server because the connection
was unavailable when I sent the revocation, and I now have no way of revoking
that public key.

Details

Version
2.0.26

Related Objects

Event Timeline

acastong set Version to 2.0.26.Feb 7 2015, 7:13 PM
acastong added projects: gnupg, Bug Report.
acastong added a subscriber: acastong.
werner added a subscriber: werner.Feb 11 2015, 11:53 AM

I can't repeat that with the current version from the GIT repositories. Can you
please give an example best using --recv-key.

acastong added a comment.Feb 12 2015, 12:56 PM

To reproduce using version 2.0.26 (on Windows):

  1. Set your keyserver to something invalid (ie. put the following line in your

gpg.conf, without any other keyserver entries:

keyserver hkp://invalid.gnupg.net

  1. Try to retrieve the key 82058954 (from john doe) from the server: gpg --recv-keys 82058954

This should report that no key has been found. What it *should* report is that
there was a communication problem with the servier.

  1. Revert to a vali keyserver destination in your gpg.conf

keyserver hkp://keys.gnupg.net

  1. Perform the recv operation again, it should successfully load the key gpg --recv-keys 82058954
  1. Reset your server to an invali value and perform the following operation: gpg --send-keys 82058954

The application will with the message that it is sending the key to
invalid.gnupg.net, wnen in fact it is not

werner added projects: In Progress, backport.Feb 18 2015, 12:16 PM

Fixed with commit 0c3d764.
Should be backported to 1.4.

werner added a project: gnupg (gpg14).Sep 8 2015, 2:43 PM
werner added a comment.Dec 17 2015, 3:48 PM

backported by dkg with commit 0c3d764 for 1.4.19

werner closed this task as Resolved.Dec 17 2015, 3:48 PM
werner claimed this task.
werner removed a project: In Progress.
werner mentioned this in T2233: Missing feedback when sending key to key server.Mar 30 2017, 7:17 PM