Page MenuHome GnuPG
Create Task
Maniphest T2109

Gpg2.1 http-proxy configuration from 2.0 leads to configuration error
Closed, ResolvedPublic
Actions

Description

I've configured a keyserver in gpg.conf with a http-proxy:

keyserver hkp://keys.gnupg.net
keyserver-options http-proxy=esus.lan:12345

This worked with 2.0 but after upgrading to with 2.1 search fails with:

gpg: error searching keyserver: Configuration error
gpg: keyserver search failed: Configuration error

If I change it to:
keyserver-options http-proxy=http://esus.lan:12345

it works again. But if the behavior is changed we would need to migrate the
configuration on update which I'd rather avoid.

Details

Version
2.1.8

Related Objects

Event Timeline

aheinecke set Version to 2.1.8.Sep 23 2015, 1:28 PM
aheinecke added projects: gpg4win, gnupg (gpg21), gnupg, Bug Report, Keyserver.
aheinecke added subscribers: werner, aheinecke.
werner added a comment.Sep 24 2015, 10:38 AM

Actually I plan to remove (or make them a NOP) all network options from
gpg.conf. This should all be configured in dirmngr.conf.

werner lowered the priority of this task from High to Normal.Sep 24 2015, 10:38 AM
aheinecke added a comment.Sep 24 2015, 10:58 AM

Regardless of that, I find this is a regression. With my configuration I was
able to search on keyservers with 2.0.x and then with 2.1.x keyserver search no
longer works with the same configuration.

And it's probably easier to default to http protocol for a http-proxy in gnupg /
dirmngr again then it is for me to warn users in Kleopatra / Gpg4win that their
configuration no longer works with 2.1.

aheinecke added a comment.Sep 25 2015, 11:52 AM

You've actually added code to handle the hostname:port string with rev: 54e55149

But this does not work as the parse_uri check before hat is called with
"no_scheme_check" and so already passes a hostname:port uri as valid and does
not go into the fallback code that adds the http scheme.

aheinecke added a comment.Sep 25 2015, 11:52 AM

D329: 685_0001-Dirmngr-Default-to-http-protocol-for-http-proxy.patch

werner added a comment.Oct 8 2015, 7:15 PM

Applied with commit ea079d2. Thanks.

werner added a project: Restricted Project.Oct 8 2015, 7:15 PM
werner removed a subscriber: aheinecke.
werner closed this task as Resolved.Jan 15 2016, 1:28 PM
werner removed a project: Restricted Project.