Page MenuHome GnuPG
Feed Advanced Search

Feb 3 2020

mssm added a comment to T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol.
In T4817#132207, @dkg wrote:

(if you don't want to publish the full strace output here because you're concerned it might leak some information about your machine or your network, but you're ok sharing it with me personally, you can send it to me privately by e-mail, encrypted to the OpenPGP certificate with fingerprint C4BC2DDB38CCE96485EBE9C2F20691179038E5C6, and sent to one of the e-mail addresses associated with that certificate. please make a note here if you do that)

Feb 3 2020, 10:42 AM · Bug Report

Jan 24 2020

mssm added a comment to T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol.

Right after the failed connection I see:

$ gpg-connect-agent --dirmngr 'keyserver --hosttable' /bye
S # hosttable (idx, ipv6, ipv4, dead, name, time):
S #   0   4 d keys.openpgp.org (37.218.245.50)  (5s)
OK
Jan 24 2020, 1:07 PM · Bug Report

Jan 23 2020

mssm added a comment to T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol.

With tls-debug 16:

dirmngr[9162.6] DBG: chan_6 <- END
dirmngr[9162.6] DBG: dns: libdns initialized
dirmngr[9162.6] DBG: dns: getsrv(_pgpkey-https._tcp.keys.openpgp.org) -> 0 records
dirmngr[9162.6] DBG: dns: resolve_dns_name(keys.openpgp.org): Success
dirmngr[9162.6] resolve_dns_addr for 'keys.openpgp.org': 'keys.openpgp.org' [already known]
dirmngr[9162.6] resolve_dns_addr for 'keys.openpgp.org': 'keys.openpgp.org' [already known]
dirmngr[9162.6] DBG: gnutls:L3: ASSERT: /var/tmp/portage/net-libs/gnutls-3.6.11.1-r1/work/gnutls-3.6.11.1/lib/x509/common.c[_gnutls_x509_get_raw_field2]:1575
dirmngr[9162.6] DBG: gnutls:L3: ASSERT: /var/tmp/portage/net-libs/gnutls-3.6.11.1-r1/work/gnutls-3.6.11.1/lib/x509/x509.c[gnutls_x509_crt_get_subject_unique_id]:3902
dirmngr[9162.6] DBG: gnutls:L3: ASSERT: /var/tmp/portage/net-libs/gnutls-3.6.11.1-r1/work/gnutls-3.6.11.1/lib/x509/x509.c[gnutls_x509_crt_get_issuer_unique_id]:3952
dirmngr[9162.6] DBG: gnutls:L3: ASSERT: /var/tmp/portage/net-libs/gnutls-3.6.11.1-r1/work/gnutls-3.6.11.1/lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990
dirmngr[9162.6] DBG: gnutls:L3: ASSERT: /var/tmp/portage/net-libs/gnutls-3.6.11.1-r1/work/gnutls-3.6.11.1/lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990
dirmngr[9162.6] DBG: gnutls:L3: ASSERT: /var/tmp/portage/net-libs/gnutls-3.6.11.1-r1/work/gnutls-3.6.11.1/lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990
dirmngr[9162.6] DBG: gnutls:L3: ASSERT: /var/tmp/portage/net-libs/gnutls-3.6.11.1-r1/work/gnutls-3.6.11.1/lib/x509/dn.c[_gnutls_x509_compare_raw_dn]:990
dirmngr[9162.6] number of system provided CAs: 142
dirmngr[9162.6] DBG: gnutls:L5: REC[0x7fd5a400c360]: Allocating epoch #0
dirmngr[9162.6] DBG: gnutls:L2: added 6 protocols, 29 ciphersuites, 18 sig algos and 9 groups into priority list
dirmngr[9162.6] DBG: Using TLS library: GNUTLS 3.6.11
dirmngr[9162.6] DBG: http.c:connect_server: trying name='keys.openpgp.org' port=443
dirmngr[9162.6] DBG: dns: resolve_dns_name(keys.openpgp.org): Success
dirmngr[9162.6] error creating socket: Address family not supported by protocol
dirmngr[9162.6] error connecting to 'https://keys.openpgp.org:443': Address family not supported by protocol
dirmngr[9162.6] DBG: gnutls:L13: BUF[HSK]: Emptied buffer
dirmngr[9162.6] DBG: gnutls:L5: REC[0x7fd5a400c360]: Start of epoch cleanup
dirmngr[9162.6] DBG: gnutls:L5: REC[0x7fd5a400c360]: End of epoch cleanup
dirmngr[9162.6] DBG: gnutls:L5: REC[0x7fd5a400c360]: Epoch #0 freed
dirmngr[9162.6] marking host 'keys.openpgp.org' as dead
dirmngr[9162.6] host 'keys.openpgp.org' marked as dead
dirmngr[9162.6] command 'KS_PUT' failed: No keyserver available
dirmngr[9162.6] DBG: chan_6 -> ERR 167772346 No keyserver available <Dirmngr>
dirmngr[9162.6] DBG: chan_6 <- BYE
dirmngr[9162.6] DBG: chan_6 -> OK closing connection
dirmngr[9162.6] handler for fd 6 terminated
Jan 23 2020, 9:35 AM · Bug Report
mssm added a comment to T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol.

Could it be that the system installed CAs are not sufficient for the TSL handshake? But then also curl should fail on that host. But curl https://keys.openpgp.org is fine.

Jan 23 2020, 9:33 AM · Bug Report

Jan 22 2020

mssm added a comment to T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol.

I have added standard-resolver and debug network to the dirmngr.conf, killed the running dirmngr:

Jan 22 2020, 7:55 AM · Bug Report

Jan 20 2020

mssm added a comment to T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol.
# host keys.openpgp.org
keys.openpgp.org has address 37.218.245.50
keys.openpgp.org has IPv6 address 2a00:c6c0:0:154:1::1
keys.openpgp.org mail is handled by 100 mail.keys.openpgp.org.
Jan 20 2020, 1:07 PM · Bug Report
mssm added a comment to T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol.
$ ping keys.openpgp.org -c1
PING keys.openpgp.org (37.218.245.50) 56(84) bytes of data.
64 bytes from 37.218.245.50 (37.218.245.50): icmp_seq=1 ttl=48 time=24.1 ms
Jan 20 2020, 8:35 AM · Bug Report

Jan 17 2020

mssm added a comment to T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol.

As far as I know this is a v4 only network. I tried what you said and get this log:

2020-01-17 15:39:33 dirmngr[18656.6] DBG: chan_6 <- END
2020-01-17 15:39:33 dirmngr[18656.6] DBG: dns: libdns initialized
2020-01-17 15:39:33 dirmngr[18656.6] DBG: dns: getsrv(_pgpkey-https._tcp.keys.openpgp.org) -> 0 records
2020-01-17 15:39:33 dirmngr[18656.6] DBG: dns: resolve_dns_name(keys.openpgp.org): Success
2020-01-17 15:39:33 dirmngr[18656.6] resolve_dns_addr for 'keys.openpgp.org': 'keys.openpgp.org' [already known]
2020-01-17 15:39:33 dirmngr[18656.6] resolve_dns_addr for 'keys.openpgp.org': 'keys.openpgp.org' [already known]
2020-01-17 15:39:33 dirmngr[18656.6] number of system provided CAs: 142
2020-01-17 15:39:33 dirmngr[18656.6] DBG: dns: resolve_dns_name(keys.openpgp.org): Success
2020-01-17 15:39:33 dirmngr[18656.6] error creating socket: Address family not supported by protocol
2020-01-17 15:39:33 dirmngr[18656.6] error connecting to 'https://keys.openpgp.org:443': Address family not supported by protocol
2020-01-17 15:39:33 dirmngr[18656.6] marking host 'keys.openpgp.org' as dead
2020-01-17 15:39:33 dirmngr[18656.6] host 'keys.openpgp.org' marked as dead
2020-01-17 15:39:33 dirmngr[18656.6] command 'KS_PUT' failed: No keyserver available
2020-01-17 15:39:33 dirmngr[18656.6] DBG: chan_6 -> ERR 167772346 No keyserver available <Dirmngr>
2020-01-17 15:39:33 dirmngr[18656.6] DBG: chan_6 <- BYE
2020-01-17 15:39:33 dirmngr[18656.6] DBG: chan_6 -> OK closing connection
2020-01-17 15:39:33 dirmngr[18656.6] handler for fd 6 terminated
Jan 17 2020, 3:41 PM · Bug Report
mssm created T4817: dirmgr keys.openpgp.org:443 Address family not supported by protocol.
Jan 17 2020, 12:08 PM · Bug Report