Page MenuHome GnuPG
Projects dirmngr

dirmngrTag
ActivePublic
Watch Project

Members

  • This project does not have any members.
  • View All

Watchers

  • This project does not have any watchers.
  • View All

Details

Description

Bugs related to gnupg's dirmngr component.

Recent Activity
View All

Yesterday

fmg closed T7537: WKD key import denied due to false dirmngr caching as Resolved.

New Situation
Once I started testing in logging mode the problem had gone away already. There were some hints to HTTPS certificate issues, but nothing really to blame. Neither with nor without logging the problem could be reproduced after two days of questioning me.

Fri, Feb 21, 5:05 PM · dirmngr, wkd, Bug Report
werner triaged T7537: WKD key import denied due to false dirmngr caching as Normal priority.

The caching works on the base of the requested domain, that is example.org and not openpgpkey.example.org - thus it should not make a difference when you change your setup. There is an initial test for a cached domain status before the resolving process starts. If you want to look yourself: gnupg/dirmngr/server.c:cmd_wkd_get() and domainfo.c.

Fri, Feb 21, 9:00 AM · dirmngr, wkd, Bug Report
fmg added a comment to T7537: WKD key import denied due to false dirmngr caching.

Reproducibility
The problem cannot be confirmed generic on domain level. I can reproduce the effect with keys shipped from my domain, i.e. email addresses @shimps.de, but the issue vanishes when I try to reproduce it with email addresses @gnupg.org as e.g. Werner's address.

Fri, Feb 21, 12:08 AM · dirmngr, wkd, Bug Report

Thu, Feb 20

fmg created T7537: WKD key import denied due to false dirmngr caching.
Thu, Feb 20, 3:29 PM · dirmngr, wkd, Bug Report

Jan 17 2025

werner added a comment to T4538: Support PSS signed CRLs.
Jan 17 2025, 4:23 PM · dirmngr, S/MIME, libksba

Jan 2 2025

werner closed T6965: WKD fail: gpg/dimngr fails to retrieve public key as Resolved.
Jan 2 2025, 9:31 AM · Support, dirmngr

Jan 1 2025

gc100 added a comment to T6965: WKD fail: gpg/dimngr fails to retrieve public key.

Users landing here looking for help.

Jan 1 2025, 9:53 PM · Support, dirmngr
gc100 added a comment to T6965: WKD fail: gpg/dimngr fails to retrieve public key.

This looks like a bug with gnutls which is the only tool that fails :

Jan 1 2025, 11:21 AM · Support, dirmngr

Dec 2 2024

ebo closed T4249: No connection to Keyserver possible as Resolved.

This ticket is obsolete

Dec 2 2024, 1:36 PM · gnupg, dirmngr, Bug Report, gpg4win

Nov 29 2024

gniibe closed T7288: gpg is not properly handling IPGP entries as Resolved.

Fixed in 2.4.6.

Nov 29 2024, 7:59 AM · dns, dirmngr, gnupg, Bug Report

Oct 31 2024

ebo renamed T6014: Add support for relative redirect URI-references to dirmngr from Failed to search on certificate server. The error returned was: Syntax error in URI. to Add support for relative redirect URI-references to dirmngr.
Oct 31 2024, 11:45 AM · gnupg24, dirmngr, Bug Report

Sep 25 2024

werner edited projects for T5446: Don't show LDAP credentials in error messages, at least not by default, added: gnupg, dirmngr; removed gnupg22.
Sep 25 2024, 4:21 PM · dirmngr, gnupg

Sep 11 2024

gniibe claimed T7288: gpg is not properly handling IPGP entries.
Sep 11 2024, 6:45 AM · dns, dirmngr, gnupg, Bug Report

Sep 9 2024

gniibe added a comment to T7288: gpg is not properly handling IPGP entries.

Thank you for the bug report and your patch.

Sep 9 2024, 7:19 AM · dns, dirmngr, gnupg, Bug Report

Sep 8 2024

werner added projects to T7288: gpg is not properly handling IPGP entries: gnupg, dirmngr, dns.
Sep 8 2024, 9:48 AM · dns, dirmngr, gnupg, Bug Report

Aug 21 2024

werner triaged T7263: Extend LDAP scheme to allow distribution of Kleopatra groups as Low priority.
Aug 21 2024, 1:49 PM · Restricted Project, gnupg26, dirmngr
werner closed T3392: keyserver default should include pool onionbalance hkp://jirk5u4osbsr34t5.onion as Resolved.
Aug 21 2024, 1:45 PM · Too Old, Keyserver, Feature Request, dirmngr

Jun 1 2024

gc100 reopened T6965: WKD fail: gpg/dimngr fails to retrieve public key as "Open".
Jun 1 2024, 3:10 PM · Support, dirmngr
gc100 added a comment to T6965: WKD fail: gpg/dimngr fails to retrieve public key.

An update FYI

Jun 1 2024, 3:09 PM · Support, dirmngr

Feb 1 2024

gc100 closed T6965: WKD fail: gpg/dimngr fails to retrieve public key as Resolved.

Fixed by changing server as noted above.

Feb 1 2024, 9:00 PM · Support, dirmngr
gc100 added a comment to T6965: WKD fail: gpg/dimngr fails to retrieve public key.

Thanks for all the help @gniibe.

Feb 1 2024, 8:59 PM · Support, dirmngr
gc100 added a comment to T6965: WKD fail: gpg/dimngr fails to retrieve public key.

It should not be removed as I believe it is required to be compliant:

Feb 1 2024, 5:22 PM · Support, dirmngr
gniibe added projects to T6965: WKD fail: gpg/dimngr fails to retrieve public key: dirmngr, Support.

I'm afraid that your particular configuration would cause the problem of the negotiation.

Feb 1 2024, 2:02 AM · Support, dirmngr

Jan 4 2024

werner closed T1839: Can't Encrypt with PIV-I Encryption Certificate - Unsupported Certificate as Resolved.

Note that we now have also an option instead of the workaround from 2015

Jan 4 2024, 4:18 PM · dirmngr, gnupg, Feature Request, S/MIME

Dec 11 2023

werner closed T6850: dirmngr fails `gpg --recv-key` in very non-obious way if local TOR node in SafeSocks mode is running as Wontfix.

For various reasons dirmngr requires and implements a full resolver and implements that. This way all DNS queries are passed through Tor. Thus this is a feature and not a bug. The error message could be better but we can only return what SOCKS tells us.

Dec 11 2023, 8:37 AM · gnupg, Tor, Not A Bug, dirmngr

Nov 28 2023

ntninja created T6850: dirmngr fails `gpg --recv-key` in very non-obious way if local TOR node in SafeSocks mode is running.
Nov 28 2023, 5:51 PM · gnupg, Tor, Not A Bug, dirmngr

Sep 26 2023

werner closed T2829: dirmngr: Timeouts are too long as Resolved.

Lot's of things changed in the meantime.

Sep 26 2023, 2:28 PM · gnupg, Bug Report, dirmngr
werner closed T4467: dirmngr keyserver option (and legacy gpg --keyserver) should assume `hkps://` or `hkp://` if no scheme is present as Wontfix.

HKP keyservers are anyway out of fashion and thus we won't put anymore effort into his part of the code.

Sep 26 2023, 2:27 PM · dirmngr
werner closed T2849: dirmngr fails to terminate on SIGTERM if an existing connection is open as Wontfix.
Sep 26 2023, 2:24 PM · Too Old, gnupg, Bug Report, dirmngr
werner closed T2740: dirmngr fails (and gets stuck failing) when network changes as Wontfix.

Lot's of changes since 2.4.

Sep 26 2023, 2:23 PM · Too Old, gnupg, Bug Report, dirmngr

Jul 4 2023

werner moved T6477: WKD redirects and dirmngr redirect rewriting from QA to gnupg-2.4.3 on the gnupg24 board.
Jul 4 2023, 2:39 PM · gnupg24 (gnupg-2.4.3), wkd, dirmngr

Jun 22 2023

werner added a comment to T2039: CRL issuingDistributionPoint support.

See for T6545 for a new request to support IDP.

Jun 22 2023, 11:46 AM · gnupg, Feature Request, dirmngr

Jun 15 2023

werner moved T6477: WKD redirects and dirmngr redirect rewriting from WiP to QA on the gnupg24 board.
Jun 15 2023, 3:12 PM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
werner added a comment to T6477: WKD redirects and dirmngr redirect rewriting.

I have now disabled the rewriting in the 2.4 branch. Those who want to keep the old behaviour may add

Jun 15 2023, 3:09 PM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
werner set the icon for dirmngr to Tag.
Jun 15 2023, 2:08 PM
werner edited Description on dirmngr.
Jun 15 2023, 2:07 PM
werner moved T6477: WKD redirects and dirmngr redirect rewriting from Backlog to WiP on the gnupg24 board.
Jun 15 2023, 2:03 PM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
werner claimed T6477: WKD redirects and dirmngr redirect rewriting.
Jun 15 2023, 2:03 PM · gnupg24 (gnupg-2.4.3), wkd, dirmngr

May 3 2023

werner added a comment to T6477: WKD redirects and dirmngr redirect rewriting.

I will review the issue. A likely outcome will be to follow your suggestion but to add an option for the old behaviour to avoid further security discussions.

May 3 2023, 8:29 AM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
werner triaged T6477: WKD redirects and dirmngr redirect rewriting as High priority.
May 3 2023, 8:27 AM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
Angel updated the task description for T6477: WKD redirects and dirmngr redirect rewriting.
May 3 2023, 4:53 AM · gnupg24 (gnupg-2.4.3), wkd, dirmngr
Angel created T6477: WKD redirects and dirmngr redirect rewriting.
May 3 2023, 4:50 AM · gnupg24 (gnupg-2.4.3), wkd, dirmngr

Apr 21 2023

werner triaged T6458: Support looking up userSMIMECertificate in LDAP as Normal priority.
Apr 21 2023, 11:13 AM · LDAP, dirmngr, Feature Request
werner added a parent task for T6458: Support looking up userSMIMECertificate in LDAP: T6416: Remove LDAP code duplication in dirmngr.
Apr 21 2023, 11:13 AM · LDAP, dirmngr, Feature Request
werner added a subtask for T6416: Remove LDAP code duplication in dirmngr: T6458: Support looking up userSMIMECertificate in LDAP.
Apr 21 2023, 11:13 AM · Feature Request, LDAP, dirmngr, gnupg24

Apr 19 2023

pert created T6458: Support looking up userSMIMECertificate in LDAP.
Apr 19 2023, 3:43 AM · LDAP, dirmngr, Feature Request

Apr 16 2023

werner triaged T6449: Support fetching S/MIME certificates over DNS via SMIMEA record as Wishlist priority.
Apr 16 2023, 8:34 PM · Feature Request, dirmngr

Apr 14 2023

pert created T6449: Support fetching S/MIME certificates over DNS via SMIMEA record.
Apr 14 2023, 12:50 PM · Feature Request, dirmngr

Apr 5 2023

ebo moved T6067: dirmngr 2.2 does not ask keyservers for fingerprints from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 5 2023, 2:52 PM · gnupg (gpg22), Restricted Project, dirmngr
ebo moved T4729: WKD via http_proxy does not work if DNS is broken/unavailable from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 5 2023, 1:53 PM · gnupg (gpg22), Restricted Project, dns, dirmngr