dirmngrProject
ActivePublic

Members

  • This project does not have any members.

Watchers

  • This project does not have any watchers.

Recent Activity

Today

dkg created T4467: dirmngr keyserver option (and legacy gpg --keyserver) should assume `hkps://` or `hkp://` if no scheme is present.
Fri, Apr 19, 5:26 PM · dirmngr
dkg added a comment to T4465: dirmngr's default tor autodetection mode should autodetect on each connection (falling back to non-tor when tor is unavailable).

I just noticed that dirmngr(8)'s documentation for its --keyserver option says:

Fri, Apr 19, 5:11 PM · dirmngr, Bug Report
dkg added a comment to T4465: dirmngr's default tor autodetection mode should autodetect on each connection (falling back to non-tor when tor is unavailable).

Note that even sending a HUP to dirmngr, when it is in this autodetection mode that observed tor at the start, is insufficient to have it re-run the autodetection. You have to explicitly terminate dirmngr to get it to unlearn the autodetected presence of Tor. This is subtly hinted at in dirmngr(8), but no justification is given for it.

Fri, Apr 19, 4:47 PM · dirmngr, Bug Report
dkg created T4465: dirmngr's default tor autodetection mode should autodetect on each connection (falling back to non-tor when tor is unavailable).
Fri, Apr 19, 4:36 PM · dirmngr, Bug Report

Wed, Apr 10

dkg added a comment to T3767: simplify sharing dirmngr's across multiple GNUPGHOMEs.

One of the things that dirmngr has going for it is that it tracks the current network state, and it would be nice to be able to reuse that state across sessions. If an ephemeral keyring can't use a shared dirmngr, there are fewer arguments for having dirmngr in the first place, and people might be more justified in replacing it with things like https://gitlab.com/anarcat/scripts/blob/master/openpgp-key-get

Wed, Apr 10, 2:52 AM · Documentation, Feature Request, gnupg, dirmngr

Tue, Apr 9

werner lowered the priority of T3767: simplify sharing dirmngr's across multiple GNUPGHOMEs from High to Normal.

I don't anymore think this is a high priority request. BTW, A more real problem than several dirmngr instances is multi-user access to smartcards.

Tue, Apr 9, 8:59 AM · Documentation, Feature Request, gnupg, dirmngr

Fri, Apr 5

werner triaged T4447: Fix addition of new GPG keys to LDAP as High priority.
Fri, Apr 5, 9:07 AM · patch, LDAP, gnupg, dirmngr, Bug Report

Wed, Apr 3

gray created T4447: Fix addition of new GPG keys to LDAP.
Wed, Apr 3, 11:27 AM · patch, LDAP, gnupg, dirmngr, Bug Report

Mon, Apr 1

robbat2 added a comment to T4444: dirmngr fails with keyservers specified by IP without rDNS; reported as dead host or uses wrong Host header.

HTTP/1.1 spec, RFC 7230, Section 5.4, paragraph 2:
https://tools.ietf.org/html/rfc7230#section-5.4

Mon, Apr 1, 8:24 PM · Keyserver, dns, dirmngr, Bug Report
werner added a comment to T4444: dirmngr fails with keyservers specified by IP without rDNS; reported as dead host or uses wrong Host header.

Please be so kind and point me to the specs stating that you should put the IP address into Host:

Mon, Apr 1, 8:01 PM · Keyserver, dns, dirmngr, Bug Report
robbat2 added a comment to T4444: dirmngr fails with keyservers specified by IP without rDNS; reported as dead host or uses wrong Host header.

It's up to GPG to send the Host header that shows the user's intent.

Mon, Apr 1, 6:20 PM · Keyserver, dns, dirmngr, Bug Report
werner added a comment to T4444: dirmngr fails with keyservers specified by IP without rDNS; reported as dead host or uses wrong Host header.

So in short you want:

  1. Allow to specify a keyserver by IP without any DNS lookups.
  2. When connecting via IP use the IP address for Host:.
Mon, Apr 1, 12:55 PM · Keyserver, dns, dirmngr, Bug Report
werner triaged T4443: IPv6 address with scope not accepted as keyserver as Normal priority.
Mon, Apr 1, 10:24 AM · gnupg (gpg23), dirmngr, dns, Bug Report

Sun, Mar 31

robbat2 created T4444: dirmngr fails with keyservers specified by IP without rDNS; reported as dead host or uses wrong Host header.
Sun, Mar 31, 10:35 PM · Keyserver, dns, dirmngr, Bug Report

Wed, Mar 27

aheinecke closed T4264: Gpg4win 3.1.6, a subtask of T3381: dirmngr won't start on Windows 10 with admin level account, as Resolved.
Wed, Mar 27, 1:55 PM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report
aheinecke closed T3381: dirmngr won't start on Windows 10 with admin level account as Resolved.

gpg4win 3.1.6 is released which contains this fix.

Wed, Mar 27, 1:52 PM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report

Mar 19 2019

wheelerlaw added a comment to T3065: dirmngr: proxy issues with dnslookup causing failure.

Also might I add, this used to work perfectly fine in gnupg14. It seems that somewhere along the line a regression was introduced that is causing this erroneous non-compliant behavior in the HTTP client.

Mar 19 2019, 6:18 PM · gnupg (gpg22), dns, dirmngr
wheelerlaw added a comment to T3065: dirmngr: proxy issues with dnslookup causing failure.

Why? Your explanation is invalid because it implicates dirmngr's HTTP client as not comforming to the spec laid out by the RFC. I've quite clearly explained--and backed up with the spec itself--that when a proxy variable is configured, a client should not be doing DNS lookup of the destination hostname. Is there something about that you are not understanding?

Mar 19 2019, 6:13 PM · gnupg (gpg22), dns, dirmngr
werner added a comment to T3065: dirmngr: proxy issues with dnslookup causing failure.

Please show an example regarding something else than a failed access to a pool of keyservers. I explained why it can't work for pools for you.

Mar 19 2019, 7:59 AM · gnupg (gpg22), dns, dirmngr

Mar 18 2019

wheelerlaw reopened T3065: dirmngr: proxy issues with dnslookup causing failure as "Open".

Yes you can, and no you do not. Don't believe me? Then read the spec. At no point does the spec say that there is "nothing that can be done" when a hostname cannot be resolved when connecting through a proxy. In fact, it states precisely the opposite, describing the exact procedure a client should take when making a request through a proxy. See section 5.3, paragraph 3:

Mar 18 2019, 9:21 PM · gnupg (gpg22), dns, dirmngr
werner edited projects for T3257: dirmngr cannot set port for nameserver, added: Feature Request; removed gnupg (gpg22), Bug Report.
Mar 18 2019, 7:30 PM · Feature Request, dirmngr
werner removed a project from T2398: finger support using SRV DNS records: gnupg (gpg22).
Mar 18 2019, 7:29 PM · gnupg, Feature Request, dirmngr
werner closed T2908: dirmngr can't be build w/o LDAP as Wontfix.
Mar 18 2019, 7:28 PM · gnupg (gpg22), dirmngr, Bug Report, gnupg
werner closed T3065: dirmngr: proxy issues with dnslookup causing failure as Invalid.

No we can't we need to know the IP addresses to handle the pools. I have given a workaround for you in my previous comment. You can also use install Tor which we can use for DNS resolving.

Mar 18 2019, 7:26 PM · gnupg (gpg22), dns, dirmngr

Mar 13 2019

wuximeniyu added a comment to T4165: Dirmngr: Ipv6 causes network failure if Ipv6 can't be reached.

There is a solution for it:

Mar 13 2019, 9:55 PM · Keyserver, Feature Request, dirmngr

Feb 28 2019

aheinecke added a comment to T4380: GpgSM: CRL access not possible due to Tor mode.

Btw. I only noticed this now as I always had "disable-tor" in my config but recently removed it for testing.

Feb 28 2019, 7:59 AM · Bug Report, dirmngr, S/MIME
aheinecke created T4380: GpgSM: CRL access not possible due to Tor mode.
Feb 28 2019, 7:59 AM · Bug Report, dirmngr, S/MIME

Feb 25 2019

gniibe added projects to T3381: dirmngr won't start on Windows 10 with admin level account: Testing, libassuan.
Feb 25 2019, 3:37 AM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report

Feb 9 2019

kristianf closed T4354: dirmngr should send "fingerprint=on" to keyservers as Resolved.

So, the keyserver operator had thrown in a hockeypuck server in the pool, causing this.. While the keyserver remains in the exclude list until confirmation it has been resolved, that explains the behavior and it has been made clear that separate software needs to use different names in the future.

Feb 9 2019, 8:43 PM · dirmngr, Keyserver, Bug Report

Feb 4 2019

werner updated subscribers of T4354: dirmngr should send "fingerprint=on" to keyservers.

@kristianf we talked about this on Saturday evening. Would you be so kind and have a quick look at the problem with the hu server?

Feb 4 2019, 5:45 PM · dirmngr, Keyserver, Bug Report

Feb 1 2019

steve added a comment to T4354: dirmngr should send "fingerprint=on" to keyservers.

Hi Werner and thanks for looking into this.

Feb 1 2019, 10:32 AM · dirmngr, Keyserver, Bug Report

Jan 30 2019

werner edited projects for T4354: dirmngr should send "fingerprint=on" to keyservers, added: Keyserver, dirmngr; removed Feature Request.

According to sks-keyservers.net both servers you mention run the very same software. Thus I would like to understand why you think they require the use of a legacy option.

Jan 30 2019, 3:22 PM · dirmngr, Keyserver, Bug Report

Jan 25 2019

werner added a commit to T3381: dirmngr won't start on Windows 10 with admin level account: rA75770b1131e1: socks5: Fix compiler warning on Windows..
Jan 25 2019, 1:55 PM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report
gniibe added a commit to T3381: dirmngr won't start on Windows 10 with admin level account: rA5e48116051a4: socks5: Implement timeout to detect bogus service..
Jan 25 2019, 4:23 AM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report

Jan 24 2019

aheinecke added a subtask for T3381: dirmngr won't start on Windows 10 with admin level account: T4264: Gpg4win 3.1.6.
Jan 24 2019, 7:32 PM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report
aheinecke raised the priority of T3381: dirmngr won't start on Windows 10 with admin level account from Normal to High.

I want to have this fixed for the next release so prio high.

Jan 24 2019, 7:32 PM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report
aheinecke assigned T3381: dirmngr won't start on Windows 10 with admin level account to werner.

Oops. Assignee removal was an accident. Sorry for the noise here ;-)

Jan 24 2019, 4:26 PM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report
aheinecke placed T3381: dirmngr won't start on Windows 10 with admin level account up for grabs.

Just as a note: To workaround this you can also place "no-use-tor" into %APPDATA%\gnupg\dirmngr.conf (you might need to create that file) %APPDATA% expands to something like "c:\users\yourname\appdata\roaming"

Jan 24 2019, 4:25 PM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report
Spiker added a comment to T3381: dirmngr won't start on Windows 10 with admin level account.

On Win 10 Pro it looks like File Transfer Server.exe is running on port 9050 which could be causing the issue. See screenshots.

That process is the one i killed which is part of Asus Wi-Fi Go

Jan 24 2019, 4:23 PM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report
madhon added a comment to T3381: dirmngr won't start on Windows 10 with admin level account.

On Win 10 Pro it looks like File Transfer Server.exe is running on port 9050 which could be causing the issue. See screenshots.

Jan 24 2019, 4:20 PM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report
Spiker added a comment to T3381: dirmngr won't start on Windows 10 with admin level account.

On Win 10 Pro it looks like File Transfer Server.exe is running on port 9050 which could be causing the issue. See screenshots.

Jan 24 2019, 4:16 PM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report
madhon added a comment to T3381: dirmngr won't start on Windows 10 with admin level account.

Apparently i had a ASUS Wi-Fi go process listening on that port (even though i thought had uninstalled it), killing the process also allows dirmngr to start

Jan 24 2019, 3:34 PM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report
aheinecke assigned T3381: dirmngr won't start on Windows 10 with admin level account to werner.

Thanks you very much for your help! I think we have it. \o/

Jan 24 2019, 3:23 PM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report
madhon added a comment to T3381: dirmngr won't start on Windows 10 with admin level account.

Running with the --no-use-tor results in output ending with OK Dirmngr 2.2.11 at your service, attached is the procmon output , to clear up one thing q4master.idsoftware.com points to 127.0.0.1 in my hosts file (in addition to localhost also pointing to 127.0.0.1), but it seems the issue is with the tor check

Jan 24 2019, 3:07 PM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report
aheinecke added a comment to T3381: dirmngr won't start on Windows 10 with admin level account.

I see some strangeness:
A TCP Connect: q4master.idsoftware.com:4862 -> q4master.idsoftware.com:9050
and TCP Send: q4master.idsoftware.com:4862 -> q4master.idsoftware.com:9050

Jan 24 2019, 2:58 PM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report
madhon added a comment to T3381: dirmngr won't start on Windows 10 with admin level account.

Done, See attached

Jan 24 2019, 10:32 AM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report
aheinecke added a project to T3381: dirmngr won't start on Windows 10 with admin level account: gpg4win.

I'm thinking of how to move this forward.
The problem is that we (the developers) can't reproduce this at all and the debug output does not show anything.

Jan 24 2019, 9:04 AM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report

Jan 23 2019

Spiker added a comment to T3381: dirmngr won't start on Windows 10 with admin level account.

Has anybody discovered a fix for this issue? I'm running Win 10 Pro with Gpg4win v3.1.5. Dirmngr is still not executing and just hangs.

Jan 23 2019, 4:14 PM · libassuan, Testing, gpg4win, dirmngr, Windows, Bug Report

Dec 14 2018

wheelerlaw edited projects for T3065: dirmngr: proxy issues with dnslookup causing failure, added: gnupg (gpg22); removed FAQ.
Dec 14 2018, 7:29 PM · gnupg (gpg22), dns, dirmngr
wheelerlaw added a comment to T3065: dirmngr: proxy issues with dnslookup causing failure.
So if your DNS resolver does not tell us the IP addresses, we can't do anything about it.
Dec 14 2018, 7:25 PM · gnupg (gpg22), dns, dirmngr