Possible bug in using 'recv-key' facility via a HTTP proxy

Matthias Urlichs smurf at noris.de
Sun Apr 22 22:27:01 CEST 2001


Steven Murdoch:
> that this is what should be happening? I was under the (possibly
> erroneous) impression that the FIN packet indicated that one side
> wished to close the connection, however GnuPG seems to send it after

It merely signals the other side that you don't have more data to send.
It is thus perfectly legitimate in this situation.

The connection thus is severed as soon as the local TCP has
sent a FIN, and seen one from the other side.

> the HTTP request and before the server sends the key back. In my case
> after GnuPG sends the FIN packet the proxy server replies with a FIN
> and the connection is torn down before the key is received.
The proxy shouldn't do this. Both directions of a TCP stream are,
conceptually, 100% independent. A FIN in one direction implies _nothing_
about the data which may or may not be sent in the other.

Matthias Urlichs     |     noris network AG     |     http://smurf.noris.de/

More information about the Gnupg-devel mailing list