Possible bug in using 'recv-key' facility via a HTTP proxy

Steven Murdoch sjmurdoch at bigfoot.com
Mon Mar 26 03:20:01 CEST 2001 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello all,

I'm not sure this is a bug in GnuPG so I hope I'm sending this to the
right place. I can't seem to download keys from a keyserver via my
proxy server using GnuPG 1.04. The proxy server is Winproxy and it
seems to be paranoid about well formed HTTP requests and is not
happy about what GnuPG sends.

The error message I receive is as follows
[smurdoch at silicon smurdoch]$ gpg --recv-key 70B61F81
gpg: requesting key 70B61F81 from search.keyserver.net ...
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

which isn't much help, but looking at my packet sniffer logs seems to
show the problem. Looking at the ASCII shows the request to be normal:

- ---
GET http://search.keyserver.net:11371/pks/lookup?op=get&search=0x70B61F81 HTTP/1.0

HTTP/1.0 403 Forbidden
Proxy-agent: Ositis-WinProxy
<snip more headers and key>
- ---

but the hexdump shows:
00000000  47 45 54 20 68 74 74 70  3a 2f 2f 73 65 61 72 63
00000010  68 2e 6b 65 79 73 65 72  76 65 72 2e 6e 65 74 3a
00000020  31 31 33 37 31 2f 70 6b  73 2f 6c 6f 6f 6b 75 70
00000030  3f 6f 70 3d 67 65 74 26  73 65 61 72 63 68 3d 30
00000040  78 37 30 42 36 31 46 38  31 20 48 54 54 50 2f 31
00000050  2e 30 0d 0a 
00000054  0a

Notice it is terminated with 0d0a0a (i.e. \r\n\n). I'm not an expert
at HTTP but I thought lines were terminated with 0d0a (\r\n) and the
header was terminated with 0d0a0d0a (\r\n\r\n). I think this is what
is confusing the proxy server because when I used a hex editor to
insert a 0d into a file and sending this directly the server returned
the requested key.

- ---
GET http://search.keyserver.net:11371/pks/lookup?op=get&search=0x70B61F81 HTTP/1.0

HTTP/1.0 200 OK
Content-type: text/html
<snip key>
- ---

Here is the hexdump of the client side:
00000000  47 45 54 20 68 74 74 70  3a 2f 2f 73 65 61 72 63
00000010  68 2e 6b 65 79 73 65 72  76 65 72 2e 6e 65 74 3a
00000020  31 31 33 37 31 2f 70 6b  73 2f 6c 6f 6f 6b 75 70
00000030  3f 6f 70 3d 67 65 74 26  73 65 61 72 63 68 3d 30
00000040  78 37 30 42 36 31 46 38  31 20 48 54 54 50 2f 31
00000050  2e 30 0d 0a 0d 0a 

I'm not familiar with the source code of GnuPG so I don't know where
to start with debugging this, but if anyone would like more
information then I would be happy to help.

Steven Murdoch.

- --
email: sjmurdoch at bigfoot.com
web: http://www.bigfoot.com/~murdomania/
NEW PGP/GnuPG Keys: http://www.bigfoot.com/~murdomania/keys.html
Geek Code: http://www.bigfoot.com/~murdomania/geek.htm
Diary: http://www.advogato.org/person/sjmurdoch/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6vnX7y7aeQyigOIYRAnkBAKCV+H8OjP/CurIt4kDiqQ+3Gl8nBgCgnhnm
62wO8ckMbJACxSDb4Kt3rUk=
=Bbk2
-----END PGP SIGNATURE-----

More information about the Gnupg-devel mailing list