David Shaw dshaw at
Thu Aug 15 23:58:02 CEST 2002

On Thu, Aug 15, 2002 at 10:39:32PM +0200, Janusz A. Urbanowicz wrote:
> David Shaw napisa?[a]/wrote/schrieb:
> > I tracked down the problem some people were having with the OKS
> > keyserver (the one that runs
> > 
> > It seems that contrary to the HTTP spec, this server responds
> > immediately after the first CRLF instead waiting for the second one
> > that terminates the request.  Essentially this means the server starts
> > sending a response before the query is completed.
> > 
> >   [dshaw at claude ~]$ telnet 11371
> >   Trying
> >   Connected to
> >   Escape character is '^]'.
> >   GET /pks/lookup?op=get&search=0x68FDDBC7 HTTP/1.0
> >  <-- should have been an extra blank line here -->
> >   HTTP/1.0 200 OK
> >   Content-type: text/html
> > 
> > This is a bug in the server.  I can probably jimmy up a fix to make it
> > work with GnuPG anyway, but there is only so much that can be done to
> > work around the problem.  It really needs to be fixed in the server.
> A workaround is to use HTTP proxy between the slient and the OKS server.

Yes, but it's unfortunate to require users to set up a proxy to use a
keyserver.  They may not have access to one.

I wrote a workaround for the bug, but I need to test it some more.
It's not perfect, but it does make OKS work in 99% of the cases.  I
really dislike working around non-GnuPG bugs in GnuPG unless it is
absolutely the last resort.


   David Shaw  |  dshaw at  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

More information about the Gnupg-devel mailing list