Bug 1479: GnuPG curl-shim TCP half-close harms HTTP interop
Phil Pennock
gnupg-devel at spodhuis.org
Fri Mar 1 23:24:24 CET 2013
On 2013-02-28 at 14:09 -0500, David Shaw wrote:
> Pretty easy case. All set. This isn't an issue on master, by the way. The logic is reversed on that branch so there is only a shutdown when specifically requested - and it isn't requested.
In diagnosing whether a fix for this works, there's a problem that GnuPG
both retrieves a key and reports that it failed.
I think that the shim is failing to set whatever flag is referenced as
ctx.flags.done in the gpgkeys_hkp.c code.
----------------------------8< cut here >8------------------------------
% /usr/local/libexec/gpg2keys_hkp
COMMAND GET
HOST keys2.kfwebs.net
PORT 11371
SCHEME hkp
KEY 403043153903637F
----------------------------8< cut here >8------------------------------
Get:
KEY 0xKEY 403043153903637F BEGIN
* HTTP host:port post-SRV is "keys2.kfwebs.net:11371"
-----BEGIN PGP PUBLIC KEY BLOCK-----
[...]
m3QmaaAfDDkAn0EfIzN9wDIdYGM6p5eihu2vZAfIiGQEExECACQFCQWjmoACF4AGCwkIBwMC
gpgkeys: key KEY 403043153903637F not found on keyserver
AxUCAwMWAgECHgEFA
KEY 0xKEY 403043153903637F FAILED 6
In fact, the struct CURL's flags field from curl-shim.h doesn't include
a done field, so I'm not sure why this compiles. At least, when I look
at current git on the STABLE-BRANCH-2-0 branch.
-Phil
More information about the Gnupg-devel
mailing list