Bug 1479: GnuPG curl-shim TCP half-close harms HTTP interop

Phil Pennock gnupg-devel at spodhuis.org
Fri Mar 1 23:24:24 CET 2013


On 2013-02-28 at 14:09 -0500, David Shaw wrote:
> Pretty easy case.  All set.  This isn't an issue on master, by the way.  The logic is reversed on that branch so there is only a shutdown when specifically requested - and it isn't requested.

In diagnosing whether a fix for this works, there's a problem that GnuPG
both retrieves a key and reports that it failed.

I think that the shim is failing to set whatever flag is referenced as
ctx.flags.done in the gpgkeys_hkp.c code.

----------------------------8< cut here >8------------------------------
% /usr/local/libexec/gpg2keys_hkp
COMMAND GET
HOST keys2.kfwebs.net
PORT 11371
SCHEME hkp

KEY 403043153903637F

----------------------------8< cut here >8------------------------------

Get:
  KEY 0xKEY 403043153903637F BEGIN
  * HTTP host:port post-SRV is "keys2.kfwebs.net:11371"
  -----BEGIN PGP PUBLIC KEY BLOCK-----
[...]
  m3QmaaAfDDkAn0EfIzN9wDIdYGM6p5eihu2vZAfIiGQEExECACQFCQWjmoACF4AGCwkIBwMC
  gpgkeys: key KEY 403043153903637F not found on keyserver
  AxUCAwMWAgECHgEFA
  KEY 0xKEY 403043153903637F FAILED 6

In fact, the struct CURL's flags field from curl-shim.h doesn't include
a done field, so I'm not sure why this compiles.  At least, when I look
at current git on the STABLE-BRANCH-2-0 branch.

-Phil



More information about the Gnupg-devel mailing list