Bug 1479: GnuPG curl-shim TCP half-close harms HTTP interop

David Shaw dshaw at jabberwocky.com
Sun Mar 3 03:54:54 CET 2013

On Mar 2, 2013, at 8:30 PM, Phil Pennock <gnupg-devel at spodhuis.org> wrote:

> I added the improved HTTP error code logic, basically because I saw
> incorrect codes and thought it needed fixing.  I was not aware that this
> had been causing operational issues and work-arounds.
> Are there any other behaviours of SKS that are currently causing GnuPG
> issues?  We can try to get those fixed.

Ha, it's an interesting question.  It's been a number of years since the keyserver code was written (before sks was written).  A few decisions were made based on the fact that pks was not actively maintained and so was effectively unchangeable, but yet was the defacto keyserver.  Thanks for the offer.  I'll see if anything else jumps out.

> For backwards compatibility, surely the three states can be told apart
> by:
> missing: Did not get a "-----BEGIN PGP PUBLIC KEY BLOCK-----" line
> incomplete: Got that line, but did not get a
>             "-----END PGP PUBLIC KEY BLOCK-----" line
> found: Got both lines

Yes, this is more or less what the code does.


More information about the Gnupg-devel mailing list