Debugging dirmngr (gpg --locate-key)

Andre Heinecke aheinecke at gnupg.org
Fri Mar 29 09:30:10 CET 2019 

Hi,

On Thursday 28 March 2019 20:57:21 CET Wiktor Kwapisiewicz via Gnupg-devel 
wrote:
> I'm trying to debug why the following doesn't fetch the key via WKD:

The debugging for WKD happens with dirmngr.

I have the following in my dirmngr.conf:

  debug-level guru
  log-file /tmp/dirmngr.log

Then after the locate key (kill dirmngr after changing the config)
I see in that log:

2019-03-29 09:18:06 dirmngr[6907.6] URL 'https://kernel.org/.well-known/
openpgpkey/policy' redirected to 'https://www.kernel.org/.well-known/
openpgpkey/policy' (301)
2019-03-29 09:18:06 dirmngr[6907.6] redirection changed to 'https://
www.kernel.org/.well-known/openpgpkey/policy'
2019-03-29 09:18:06 dirmngr[6907.6] DBG: http.c:request:
2019-03-29 09:18:06 dirmngr[6907.6] DBG: >> GET /.well-known/openpgpkey/policy 
HTTP/1.0\r\n
2019-03-29 09:18:06 dirmngr[6907.6] DBG: >> Host: www.kernel.org\r\n
2019-03-29 09:18:06 dirmngr[6907.6] DBG: http.c:request-header:
2019-03-29 09:18:06 dirmngr[6907.6] DBG: >> \r\n
2019-03-29 09:18:06 dirmngr[6907.6] DBG: http.c:response:
2019-03-29 09:18:06 dirmngr[6907.6] DBG: >> HTTP/1.1 404 Not Found\r\n
2019-03-29 09:18:06 dirmngr[6907.6] http.c:RESP: 'Server: nginx'
2019-03-29 09:18:06 dirmngr[6907.6] http.c:RESP: 'Date: Fri, 29 Mar 2019 
08:18:06 GMT'
2019-03-29 09:18:06 dirmngr[6907.6] http.c:RESP: 'Content-Type: text/html'
2019-03-29 09:18:06 dirmngr[6907.6] http.c:RESP: 'Content-Length: 162'
2019-03-29 09:18:06 dirmngr[6907.6] http.c:RESP: 'Connection: close'
2019-03-29 09:18:06 dirmngr[6907.6] http.c:RESP: ''
2019-03-29 09:18:06 dirmngr[6907.6] error accessing 'https://
www.kernel.org/.well-known/openpgpkey/policy': http status 404

And if I directly force dirmngr to fetch anyway via:

  gpg-connect-agent --dirmngr
  > WKD_GET torvalds at kernel.org

I get:

2019-03-29 09:24:12 dirmngr[31781.6] URL 'https://kernel.org/.well-known/
openpgpkey/hu/pf113mfnx1f3eb1yiwhsipa91xfc7o4x?l=torvalds' redirected to 
'https://mirrors.edge.kernel.org/pub/.well-known/openpgpkey/hu/
pf113mfnx1f3eb1yiwhsipa91xfc7o4x?l=torvalds' (302)
2019-03-29 09:24:12 dirmngr[31781.6] redirection changed to 'https://
mirrors.edge.kernel.org/.well-known/openpgpkey/hu/
pf113mfnx1f3eb1yiwhsipa91xfc7o4x?l=torvalds'
2019-03-29 09:24:13 dirmngr[31781.6] DBG: http.c:request:
2019-03-29 09:24:13 dirmngr[31781.6] DBG: >> GET /.well-known/openpgpkey/hu/
pf113mfnx1f3eb1yiwhsipa91xfc7o4x?l=torvalds HTTP/1.0\r\n
2019-03-29 09:24:13 dirmngr[31781.6] DBG: >> Host: mirrors.edge.kernel.org\r\n
2019-03-29 09:24:13 dirmngr[31781.6] DBG: http.c:request-header:
2019-03-29 09:24:13 dirmngr[31781.6] DBG: >> \r\n
2019-03-29 09:24:13 dirmngr[31781.6] DBG: http.c:response:
2019-03-29 09:24:13 dirmngr[31781.6] DBG: >> HTTP/1.1 404 Not Found\r\n
2019-03-29 09:24:13 dirmngr[31781.6] http.c:RESP: 'Server: nginx'
2019-03-29 09:24:13 dirmngr[31781.6] http.c:RESP: 'Date: Fri, 29 Mar 2019 
08:24:13 GMT'
2019-03-29 09:24:13 dirmngr[31781.6] http.c:RESP: 'Content-Type: text/html'
2019-03-29 09:24:13 dirmngr[31781.6] http.c:RESP: 'Content-Length: 311'
2019-03-29 09:24:13 dirmngr[31781.6] http.c:RESP: 'Connection: close'
2019-03-29 09:24:13 dirmngr[31781.6] http.c:RESP: ''
2019-03-29 09:24:13 dirmngr[31781.6] error accessing 'https://
mirrors.edge.kernel.org/.well-known/openpgpkey/hu/
pf113mfnx1f3eb1yiwhsipa91xfc7o4x?l=torvalds': http status 404
2019-03-29 09:24:13 dirmngr[31781.6] command 'WKD_GET' failed: No data


So it is missing a policy file and the redirect goes to:

https://mirrors.edge.kernel.org/pub/.well-known/openpgpkey/hu/
pf113mfnx1f3eb1yiwhsipa91xfc7o4x?torvalds

While dirmngr after the redirect queries:
https://mirrors.edge.kernel.org/.well-known/openpgpkey/hu/
pf113mfnx1f3eb1yiwhsipa91xfc7o4x?l=torvalds

Without the "pub". This is why curl / wget work but not dirmngr.

Best Regards,
Andre
-- 
GnuPG.com - a brand of g10 Code, the GnuPG experts.

g10 Code GmbH, Erkrath/Germany, AG Wuppertal HRB14459
GF Werner Koch, USt-Id DE215605608, www.g10code.com.

GnuPG e.V., Rochusstr. 44, D-40479 Düsseldorf.  VR 11482 Düsseldorf
Vorstand: W.Koch, M.Gollowitzer, A.Heinecke.    Mail: board at gnupg.org
Finanzamt D-Altstadt, St-Nr: 103/5923/1779.   Tel: +49-2104-4938799
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20190329/075e0668/attachment-0001.sig>

More information about the Gnupg-devel mailing list