SKS v. unknown HTTP headers (was: Re: IPv6 failover?)
jharris at widomaker.com
Thu Aug 4 06:24:27 CEST 2005
On Wed, Aug 03, 2005 at 08:44:18PM -0400, David Shaw wrote:
> On Wed, Aug 03, 2005 at 08:18:35PM -0400, Jason Harris wrote:
> > Looking at http://curl.haxx.se/libcurl/c/curl_easy_setopt.html ,
> > this might do the trick:
> > curl_easy_setopt (..., CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
> > if any connection, which always seems to prefer IPv6, doesn't
> > at first succeed.
> I'm not sure. CURL_IPRESOLVE_V4 is documented to force the connection
> to IPv4. That is, it'll ignore IPv6 addresses altogether, rather than
> try to connect and then fail over within curl. What happens if you
> add a "-4" to the command line above? That sets CURL_IPRESOLVE_V4.
(That works fine, of course.)
> Also, going back to the original problem, can you send me the output
> when you try fetching a key with "--keyserver-options debug" set?
OK, with --recv I see it falls back from v6 to v4, which is good, but it
fails with --send:
%gpg --keyserver-options debug --keyserver keyserver.linux.it --send ...
gpg: sending key ... to hkp server keyserver.linux.it
gpgkeys: HTTP URL is `http://keyserver.linux.it:11371/pks/add'
* About to connect() to keyserver.linux.it port 11371
* Trying 2001:1418:13:10::1... * Failed to connect to 2001:1418:13:10::1: No route to host
* Undefined error: 0
* Trying 184.108.40.206... * connected
* Connected to keyserver.linux.it (220.127.116.11) port 11371
> POST /pks/add HTTP/1.1
< HTTP/1.1 100 Continue
* The requested URL returned error: 500
* Closing connection #0
gpgkeys: HTTP post error 22: Failed to connect to 2001:1418:13:10::1: No route to host
However, this seems to be specific to SKS. My SKS log reports:
2005-08-04 ... ... Error handling request (POST,/pks/add,[+accept:*/*+content-length:2246+content-type:application/x-www-form-urlencoded+expect:100-continue+host:skylane.kjsl.com:21371]): Scanf.Scan_failure("scanf: bad input at char number 8: looking for =, found %")
so the connection is being made (in this case via IPv4; skylane also has
an AAAA record). Moreover, the error messages from curl are confusing this
Thus, in reality, the "Expect: 100-continue" header appears to be confusing
SKS (during POSTs).
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
jharris at widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/
Got photons? (TM), (C) 2004
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 313 bytes
Desc: not available
Url : /pipermail/attachments/20050804/690a6885/attachment.pgp
More information about the Gnupg-users