Possible IPv6 bug for --keyserver option

David Shaw dshaw at jabberwocky.com
Wed Nov 30 17:25:07 CET 2011


On Nov 30, 2011, at 7:18 AM, gnupg at lists.grepular.com wrote:

> mike at Fuzzbutt:~$ gpg --keyserver grepular.com --recv-key 11111111
> gpg: requesting key 11111111 from hkp server grepular.com
> gpgkeys: HTTP fetch error 7: Failed to connect to
> 2001:470:1f09:1186::beef: Network is unreachable
> gpg: no valid OpenPGP data found.
> gpg: Total number processed: 0
> mike at Fuzzbutt:~$
> 
> Why is gpg trying to connect to the IPv6 address here? The machine I'm
> running it from doesn't have an IPv6 address, so it should be using the
> A record instead of the AAAA record...
> 
> mike at Fuzzbutt:~$ ifconfig|grep inet6
> mike at Fuzzbutt:~$
> 
> I'm running GnuPG 2.0.14 on Ubuntu 11.04
> 
> P.S. There isn't a keyserver at grepular.com, so I wasn't expecting it
> to work. I just wasn't expecting it to use the AAAA record instead of
> the A record.

Hmm.  GnuPG uses libcurl to do the HTTP part of fetching keys, so this might actually be a Curl question.  Curl (at least on Linux) uses getaddrinfo to resolve out the IPv4 vs IPv6 question.  What happens if you do "curl -v http://grepular.com:11371" on the command line?

See also http://manpages.ubuntu.com/manpages/natty/man5/gai.conf.5.html

David




More information about the Gnupg-users mailing list