2.1.2: keyserver route failure

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Feb 18 20:13:31 CET 2015


On Wed 2015-02-18 06:40:12 -0500, Werner Koch wrote:
> On Wed, 18 Feb 2015 06:24, rjh at sixdemonbag.org said:
>
>> I don't have IPv6 routing, period.  This raises the question of why
>> GnuPG is trying to reach an IPv6 address at all.
>
> Because the resolver tells that there is an AAAA record.  It seems that
> we need to figure out at runtime whether v6 is actually working.  Any
> hints on how to do that?

Reasonable IPv6 stacks should return an ENETUNREACH (Network is
unreachable) error message when trying to connect() to an address for
which there is no route, which should already cause dirmngr to failover
immediately.

I'm not convinced that it's gnupg's job to compensate for
unreasonably-configured IPv6 stacks that think they have a route but
actually don't.

Should gnupg also try to detect whether the IPv4 networking
configuration is actually correct?  That seems like an operating system
level task.  I certainly don't want all of my client software to always
try to second-guess my netwoking stack, that sounds like a recipe for
trouble.

         --dkg



More information about the Gnupg-users mailing list