Bug #3457

msva refuses to use .onion keyserver

Added by intrigeri over 2 years ago. Updated over 2 years ago.

Status:ResolvedStart date:09/14/2011
Priority:NormalDue date:
Assignee:dkg% Done:

0%

Category:msva-perl
Target version:-

Description

Tails is configured to use Indymedia's keyserver as a Tor hidden service (hkp://2eghzlv2wwcq7u7y.onion), both in gpg.conf and in monkeysphere.conf.

Every other gpg-powered software works nicely with this, but msva-perl thinks it's clever enough to judge whether our GnuPG settings are valid or not.

While I do like strict configuration checking, unfortunately, msva-perl is slightly less clever than it thinks, and since the nice $RE{net}{domain} does not know about .onion,
msva thinks our valid settings are wrong and falls back to an unencrypted connection to its default keyserver (hkp://pool.sks-keyservers.net), while we asked for the end-to-end encryption provided by Tor hidden services. (This kind of fallback is, IMHO, an issue by itself, but let's stay focused.)

`.xsession-errors` says:

Not a valid keyserver (from gpg config /home/amnesia/.gnupg/gpg.conf):
hkp://2eghzlv2wwcq7u7y.onion

History

#1 Updated by dkg over 2 years ago

ugh, yes, this is a problem. i think it should ultimately be fixed in Regexp::Common (have you filed a CPAN ticket for that?), but i'm open to a patchset to work around the bug in msva-perl the meantime.

I agree with you that the fallback behavior should be re-thought. could you open another ticket here to cover that?

#2 Updated by intrigeri over 2 years ago

dkg wrote:

i think it should ultimately be fixed in Regexp::Common

Agreed.

(have you filed a CPAN ticket for that?),

I have not. The CPAN bug tracker hates me as much as I hate it.

but i'm open to a patchset to work around the bug in msva-perl the meantime.

I'll try to get to it soon.

I agree with you that the fallback behavior should be re-thought. could you open another ticket here to cover that?

Done: #3459.

#3 Updated by intrigeri over 2 years ago

This bug is fixed in Debian unstable, thanks to libregexp-common-perl 2011041701-3 that fixes Debian bug #641616 (upstream bug: https://rt.cpan.org/Public/Bug/Display.html?id=23626).

I'm unsure what should happen with this bug, so I'll let you proceed.

#4 Updated by dkg over 2 years ago

  • Status changed from New to Resolved

I'm marking this as resolved, since it was fixed in RegExp::Common (and is now fixed in testing as well as unstable).

Thanks for pursuing this, intrigeri!

Also available in: Atom PDF