Package: dirmngr Version: 2.1.18-6 When nameservers in /etc/resolv.conf are only IPv6 addresses, dirmngr fails to resolve hostnames. System is up-to-date Stretch install (kernel 4.9.0-2-amd64 #1 SMP Debian 4.9.18-1, glibc 2.24-10).
Expected behaviour: dirmngr works with IPv6 DNS resolvers. ~/.gnupg/dirmngr.conf: debug-all verbose Transcript (gpg): $ gpg -vv --debug-all --keyserver keyserver.cns.vt.edu --recv-keys B2F41D360340F41AE0B2841773AC5687477EB9EE gpg: Note: no default option file '/home/eric/.gnupg/gpg.conf' gpg: enabled debug flags: packet mpi crypto filter iobuf memory cache memstat trust hashing ipc clock lookup extprog gpg: DBG: [not enabled in the source] start gpg: DBG: chan_3 <- # Home: /home/eric/.gnupg gpg: DBG: chan_3 <- # Config: /home/eric/.gnupg/dirmngr.conf gpg: DBG: chan_3 <- OK Dirmngr 2.1.18 at your service gpg: DBG: connection to the dirmngr established gpg: DBG: chan_3 -> GETINFO version gpg: DBG: chan_3 <- D 2.1.18 gpg: DBG: chan_3 <- OK gpg: DBG: chan_3 -> KEYSERVER --clear hkp://keyserver.cns.vt.edu gpg: DBG: chan_3 <- OK gpg: DBG: chan_3 -> KS_GET -- 0xB2F41D360340F41AE0B2841773AC5687477EB9EE gpg: DBG: chan_3 <- ERR 167772379 Server indicated a failure <Dirmngr> gpg: keyserver receive failed: Server indicated a failure gpg: DBG: chan_3 -> BYE gpg: DBG: [not enabled in the source] stop gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 gpg: secmem usage: 0/65536 bytes in 0 blocks System Journal: May 15 15:29:59 cannondale dirmngr[2563]: handler for fd 5 started May 15 15:29:59 cannondale dirmngr[2563]: DBG: chan_5 -> # Home: /home/eric/.gnupg May 15 15:29:59 cannondale dirmngr[2563]: DBG: chan_5 -> # Config: /home/eric/.gnupg/dirmngr.conf May 15 15:29:59 cannondale dirmngr[2563]: DBG: chan_5 -> OK Dirmngr 2.1.18 at your service May 15 15:29:59 cannondale dirmngr[2563]: connection from process 2759 (1000:1000) May 15 15:29:59 cannondale dirmngr[2563]: DBG: chan_5 <- GETINFO version May 15 15:29:59 cannondale dirmngr[2563]: DBG: chan_5 -> D 2.1.18 May 15 15:29:59 cannondale dirmngr[2563]: DBG: chan_5 -> OK May 15 15:29:59 cannondale dirmngr[2563]: DBG: chan_5 <- KEYSERVER --clear hkp://keyserver.cns.vt.edu May 15 15:29:59 cannondale dirmngr[2563]: DBG: chan_5 -> OK May 15 15:29:59 cannondale dirmngr[2563]: DBG: chan_5 <- KS_GET -- 0xB2F41D360340F41AE0B2841773AC5687477EB9EE May 15 15:29:59 cannondale dirmngr[2563]: number of system provided CAs: 173 May 15 15:29:59 cannondale dirmngr[2563]: DBG: http.c:connect_server: trying name='keyserver.cns.vt.edu' port=11371 May 15 15:29:59 cannondale dirmngr[2563]: DBG: dns: resolve_dns_name(keyserver.cns.vt.edu): Server indicated a failure May 15 15:29:59 cannondale dirmngr[2563]: resolving 'keyserver.cns.vt.edu' failed: Server indicated a failure May 15 15:29:59 cannondale dirmngr[2563]: can't connect to 'keyserver.cns.vt.edu': host not found May 15 15:29:59 cannondale dirmngr[2563]: error connecting to 'http://keyserver.cns.vt.edu:11371': Server indicated a failure May 15 15:29:59 cannondale dirmngr[2563]: command 'KS_GET' failed: Server indicated a failure May 15 15:29:59 cannondale dirmngr[2563]: DBG: chan_5 -> ERR 167772379 Server indicated a failure <Dirmngr> May 15 15:29:59 cannondale dirmngr[2563]: DBG: chan_5 <- BYE May 15 15:29:59 cannondale dirmngr[2563]: DBG: chan_5 -> OK closing connection May 15 15:29:59 cannondale dirmngr[2563]: handler for fd 5 terminated When I add a legacy IP DNS server to my /etc/resolv.conf and restart dirmngr.socket, things behave as expected (I won't include transcript). I also ran a tcpdump; no network traffic is generated by dirmngr to my DNS servers when I only specify IPv6 addresses, and the SRV query (when I modify my resolv.conf) is over legacy IP. Regards, Eric C. Landgraf
signature.asc
Description: PGP signature