|
Bugzilla – Full Text Bug Listing |
| Summary: | man gpg mentions outdated honor-http-proxy option | ||
|---|---|---|---|
| Product: | [openSUSE] SUSE Linux 10.1 | Reporter: | Christian Boltz <suse-beta> |
| Component: | Basesystem | Assignee: | Klaus Singvogel <kssingvo> |
| Status: | RESOLVED FIXED | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Normal | ||
| Priority: | P5 - None | ||
| Version: | Beta 9 | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | All | ||
| Whiteboard: | |||
| Found By: | Other | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
Sorry, but not true. Have a closer look at file keyserver/gpgkeys_hkp.c or keyserver/gpgkeys_http.c I think you are talking about gpg-1.4.1, we distribute gpg-1.4.0 due to early cypto freeze. I'm talking about gpg-1.4.0-3 from 9.3 beta3.
I don't have the sources here and therefore can't look at them, but
I tested with the old honor-http-proxy option - it did not work (my
wwwoffle proxy was not used, I had to wait for the timeout [1]).
After switching to the new http-proxy option, my proxy was used again.
Conclusion: honor-http-proxy does no longer work.
(If you don't believe, test yourself ;-)
[1] I read my mails offline, so key requests also done when offline.
This works perfectly with my "GPGoffle" construction, see
http://www.cboltz.de/de/linux/gpgoffle/
Sorry. I was talking about environment variable "http_proxy", as pointed out in the manual snippet. honor-http-proxy is outdated, right. But currently (1.4.0) only warnings are given to the user, if I understand the source code right. :-) Even more the protocol with the keyserver must allow this option to take effect. Maybe there is the fault? Here are the tests I did with the keyserver-options in my gpg.conf:
keyserver-options honor-http-proxy auto-key-retrieve
worked on SuSE 9.2, but does not work in 9.3 beta3
keyserver-options auto-key-retrieve http-proxy=http://localhost:8080
works in 9.3 beta3
I assume $http_proxy is not used in this case, but didn't test it.
keyserver-options auto-key-retrieve http-proxy
works in 9.3 beta3 if $http_proxy is set
Since I only played around with these options and did not change anything
else, it can't be the keyserver.
The only difference I could see was if my proxy was used or not.
Conclusion (again): honor-http-proxy does not work any longer.
About the manpage, to repeat my initial report:
ENVIRONMENT
[...]
http_proxy
- Only honored when the keyserver-option honor-http-proxy is set.
+ Only honored when the keyserver-option http-proxy is set without a
+ value.
This is all I want in this bugreport ;-)
The gpg man page is still wrong in SUSE 10.0 :-( Manpage still wrong/outdated in 10.1 beta2 :-( If you don't want to fix this yourself, please report it upstream or tell me where to report it. thanks for reminder. fixed in next version. man gpg in 10.1 beta9 says:
ENVIRONMENT
[...]
http-proxy
Only honored when the keyserver-option honor-http-proxy is set.
Please note that it got even worse:
- the fix I proposed is not in place, it still uses the old text
- the variable name "http-proxy" is wrong - it should be "http_proxy"
(this is a regression compared to older manpage versions)
Please have a look at your Description of this bug!? You said, that "http_proxy" is the wrong value. In Comment#8, you say "http-proxy" is the wrong value. So, please, can you decide for one and only one solution? Nevertheless, I looked through the source code (as I already did, when I fixed it), and according to file keyserver/gpgkeys_http.c the correct value is "http-proxy". Sorry for reopening again, but... (In reply to comment #9) > You said, that "http_proxy" is the wrong value. In Comment#8, you say > "http-proxy" is the wrong value. So, please, can you decide for one and only > one solution? Sorry, I cant - because it depends ;-) - in the configuration file, http-proxy (with "-") is correct. - the environment variable is named http_proxy (with "_"). The correct manpage entry in section ENVIRONMENT would be (enclosing changes in *...*): *http_proxy* <--- this is the environment variable -> "_" Only honored when the keyserver-option *http-proxy* is set *without a value*. <---- this is the config file entry -> "-" I also found an error in the section describing the keyserver-options: http-proxy[=value] <---- config file -> correct [...] If no value is specified, try to use the value of the environment variable "http-proxy". <---- environment -> should be http_proxy ("_") I hope I didn't confuse you too much ;-) and this will finally be fixed. So, you're going to tell me, that the package was perfectly ok, before I patched it? Because: a) the environment variable is named "http_proxy" (and correctlyi described in man page) b) and instead the option is named "http-proxy" (and correctly described in man page) BTW: both seem to be perfect consistent names. The one is the system variable, whereas the other is a local argument of gpg. > So, you're going to tell me, that the package was perfectly ok, before I > patched it? Not fully - see comment #4: > About the manpage, to repeat my initial report: > > ENVIRONMENT > [...] > http_proxy > - Only honored when the keyserver-option honor-http-proxy is set. > + Only honored when the keyserver-option http-proxy is set without a > + value. The difference is - add "without a value" - replace "honor-http-proxy" with "http-proxy" But the parameter (to use http_proxy environment variable) is named "--honor-http-proxy" according to the source code. There is no option "http-proxy" in the source code (anymore). I don't see where your new proposal should be right. Hmmm, I just downloaded the source and it seems the option has been renamed back to honor-http-proxy again :-/ (in SUSE 10.0 it was "http-proxy") - therefore your last comment seems to be correct and I'm not up to date :-(
The only file listing "http-proxy" is gnupg-1.9.18/tools/gpgconf-comp.c:
{ "http-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
I don't understand C good enough to know if everything is back to the old behaviour (as of SUSE 9.3 - simply use the http_proxy environment variable) or if you can specify the proxy directly in gpg.conf :-(
However, the man page is inconsistent:
OPTIONS
--keyserver-options
http-proxy[=value]
For HTTP-like keyserver schemes that (such as HKP and HTTP itself),
try to access the keyserver over a proxy. If a value is specified,
use this as the HTTP proxy. If no value is specified, try to use
the value of the environment variable "http-proxy".
-> "honor-http-proxy" is not mentioned in OPTIONS section
ENVIRONMENT
http-proxy
Only honored when the keyserver-option honor-http-proxy is set.
-> this time, the http-proxy keyserver option is not mentioned.
Even if I'm not sure which one is correct, one of them seems to be wrong.
And: the environment variable is commonly named "http_proxy" (with "_") - but I can't find this string in the sources...
Any progress? Is the man page reflecting the actual truth :) in Code10 now? I think the correct version is in our product. We are all confused about it, so I don't want to dig into it again. Setting to fixed. |
from man gpg: ENVIRONMENT [...] http_proxy Only honored when the keyserver-option honor-http-proxy is set. This is no longer true. The option is now called http-proxy. honor-http-proxy does _not_ work in gpg 1.4. Please update the gpg manpage.