Mailing List Archive

dirmngr cygwin resolv.conf
Hi,

I'm using gpg2/dirmngr on Cygwin:

$ gpg2 --version
gpg (GnuPG) 2.2.8-unknown
libgcrypt 1.8.2

$ dirmngr --version
dirmngr (GnuPG) 2.2.8-unknown

On Cygwin '/etc/resolv.conf' is not needed, as ilustrated by the below
log dirmngr requires 'resolv.conf':

I used the commands from:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854359

$ dirmngr --server --homedir $PWD -v
dirmngr[7576]: error opening
'/home/john/try/dirmngr-test/dirmngr_ldapservers.conf': No such file or
directory
dirmngr[7576.0]: permanently loaded certificates: 134
dirmngr[7576.0]: runtime cached certificates: 0
dirmngr[7576.0]: trusted certificates: 134 (133,0,0,1)
# Home: /home/john/try/dirmngr-test
# Config: [none]
OK Dirmngr 2.2.8-unknown at your service
KS_GET -- 0x6C6ACD6417B3ACB1
dirmngr[7576.0]: stat'ing '/etc/resolv.conf' failed: No such file or
directory
dirmngr[7576.0]: stat'ing '/etc/resolv.conf' failed: No such file or
directory
dirmngr[7576.0]: failed to load '/etc/resolv.conf': No such file or
directory
dirmngr[7576.0]: command 'KS_GET' failed: No such file or directory
ERR 167805009 No such file or directory <Dirmngr>

If I populate /etc/resolv.conf with my DNS nameserver it works.
This is not practical because everytime my DNS changes I would need to
modify that file manually.

Could dirmngr use the DNS provided by windows or is there a way to
bypass the use of 'resolv.conf'?

--
John Doe

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf [ In reply to ]
On Mon, 25 Jun 2018 10:50, johndoe65534@mail.com said:

> On Cygwin '/etc/resolv.conf' is not needed, as ilustrated by the
> below log dirmngr requires 'resolv.conf':

Cygwin is Unix emulation on Windows and thus GnuPG considers the
platform to be unix. In turn /etc/resolv.conf is required.

> Could dirmngr use the DNS provided by windows or is there a way to
> bypass the use of 'resolv.conf'?

Use the standard Windows GnuPG and you get Windows features. Or, well,
use the Tor support which redirects all DNS over Tor. Just install the
Tor Browser and GnuPG will use that.


Shalom-Salam,

Werner


--
# Please read: Daniel Ellsberg - The Doomsday Machine #
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
Re: dirmngr cygwin resolv.conf [ In reply to ]
Hi Werner, thanks for your answer.

On 6/27/2018 6:51 PM, Werner Koch wrote:
> On Mon, 25 Jun 2018 10:50, johndoe65534@mail.com said:
>
>> On Cygwin '/etc/resolv.conf' is not needed, as ilustrated by the
>> below log dirmngr requires 'resolv.conf':
>
> Cygwin is Unix emulation on Windows and thus GnuPG considers the
> platform to be unix. In turn /etc/resolv.conf is required.
>

Fair enough.

>> Could dirmngr use the DNS provided by windows or is there a way to
>> bypass the use of 'resolv.conf'?
>
> Use the standard Windows GnuPG and you get Windows features. Or, well,
> use the Tor support which redirects all DNS over Tor. Just install the
> Tor Browser and GnuPG will use that.
>

Can you elaborate on how I would let "Cygwin dirmngr" use "Tor Browser
for Windows"?

--
John Doe

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf [ In reply to ]
On Thu, 28 Jun 2018 11:54, johndoe65534@mail.com said:

> Can you elaborate on how I would let "Cygwin dirmngr" use "Tor Browser
> for Windows"?

I have not tested it but given that the Tor browser is listening on
localhost, TCP port 9150, I see no reason why a native Windows Tor
Browser can't work with the Cygwinized GnuPG.


Salam-Shalom,

Werner

--
# Please read: Daniel Ellsberg - The Doomsday Machine #
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
Re: dirmngr cygwin resolv.conf [ In reply to ]
On 6/28/2018 1:25 PM, Werner Koch wrote:
> On Thu, 28 Jun 2018 11:54, johndoe65534@mail.com said:
>
>> Can you elaborate on how I would let "Cygwin dirmngr" use "Tor Browser
>> for Windows"?
>
> I have not tested it but given that the Tor browser is listening on
> localhost, TCP port 9150, I see no reason why a native Windows Tor
> Browser can't work with the Cygwinized GnuPG.
>

For testing purposes I have configured Firefox to use socks5 proxy
"localhost:9150", as you suggested, it is working.

Now, the next step is to configure dirmngr to do the same!:

dirmngr.conf:

use-tor
http-proxy socks5://localhost:9150

gives the following error:

ERR 219 Server indicated a failure <Unspecified source>

How can I use socks5 with dirmngr?

--
John Doe

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf [ In reply to ]
john doe <johndoe65534@mail.com> wrote:
> Now, the next step is to configure dirmngr to do the same!:
>
> dirmngr.conf:
>
> use-tor
> http-proxy socks5://localhost:9150

Only "use-tor" is needed, then, dirmngr connects to localhost:9150 for
Tor.
--

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf [ In reply to ]
On 6/29/2018 9:30 AM, NIIBE Yutaka wrote:
> john doe <johndoe65534@mail.com> wrote:
>> Now, the next step is to configure dirmngr to do the same!:
>>
>> dirmngr.conf:
>>
>> use-tor
>> http-proxy socks5://localhost:9150
>
> Only "use-tor" is needed, then, dirmngr connects to localhost:9150 for
> Tor.
>

Looks like the issue isDNS name resolving:

$ dirmngr --homedir ~/try --use-tor -vvvvv --debug-all --server

OK Dirmngr 2.2.8-unknown at your service
KS_GET -- 0x6C6ACD6417B3ACB1
dirmngr[6496.0]: DBG: chan_3 <- KS_GET -- 0x6C6ACD6417B3ACB1
dirmngr[6496.0]: DBG: dns: libdns initialized (tor mode)
dirmngr[6496.0]: DBG: dns:
getsrv(_pgpkey-https._tcp.hkps.pool.sks-keyservers.net): Server
indicated a failure
dirmngr[6496.0]: command 'KS_GET' failed: Server indicated a failure
<Unspecified source>
dirmngr[6496.0]: DBG: chan_3 -> ERR 219 Server indicated a failure
<Unspecified source>
ERR 219 Server indicated a failure <Unspecified source>

I'm not sure how to go about it?

Any hints/... is much appriciated.

--
John Doe

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf [ In reply to ]
Hello,

Sorry, my explanation was not accurate. In the Tor-mode of dirmngr, it
uses the port 9050 at first. And there is some code to fallback to the
port 9150. It's like:

libdns_switch_port_p (gpg_error_t err)
{
if (tor_mode && gpg_err_code (err) == GPG_ERR_ECONNREFUSED
&& libdns_tor_port == TOR_PORT)
{
/* Switch port and try again. */
if (opt_debug)
log_debug ("dns: switching from SOCKS port %d to %d\n",
TOR_PORT, TOR_PORT2);
libdns_tor_port = TOR_PORT2;
libdns_reinit_pending = 1;
return 1;
}
return 0;
}

I suspect the error detection is not working well. If it works,
you should see the debug message of "dns: switching from SOCKS port...".

I tested with the port 9050, my dirmngr works fine.
--

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf [ In reply to ]
Hello.

Am Freitag, den 29.06.2018, 16:30 +0900 schrieb NIIBE Yutaka:
> john doe <johndoe65534@mail.com> wrote:
> > Now, the next step is to configure dirmngr to do the same!:
> >
> > dirmngr.conf:
> >
> > use-tor
> > http-proxy socks5://localhost:9150
>
> Only "use-tor" is needed, then, dirmngr connects to localhost:9150
> for Tor.

I'm running a local server with a Squid/privoxy/TOR chain. This works
fine for keyserver and crl queries, but only for this. Is there any way
to tell dirmngr on my workstation to use the socks port of TOR on my
server, which I configured to listen also on the NIC.

Regards,
Dirk


--
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen
Tel.: +49 1573 1152350
Re: dirmngr cygwin resolv.conf [ In reply to ]
On Thu, 28 Jun 2018 17:05, johndoe65534@mail.com said:

> dirmngr.conf:
>
> use-tor
> http-proxy socks5://localhost:9150

Nobody said that you should configure a proxy ;-)

Dirmngr has integrated Tor support which will be used automatically when
Tor or the Tor Browser is up and running. --use-tor merely enforces the
use of Tor and inhibits any network access without going over Tor.


Shalom-Salam,

Werner

--
# Please read: Daniel Ellsberg - The Doomsday Machine #
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
Re: dirmngr cygwin resolv.conf [ In reply to ]
On 6/29/2018 4:24 PM, Werner Koch wrote:
> On Thu, 28 Jun 2018 17:05, johndoe65534@mail.com said:
>
>> dirmngr.conf:
>>
>> use-tor
>> http-proxy socks5://localhost:9150
>
> Nobody said that you should configure a proxy ;-)
>
> Dirmngr has integrated Tor support which will be used automatically when
> Tor or the Tor Browser is up and running. --use-tor merely enforces the
> use of Tor and inhibits any network access without going over Tor.
>

Ok, "proxy" is a red herring -- I used the option '--use-tor' to be sure
tor will be used to furder isolate the issue.

In an earlier sent e-mail:

https://lists.gnupg.org/pipermail/gnupg-users/2018-June/060740.html

As you can see no command proxy option is being used.

Some how I'm stuck at DNS name resolving if I'm not mistaking?

Any help is welcome.

--
John Doe

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf [ In reply to ]
On 6/29/2018 6:40 PM, john doe wrote:
> On 6/29/2018 4:24 PM, Werner Koch wrote:
>> On Thu, 28 Jun 2018 17:05, johndoe65534@mail.com said:
>>
>>> dirmngr.conf:
>>>
>>> use-tor
>>> http-proxy socks5://localhost:9150
>>
>> Nobody said that you should configure a proxy ;-)
>>
>> Dirmngr has integrated Tor support which will be used automatically when
>> Tor or the Tor Browser is up and running.  --use-tor merely enforces the
>> use of Tor and inhibits any network access without going over Tor.
>>
>
> Ok, "proxy" is a red herring -- I used the option '--use-tor' to be sure
> tor will be used to furder isolate the issue.
>
> In an earlier sent e-mail:
>
> https://lists.gnupg.org/pipermail/gnupg-users/2018-June/060740.html
>
> As you can see no command proxy option is being used.
>
> Some how I'm stuck at DNS name resolving if I'm not mistaking?
>
> Any help is welcome.
>

Ok -- I think I got it:

If I start Tor Browser as usual by clicking on "Start Tor Browser" it
does not work.
But if I start "Browser\TorBrowser\Tor\tor.exe" it works like a charm.

How can I socks5 dirmngr connections to "Tor Browser"?

--
John Doe

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf [ In reply to ]
Hi Niibe,

On 6/29/2018 1:40 PM, NIIBE Yutaka wrote:
> Hello,
>
> Sorry, my explanation was not accurate. In the Tor-mode of dirmngr, it
> uses the port 9050 at first. And there is some code to fallback to the
> port 9150. It's like:
>
> libdns_switch_port_p (gpg_error_t err)
> {
> if (tor_mode && gpg_err_code (err) == GPG_ERR_ECONNREFUSED
> && libdns_tor_port == TOR_PORT)
> {
> /* Switch port and try again. */
> if (opt_debug)
> log_debug ("dns: switching from SOCKS port %d to %d\n",
> TOR_PORT, TOR_PORT2);
> libdns_tor_port = TOR_PORT2;
> libdns_reinit_pending = 1;
> return 1;
> }
> return 0;
> }
>
> I suspect the error detection is not working well. If it works,
> you should see the debug message of "dns: switching from SOCKS port...".
>
> I tested with the port 9050, my dirmngr works fine.
>

Appologies for not answering sooner.

The issue is that in the case of "Tor Browser" it listens only for
socks5 connection on port 9150.:

https://lists.torproject.org/pipermail/tor-community-team/2018-June/000188.html

How can I force dirmngr to use port "9150"?

Sorry again for my late answer, I had overlooked your e-mail.

I really appriciate any help/input! :)

--
John Doe

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf [ In reply to ]
On Sat, 30 Jun 2018 21:26, johndoe65534@mail.com said:

> How can I force dirmngr to use port "9150"?

So Tor ports are fixed. As Niibe-san already explained Dirmngr will
first try port 9050 and if it is not able to connect (ECONNREFUSED) it
will try port 9150. This is implemented for Dirmngr in Libassuan.


Shalom-Salam,

Werner

--
# Please read: Daniel Ellsberg - The Doomsday Machine #
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
Re: dirmngr cygwin resolv.conf [ In reply to ]
On 7/2/2018 8:48 AM, Werner Koch wrote:
> On Sat, 30 Jun 2018 21:26, johndoe65534@mail.com said:
>
>> How can I force dirmngr to use port "9150"?
>
> So Tor ports are fixed. As Niibe-san already explained Dirmngr will
> first try port 9050 and if it is not able to connect (ECONNREFUSED) it
> will try port 9150. This is implemented for Dirmngr in Libassuan.
>

On Debian Stretch I tried to do the same thing:

$ dirmngr --version
dirmngr (GnuPG) 2.1.18

Tor browser for linux (7.5.6) downloaded from the torproject.org site.
On linux it works out of the box! :)

Which bring me to two possible causes:
1) Cygwin dirmngr can't be used in that way.
If I start "tor.exe" from the Tor Browser for windows bundle it works
like a charm because Tor then listen on port 9050.
So I don't thing this is the issue.

2) Regression in dirmngr between version 2.1.18 and 2.2.8.
It looks like the code that is responsible for falling back to port 9150
when port 5090 is not available is somehow failing.

I'm stuck here and would appriciate any help on finding a solution to
this issue.

If any one can test dirmngr 2.2.8 and Tor Browser for linux 7.5.6 and
can let me know how it goes?

beyond '-v' and '--debug-all' what can I do to furder troubleshoot?

--
John Doe

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf [ In reply to ]
On Mon, 2 Jul 2018 20:46, johndoe65534@mail.com said:

> It looks like the code that is responsible for falling back to port
> 9150 when port 5090 is not available is somehow failing.

... on Windows. Actually I developed the fallback on Windows becuase
there it is easier to install the Tor browser. Anyway, Gniibe probably
found and fixed the problem in our DNS resolver. I suggest to wait for
the next release - probably next week.


Shalom-Salam,

Werner

--
# Please read: Daniel Ellsberg - The Doomsday Machine #
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
Re: dirmngr cygwin resolv.conf [ In reply to ]
Werner Koch <wk@gnupg.org> wrote:
> ... on Windows. Actually I developed the fallback on Windows becuase
> there it is easier to install the Tor browser. Anyway, Gniibe probably
> found and fixed the problem in our DNS resolver. I suggest to wait for
> the next release - probably next week.

That's not for Cygwin on Windows, but for GNU/Linux.

In dirmngr, the DNS resolver using Tor assumes that it returns
ECONNREFUSED when Tor doesn't run at 9050, then, it tries to the port
9150.

There was a bug of the DNS resolver. When there are multiple
"nameserver" in /etc/resolv.conf, it should try all. It was fixed, but
this fix had a side effect for ECONNREFUSED fallback mechanism for using
Tor. This was fixed on Monday.


For the particular issue for Cygwin, it seems that connect(2) in Cygwin
environment may return EPERM instead of ECONNREFUSED. I suspect this.

We can add the case of EPERM for Cygwin for workaround...
--

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf [ In reply to ]
On 7/4/2018 4:05 AM, NIIBE Yutaka wrote:
> Werner Koch <wk@gnupg.org> wrote:
>> ... on Windows. Actually I developed the fallback on Windows becuase
>> there it is easier to install the Tor browser. Anyway, Gniibe probably
>> found and fixed the problem in our DNS resolver. I suggest to wait for
>> the next release - probably next week.
>
> That's not for Cygwin on Windows, but for GNU/Linux.
>
> In dirmngr, the DNS resolver using Tor assumes that it returns
> ECONNREFUSED when Tor doesn't run at 9050, then, it tries to the port
> 9150.
>
> There was a bug of the DNS resolver. When there are multiple
> "nameserver" in /etc/resolv.conf, it should try all. It was fixed, but
> this fix had a side effect for ECONNREFUSED fallback mechanism for using
> Tor. This was fixed on Monday.
>
>
> For the particular issue for Cygwin, it seems that connect(2) in Cygwin
> environment may return EPERM instead of ECONNREFUSED. I suspect this.
>

I'm willing to confirm that but I'm not sure how I would do that!?

--
John Doe

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf [ In reply to ]
Hello,

john doe <johndoe65534@mail.com> wrote:
> I'm willing to confirm that but I'm not sure how I would do that!?

I am considering a patch like following. If you can build GnuPG for
Cygwin, you can try. Or, you can ask Cygwin's package maintainer for
GnuPG.

The patch is: Don't try to look the error code, but fallback TOR_PORT2
always.

==========================
diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c
index ffac816f9..88a4fce5c 100644
--- a/dirmngr/dns-stuff.c
+++ b/dirmngr/dns-stuff.c
@@ -735,13 +735,12 @@ libdns_res_open (struct dns_resolver **r_res)
static int
libdns_switch_port_p (gpg_error_t err)
{
- if (tor_mode && gpg_err_code (err) == GPG_ERR_ECONNREFUSED
- && libdns_tor_port == TOR_PORT)
+ if (tor_mode && libdns_tor_port == TOR_PORT)
{
/* Switch port and try again. */
if (opt_debug)
- log_debug ("dns: switching from SOCKS port %d to %d\n",
- TOR_PORT, TOR_PORT2);
+ log_debug ("dns: switching from SOCKS port %d to %d (%s)\n",
+ TOR_PORT, TOR_PORT2, gpg_strerror (err));
libdns_tor_port = TOR_PORT2;
libdns_reinit_pending = 1;
return 1;
--

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf [ In reply to ]
On 7/4/2018 9:11 AM, NIIBE Yutaka wrote:
> Hello,
>
> john doe <johndoe65534@mail.com> wrote:
>> I'm willing to confirm that but I'm not sure how I would do that!?
>
> I am considering a patch like following. If you can build GnuPG for
> Cygwin, you can try. Or, you can ask Cygwin's package maintainer for
> GnuPG.
>
> The patch is: Don't try to look the error code, but fallback TOR_PORT2
> always.
>
> ==========================
> diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c
> index ffac816f9..88a4fce5c 100644
> --- a/dirmngr/dns-stuff.c
> +++ b/dirmngr/dns-stuff.c
> @@ -735,13 +735,12 @@ libdns_res_open (struct dns_resolver **r_res)
> static int
> libdns_switch_port_p (gpg_error_t err)
> {
> - if (tor_mode && gpg_err_code (err) == GPG_ERR_ECONNREFUSED
> - && libdns_tor_port == TOR_PORT)
> + if (tor_mode && libdns_tor_port == TOR_PORT)
> {
> /* Switch port and try again. */
> if (opt_debug)
> - log_debug ("dns: switching from SOCKS port %d to %d\n",
> - TOR_PORT, TOR_PORT2);
> + log_debug ("dns: switching from SOCKS port %d to %d (%s)\n",
> + TOR_PORT, TOR_PORT2, gpg_strerror (err));
> libdns_tor_port = TOR_PORT2;
> libdns_reinit_pending = 1;
> return 1;
>

I have applied your patch on top of master in the gnupg repository

I'm now in the process of building all the libraries require by 'gnupg'
but I'm still missing the following libraries:

gcrypt
libiconv

How can I clone gcrypt and libiconv from git?

$ git clone git://git.gnupg.org/gcrypt.git
Cloning into 'gcrypt'...
fatal: remote error: access denied or repository not exported: /gcrypt.git

--
John Doe

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf [ In reply to ]
On Wed, 4 Jul 2018 09:11, gniibe@fsij.org said:

> The patch is: Don't try to look the error code, but fallback TOR_PORT2
> always.

I don't like this patch because it is not specific enough.

If Cygwin really returns EPERM, than this is a bug in the Cygwin
emulation because all Unix systems (and actually all BSD sockets based
systems) return ECONNREFUSED. We should not try to fix bugs for Cygwin
given that Cygwin is not offically supported.


Shalom-Salam,

Werner

--
# Please read: Daniel Ellsberg - The Doomsday Machine #
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
Re: dirmngr cygwin resolv.conf [ In reply to ]
On Wednesday, July 4, 2018 2:25:41 PM CEST Werner Koch wrote:
> We should not try to fix bugs for Cygwin
> given that Cygwin is not offically supported.

I think that you have spent already way too much time with this thread. ;-)

IMO even a
#ifdef __CYGWIN__
# error No you don't
#endif

in a central place would be appropiate. As the same policy is implicitly
already applied for the much more important MSVC Windows target. There is one
maintained way to get gnupg on windows. Cross compile it with mingw-w64 and
run it natively.

Best Regards,
Andre

--
Andre Heinecke | ++49-541-335083-262 | http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998
Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
Re: dirmngr cygwin resolv.conf [ In reply to ]
On 7/4/2018 2:25 PM, Werner Koch wrote:
> On Wed, 4 Jul 2018 09:11, gniibe@fsij.org said:
>
>> The patch is: Don't try to look the error code, but fallback TOR_PORT2
>> always.
>
> I don't like this patch because it is not specific enough.
>
> If Cygwin really returns EPERM, than this is a bug in the Cygwin
> emulation because all Unix systems (and actually all BSD sockets based
> systems) return ECONNREFUSED. We should not try to fix bugs for Cygwin
> given that Cygwin is not offically supported.
>

What would it take to make Cygwin officially supported?

I'm not able to register to the bug portal that is why I'm sending it here.

I have installed all required libraries and I got so far as:

$ gnupg

./configure --sysconfdir=/etc --enable-maintainer-mode && make

snip

make all-recursive
make[1]: Entering directory '/home/john/git/gnupg'
Making all in m4
make[2]: Entering directory '/home/john/git/gnupg/m4'
make[2]: Nothing to be done for 'all'.
make[2]: Leaving directory '/home/john/git/gnupg/m4'
Making all in common
make[2]: Entering directory '/home/john/git/gnupg/common'
make all-am
make[3]: Entering directory '/home/john/git/gnupg/common'
make[3]: Nothing to be done for 'all-am'.
make[3]: Leaving directory '/home/john/git/gnupg/common'
make[2]: Leaving directory '/home/john/git/gnupg/common'
Making all in kbx
make[2]: Entering directory '/home/john/git/gnupg/kbx'
make[2]: Nothing to be done for 'all'.
make[2]: Leaving directory '/home/john/git/gnupg/kbx'
Making all in g10
make[2]: Entering directory '/home/john/git/gnupg/g10'
gcc -I/usr/local/include -I/usr/local/include -I/usr/local/include -O3
-Wall -Wcast-align -Wshadow -Wstrict-prototypes -Wformat -Wno-format-y2k
-Wformat-security -W -Wno-sign-compare -Wno-format-zero-length
-Wno-missing-field-initializers -Wdeclaration-after-statement
-Wlogical-op -Wvla -Wno-pointer-sign -Wpointer-arith -g -O2 -o gpg.exe
gpg.o keyedit.o server.o build-packet.o compress.o free-packet.o
getkey.o keydb.o keyring.o seskey.o kbnode.o mainproc.o armor.o
mdfilter.o textfilter.o progress.o misc.o rmd160.o openfile.o keyid.o
parse-packet.o cpr.o plaintext.o sig-check.o keylist.o pkglue.o ecdh.o
pkclist.o skclist.o pubkey-enc.o passphrase.o decrypt.o decrypt-data.o
cipher-cfb.o cipher-aead.o encrypt.o sign.o verify.o revoke.o dearmor.o
import.o export.o migrate.o delkey.o keygen.o helptext.o keyserver.o
call-dirmngr.o photoid.o call-agent.o trust.o trustdb.o tdbdump.o
tdbio.o card-util.o exec.o key-check.o ../kbx/libkeybox.a
../common/libcommon.a ../common/libgpgrl.a -lintl -L/usr/local/lib
-lgcrypt -lgpg-error -lassuan -L/usr/local/lib -lgpg-error
-L/usr/local/lib -lgpg-error /usr/local/lib/libiconv.dll.a -L/usr/local/lib
/usr/local/lib/libgpg-error.a(libgpg_error_la-strsource.o): In function
`_gpg_strsource':
/home/john/git/libgpg-error/src/strsource.c:36: undefined reference to
`libintl_dgettext'
/home/john/git/libgpg-error/src/strsource.c:36:(.text+0x45): relocation
truncated to fit: R_X86_64_PC32 against undefined symbol `libintl_dgettext'
/usr/local/lib/libgpg-error.a(libgpg_error_la-strerror.o): In function
`_gpg_strerror_r':
/home/john/git/libgpg-error/src/strerror.c:161: undefined reference to
`libintl_dgettext'
/home/john/git/libgpg-error/src/strerror.c:161:(.text+0x2f5): relocation
truncated to fit: R_X86_64_PC32 against undefined symbol `libintl_dgettext'
/usr/local/lib/libgpg-error.a(libgpg_error_la-strerror.o): In function
`_gpg_strerror':
/home/john/git/libgpg-error/src/strerror.c:50: undefined reference to
`libintl_dgettext'
/home/john/git/libgpg-error/src/strerror.c:50:(.text+0xef): relocation
truncated to fit: R_X86_64_PC32 against undefined symbol `libintl_dgettext'
collect2: error: ld returned 1 exit status
make[2]: *** [Makefile:789: gpg.exe] Error 1
make[2]: Leaving directory '/home/john/git/gnupg/g10'
make[1]: *** [Makefile:614: all-recursive] Error 1
make[1]: Leaving directory '/home/john/git/gnupg'
make: *** [Makefile:534: all] Error 2


$ make check
Making check in m4
make[1]: Entering directory '/home/john/git/gnupg/m4'
make[1]: Nothing to be done for 'check'.
make[1]: Leaving directory '/home/john/git/gnupg/m4'
Making check in common
make[1]: Entering directory '/home/john/git/gnupg/common'
make check-am
make[2]: Entering directory '/home/john/git/gnupg/common'
make check-TESTS
make[3]: Entering directory '/home/john/git/gnupg/common'
PASS: t-stringhelp.exe
PASS: t-timestuff.exe
PASS: t-convert.exe
PASS: t-percent.exe
PASS: t-gettime.exe
PASS: t-sysutils.exe
PASS: t-sexputil.exe
> Known envvars: GPG_TTY(ttyname) TERM(ttytype) DISPLAY(display)
> XAUTHORITY(xauthority) XMODIFIERS GTK_IM_MODULE
DBUS_SESSION_BUS_ADDRESS
> QT_IM_MODULE INSIDE_EMACS PINENTRY_USER_DATA(pinentry-user-data)
PASS: t-session-env.exe
standard ECC curve missing
FAIL: t-openpgp-oid.exe
t-ssh-utils.c:351: error getting fingerprint for sample key 0: Not
operational
FAIL: t-ssh-utils.exe
PASS: t-mapstrings.exe
PASS: t-zb32.exe
PASS: t-mbox-util.exe
PASS: t-iobuf.exe
PASS: t-strlist.exe
PASS: t-name-value.exe
PASS: t-ccparray.exe
PASS: t-recsel.exe
PASS: t-exechelp.exe
error running '/bin/false': exit status 1
PASS: t-exectool.exe
=======================================
2 of 20 tests failed
Please report to https://bugs.gnupg.org
=======================================
make[3]: *** [Makefile:2701: check-TESTS] Error 1
make[3]: Leaving directory '/home/john/git/gnupg/common'
make[2]: *** [Makefile:2824: check-am] Error 2
make[2]: Leaving directory '/home/john/git/gnupg/common'
make[1]: *** [Makefile:2826: check] Error 2
make[1]: Leaving directory '/home/john/git/gnupg/common'
make: *** [Makefile:614: check-recursive] Error 1

I really appriciate any help.

--
John Doe

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf [ In reply to ]
On 7/5/2018 12:18 PM, john doe wrote:
> On 7/4/2018 2:25 PM, Werner Koch wrote:
>> On Wed,  4 Jul 2018 09:11, gniibe@fsij.org said:
>>
>>> The patch is: Don't try to look the error code, but fallback TOR_PORT2
>>> always.
>>
>> I don't like this patch because it is not specific enough.
>>
>> If Cygwin really returns EPERM, than this is a bug in the Cygwin
>> emulation because all Unix systems (and actually all BSD sockets based
>> systems) return ECONNREFUSED.  We should not try to fix bugs for Cygwin
>> given that Cygwin is not offically supported.
>>
>
> What would it take to make Cygwin officially supported?
>

Thanks to the help on this mailing list I've been able to isolate the
issue that was bugging me:

I was trying to use the cygwinized version of dirmngr while having
gpg4win installed.
As soon as I removed 'gpg4win, Cygwin dirmngr is able to connect to TBB
for Windows.

So Cygwin returns the proper error code and gnupg can connect to TBB for
Windows without issue.

On Cygwin I use git and need to verify tags and commits using gpg but I
also use enigmail with gpg4win to verify e-mail signature.
When I need to use Cygwin dirmngr or gpg4win dirmngr, I do, 'gpgconf
--kill dirmngr' as a work around.
Is this approatche reasonable or how can I insure that gpg4win dirmngr
won't interfer with Cygwin dirmngr?

As an aside, gpg4win dirmngr is running as an processe.
I'd like dirmngr to use TBB for Windows instead of Windows's DNS, is
'gpgconf --reload dirmngr' the correct way to reload dirmngr for it to
use TBB?

Thanks again to NIIBE Yutaka and Werner Koch for their help.

--
John Doe

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users