Description of problem: I can't --refresh keys from the command line. Version-Release number of selected component (if applicable): 26 How reproducible: All the time. [ludo@Oulanl ~]$ gpg2 --refresh-keys gpg: refreshing 219 keys from hkp://ipv6.pool.sks-keyservers.net gpg: keyserver refresh failed: Address family not supported by protocol [ludo@Oulanl ~]$ gpg2 --refresh-keys --keyserver hpk://pgp.mit.edu gpg: refreshing 219 keys from hpk://pgp.mit.edu gpg: keyserver refresh failed: No keyserver available [ludo@Oulanl ~]$ gpg2 --keyserver hpk://pgp.mit.edu --refresh-keys gpg: refreshing 219 keys from hpk://pgp.mit.edu gpg: keyserver refresh failed: No keyserver available [ludo@Oulanl ~]$ man gpg2 [ludo@Oulanl ~]$ gpg2 --refresh-keys --verbose gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: refreshing 219 keys from hkp://ipv6.pool.sks-keyservers.net gpg: keyserver refresh failed: Address family not supported by protocol [ludo@Oulanl ~]$ gpg2 --keyserver hpk://pgp.mit.edu --refresh-keys --verbose gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: refreshing 219 keys from hpk://pgp.mit.edu gpg: keyserver refresh failed: No keyserver available [ludo@Oulanl ~]$ ping ipv6.pool.sks-keyservers.net PING ipv6.pool.sks-keyservers.net(2a01:4f8:161:4283:1000::203 (2a01:4f8:161:4283:1000::203)) 56 data bytes 64 bytes from 2a01:4f8:161:4283:1000::203 (2a01:4f8:161:4283:1000::203): icmp_seq=1 ttl=51 time=38.0 ms ^C --- ipv6.pool.sks-keyservers.net ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 38.097/38.097/38.097/0.000 ms [ludo@Oulanl ~]$ ping pgp.mit.edu PING cryptonomicon.mit.edu (18.9.60.141) 56(84) bytes of data. ^C --- cryptonomicon.mit.edu ping statistics --- 3 packets transmitted, 0 received, 100% packet loss, time 2024ms [ludo@Oulanl ~]$ ping gpg.mit.edu ping: gpg.mit.edu: Name or service not known [ludo@Oulanl ~]$ gpg2 --keyserver hpk://pool.sks-keyservers.net --refresh-keys --verbose gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: subpacket of type 20 has critical bit set gpg: refreshing 219 keys from hpk://pool.sks-keyservers.net gpg: keyserver refresh failed: No keyserver available [ludo@Oulanl ~]$ ping pool.sks-keyservers.net PING pool.sks-keyservers.net(2a01:4f8:161:4283:1000::203 (2a01:4f8:161:4283:1000::203)) 56 data bytes 64 bytes from 2a01:4f8:161:4283:1000::203 (2a01:4f8:161:4283:1000::203): icmp_seq=1 ttl=51 time=40.4 ms 64 bytes from 2a01:4f8:161:4283:1000::203 (2a01:4f8:161:4283:1000::203): icmp_seq=2 ttl=51 time=41.0 ms ^C --- pool.sks-keyservers.net ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 40.486/40.767/41.049/0.346 ms
Unfortunately I do not have IPv6 connection so I cannot test whether the IPv6 support in gnupg2 regressed in Fedora 26 or whether it is some kind of misconfiguration on your machine. Does other IPv6 connectivity work, not just ping? But note that the protocol is hkp and not hpk - you have this typo in some cases in your report.
(In reply to Tomas Mraz from comment #1) > Unfortunately I do not have IPv6 connection so I cannot test whether the > IPv6 support in gnupg2 regressed in Fedora 26 or whether it is some kind of > misconfiguration on your machine. > > Does other IPv6 connectivity work, not just ping? test-ipv6.com works nicely. > But note that the protocol is hkp and not hpk - you have this typo in some > cases in your report. Yeah a typo. It used to work because I could update a few weeks ago. I didn't change any items related to network. I'm willing to provide all the debug info and config files you'll need.
I can now reproduce the problem and it does not affect just the IPv6 enabled systems. It broke with introduction of libdns in gnupg2-2.1.17. I am building 2.1.20 with the libdns disabled as it is still broken there.
gnupg2-2.1.20-1.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-f2b99a5ac7
Anything special I need to do to test ? or will I get the update when I just dnf update ?
Either you have to wait until the package is pushed into the testing repository or you can download and install the build from the koji directly here: https://koji.fedoraproject.org/koji/buildinfo?buildID=882864
gnupg2-2.1.20-1.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-f2b99a5ac7
(In reply to Fedora Update System from comment #7) > gnupg2-2.1.20-1.fc26 has been pushed to the Fedora 26 testing repository. If > problems still persist, please make note of it in this bug report. > See https://fedoraproject.org/wiki/QA:Updates_Testing for > instructions on how to install test updates. > You can provide feedback for this update here: > https://bodhi.fedoraproject.org/updates/FEDORA-2017-f2b99a5ac7 [ludo@Oulanl Pictures]$ sudo dnf --disablerepo virtualbox --disablerepo bitcoin update gnupg2 --enablerepo updates-testing Last metadata expiration check: 0:02:11 ago on Wed Apr 26 05:42:37 2017 CEST. Dependencies resolved. Nothing to do. Complete! [ludo@Oulanl Pictures]$ [ludo@Oulanl Pictures]$ rpm -qa |grep gnupg2 gnupg2-smime-2.1.18-2.fc26.x86_64 gnupg2-2.1.18-2.fc26.x86_64 [ludo@Oulanl Pictures]$ Shall I file a bug for the above ?
scrap the previous comment. I just updated and things work again.
gnupg2-2.1.20-2.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-f2b99a5ac7
gnupg2-2.1.20-2.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-f2b99a5ac7
gnupg2-2.1.20-2.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.