use-tor should not imply allow-version-check
Steven Allen
steven at stebalien.com
Tue Jan 3 23:27:34 CET 2017
Werner Koch <wk at gnupg.org> writes:
> It is the other way around: GnuPG does update its copy of the software
> version database by default. However, for privacy reason it can do this
> only if that does not leak the IP address. With Tor this is asserted.
> Without Tor this is not possible and like we have always for done
> features (e.g. OCSP) the user is required to enable an option.
Given that `use-tor` is off by default (most users don't even have tor
installed), you can't say GnuPG updates the software version database by
default. It does so iff `use-tor' or `allow-version-check' are enabled.
Given that the user has to explicitly enable `use-tor', I see no
advantage to automatically enabling `allow-version-check' with tor
enabled. Anyways, I'd be very surprised if there are *any* users with
`use-tor` enabled that don't update gnupg through a package manager.
Also, does gnupg even use this information? As far as I can tell, this
feature isn't used internally so can't this information be fetched (and
cached) when requested (when something calls `gpgconf --query-swdb')?
Finally, gnupg is now the *only* software on my system that doesn't
allow me to disable automatic update checks and the only daemon that
even supports automatic update checks.
> I can't replicate that. I tested with "use-tor" and Tor running and Tor
> not running. All worked as expected: I can see traffic to
> versions.gnupg.org ("tcpick -i eth0 -C -yP -h 'host 217.69.76.56'") only
> when use-tor is not active. I have not tested with running the
> TorBrowser only, though.
Tomoyo logs (my UID is 1000):
#2017/01/03 19:54:45# profile=3 mode=enforcing granted=no (global-pid=2051) task={ pid=1360 ppid=389 uid=1000 gid=100 euid=1000 egid=100 suid=1000 sgid=100 fsuid=1000 fsgid=100 }
<kernel> /usr/bin/dirmngr
network inet dgram send 217.69.76.56 443
#2017/01/03 19:54:45# profile=3 mode=enforcing granted=no (global-pid=2051) task={ pid=1360 ppid=389 uid=1000 gid=100 euid=1000 egid=100 suid=1000 sgid=100 fsuid=1000 fsgid=100 }
<kernel> /usr/bin/dirmngr
network inet dgram send 2001:aa8:fff1:2100::56 443
#2017/01/03 19:54:46# profile=3 mode=enforcing granted=no (global-pid=2051) task={ pid=1360 ppid=389 uid=1000 gid=100 euid=1000 egid=100 suid=1000 sgid=100 fsuid=1000 fsgid=100 }
<kernel> /usr/bin/dirmngr
network inet dgram send 217.69.76.56 443
#2017/01/03 19:54:46# profile=3 mode=enforcing granted=no (global-pid=2051) task={ pid=1360 ppid=389 uid=1000 gid=100 euid=1000 egid=100 suid=1000 sgid=100 fsuid=1000 fsgid=100 }
<kernel> /usr/bin/dirmngr
network inet dgram send 2001:aa8:fff1:2100::56 443
dirmngr.conf:
use-tor
keyserver hkp://jirk5u4osbsr34t5.onion
gpg-agent.conf:
pinentry-program /usr/bin/pinentry-gnome3
no-allow-loopback-pinentry
no-allow-mark-trusted
enable-ssh-support
no-allow-external-cache
gpg.conf:
# Started by systemd
no-autostart
use-agent
utf8-strings
trust-model tofu
auto-key-locate local
# Just in case?
keyserver hkp://jirk5u4osbsr34t5.onion
keyserver-options auto-key-retrieve
default-key 5899410C
FYI, This isn't related to the TorBrowser. I've installed both tor and
gnupg through my package manager (Arch Linux, gnupg version 2.1.17).
> However, while testing I noticed that when you add "use-tor" to
> dirmngr.conf and SIGHUP dirmngr (e.g. "gpgconf --reload dirmngr"), Tor
> is indeed not used for DNS. This has been fixed today.
This obviously isn't a DNS request.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: </pipermail/attachments/20170103/56c1013c/attachment.sig>
More information about the Gnupg-devel
mailing list