Skip to content
GitLab
Closed
Created by Roger Dingledine@armaReporter

dirmngr goes berserk making tor requests after gpg --recv-key attempt ends

I'm not sure where we should actually file this ticket, but I'm going to start here so I can get my logs up somewhere before they disappear.

I run Debian, and have the single line "use-tor" in my ~/.gnupg/dirmngr.conf.

I unslept my laptop recently, and did a

torify gpg --recv-key ...

which hung. Eventually I ctrl-C'ed it.

Later, I realized that my Tor was working really hard to make connections. Here is a little snippet from 'setevents circ stream orconn'

650 STREAM 2394 CLOSED 8 8.8.8.8:53 REASON=DONE
650 STREAM 2398 NEW 0 [2001:610:1:40cc::9164:b9e5]:11371 SOURCE_ADDR=127.0.0.1:54162 PURPOSE=USER
650 STREAM 2398 SENTCONNECT 10 [2001:610:1:40cc::9164:b9e5]:11371
650 STREAM 2397 CLOSED 8 8.8.8.8:53 REASON=DONE
650 STREAM 2395 CLOSED 8 8.8.8.8:53 REASON=DONE
650 STREAM 2399 NEW 0 [2001:610:1:40cc::9164:b9e5]:11371 SOURCE_ADDR=127.0.0.1:54164 PURPOSE=USER
650 STREAM 2399 SENTCONNECT 10 [2001:610:1:40cc::9164:b9e5]:11371
650 STREAM 2398 REMAP 10 [2001:610:1:40cc::9164:b9e5]:11371 SOURCE=EXIT
650 STREAM 2398 SUCCEEDED 10 [2001:610:1:40cc::9164:b9e5]:11371
650 STREAM 2399 REMAP 10 [2001:610:1:40cc::9164:b9e5]:11371 SOURCE=EXIT
650 STREAM 2399 SUCCEEDED 10 [2001:610:1:40cc::9164:b9e5]:11371
650 STREAM 2398 CLOSED 10 [2001:610:1:40cc::9164:b9e5]:11371 REASON=END REMOTE_REASON=DONE
650 STREAM 2400 NEW 0 8.8.8.8:53 SOURCE_ADDR=127.0.0.1:54166 PURPOSE=USER
650 STREAM 2400 SENTCONNECT 8 8.8.8.8:53
650 STREAM 2399 CLOSED 10 [2001:610:1:40cc::9164:b9e5]:11371 REASON=END REMOTE_REASON=DONE
650 STREAM 2401 NEW 0 8.8.8.8:53 SOURCE_ADDR=127.0.0.1:54168 PURPOSE=USER
650 STREAM 2401 SENTCONNECT 8 8.8.8.8:53
650 STREAM 2400 REMAP 8 8.8.8.8:53 SOURCE=EXIT
650 STREAM 2400 SUCCEEDED 8 8.8.8.8:53

These were just streaming by. You can tell from the streamid of 2400 that it had made many many streams already.

$ netstat -aen|grep 9050|wc -l
260

"lsof|grep 9050" told me it was dirmngr making the connections.

I kill -9'ed dirmngr and the stream requests stopped.

That can't have been good for the Tor network. Especially if we have even a small pile of people with this buggy berserk dirmngr hammering the network nonstop forever.

It seems like we might want to track down the poor decision making choices inside dirmngr, for the good of our network.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information