Ubuntu
software-properties package

apt-add-repository times out behind proxy

Bug #1713962 reported by Paul Strachan
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
software-properties (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

1) Release
Ubuntu 17.04

2) Package
software-properties-common: 0.96.24.13

3) What you expected to happen
GPG key processed successfully
e.g.

$ sudo -E add-apt-repository ppa:whatever

Press [ENTER] to continue or ctrl-c to cancel adding it

gpg: keybox '/tmp/tmpby0unfol/pubring.gpg' created
gpg: /tmp/tmpby0unfol/trustdb.gpg: trustdb created
gpg: key XXXXXXXXXX: public key "Launchpad VLC" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1
OK

4) What happened instead
Timeout on gpg command
e.g.

$ sudo -E add-apt-repository ppa:whatever

Press [ENTER] to continue or ctrl-c to cancel adding it

gpg: keybox '/tmp/xxx/pubring.gpg' created
Error: retrieving gpg key timed out.

5) Additional info

- OK on Ubuntu 16.04.3 LTS, software-properties-common: 0.96.20.7
- Network Proxy is set via GUI, applied system wide

Related branches

lp:~xnox/software-properties/gnupg-fix-all-the-things
Ubuntu Core Development Team: Pending requested
Diff: 595 lines (+181/-170)
10 files modified
add-apt-repository (+4/-4)
debian/changelog (+24/-0)
debian/control (+2/-2)
debian/tests/add-apt-repository (+11/-7)
debian/tests/control (+3/-3)
debian/tests/run-tests (+0/-9)
software-properties-gtk (+2/-3)
software-properties-kde (+1/-5)
softwareproperties/ppa.py (+71/-103)
tests/test_lp.py (+63/-34)
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in software-properties (Ubuntu):
status: New → Confirmed
Revision history for this message
CB (cbrchrt) wrote :

I was able to fix it by using --keyserver-options like in the following patch:

diff /usr/lib/python3/dist-packages/softwareproperties/ppa.py{.orig,}
189,195c189,207
< res = subprocess.call(self.GPG_DEFAULT_OPTIONS + [
< "--homedir", keyring_dir,
< "--secret-keyring", secret_keyring,
< "--keyring", keyring,
< "--keyserver", self.keyserver,
< "--recv", signing_key_fingerprint,
< ])
---
> http_proxy = os.environ.get("http_proxy")
> if http_proxy != "":
> res = subprocess.call(self.GPG_DEFAULT_OPTIONS + [
> "--homedir", keyring_dir,
> "--secret-keyring", secret_keyring,
> "--keyring", keyring,
> "--keyserver", self.keyserver,
> "--keyserver-options", "http-proxy=" + http_proxy,
> "--recv", signing_key_fingerprint,
> ])
> else:
> res = subprocess.call(self.GPG_DEFAULT_OPTIONS + [
> "--homedir", keyring_dir,
> "--secret-keyring", secret_keyring,
> "--keyring", keyring,
> "--keyserver", self.keyserver,
> "--recv", signing_key_fingerprint,
> ])
>

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package software-properties - 0.96.24.25

---------------
software-properties (0.96.24.25) bionic; urgency=medium

  * ppa.py:
   - rework key retrieval, instead of using hkp & gnupg/dirmngr, use https
     & python's built in urllib.
   - thus, add-apt-key for PPAs observes https_proxy for key retrieval
   - simplify gnupg operations, depend on gpg package only, and use
     import/public key operations only.
   - fix unicode process output bugs, when operating in a non-UTF-8
     locale, thus enabling to import keys for my ppas in C locale.
   - avoid creating trustdb, or requiring any gpg-agent systemd socket to
     be activated
   - update tests to execute key addition fully with less things stubbed
     out with mock
   - stop using apt-key for installing keys
   - dirmngr is a heavy dependency and not used, and it is hard to pass
     proxy information to it when invoking gpg from a non-standard homedir
   - deprecate --keyserver option, making HTTPS access to
     keyserver.ubuntu.com required
   - LP: #1755192, LP: #1713962, LP: #1699086, LP: #1510220, LP: #1433761,
     LP: #1395321, LP: #1312267

 -- Dimitri John Ledkov <email address hidden> Mon, 02 Apr 2018 10:19:34 +0100

Changed in software-properties (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.