GPG upload of newly-changed key fails because we cache the old key
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Triaged
|
Low
|
Unassigned |
Bug Description
The upload of a newly-changed GPG key fails and keeps failing for a long time after we update the key. James H. has provided us with a good hypothesis:
<quote>
The GPGHandler.
1. try to get key from local keyring
2. if that fails, grab it from our keyserver
So if someone tries to add a sign-only key we'll cache that key in the app server's $GNUPGHOME. If the user adds an encryption key, waits for the keyserver to synchronise and tries to add it again, LP will still get the old cached version unless one of the following holds:
* they hit a different app server
* the app server process has been restarted (which creates a new $GNUPGHOME)
These two variables could indicate why the problem appears to be intermittent.
</unquote>
The solution may involve writing code to invalidate the cache, and always invalidating when the end-user is uploading a key -- it is still useful for other situations, of course.
Changed in launchpad: | |
status: | New → Accepted |
Changed in launchpad-foundations: | |
assignee: | jamesh → nobody |
tags: | added: gpg |
no longer affects: | ubuntu |
Assigning James H for the time being.