dirmngr: Switch to an onion address if Tor is running.

* dirmngr/dirmngr.h (opt): Turn field 'keyserver' into an strlist.
* dirmngr/dirmngr.c (parse_rereadable_options): Allow multiple
--keyserver options.
* dirmngr/server.c (server_local_s): Add field 'tor_state'.
(release_uri_item_list): New.
(release_ctrl_keyservers): Use it.
(start_command_handler): Release list of keyservers.
(is_tor_running): New.
(cmd_getinfo): Re-implement "tor" subcommand using new fucntion.
(ensure_keyserver): Rewrite.
* g10/dirmngr-conf.skel: Add two keyserver options.
--

This feature is independent of --use-tor and automagically uses Tor if
available.  The dirmngr.conf file needs to specify two keyservers to
make this work.  For new installations this is done using the skeleton
file.  This feature requires the Libassuan 2.4.2 to work.

This patch also fixes a memory leak of opt.keyserver en passant.

Signed-off-by: Werner Koch <[email protected]>

1 files changed, 5 insertions, 0 deletions

diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi
index 6a4d6d6c4..5b73d7b4d 100644
--- a/doc/dirmngr.texi
+++ b/doc/dirmngr.texi
@@ -263,6 +263,11 @@ need to send keys to more than one server. The keyserver
 @code{hkp://keys.gnupg.net} uses round robin DNS to give a different
 keyserver each time you use it.
 
+If exactly two keyservers are configured and only one is a Tor hidden
+service (.onion), Dirmngr selects the keyserver to use depending on
+whether Tor is locally running or not.  The check for a running Tor is
+done for each new connection.
+
 
 @item --nameserver @var{ipaddr}
 @opindex nameserver