From de6d8313f6df32aaa151bee74e1db269ac1e0fed Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Thu, 2 Mar 2017 17:58:00 +0100 Subject: dirmngr: Let --gpgconf-list return the default keyserver. * dirmngr/misc.c (get_default_keyserver): New. * dirmngr/http.c: Include misc.h (http_session_new): Use get_default_keyserver instead of hardwired "hkps.pool.sks-keyservers.net". * dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Ditto. * dirmngr/dirmngr.c (main) : Return default keyserver. Signed-off-by: Werner Koch --- dirmngr/http-ntbtls.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'dirmngr/http-ntbtls.c') diff --git a/dirmngr/http-ntbtls.c b/dirmngr/http-ntbtls.c index 00d6a58bf..d44b77930 100644 --- a/dirmngr/http-ntbtls.c +++ b/dirmngr/http-ntbtls.c @@ -26,12 +26,12 @@ #include "dirmngr.h" #include "certcache.h" #include "validate.h" +#include "misc.h" #ifdef HTTP_USE_NTBTLS # include - /* The callback used to verify the peer's certificate. */ gpg_error_t gnupg_http_tls_verify_cb (void *opaque, @@ -77,11 +77,11 @@ gnupg_http_tls_verify_cb (void *opaque, validate_flags = VALIDATE_FLAG_TLS; - /* Are we using the standard hkps:// pool use the dedicated + /* If we are using the standard hkps:// pool use the dedicated * root certificate. */ hostname = ntbtls_get_hostname (tls); if (hostname - && !ascii_strcasecmp (hostname, "hkps.pool.sks-keyservers.net")) + && !ascii_strcasecmp (hostname, get_default_keyserver (1))) { validate_flags |= VALIDATE_FLAG_TRUST_HKPSPOOL; } -- cgit v1.2.3