From 28e2513721ff0cec920564d4087f3600cce8672e Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Wed, 2 Dec 2015 11:49:41 +0100
Subject: dirmngr: Switch to an onion address if Tor is running.

* dirmngr/dirmngr.h (opt): Turn field 'keyserver' into an strlist.
* dirmngr/dirmngr.c (parse_rereadable_options): Allow multiple
--keyserver options.
* dirmngr/server.c (server_local_s): Add field 'tor_state'.
(release_uri_item_list): New.
(release_ctrl_keyservers): Use it.
(start_command_handler): Release list of keyservers.
(is_tor_running): New.
(cmd_getinfo): Re-implement "tor" subcommand using new fucntion.
(ensure_keyserver): Rewrite.
* g10/dirmngr-conf.skel: Add two keyserver options.
--

This feature is independent of --use-tor and automagically uses Tor if
available.  The dirmngr.conf file needs to specify two keyservers to
make this work.  For new installations this is done using the skeleton
file.  This feature requires the Libassuan 2.4.2 to work.

This patch also fixes a memory leak of opt.keyserver en passant.

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 doc/dirmngr.texi | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'doc')

diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi
index 6a4d6d6c4..5b73d7b4d 100644
--- a/doc/dirmngr.texi
+++ b/doc/dirmngr.texi
@@ -263,6 +263,11 @@ need to send keys to more than one server. The keyserver
 @code{hkp://keys.gnupg.net} uses round robin DNS to give a different
 keyserver each time you use it.
 
+If exactly two keyservers are configured and only one is a Tor hidden
+service (.onion), Dirmngr selects the keyserver to use depending on
+whether Tor is locally running or not.  The check for a running Tor is
+done for each new connection.
+
 
 @item --nameserver @var{ipaddr}
 @opindex nameserver
-- 
cgit v1.2.3