diff options
| author | Daniel Kahn Gillmor <[email protected]> | 2016-10-27 22:30:59 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2016-11-17 14:29:35 +0000 |
| commit | 8fb482252436b3b4b0b33663d95d1d17188ad1d9 (patch) | |
| tree | 732cd2ae971eb3a0aecac6414ea2a4587bed649a | |
| parent | dirmngr: Add system CAs if no hkp-cacert is given (diff) | |
| download | gnupg-8fb482252436b3b4b0b33663d95d1d17188ad1d9.tar.gz gnupg-8fb482252436b3b4b0b33663d95d1d17188ad1d9.zip | |
dirmngr: Use a default keyserver if none is explicitly set
* configure.ac: Define DIRMNGR_DEFAULT_KEYSERVER.
* dirmngr/server.c (ensure_keyserver): Use it if no keyservers are set.
* doc/dirmngr.texi: Document this behavior.
--
A user who doesn't specify a keyserver, but asks gnupg to fetch a key
currently just gets a simple error messages "No keyserver available".
If the user is asking to contact a keyserver, we should have a
reasonable default, and not require them to fiddle with settings when
they might not know what settings to choose. This patch makes the
default hkps://hkps.pool.sks-keyservers.net.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
| -rw-r--r-- | configure.ac | 3 | ||||
| -rw-r--r-- | dirmngr/server.c | 6 | ||||
| -rw-r--r-- | doc/dirmngr.texi | 2 |
3 files changed, 10 insertions, 1 deletions
diff --git a/configure.ac b/configure.ac index bc3e2a80a..1b77a45e0 100644 --- a/configure.ac +++ b/configure.ac @@ -1764,6 +1764,9 @@ AC_DEFINE_UNQUOTED(SCDAEMON_SOCK_NAME, "S.scdaemon", [The name of the SCdaemon socket]) AC_DEFINE_UNQUOTED(DIRMNGR_SOCK_NAME, "S.dirmngr", [The name of the dirmngr socket]) +AC_DEFINE_UNQUOTED(DIRMNGR_DEFAULT_KEYSERVER, + "hkps://hkps.pool.sks-keyservers.net", + [The default keyserver for dirmngr to use, if none is explicitly given]) AC_DEFINE_UNQUOTED(GPGEXT_GPG, "gpg", [The standard binary file suffix]) diff --git a/dirmngr/server.c b/dirmngr/server.c index 5c78d64c3..008849823 100644 --- a/dirmngr/server.c +++ b/dirmngr/server.c @@ -1810,7 +1810,11 @@ ensure_keyserver (ctrl_t ctrl) if (ctrl->server_local->keyservers) return 0; /* Already set for this session. */ if (!opt.keyserver) - return 0; /* No global option set. */ + { + /* No global option set. Fall back to default: */ + return make_keyserver_item (DIRMNGR_DEFAULT_KEYSERVER, + &ctrl->server_local->keyservers); + } for (sl = opt.keyserver; sl; sl = sl->next) { diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi index bc3072ce8..be4e97ab7 100644 --- a/doc/dirmngr.texi +++ b/doc/dirmngr.texi @@ -277,6 +277,8 @@ service (.onion), Dirmngr selects the keyserver to use depending on whether Tor is locally running or not. The check for a running Tor is done for each new connection. +If no keyserver is explicitly configured, dirmngr will use the +built-in default of hkps://hkps.pool.sks-keyservers.net. @item --nameserver @var{ipaddr} @opindex nameserver |