diff options
| -rw-r--r-- | dirmngr/dirmngr.c | 10 | ||||
| -rw-r--r-- | dirmngr/dns-stuff.c | 12 | ||||
| -rw-r--r-- | dirmngr/dns-stuff.h | 6 | ||||
| -rw-r--r-- | dirmngr/server.c | 7 | ||||
| -rw-r--r-- | dirmngr/t-dns-stuff.c | 16 |
5 files changed, 14 insertions, 37 deletions
diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c index 5ee589e93..f50e935b8 100644 --- a/dirmngr/dirmngr.c +++ b/dirmngr/dirmngr.c @@ -481,6 +481,9 @@ set_tor_mode (void) { if (opt.use_tor) { + /* Enable Tor mode and when called again force a new curcuit + * (e.g. on SIGHUP). */ + enable_dns_tormode (1); if (assuan_sock_set_flag (ASSUAN_INVALID_FD, "tor-mode", 1)) { log_error ("error enabling Tor mode: %s\n", strerror (errno)); @@ -919,13 +922,6 @@ main (int argc, char **argv) log_info ("NOTE: this is a development version!\n"); #endif - if (opt.use_tor) - { - log_info ("WARNING: ***************************************\n"); - log_info ("WARNING: Tor mode (--use-tor) MAY NOT FULLY WORK!\n"); - log_info ("WARNING: ***************************************\n"); - } - /* Print a warning if an argument looks like an option. */ if (!opt.quiet && !(pargs.flags & ARGPARSE_FLAG_STOP_SEEN)) { diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c index cf8cefb2e..e32e1e3e1 100644 --- a/dirmngr/dns-stuff.c +++ b/dirmngr/dns-stuff.c @@ -199,9 +199,9 @@ recursive_resolver_p (void) } -/* Sets the module in Tor mode. Returns 0 is this is possible or an - error code. */ -gpg_error_t +/* Puts this module eternally into Tor mode. When called agained with + * NEW_CIRCUIT request a new TOR circuit for the next DNS query. */ +void enable_dns_tormode (int new_circuit) { if (!*tor_socks_user || new_circuit) @@ -215,7 +215,6 @@ enable_dns_tormode (int new_circuit) counter++; } tor_mode = 1; - return 0; } @@ -548,7 +547,10 @@ reload_dns_stuff (int force) libdns_reinit_pending = 0; } else - libdns_reinit_pending = 1; + { + libdns_reinit_pending = 1; + libdns_tor_port = 0; /* Start again with the default port. */ + } #else (void)force; #endif diff --git a/dirmngr/dns-stuff.h b/dirmngr/dns-stuff.h index 0a4a4de2f..eb7fe7246 100644 --- a/dirmngr/dns-stuff.h +++ b/dirmngr/dns-stuff.h @@ -113,9 +113,9 @@ void enable_recursive_resolver (int yes); /* Return true iff the recursive resolver is used. */ int recursive_resolver_p (void); -/* Calling this function switches the DNS code into Tor mode if - possibe. Return 0 on success. */ -gpg_error_t enable_dns_tormode (int new_circuit); +/* Put this module eternally into Tor mode. When called agained with + * NEW_CIRCUIT request a new TOR circuit for the next DNS query. */ +void enable_dns_tormode (int new_circuit); /* Change the default IP address of the nameserver to IPADDR. The address needs to be a numerical IP address and will be used for the diff --git a/dirmngr/server.c b/dirmngr/server.c index a785238dc..28c2cd428 100644 --- a/dirmngr/server.c +++ b/dirmngr/server.c @@ -709,13 +709,6 @@ cmd_dns_cert (assuan_context_t ctx, char *line) } } - if (opt.use_tor && (err = enable_dns_tormode (0))) - { - /* Tor mode is requested but the DNS code can't enable it. */ - assuan_set_error (ctx, err, "error enabling Tor mode"); - goto leave; - } - if (pka_mode || dane_mode) { char *domain; /* Points to mbox. */ diff --git a/dirmngr/t-dns-stuff.c b/dirmngr/t-dns-stuff.c index b087b5ead..bc4ca9a51 100644 --- a/dirmngr/t-dns-stuff.c +++ b/dirmngr/t-dns-stuff.c @@ -51,7 +51,6 @@ main (int argc, char **argv) gpg_error_t err; int any_options = 0; int opt_tor = 0; - int opt_new_circuit = 0; int opt_cert = 0; int opt_srv = 0; int opt_bracket = 0; @@ -103,11 +102,6 @@ main (int argc, char **argv) opt_tor = 1; argc--; argv++; } - else if (!strcmp (*argv, "--new-circuit")) - { - opt_new_circuit = 1; - argc--; argv++; - } else if (!strcmp (*argv, "--standard-resolver")) { enable_standard_resolver (1); @@ -171,15 +165,7 @@ main (int argc, char **argv) init_sockets (); if (opt_tor) - { - err = enable_dns_tormode (opt_new_circuit); - if (err) - { - fprintf (stderr, "error switching into Tor mode: %s\n", - gpg_strerror (err)); - exit (1); - } - } + enable_dns_tormode (0); if (opt_cert) { |