6 files changed, 82 insertions, 31 deletions

diff --git a/doc/gpg.texi b/doc/gpg.texi
index 28e4f8314..7d78e9e3e 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1504,6 +1504,9 @@ ignored if the option --with-colons is used.
 
 @item --keyserver @code{name}
 @opindex keyserver
+This option is deprecated - please use the @option{--keyserver} in
+@file{dirmngr.conf} instead.
+
 Use @code{name} as your keyserver. This is the server that
 @option{--recv-keys}, @option{--send-keys}, and @option{--search-keys}
 will communicate with to receive keys from, send keys to, and search for
@@ -1586,6 +1589,7 @@ are available for all keyserver types, some common options are:
   @option{--recv-keys} command as a whole. Defaults to 30 seconds.
 
   @item http-proxy=@code{value}
+  This options is deprecated.
   Set the proxy to use for HTTP and HKP keyservers.
   This overrides any proxy defined in @file{dirmngr.conf}.
 
diff --git a/g10/call-dirmngr.c b/g10/call-dirmngr.c
index df19e4c00..75cd51d4e 100644
--- a/g10/call-dirmngr.c
+++ b/g10/call-dirmngr.c
@@ -44,6 +44,7 @@
 /* Parameter structure used to gather status info.  */
 struct ks_status_parm_s
 {
+  const char *keyword; /* Look for this keyword or NULL for "SOURCE". */
   char *source;
 };
 
@@ -334,7 +335,7 @@ clear_context_flags (ctrl_t ctrl, assuan_context_t ctx)
 
 
 
-/* Status callback for ks_get and ks_search.  */
+/* Status callback for ks_list, ks_get and ks_search.  */
 static gpg_error_t
 ks_status_cb (void *opaque, const char *line)
 {
@@ -342,7 +343,7 @@ ks_status_cb (void *opaque, const char *line)
   gpg_error_t err = 0;
   const char *s;
 
-  if ((s = has_leading_keyword (line, "SOURCE")))
+  if ((s = has_leading_keyword (line, parm->keyword? parm->keyword : "SOURCE")))
     {
       if (!parm->source)
         {
@@ -357,6 +358,44 @@ ks_status_cb (void *opaque, const char *line)
 
 
 
+/* Run the "KEYSERVER" command to return the name of the used
+   keyserver at R_KEYSERVER.  */
+gpg_error_t
+gpg_dirmngr_ks_list (ctrl_t ctrl, char **r_keyserver)
+{
+  gpg_error_t err;
+  assuan_context_t ctx;
+  struct ks_status_parm_s stparm;
+
+  memset (&stparm, 0, sizeof stparm);
+  stparm.keyword = "KEYSERVER";
+  *r_keyserver = NULL;
+
+  err = open_context (ctrl, &ctx);
+  if (err)
+    return err;
+
+  err = assuan_transact (ctx, "KEYSERVER", NULL, NULL,
+                         NULL, NULL, ks_status_cb, &stparm);
+  if (err)
+    goto leave;
+  if (!stparm.source)
+    {
+      err = gpg_error (GPG_ERR_NO_KEYSERVER);
+      goto leave;
+    }
+
+  *r_keyserver = stparm.source;
+  stparm.source = NULL;
+
+ leave:
+  xfree (stparm.source);
+  close_context (ctrl, ctx);
+  return err;
+}
+
+
+
 /* Data callback for the KS_SEARCH command. */
 static gpg_error_t
 ks_search_data_cb (void *opaque, const void *data, size_t datalen)
diff --git a/g10/call-dirmngr.h b/g10/call-dirmngr.h
index b9b8e21a3..cdad645ad 100644
--- a/g10/call-dirmngr.h
+++ b/g10/call-dirmngr.h
@@ -21,6 +21,7 @@
 
 void gpg_dirmngr_deinit_session_data (ctrl_t ctrl);
 
+gpg_error_t gpg_dirmngr_ks_list (ctrl_t ctrl, char **r_keyserver);
 gpg_error_t gpg_dirmngr_ks_search (ctrl_t ctrl, const char *searchstr,
                                    gpg_error_t (*cb)(void*, int, char *),
                                    void *cb_value);
diff --git a/g10/keyserver-internal.h b/g10/keyserver-internal.h
index fc1c3435d..beaa13c51 100644
--- a/g10/keyserver-internal.h
+++ b/g10/keyserver-internal.h
@@ -37,7 +37,7 @@ int keyserver_import_fprint (ctrl_t ctrl, const byte *fprint,size_t fprint_len,
                              struct keyserver_spec *keyserver);
 int keyserver_import_keyid (ctrl_t ctrl, u32 *keyid,
                             struct keyserver_spec *keyserver);
-int keyserver_refresh (ctrl_t ctrl, strlist_t users);
+gpg_error_t keyserver_refresh (ctrl_t ctrl, strlist_t users);
 gpg_error_t keyserver_search (ctrl_t ctrl, strlist_t tokens);
 int keyserver_fetch (ctrl_t ctrl, strlist_t urilist);
 int keyserver_import_cert (ctrl_t ctrl, const char *name,
diff --git a/g10/keyserver.c b/g10/keyserver.c
index 40ba49a61..e20c16b08 100644
--- a/g10/keyserver.c
+++ b/g10/keyserver.c
@@ -1357,10 +1357,12 @@ keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
 /* Note this is different than the original HKP refresh.  It allows
    usernames to refresh only part of the keyring. */
 
-int
+gpg_error_t
 keyserver_refresh (ctrl_t ctrl, strlist_t users)
 {
-  int rc,count,numdesc,fakev3=0;
+  gpg_error_t err;
+  int count, numdesc;
+  int fakev3 = 0;
   KEYDB_SEARCH_DESC *desc;
   unsigned int options=opt.keyserver_options.import_options;
 
@@ -1381,9 +1383,9 @@ keyserver_refresh (ctrl_t ctrl, strlist_t users)
 	 ascii_strcasecmp(opt.keyserver->scheme,"mailto")==0))
     fakev3=1;
 
-  rc=keyidlist(users,&desc,&numdesc,fakev3);
-  if(rc)
-    return rc;
+  err = keyidlist (users, &desc, &numdesc, fakev3);
+  if (err)
+    return err;
 
   count=numdesc;
   if(count>0)
@@ -1403,11 +1405,11 @@ keyserver_refresh (ctrl_t ctrl, strlist_t users)
 	      /* We use the keyserver structure we parsed out before.
 		 Note that a preferred keyserver without a scheme://
 		 will be interpreted as hkp:// */
-	      rc = keyserver_get (ctrl, &desc[i], 1, keyserver, NULL, NULL);
-	      if(rc)
+	      err = keyserver_get (ctrl, &desc[i], 1, keyserver, NULL, NULL);
+	      if (err)
 		log_info(_("WARNING: unable to refresh key %s"
 			   " via %s: %s\n"),keystr_from_desc(&desc[i]),
-			 keyserver->uri,gpg_strerror (rc));
+			 keyserver->uri,gpg_strerror (err));
 	      else
 		{
 		  /* We got it, so mark it as NONE so we don't try and
@@ -1424,16 +1426,22 @@ keyserver_refresh (ctrl_t ctrl, strlist_t users)
 
   if(count>0)
     {
-      if(opt.keyserver && !opt.quiet)
-	{
-	  if(count==1)
-	    log_info(_("refreshing 1 key from %s\n"),opt.keyserver->uri);
-	  else
-	    log_info(_("refreshing %d keys from %s\n"),
-		     count,opt.keyserver->uri);
-	}
+      char *tmpuri;
 
-      rc=keyserver_get (ctrl, desc, numdesc, NULL, NULL, NULL);
+      err = gpg_dirmngr_ks_list (ctrl, &tmpuri);
+      if (!err)
+        {
+          if (!opt.quiet)
+            {
+              if(count==1)
+                log_info(_("refreshing 1 key from %s\n"), tmpuri);
+              else
+                log_info(_("refreshing %d keys from %s\n"), count, tmpuri);
+            }
+          xfree (tmpuri);
+
+          err = keyserver_get (ctrl, desc, numdesc, NULL, NULL, NULL);
+        }
     }
 
   xfree(desc);
@@ -1445,7 +1453,7 @@ keyserver_refresh (ctrl_t ctrl, strlist_t users)
   if(!(opt.keyserver_options.import_options&IMPORT_FAST))
     check_or_update_trustdb ();
 
-  return rc;
+  return err;
 }
 
 
@@ -1463,12 +1471,6 @@ keyserver_search (ctrl_t ctrl, strlist_t tokens)
   if (!tokens)
     return 0;  /* Return success if no patterns are given.  */
 
-  if (!opt.keyserver)
-    {
-      log_error (_("no keyserver known (use option --keyserver)\n"));
-      return gpg_error (GPG_ERR_NO_KEYSERVER);
-    }
-
   /* Write global options */
 
   /* for(temp=opt.keyserver_options.other;temp;temp=temp->next) */
diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c
index 464b89b78..e736162c0 100644
--- a/tools/gpgconf-comp.c
+++ b/tools/gpgconf-comp.c
@@ -724,8 +724,8 @@ static gc_option_t gc_options_gpg[] =
    { "Keyserver",
      GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
      "gnupg", N_("Configuration for Keyservers") },
-   { "keyserver", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
-     "gnupg", N_("|URL|use keyserver at URL"),
+   { "keyserver", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
+     "gnupg", N_("|URL|use keyserver at URL"), /* Deprecated - use dirmngr */
      GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
    { "allow-pka-lookup", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
      "gnupg", N_("allow PKA lookups (DNS requests)"),
@@ -735,8 +735,6 @@ static gc_option_t gc_options_gpg[] =
      GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
 
 
-
-
    GC_OPTION_NULL
  };
 #endif /*BUILD_WITH_GPG*/
@@ -915,6 +913,13 @@ static gc_option_t gc_options_dirmngr[] =
      "dirmngr", "route all network traffic via TOR",
       GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
 
+   { "Keyserver",
+     GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
+     "gnupg", N_("Configuration for Keyservers") },
+   { "keyserver", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
+     "gnupg", N_("|URL|use keyserver at URL"),
+     GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
+
    { "HTTP",
      GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
      "gnupg", N_("Configuration for HTTP servers") },