[git] GnuPG - branch, master, updated. gnupg-2.1.19-8-gde6d831

by Werner Koch cvs at cvs.gnupg.org
Thu Mar 2 18:03:25 CET 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  de6d8313f6df32aaa151bee74e1db269ac1e0fed (commit)
      from  0c4d0620d327e8a2069532a5519afefe867a47d6 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit de6d8313f6df32aaa151bee74e1db269ac1e0fed
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Mar 2 17:58:00 2017 +0100

    dirmngr: Let --gpgconf-list return the default keyserver.
    
    * dirmngr/misc.c (get_default_keyserver): New.
    * dirmngr/http.c: Include misc.h
    (http_session_new): Use get_default_keyserver instead of hardwired
    "hkps.pool.sks-keyservers.net".
    * dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Ditto.
    * dirmngr/dirmngr.c (main) <aGPGCongList>: Return default keyserver.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
index c877a9b..75e8523 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
@@ -1454,7 +1454,13 @@ main (int argc, char **argv)
       es_printf ("ignore-ocsp-servic-url:%lu:\n", flags | GC_OPT_FLAG_NONE);
 
       es_printf ("use-tor:%lu:\n", flags | GC_OPT_FLAG_NONE);
-      es_printf ("keyserver:%lu:\n", flags | GC_OPT_FLAG_NONE);
+
+      filename_esc = percent_escape (get_default_keyserver (0), NULL);
+      es_printf ("keyserver:%lu:\"%s:\n", flags | GC_OPT_FLAG_DEFAULT,
+                 filename_esc);
+      xfree (filename_esc);
+
+
       es_printf ("nameserver:%lu:\n", flags | GC_OPT_FLAG_NONE);
       es_printf ("resolver-timeout:%lu:%u\n",
                  flags | GC_OPT_FLAG_DEFAULT, 0);
diff --git a/dirmngr/http-ntbtls.c b/dirmngr/http-ntbtls.c
index 00d6a58..d44b779 100644
--- a/dirmngr/http-ntbtls.c
+++ b/dirmngr/http-ntbtls.c
@@ -26,12 +26,12 @@
 #include "dirmngr.h"
 #include "certcache.h"
 #include "validate.h"
+#include "misc.h"
 
 #ifdef HTTP_USE_NTBTLS
 # include <ntbtls.h>
 
 
-
 /* The callback used to verify the peer's certificate.  */
 gpg_error_t
 gnupg_http_tls_verify_cb (void *opaque,
@@ -77,11 +77,11 @@ gnupg_http_tls_verify_cb (void *opaque,
 
   validate_flags = VALIDATE_FLAG_TLS;
 
-  /* Are we using the standard hkps:// pool use the dedicated
+  /* If we are using the standard hkps:// pool use the dedicated
    * root certificate.  */
   hostname = ntbtls_get_hostname (tls);
   if (hostname
-      && !ascii_strcasecmp (hostname, "hkps.pool.sks-keyservers.net"))
+      && !ascii_strcasecmp (hostname, get_default_keyserver (1)))
     {
       validate_flags |= VALIDATE_FLAG_TRUST_HKPSPOOL;
     }
diff --git a/dirmngr/http.c b/dirmngr/http.c
index 890f5f6..fc82924 100644
--- a/dirmngr/http.c
+++ b/dirmngr/http.c
@@ -100,6 +100,7 @@
 #include "i18n.h"
 #include "dns-stuff.h"
 #include "http.h"
+#include "misc.h"
 
 
 #ifdef USE_NPTH
@@ -726,7 +727,7 @@ http_session_new (http_session_t *r_session,
 
     is_hkps_pool = (intended_hostname
                     && !ascii_strcasecmp (intended_hostname,
-                                          "hkps.pool.sks-keyservers.net"));
+                                          get_default_keyserver (1)));
 
     /* If the user has not specified a CA list, and they are looking
      * for the hkps pool from sks-keyservers.net, then default to
diff --git a/dirmngr/misc.c b/dirmngr/misc.c
index 6d7c963..d2f1c69 100644
--- a/dirmngr/misc.c
+++ b/dirmngr/misc.c
@@ -30,6 +30,29 @@
 #include "util.h"
 #include "misc.h"
 
+/* Return a static string with the default keyserver.  If NAME_ONLY is
+ * given only the name part is returned.  */
+const char *
+get_default_keyserver (int name_only)
+{
+  static const char *result;
+
+  if (!name_only)
+    return DIRMNGR_DEFAULT_KEYSERVER;
+
+  if (!result)
+    {
+      /* Strip the scheme from the constant. */
+      result = strstr (DIRMNGR_DEFAULT_KEYSERVER, "://");
+      log_assert (result && strlen (result) > 3);
+      result += 3;
+      /* Assert that there is no port given.  */
+      log_assert (strchr (result, ':'));
+    }
+  return result;
+}
+
+
 
 /* Convert the hex encoded STRING back into binary and store the
    result into the provided buffer RESULT.  The actual size of that
diff --git a/dirmngr/misc.h b/dirmngr/misc.h
index be4049e..f25574f 100644
--- a/dirmngr/misc.h
+++ b/dirmngr/misc.h
@@ -21,6 +21,8 @@
 #ifndef MISC_H
 #define MISC_H
 
+const char *get_default_keyserver (int name_only);
+
 /* Convert hex encoded string back to binary. */
 size_t unhexify (unsigned char *result, const char *string);
 

-----------------------------------------------------------------------

Summary of changes:
 dirmngr/dirmngr.c     |  8 +++++++-
 dirmngr/http-ntbtls.c |  6 +++---
 dirmngr/http.c        |  3 ++-
 dirmngr/misc.c        | 23 +++++++++++++++++++++++
 dirmngr/misc.h        |  2 ++
 5 files changed, 37 insertions(+), 5 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list