[PATCH 3/3] dirmngr: use a default keyserver if none is explicitly set

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Oct 28 00:30:59 CEST 2016

* configure.ac: define DIRMNGR_DEFAULT_KEYSERVER
* dirmngr/server.c (ensure_keyserver): use it if no keyservers are set
* doc/dirmngr.texi: document this behavior


A user who doesn't specify a keyserver, but asks gnupg to fetch a key
currently just gets a simple error messages "No keyserver available".

If the user is asking to contact a keyserver, we should have a
reasonable default, and not require them to fiddle with settings when
they might not know what settings to choose.  This patch makes the
default hkps://hkps.pool.sks-keyservers.net.

Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
 configure.ac     | 2 ++
 dirmngr/server.c | 3 ++-
 doc/dirmngr.texi | 2 ++
 3 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index 91ef5c9..88ffa72 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1754,6 +1754,8 @@ AC_DEFINE_UNQUOTED(SCDAEMON_SOCK_NAME, "S.scdaemon",
                    [The name of the SCdaemon socket])
                    [The name of the dirmngr socket])
+AC_DEFINE_UNQUOTED(DIRMNGR_DEFAULT_KEYSERVER, "hkps://hkps.pool.sks-keyservers.net",
+                   [The default keyserver for dirmngr to use, if none is explicitly given])
 AC_DEFINE_UNQUOTED(GPGEXT_GPG, "gpg", [The standard binary file suffix])
diff --git a/dirmngr/server.c b/dirmngr/server.c
index e3fe1a4..c04c2d6 100644
--- a/dirmngr/server.c
+++ b/dirmngr/server.c
@@ -1812,7 +1812,8 @@ ensure_keyserver (ctrl_t ctrl)
   if (ctrl->server_local->keyservers)
     return 0; /* Already set for this session.  */
   if (!opt.keyserver)
-    return 0; /* No global option set.  */
+    /* No global option set.  fall back to default: */
+    return make_keyserver_item (DIRMNGR_DEFAULT_KEYSERVER, &ctrl->server_local->keyservers);
   for (sl = opt.keyserver; sl; sl = sl->next)
diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi
index 8a2e5ba..9e4e5fa 100644
--- a/doc/dirmngr.texi
+++ b/doc/dirmngr.texi
@@ -277,6 +277,8 @@ service (.onion), Dirmngr selects the keyserver to use depending on
 whether Tor is locally running or not.  The check for a running Tor is
 done for each new connection.
+If no keyserver is explicitly configured, dirmngr will use the
+built-in default of hkps://hkps.pool.sks-keyservers.net.
 @item --nameserver @var{ipaddr}
 @opindex nameserver

More information about the Gnupg-devel mailing list