dirmngr: Use a default keyserver if none is explicitly set

* configure.ac: Define DIRMNGR_DEFAULT_KEYSERVER. * dirmngr/server.c (ensure_keyserver): Use it if no keyservers are set. * doc/dirmngr.texi: Document this behavior. -- A user who doesn't specify a keyserver, but asks gnupg to fetch a key currently just gets a simple error messages "No keyserver available". If the user is asking to contact a keyserver, we should have a reasonable default, and not require them to fiddle with settings when they might not know what settings to choose. This patch makes the default hkps://hkps.pool.sks-keyservers.net. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-10-27 18:30:59 -04:00 · 2016-10-27 18:30:59 -04:00 · 8fb4822524
parent 7c1613d415
commit 8fb4822524
3 changed files with 10 additions and 1 deletions
--- a/configure.ac
+++ b/configure.ac
@ -1764,6 +1764,9 @@ AC_DEFINE_UNQUOTED(SCDAEMON_SOCK_NAME, "S.scdaemon",
                   [The name of the SCdaemon socket])
 AC_DEFINE_UNQUOTED(DIRMNGR_SOCK_NAME, "S.dirmngr",
                   [The name of the dirmngr socket])
+AC_DEFINE_UNQUOTED(DIRMNGR_DEFAULT_KEYSERVER,
+                   "hkps://hkps.pool.sks-keyservers.net",
+      [The default keyserver for dirmngr to use, if none is explicitly given])

 AC_DEFINE_UNQUOTED(GPGEXT_GPG, "gpg", [The standard binary file suffix])

--- a/dirmngr/server.c
+++ b/dirmngr/server.c
@ -1810,7 +1810,11 @@ ensure_keyserver (ctrl_t ctrl)
  if (ctrl->server_local->keyservers)
    return 0; /* Already set for this session.  */
  if (!opt.keyserver)
-    return 0; /* No global option set.  */
+    {
+      /* No global option set.  Fall back to default:  */
+      return make_keyserver_item (DIRMNGR_DEFAULT_KEYSERVER,
+                                  &ctrl->server_local->keyservers);
+    }

  for (sl = opt.keyserver; sl; sl = sl->next)
    {
--- a/doc/dirmngr.texi
+++ b/doc/dirmngr.texi
@ -277,6 +277,8 @@ service (.onion), Dirmngr selects the keyserver to use depending on
 whether Tor is locally running or not.  The check for a running Tor is
 done for each new connection.

+If no keyserver is explicitly configured, dirmngr will use the
+built-in default of hkps://hkps.pool.sks-keyservers.net.

@item --nameserver @var{ipaddr}
@opindex nameserver