diff --git a/keyserver/ChangeLog b/keyserver/ChangeLog
index 8d48f7592..86011baad 100644
--- a/keyserver/ChangeLog
+++ b/keyserver/ChangeLog
@@ -1,3 +1,13 @@
+2003-03-11  David Shaw  <dshaw@jabberwocky.com>
+
+	* gpgkeys_hkp.c (get_key): Properly handle CRLF line endings in
+	the armored key.
+	(main): Accept "try-dns-srv" option.
+
+	* Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using
+	capabilities.  Use @SRVLIBS@ to link in the resolver if we are
+	using DNS SRV.
+
 2003-02-11  David Shaw  <dshaw@jabberwocky.com>
 
 	* Makefile.am: Use a local copy of libexecdir along with @PACKAGE@
diff --git a/keyserver/Makefile.am b/keyserver/Makefile.am
index 93b55b075..7e90fca3f 100644
--- a/keyserver/Makefile.am
+++ b/keyserver/Makefile.am
@@ -31,4 +31,4 @@ libexec_SCRIPTS = @GPGKEYS_MAILTO@
 noinst_SCRIPTS = gpgkeys_test
 
 gpgkeys_ldap_LDADD = @LDAPLIBS@ @NETLIBS@
-gpgkeys_hkp_LDADD = ../util/libutil.a @NETLIBS@ @INTLLIBS@
+gpgkeys_hkp_LDADD = ../util/libutil.a @NETLIBS@ @SRVLIBS@ @INTLLIBS@ @CAPLIBS@
diff --git a/keyserver/gpgkeys_hkp.c b/keyserver/gpgkeys_hkp.c
index 207064c99..7cda6901c 100644
--- a/keyserver/gpgkeys_hkp.c
+++ b/keyserver/gpgkeys_hkp.c
@@ -40,6 +40,9 @@ unsigned int http_flags=0;
 char host[80]={'\0'},port[10]={'\0'};
 FILE *input=NULL,*output=NULL,*console=NULL;
 
+#define BEGIN "-----BEGIN PGP PUBLIC KEY BLOCK-----"
+#define END   "-----END PGP PUBLIC KEY BLOCK-----"
+
 struct keylist
 {
   char str[MAX_LINE];
@@ -271,11 +274,11 @@ get_key(char *getkey)
 	  if(gotit)
 	    {
 	      fprintf(output,line);
-	      if(strcmp(line,"-----END PGP PUBLIC KEY BLOCK-----\n")==0)
+	      if(strncmp(line,END,strlen(END))==0)
 		break;
 	    }
 	  else
-	    if(strcmp(line,"-----BEGIN PGP PUBLIC KEY BLOCK-----\n")==0)
+	    if(strncmp(line,BEGIN,strlen(BEGIN))==0)
 	      {
 		fprintf(output,line);
 		gotit=1;
@@ -887,11 +890,23 @@ main(int argc,char *argv[])
 	      else
 		http_flags|=HTTP_FLAG_NO_SHUTDOWN;
 	    }
+	  else if(strcasecmp(start,"try-dns-srv")==0)
+	    {
+	      if(no)
+		http_flags&=~HTTP_FLAG_TRY_SRV;
+	      else
+		http_flags|=HTTP_FLAG_TRY_SRV;
+	    }
 
 	  continue;
 	}
     }
 
+  /* By suggested convention, if the user gives a :port, then disable
+     SRV. */
+  if(port[0])
+    http_flags&=~HTTP_FLAG_TRY_SRV;
+
   /* If it's a GET or a SEARCH, the next thing to come in is the
      keyids.  If it's a SEND, then there are no keyids. */