mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
gpg: Report a conflict between honor-keyserver-url and TOR.
* g10/call-dirmngr.c (create_context): Send option and print a verbose error. -- It is in general a bad idea to use honor-keyserver-url but if Dirmngr is running in TOR mode we should not allow this option at all. We let Dirmngr know about the use of this option and let Dirmngr tell use whether TOR mode is active so that we can print a hint to disable that keyserver option. A future extension in gpgconf may disable that option directly but a user may still override that and thus we better check. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
b4bc1c8b10
commit
d5a3142b8f
@ -176,6 +176,22 @@ create_context (ctrl_t ctrl, assuan_context_t *r_ctx)
|
||||
xfree (line);
|
||||
}
|
||||
}
|
||||
|
||||
if (err)
|
||||
;
|
||||
else if ((opt.keyserver_options.options & KEYSERVER_HONOR_KEYSERVER_URL))
|
||||
{
|
||||
/* Tell the dirmngr that this possibly privacy invading
|
||||
option is in use. If Dirmngr is running in TOR mode, it
|
||||
will return an error. */
|
||||
err = assuan_transact (ctx, "OPTION honor-keyserver-url-used",
|
||||
NULL, NULL, NULL, NULL, NULL, NULL);
|
||||
if (gpg_err_code (err) == GPG_ERR_FORBIDDEN)
|
||||
log_error (_("keyserver option \"honor-keyserver-url\""
|
||||
" may not be used in TOR mode\n"));
|
||||
else if (gpg_err_code (err) == GPG_ERR_UNKNOWN_OPTION)
|
||||
err = 0; /* Old dirmngr versions do not support this option. */
|
||||
}
|
||||
}
|
||||
|
||||
if (err)
|
||||
|
Loading…
x
Reference in New Issue
Block a user