dirmngr: Let --gpgconf-list return the default keyserver.

* dirmngr/misc.c (get_default_keyserver): New. * dirmngr/http.c: Include misc.h (http_session_new): Use get_default_keyserver instead of hardwired "hkps.pool.sks-keyservers.net". * dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Ditto. * dirmngr/dirmngr.c (main) <aGPGCongList>: Return default keyserver. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-02 22:46:30 +02:00 · 2017-03-02 17:58:00 +01:00 · 2017-03-02 17:58:00 +01:00 · de6d8313f6
commit de6d8313f6
parent 0c4d0620d3
5 changed files with 37 additions and 5 deletions
--- a/dirmngr/http-ntbtls.c
+++ b/dirmngr/http-ntbtls.c
@ -26,12 +26,12 @@
 #include "dirmngr.h"
 #include "certcache.h"
 #include "validate.h"
+#include "misc.h"

 #ifdef HTTP_USE_NTBTLS
 # include <ntbtls.h>


-
 /* The callback used to verify the peer's certificate.  */
 gpg_error_t
 gnupg_http_tls_verify_cb (void *opaque,
@ -77,11 +77,11 @@ gnupg_http_tls_verify_cb (void *opaque,

  validate_flags = VALIDATE_FLAG_TLS;

-  /* Are we using the standard hkps:// pool use the dedicated
+  /* If we are using the standard hkps:// pool use the dedicated
   * root certificate.  */
  hostname = ntbtls_get_hostname (tls);
  if (hostname
-      && !ascii_strcasecmp (hostname, "hkps.pool.sks-keyservers.net"))
+      && !ascii_strcasecmp (hostname, get_default_keyserver (1)))
    {
      validate_flags |= VALIDATE_FLAG_TRUST_HKPSPOOL;
    }