Add kludge for broken HTTP proxies.

g10/ChangeLog

@@ -1,3 +1,10 @@
+2001-04-23  Werner Koch  <wk@gnupg.org>
+
+	* hkp.c (hkp_ask_import): Allow to specify a port number for the 
+	keyserver.  Add a kudge to set the no_shutdown flag.
+	(hkp_export): Ditto.
+	* options.skel: Document the changes 
+
 2001-04-20  Werner Koch  <wk@gnupg.org>
 
 	* options.skel: Add some more comments.

g10/hkp.c

@@ -65,8 +65,19 @@ hkp_ask_import( u32 *keyid )
      * down to the import function.  Marc told that there is such a
      * binary mode ... how?
      */
-    sprintf( request, "x-hkp://%s:11371/pks/lookup?op=get&search=0x%08lX",
+    if ( !strncmp (opt.keyserver_name, "x-broken-hkp://", 15) ) {
+        sprintf( request, "x-hkp://%s/pks/lookup?op=get&search=0x%08lX",
+			opt.keyserver_name+15, (ulong)keyid[1] );
+        hflags |= HTTP_FLAG_NO_SHUTDOWN;
+    }
+    else if ( !strncmp (opt.keyserver_name, "x-hkp://", 8) ) {
+        sprintf( request, "%s/pks/lookup?op=get&search=0x%08lX",
 			opt.keyserver_name, (ulong)keyid[1] );
+    }
+    else {
+        sprintf( request, "x-hkp://%s:11371/pks/lookup?op=get&search=0x%08lX",
+			opt.keyserver_name, (ulong)keyid[1] );
+    }
     rc = http_open_document( &hd, request, hflags );
     if( rc ) {
 	log_info(_("can't get key from keyserver: %s\n"),
@@ -141,7 +152,16 @@ hkp_export( STRLIST users )
     iobuf_flush_temp( temp );
 
     request = m_alloc( strlen( opt.keyserver_name ) + 100 );
-    sprintf( request, "x-hkp://%s:11371/pks/add", opt.keyserver_name );
+    if ( !strncmp (opt.keyserver_name, "x-broken-hkp://", 15) ) {
+        sprintf( request, "x-hkp://%s/pks/add", opt.keyserver_name+15 );
+        hflags |= HTTP_FLAG_NO_SHUTDOWN;
+    }
+    else if ( !strncmp (opt.keyserver_name, "x-hkp://", 8) ) {
+        sprintf( request, "%s/pks/add", opt.keyserver_name );
+    }
+    else {
+        sprintf( request, "x-hkp://%s:11371/pks/add", opt.keyserver_name );
+    }
     rc = http_open( &hd, HTTP_REQ_POST, request , hflags );
     if( rc ) {
 	log_error(_("can't connect to `%s': %s\n"),

g10/misc.c

@@ -236,7 +236,7 @@ print_cipher_algo_note( int algo )
 	if( !did_note ) {
 	    did_note = 1;
 	    log_info(_("this cipher algorithm is deprecated; "
-		       "please use a more standard one!x\n"));
+		       "please use a more standard one!\n"));
 	}
     }
 }

g10/options.skel

@@ -98,9 +98,22 @@ lock-once
 # import the key from that server (server do syncronize with each
 # other and DNS Round-Robin may give you a random server each time).
 # Use "host -l pgp.net | grep www" to figure out a keyserver.
+#
+# If you do not want to use the default port 11371, you can give the
+# name of the keyserver like this: 
+#   x-hkp://keyserver.example.net:22742
+# If you have problems connecting through a buggy proxy, you can use this:
+#   x-broken-hkp://keyserver.example.net:11371
+# But first you should make sure that you have read the man page regarding
+# proxies (--honor-http-proxy)
+# Most users just set the name of the preferred keyserver.
 #keyserver wwwkeys.nl.pgp.net
 
 # The environment variable http_proxy is only used when the
 # this option is set.
 
 honor-http-proxy
+
+
+
+

g10/pkclist.c

@@ -483,8 +483,8 @@ do_we_trust( PKT_public_key *pk, int *trustlevel )
 	if( opt.verbose )
 	    log_info("No trust check due to --always-trust option\n");
 	/* The problem with this, is that EXPIRE can't be checked as
-	 * this needs to insert a ne key into the trustdb first and
-	 * we don't want that */
+	 * this needs to insert a new key into the trustdb first and
+	 * we don't want that - IS this still true? */
 	return 1;
     }