diff options
| author | Werner Koch <wk@gnupg.org> | 2016-12-01 15:45:51 +0100 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2016-12-01 16:40:32 +0100 |
| commit | 304566d3327ef0a85188cce3109d46d5ff47177a (patch) | |
| tree | c352a95f0b6bdbe6fca8d4aec1bfea9a7418f388 /doc | |
| parent | gpg: Let only Dirmngr decide whether CERT is supported. (diff) | |
| download | gnupg2-304566d3327ef0a85188cce3109d46d5ff47177a.tar.xz gnupg2-304566d3327ef0a85188cce3109d46d5ff47177a.zip | |
dirmngr: Add option --standard-resolver.
* dirmngr/dirmngr.c (oStandardResolver): New constant.
(opts): New option --standard-resolver.
(parse_rereadable_options): Set option.
* dirmngr/dns-stuff.c: Refactor all code to support the new option.
(standard_resolver): New var.
(enable_standard_resolver, standard_resolver_p): New func.
* dirmngr/http.c (connect_server): Remove USE_DNS_SRV build
conditional.
* dirmngr/ks-engine-hkp.c (map_host): Ditto.
* dirmngr/server.c (cmd_getinfo) <dnsinfo>: Take care of new option
* configure.ac (HAVE_ADNS_IF_TORMODE): Remove var ADNSLIB. ac_define
USE_ADNS in the adns checking code. Remove options --disable-dns-srv
and --disable-dns-cert. Always look for the system resolver. Print
warning if no system resolver was found.
(USE_DNS_CERT, USE_DNS_SRV): Remove ac_defines.
(HAVE_SYSTEM_RESOLVER): New ac_define.
(USE_DNS_SRV): Remove am_conditional; not used anyway.
--
This option allows for runtime switching to the system's standard
resolver. This is mainly useful to work around possible bugs in the
optional resolver libraries (as of now ADNS). Note that on Windows
there is no code to use systems's resolver and thus for full
functionality dirmngr must be build with a separate resolver.
This patch also does way with configure options to disable the use of
CERT and SRV records.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/dirmngr.texi | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi index 963dff855..62a41b674 100644 --- a/doc/dirmngr.texi +++ b/doc/dirmngr.texi @@ -244,6 +244,13 @@ this still leaks the DNS queries; e.g. to lookup the hosts in a keyserver pool. Certain other features are disabled if this mode is active. +@item --standard-resolver +@opindex standard-resolver +This option forces the use of the system's standard DNS resolver code. +This is mainly used for debugging. Note that on Windows a standard +resolver is not used and all DNS access will return the error ``Not +Implemented'' if this function is used. + @item --allow-version-check @opindex allow-version-check Allow Dirmngr to connect to @code{https://versions.gnupg.org} to get |