[tor-commits] [torbirdy/master] Update Enigmail keyserver settings

1 Apr 2018

commit 819842ba97d1c2358ced5c648b527162995b35e2
Author: Sukhbir Singh sukhbir@torproject.org
Date:   Sun Apr 1 10:25:20 2018 -0400
Update Enigmail keyserver settings
Assume that a user has dirmngr running and configured with `use-tor' in
    dirmngr.conf and set the relevant keyserver settings (similar to what
    Tails has been doing); otherwise the keyserver lookup will fail-safe.
    This should work for the daemon and Tor Browser since as per
    gnupg/dirmngr/dns-stuff.c, it tries both 9050 and 9150. This is probably
    better than the older setting because a) it actually works now, b) it
    will still fail-safe in case Tor is not running.
---
 chrome/content/preferences.js | 8 ++------
 components/torbirdy.js        | 4 ++--
 2 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/chrome/content/preferences.js b/chrome/content/preferences.js
index 8acd6ba..2980857 100644
--- a/chrome/content/preferences.js
+++ b/chrome/content/preferences.js
@@ -42,14 +42,10 @@ if (!org.torbirdy.prefs) org.torbirdy.prefs = new function() {
       opts += "--throw-keyids ";
     }
     if (! pub.prefs.getBoolPref("extensions.torbirdy.gpg_already_torified")) {
-      var proxy = "socks5h://127.0.0.1:9150";
       if (anonService === "jondo") {
-        proxy = "http://127.0.0.1:4001";
+        let proxy = "http://127.0.0.1:4001";
+        opts += "--keyserver-options=no-try-dns-srv,http-proxy=" + proxy + " ";
       }
-      if (anonService === "custom") {
-        proxy = "socks5h://" + pub.prefs.getCharPref("network.proxy.socks") + ":" + pub.prefs.getIntPref("network.proxy.socks_port");
-      }
-      opts += "--keyserver-options=no-try-dns-srv,http-proxy=" + proxy + " ";
     }
return opts +
diff --git a/components/torbirdy.js b/components/torbirdy.js
index e8d2cd2..6c2be57 100644
--- a/components/torbirdy.js
+++ b/components/torbirdy.js
@@ -274,8 +274,8 @@ var TorBirdyPrefs = {
                                               "--no-comments " +
                                               // We want to force UTF-8 everywhere
                                               "--display-charset utf-8 " +
-                                              // We want to ensure that Enigmail is proxy aware even when it runs gpg in a shell
-                                              "--keyserver-options http-proxy=socks5h://127.0.0.1:9150 ",
+                                              // Set additional keyserver options
+                                              "--keyserver-options no-auto-key-retrieve ",
// The default key server should be a hidden service; use the Tor OnionBalance hidden service pool (https://sks-keyservers.net/overview-of-pools.php#pool_tor)
   "extensions.enigmail.keyserver": "hkp://jirk5u4osbsr34t5.onion",

    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

[tor-commits] [torbirdy/master] Update Enigmail keyserver settings