From d3c35b865f1800df33b7976c5a7c79e939e213b5 Mon Sep 17 00:00:00 2001
From: David Sardari <d@duxsco.de>
Date: Fri, 21 Apr 2023 13:39:53 +0200
Subject: openpgp: Use DNS resolver of OS
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: David Sardari <d@duxsco.de>
Closes: https://github.com/projg2/gemato/pull/31
Signed-off-by: Michał Górny <mgorny@gentoo.org>
---
 gemato/openpgp.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/gemato/openpgp.py b/gemato/openpgp.py
index fb178af..4ede082 100644
--- a/gemato/openpgp.py
+++ b/gemato/openpgp.py
@@ -413,6 +413,12 @@ class IsolatedGPGEnvironment(SystemGPGEnvironment):
 # honor user's http_proxy setting
 honor-http-proxy
 
+# The default of "recursive-resolver" (see "man dirmngr") may cause
+# problems with corporate networks, where this is often prohibited.
+# It's better to setup the DNS resolver of your choice correctly
+# preferably with DNSSEC checks enabled and use the following setting:
+standard-resolver
+
 # enable debugging, in case we needed it
 log-file {os.path.join(self._home, 'dirmngr.log')}
 debug-level guru
-- 
cgit v1.2.3