Home GnuPG
Diffusion GnuPG 5e933008beff

gpg: Screen keyserver responses.
5e933008beffUnpublished

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

gpg: Screen keyserver responses.

* g10/main.h (import_filter_t): New.
* g10/import.c (import): Add filter callbacks to param list.
(import_one): Ditto.
(import_secret_one): Ditto.
(import_keys_internal): Ditto.
(import_keys_stream): Ditto.
* g10/keyserver.c (keyserver_retrieval_filter): New.
(keyserver_spawn): Pass filter to import_keys_stream()

These changes introduces import functions that apply a constraining
filter to imported keys. These filters can verify the fingerprints of
the keys returned before importing them into the keyring, ensuring that
the keys fetched from the keyserver are in fact those selected by the
user beforehand.

Re-indention and minor changes by wk.

Resolved conflicts:
g10/import.c
g10/keyserver.c
g10/main.h

  • Signed-off-by: Stefan Tomanek <tomanek@internet-sicherheit.de>

Details

Provenance
Stefan Tomanek <tomanek@internet-sicherheit.de>Authored on Jan 30 2014, 12:57 AM
wernerCommitted on Jun 24 2014, 9:53 AM
Parents
rGe790671cb3a3: gpg: Allow key-to-card upload for cert-only keys
Branches
Unknown
Tags
Unknown

Event Timeline

Werner Koch <wk@gnupg.org> committed rG5e933008beff: gpg: Screen keyserver responses. (authored by Stefan Tomanek <tomanek@internet-sicherheit.de>).Jun 24 2014, 9:53 AM