Home GnuPG
Diffusion GnuPG afb8696126ff

dirmngr: Use sks-keyservers CA by default for the hkps pool.
afb8696126ffUnpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

dirmngr: Use sks-keyservers CA by default for the hkps pool.

* dirmngr/Makefile.am (dist_pkgdata_DATA): Add sks-keyservers.netCA.pem.
* dirmngr/http.c (http_session_new): Add optional arg
intended_hostname and set a default cert.
* dirmngr/ks-engine-hkp.c (send_request): Pass httphost to
http_session_new.

Ship the certificate for the sks-keyservers hkps pool. If the user
has specified that they want to use
hkps://hkps.pool.sks-keyservers.net, and they have not specified any
hkp-cacert explicitly, then initialize the trust path with this
specific trust anchor.

  • Co-authored-by: wk@gnupg.org
  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance
dkgAuthored on Oct 20 2015, 5:48 AM
wernerCommitted on Jan 22 2016, 11:53 AM
Parents
rG361820a3be48: gpg: Rework gpg-conf.skel
Branches
Unknown
Tags
Unknown

Event Timeline

Werner Koch <wk@gnupg.org> committed rGafb8696126ff: dirmngr: Use sks-keyservers CA by default for the hkps pool. (authored by Daniel Kahn Gillmor <dkg@fifthhorseman.net>).Jan 22 2016, 11:53 AM

Changes (6)

PathSize
dirmngr/

rGafb8696126ff

View Options

dirmngr/Makefile.am

Loading...
View Options

dirmngr/http.c

Loading...
View Options

dirmngr/http.h

Loading...
View Options

dirmngr/ks-engine-hkp.c

Loading...
View Options

dirmngr/ks-engine-http.c

Loading...
View Options

dirmngr/t-http.c

Loading...