openkylin
/
gnupg2
mirror of https://gitee.com/openkylin/gnupg2.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

dirmngr: Only use SKS pool CA for SKS pool 

* dirmngr/http.c (http_session_new): when checking whether the
keyserver is the HKPS pool, check specifically against the pool name,
as ./configure might have been used to select a different default
keyserver.  It makes no sense to apply Kristian's certificate
authority to anything other than the literal host
hkps.pool.sks-keyservers.net.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Gbp-Pq: Name dirmngr-Only-use-SKS-pool-CA-for-SKS-pool.patch
This commit is contained in:
Daniel Kahn Gillmor 2019-06-30 11:54:35 -04:00 committed by openKylinBot
parent c794eda606
commit fed9d984d6
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dirmngr/http.c
View File

@ -768,7 +768,7 @@ http_session_new (http_session_t *r_session,
is_hkps_pool = (intended_hostname
&& !ascii_strcasecmp (intended_hostname,
get_default_keyserver (1)));
"hkps.pool.sks-keyservers.net"));
/* If the user has not specified a CA list, and they are looking
* for the hkps pool from sks-keyservers.net, then default to