security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-10 13:04:23 +01:00
Code Activity

dirmngr: Only use SKS pool CA for SKS pool

Browse Source 
* dirmngr/http.c (http_session_new): when checking whether the
keyserver is the HKPS pool, check specifically against the pool name,
as ./configure might have been used to select a different default
keyserver.  It makes no sense to apply Kristian's certificate
authority to anything other than the literal host
hkps.pool.sks-keyservers.net.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Gbp-Pq: Name dirmngr-Only-use-SKS-pool-CA-for-SKS-pool.patch
This commit is contained in:
Daniel Kahn Gillmor 2019-06-30 11:54:35 -04:00
parent b2605ad614
commit 263a07f04d
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dirmngr/http.c
View File

@ -767,7 +767,7 @@ http_session_new (http_session_t *r_session,
is_hkps_pool = (intended_hostname is_hkps_pool = (intended_hostname
&& !ascii_strcasecmp (intended_hostname, && !ascii_strcasecmp (intended_hostname,
get_default_keyserver (1))); "hkps.pool.sks-keyservers.net"));
/* If the user has not specified a CA list, and they are looking /* If the user has not specified a CA list, and they are looking
* for the hkps pool from sks-keyservers.net, then default to * for the hkps pool from sks-keyservers.net, then default to