mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-03 22:56:33 +02:00
* keyserver.c (keyserver_refresh): --refresh-keys implies --merge-only so
as not to import keys with keyids that match the ones being refreshed. Noted by Florian Weimer.
This commit is contained in:
parent
d89cf26621
commit
ab59f621d6
2 changed files with 11 additions and 0 deletions
|
@ -838,6 +838,11 @@ keyserver_refresh(STRLIST users)
|
|||
int rc,count,fakev3=0;
|
||||
KEYDB_SEARCH_DESC *desc;
|
||||
|
||||
/* We switch merge_only on during a refresh, as 'refresh' should
|
||||
never import new keys, even if their keyids match. Is it worth
|
||||
preserving the old merge_only value here? */
|
||||
opt.merge_only=1;
|
||||
|
||||
/* If refresh_add_fake_v3_keyids is on and it's a HKP or MAILTO
|
||||
scheme, then enable fake v3 keyid generation. */
|
||||
if(opt.keyserver_options.refresh_add_fake_v3_keyids &&
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue