security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

dirmngr: Use sks-keyservers CA by default for the hkps pool.

Browse source 
* dirmngr/Makefile.am (dist_pkgdata_DATA): Add sks-keyservers.netCA.pem.
* dirmngr/http.c (http_session_new): Add optional arg
intended_hostname and set a default cert.
* dirmngr/ks-engine-hkp.c (send_request): Pass httphost to
http_session_new.
--

Ship the certificate for the sks-keyservers hkps pool.  If the user
has specified that they want to use
hkps://hkps.pool.sks-keyservers.net, and they have not specified any
hkp-cacert explicitly, then initialize the trust path with this
specific trust anchor.

Co-authored-by: wk@gnupg.org
Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Daniel Kahn Gillmor 2015-10-19 23:48:30 -04:00 committed by Werner Koch
parent 361820a3be
commit afb8696126
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
6 changed files with 36 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
dirmngr/ks-engine-hkp.c
View file

@ -991,7 +991,7 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
*r_fp = NULL;
err = http_session_new (&session, NULL);
err = http_session_new (&session, NULL, httphost);
if (err)
goto leave;
http_session_set_log_cb (session, cert_log_cb);