diff options
| author | Daniel Kahn Gillmor <[email protected]> | 2015-10-20 03:48:30 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2016-01-22 10:53:49 +0000 |
| commit | afb8696126ff0babaab23e884ff5da008281e3b7 (patch) | |
| tree | 371c8a68e6a42b04da8a2e8e3bbcc9c91e6ddd2d /dirmngr/http.h | |
| parent | gpg: Rework gpg-conf.skel (diff) | |
| download | gnupg-afb8696126ff0babaab23e884ff5da008281e3b7.tar.gz gnupg-afb8696126ff0babaab23e884ff5da008281e3b7.zip | |
dirmngr: Use sks-keyservers CA by default for the hkps pool.
* dirmngr/Makefile.am (dist_pkgdata_DATA): Add sks-keyservers.netCA.pem.
* dirmngr/http.c (http_session_new): Add optional arg
intended_hostname and set a default cert.
* dirmngr/ks-engine-hkp.c (send_request): Pass httphost to
http_session_new.
--
Ship the certificate for the sks-keyservers hkps pool. If the user
has specified that they want to use
hkps://hkps.pool.sks-keyservers.net, and they have not specified any
hkp-cacert explicitly, then initialize the trust path with this
specific trust anchor.
Co-authored-by: [email protected]
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'dirmngr/http.h')
| -rw-r--r-- | dirmngr/http.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/dirmngr/http.h b/dirmngr/http.h index 64f55e12e..58b8c1ac7 100644 --- a/dirmngr/http.h +++ b/dirmngr/http.h @@ -98,7 +98,8 @@ void http_register_tls_callback (gpg_error_t (*cb)(http_t,http_session_t,int)); void http_register_tls_ca (const char *fname); gpg_error_t http_session_new (http_session_t *r_session, - const char *tls_priority); + const char *tls_priority, + const char *intended_hostname); http_session_t http_session_ref (http_session_t sess); void http_session_release (http_session_t sess); |