* getkey.c (get_pubkey_byname): Fix minor security problem with PKA when

importing at -r time. The URL in the PKA record may point to a key put in by an attacker. Fix is to use the fingerprint from the PKA record as the recipient. This ensures that the PKA record is followed. * keyserver-internal.h, keyserver.c (keyserver_import_pka): Return the fingerprint we requested.
author: David Shaw <[email protected]> 2006-02-21 22:23:35 +0000
committer: David Shaw <[email protected]> 2006-02-21 22:23:35 +0000
commit: d038b36c8f814e518c64b608b51a551186c5440e (patch)
tree: 4a33646bcd060d9b5b1ee31cfa90b44a220e87b5 /g10/gpgv.c
parent: * curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt, (diff)
download: gnupg-d038b36c8f814e518c64b608b51a551186c5440e.tar.gz
gnupg-d038b36c8f814e518c64b608b51a551186c5440e.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/g10/gpgv.c b/g10/gpgv.c
index 95bf09791..2f4563e2a 100644
--- a/g10/gpgv.c
+++ b/g10/gpgv.c
@@ -284,7 +284,7 @@ int
 keyserver_import_cert(const char *name) { return -1; }
 
 int
-keyserver_import_pka(const char *name) { return -1; }
+keyserver_import_pka(const char *name,unsigned char *fpr) { return -1; }
 
 int
 keyserver_import_name(const char *name) { return -1; }
author	David Shaw <[email protected]>	2006-02-21 22:23:35 +0000
committer	David Shaw <[email protected]>	2006-02-21 22:23:35 +0000
commit	d038b36c8f814e518c64b608b51a551186c5440e (patch)
tree	4a33646bcd060d9b5b1ee31cfa90b44a220e87b5 /g10/gpgv.c
parent	* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt, (diff)
download	gnupg-d038b36c8f814e518c64b608b51a551186c5440e.tar.gz gnupg-d038b36c8f814e518c64b608b51a551186c5440e.zip