diff options
| author | David Shaw <[email protected]> | 2006-03-14 03:16:21 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2006-03-14 03:16:21 +0000 |
| commit | 9f524c4a040db97382cf3523bf53a422cf1eaa8e (patch) | |
| tree | f0f56504decd6239d1624d7f6967f2beb6772048 /g10/keyserver-internal.h | |
| parent | * keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work, (diff) | |
| download | gnupg-9f524c4a040db97382cf3523bf53a422cf1eaa8e.tar.gz gnupg-9f524c4a040db97382cf3523bf53a422cf1eaa8e.zip | |
* keyserver-internal.h, keyserver.c (keyserver_import_pka): Use the
same API as the other auto-key-locate fetchers.
* getkey.c (get_pubkey_byname): Use the fingerprint of the key that we
actually fetched. This helps prevent problems where the key that we
fetched doesn't have the same name that we used to fetch it. In the
case of CERT and PKA, this is an actual security requirement as the
URL might point to a key put in by an attacker. By forcing the use of
the fingerprint, we won't use the attacker's key here.
Diffstat (limited to 'g10/keyserver-internal.h')
| -rw-r--r-- | g10/keyserver-internal.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/g10/keyserver-internal.h b/g10/keyserver-internal.h index 9b6def872..a36598695 100644 --- a/g10/keyserver-internal.h +++ b/g10/keyserver-internal.h @@ -45,7 +45,7 @@ int keyserver_search(STRLIST tokens); int keyserver_fetch(STRLIST urilist); int keyserver_import_cert(const char *name, unsigned char **fpr,size_t *fpr_len); -int keyserver_import_pka(const char *name,unsigned char *fpr); +int keyserver_import_pka(const char *name,unsigned char **fpr,size_t *fpr_len); int keyserver_import_name(const char *name,unsigned char **fpr,size_t *fpr_len, struct keyserver_spec *keyserver); int keyserver_import_ldap(const char *name, |