gpg: Screen keyserver responses.
authorStefan Tomanek <tomanek@internet-sicherheit.de>
Wed, 29 Jan 2014 23:57:43 +0000 (00:57 +0100)
committerWerner Koch <wk@gnupg.org>
Tue, 24 Jun 2014 07:53:04 +0000 (09:53 +0200)
commit5e933008beffbeae7255ece02383606481f9c169
treea4752fb5ef9c1eb5e5155447959aff88d932b0c1
parente790671cb3a35f3042558224e915b6f74ebc2251
gpg: Screen keyserver responses.

* g10/main.h (import_filter_t): New.
* g10/import.c (import): Add filter callbacks to param list.
(import_one): Ditto.
(import_secret_one): Ditto.
(import_keys_internal): Ditto.
(import_keys_stream): Ditto.
* g10/keyserver.c (keyserver_retrieval_filter): New.
(keyserver_spawn): Pass filter to import_keys_stream()

--
These changes introduces import functions that apply a constraining
filter to imported keys. These filters can verify the fingerprints of
the keys returned before importing them into the keyring, ensuring that
the keys fetched from the keyserver are in fact those selected by the
user beforehand.

Signed-off-by: Stefan Tomanek <tomanek@internet-sicherheit.de>
Re-indention and minor changes by wk.

Resolved conflicts:
g10/import.c
g10/keyserver.c
g10/main.h
g10/import.c
g10/keyserver.c
g10/main.h