FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux Pacman Development

 
 
LinkBack Thread Tools
 
Old 01-05-2012, 09:47 PM
Dan McGee
 
Default Search for PGP subkeys in a keyserver-acceptable way

PGP keyservers are pieces of sh** when it comes to searching for
subkeys, and only allow it if you submit an 8-character fingerprint
rather than the recommended and less chance of collision 16-character
fingerprint.

Add a second remote lookup for the 8-character version of a key ID if we
don't find anything the first time we look up the key. This fixes
FS#27612 and the deficiency has been sent upstream to the GnuPG users
mailing list as well.

Signed-off-by: Dan McGee <dan@archlinux.org>
---
lib/libalpm/signing.c | 26 +++++++++++++++++++++-----
1 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 92f34b5..1a53dea 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -251,10 +251,24 @@ static int key_search(alpm_handle_t *handle, const char *fpr,
err = gpgme_get_key(ctx, fpr, &key, 0);
if(gpg_err_code(err) == GPG_ERR_EOF) {
_alpm_log(handle, ALPM_LOG_DEBUG, "key lookup failed, unknown key
");
- ret = 0;
- goto error;
- } else if(gpg_err_code(err) != GPG_ERR_NO_ERROR) {
- _alpm_log(handle, ALPM_LOG_DEBUG, "gpg error: %s
", gpgme_strerror(err));
+ /* Try an alternate lookup using the 8 character fingerprint value, since
+ * busted-ass keyservers can't support lookups using subkeys with the full
+ * value as of now. This is why 2012 is not the year of PGP encryption. */
+ if(strlen(fpr) > 8) {
+ const char *short_fpr = fpr + strlen(fpr) - 8;
+ _alpm_log(handle, ALPM_LOG_DEBUG,
+ "looking up key %s remotely
", short_fpr);
+ err = gpgme_get_key(ctx, short_fpr, &key, 0);
+ if(gpg_err_code(err) == GPG_ERR_EOF) {
+ _alpm_log(handle, ALPM_LOG_DEBUG, "key lookup failed, unknown key
");
+ ret = 0;
+ }
+ } else {
+ ret = 0;
+ }
+ }
+
+ if(gpg_err_code(err) != GPG_ERR_NO_ERROR) {
goto error;
}

@@ -270,9 +284,11 @@ static int key_search(alpm_handle_t *handle, const char *fpr,
pgpkey->email = key->uids->email;
pgpkey->created = key->subkeys->timestamp;
pgpkey->expires = key->subkeys->expires;
- ret = 1;
+ gpgme_release(ctx);
+ return 1;

error:
+ _alpm_log(handle, ALPM_LOG_DEBUG, "gpg error: %s
", gpgme_strerror(err));
gpgme_release(ctx);
return ret;
}
--
1.7.8.1
 

Thread Tools




All times are GMT. The time now is 05:36 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org