PKGBUILD/gnupg-scd-shared
2
0
Fork 0
Code Releases Activity
488d3f95d8
gnupg-scd-shared/drop-import-clean.patch

55 lines
2.0 KiB
Diff
Raw Blame History

From 1690a464b28fa24ce82189a9bf5d7ce9b44804b8 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Mon, 15 Jul 2019 16:24:35 -0400
Subject: [PATCH 3/7] gpg: drop import-clean from default keyserver import
options
* g10/gpg.c (main): drop IMPORT_CLEAN from the
default opt.keyserver_options.import_options
* doc/gpg.texi: reflect this change in the documentation
Given that SELF_SIGS_ONLY is already set, it's not clear what
additional benefit IMPORT_CLEAN provides. Furthermore, IMPORT_CLEAN
means that receiving an OpenPGP certificate from a keyserver will
potentially delete data that is otherwise held in the local keyring,
which is surprising to users who expect retrieval from the keyservers
to be purely additive.
GnuPG-Bug-Id: 4628
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
---
doc/gpg.texi | 2 +-
g10/gpg.c | 3 +--
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 4870441d4..551459a74 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1963,7 +1963,7 @@ are available for all keyserver types, some common options are:
@end table
-The default list of options is: "self-sigs-only, import-clean,
+The default list of options is: "self-sigs-only,
repair-keys, repair-pks-subkey-bug, export-attributes,
honor-pka-record".
diff --git a/g10/gpg.c b/g10/gpg.c
index 68cc22041..fa2bcfa5e 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -2397,8 +2397,7 @@ main (int argc, char **argv)
opt.export_options = EXPORT_ATTRIBUTES;
opt.keyserver_options.import_options = (IMPORT_REPAIR_KEYS
| IMPORT_REPAIR_PKS_SUBKEY_BUG
- | IMPORT_SELF_SIGS_ONLY
- | IMPORT_CLEAN);
+ | IMPORT_SELF_SIGS_ONLY);
opt.keyserver_options.export_options = EXPORT_ATTRIBUTES;
opt.keyserver_options.options = KEYSERVER_HONOR_PKA_RECORD;
opt.verify_options = (LIST_SHOW_UID_VALIDITY
--
2.27.0
View Git Blame Copy Permalink