| Summary | GPG keys are not fetched from the configured keyserver |
| Queue | Horde Framework Packages |
| Queue Version | Git master |
| Type | Bug |
| State | Resolved |
| Priority | 2. Medium |
| Owners | slusarz (at) horde (dot) org |
| Requester | o (at) immerda (dot) ch |
| Created | 08/27/2012 (4704 days ago) |
| Due | |
| Updated | 08/29/2012 (4702 days ago) |
| Assigned | |
| Resolved | 08/27/2012 (4704 days ago) |
| Github Issue Link | |
| Github Pull Request | |
| Milestone | |
| Patch | No |
commit 425bcf0cf8e5686fe273ff9345be1e06bf5a487b
Author: Michael M Slusarz <slusarz@horde.org>
Date: Mon Aug 27 15:35:35 2012 -0600
[mms] Improvements in obtaining GPG keys from a keyserver (Bug
#11380) (o+horde@immerda.ch).Use keyserver parameters passed in original method call
When using keyserver, only use gpg keys with a UID containing a
matching email address
framework/Crypt/lib/Horde/Crypt/Pgp.php | 27 ++++++++++++++++++++++++---
framework/Crypt/package.xml | 4 ++--
2 files changed, 26 insertions(+), 5 deletions(-)
http://git.horde.org/horde-git/-/commit/425bcf0cf8e5686fe273ff9345be1e06bf5a487b
State ⇒ Resolved
commit 425bcf0cf8e5686fe273ff9345be1e06bf5a487b
Author: Michael M Slusarz <slusarz@horde.org>
Date: Mon Aug 27 15:35:35 2012 -0600
[mms] Improvements in obtaining GPG keys from a keyserver (Bug
#11380) (o+horde@immerda.ch).Use keyserver parameters passed in original method call
When using keyserver, only use gpg keys with a UID containing a
matching email address
framework/Crypt/lib/Horde/Crypt/Pgp.php | 27 ++++++++++++++++++++++++---
framework/Crypt/package.xml | 4 ++--
2 files changed, 26 insertions(+), 5 deletions(-)
http://git.horde.org/horde-git/-/commit/425bcf0cf8e5686fe273ff9345be1e06bf5a487b
commit 948add61abd6fe549c1bd7b152e8b4b7a30814ce
Author: Michael M Slusarz <slusarz@horde.org>
Date: Mon Aug 27 15:35:35 2012 -0600
[mms] Improvements in obtaining GPG keys from a keyserver (Bug
#11380) (o+horde@immerda.ch).Use keyserver parameters passed in original method call
When using keyserver, only use gpg keys with a UID containing a
matching email address
framework/Crypt/lib/Horde/Crypt/Pgp.php | 27 ++++++++++++++++++++++++---
framework/Crypt/package.xml | 4 ++--
2 files changed, 26 insertions(+), 5 deletions(-)
http://git.horde.org/horde-git/-/commit/948add61abd6fe549c1bd7b152e8b4b7a30814ce
request for a second patch which checks all fetched keyids if they
actually have a correct uid:
(git log) Fix: horde picks mismatching gpg-keys.
We should only use gpg keys with an uid containing a matching email
address to encrypt mails.
How a keyserver responds to a text search is not standardized. See
https://tools.ietf.org/html/draft-shaw-openpgp-hkp-00#page-3
3.1.1.3. Text Searches
How a keyserver handles a textual search is implementation defined.
See also the definition of the "exact" variable for a method to
give additional instructions to the server on how the search is to
be executed.
We should therefore not rely to get the correct key, just because we
where searching for an email address. This patch removes all keys from
the candidates list, which do not contain the correct email address
between <> in the uid field.
uid lines from the keyserver are constructed as follows:
uid:escaped uid string:creationdate:expirationdate:flags
(s.openpgp-hkp rfc draft)
where all pgp compatible tools that i know of use the following uid
format:
name (comment) <email>
Priority ⇒ 2. Medium
Type ⇒ Bug
Summary ⇒ GPG keys are not fetched from the configured keyserver
Queue ⇒ Horde Framework Packages
Milestone ⇒
Patch ⇒ No
State ⇒ Unconfirmed