[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Sks-devel] sks patch to refuse poison key
From: |
Shengjing Zhu |
Subject: |
[Sks-devel] sks patch to refuse poison key |
Date: |
Mon, 16 Jul 2018 13:18:52 +0800 |
User-agent: |
Mutt/1.10.0 (2018-05-17) |
On Sun, Jul 15, 2018 at 06:28:24PM +1000, Haw Loeung wrote:
> I don't think these patches should land in SKS. It's to work around
> one key and doesn't scale very well. Instead, I think more work should
> be done adding the ability to not accept and send keys of a certain
> size as well as options to exclude specific list of keys. I'm not sure
> if there's another mailing list used by SKS developers to discuss
> this.
Thanks, I see the patches hard code key id, so I think it shouldn't land in
upstream too.
>
> If you're interested in the patches, you should be able to download
> the *.debian.tar.xz file from the link below:
>
> |
> https://launchpad.net/~canonical-sysadmins/+archive/ubuntu/sks-public/+packages
>
> Extract that and the series of patches to-date are:
>
> | 0012-poison-key.patch
> | poison-key-id-update
> | 0014-poison-key-output-fix
> | 0091-pjdc-compare-short-keyid.patch
>
I don't know ocaml, but these patches are in a mess, shouldn't it be
simplified to,
diff --git a/keydb.ml b/keydb.ml
index 949a1f4..7ff976a 100644
--- a/keydb.ml
+++ b/keydb.ml
@@ -1166,6 +1166,11 @@ struct
try
if has_hash hash then [] else
let keyid = Fingerprint.keyid_from_key ~short:true key in
+ let keyid_long = Fingerprint.keyid_to_string ~short:false
(Fingerprint.keyid_from_key ~short:false key) in
+
+ (* Blacklist poison key - RT#112669 *)
+ plerror 4 "considering keyid %s" keyid_long;
+ if List.mem keyid_long ["E41ED3A107A7DBC7"] then [] else
let potential_merges = List.filter ~f:(fun x -> x <> key)
(get_by_short_keyid keyid)
in
--
Best regards,
Shengjing Zhu
signature.asc
Description: PGP signature
- Re: [Sks-devel] withdrawal of service: sks.spodhuis.org, (continued)
Re: [Sks-devel] withdrawal of service: sks.spodhuis.org, Haw Loeung, 2018/07/14
Re: [Sks-devel] withdrawal of service: sks.spodhuis.org, Shengjing Zhu, 2018/07/14
Re: [Sks-devel] withdrawal of service: sks.spodhuis.org, Tobias Frei, 2018/07/15
Re: [Sks-devel] withdrawal of service: sks.spodhuis.org, Haw Loeung, 2018/07/15
[Sks-devel] sks patch to refuse poison key,
Shengjing Zhu <=
[Sks-devel] withdrawal of service: sks.boo.tc / sks.bootc.eu, Chris Boot, 2018/07/16
[Sks-devel] Withdrawal of service: ams.sks.heypete.com, Pete Stephenson, 2018/07/16