[Pkg-privacy-commits] [msva-perl] 168/356: now respects keyserverpolicy request member variable (closes MS #2542)
Ximin Luo
infinity0 at moszumanska.debian.org
Mon Aug 24 07:41:52 UTC 2015
This is an automated email from the git hooks/post-receive script.
infinity0 pushed a commit to branch debian
in repository msva-perl.
commit 2e85a1f314bd77a6196d4dce99a586864d173fd3
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date: Fri Oct 15 01:59:09 2010 -0400
now respects keyserverpolicy request member variable (closes MS #2542)
---
Changelog | 7 +++++++
Crypt/Monkeysphere/MSVA.pm | 14 +++++++++++---
msva.protocol.README | 7 ++++---
3 files changed, 22 insertions(+), 6 deletions(-)
diff --git a/Changelog b/Changelog
index 25411aa..8410b89 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,10 @@
+msva-perl (0.6~pre) unstable; urgency=low
+
+ * add new element to JSON syntax allowing request to override
+ keyserver_policy (closes MS #2542)
+
+ -- Daniel Kahn Gillmor <dkg at fifthhorseman.net> Thu, 14 Oct 2010 16:30:54 -0400
+
msva-perl (0.5) unstable; urgency=low
* If ${MSVA_KEYSERVER} is unset or blank, default to using keyserver
diff --git a/Crypt/Monkeysphere/MSVA.pm b/Crypt/Monkeysphere/MSVA.pm
index d4c5852..94a5c76 100755
--- a/Crypt/Monkeysphere/MSVA.pm
+++ b/Crypt/Monkeysphere/MSVA.pm
@@ -543,13 +543,21 @@
} else {
$ret->{message} = sprintf('Failed to validate "%s" through the OpenPGP Web of Trust.', $uid);
my $lastloop = 0;
- msvalog('debug', "keyserver policy: %s\n", get_keyserver_policy);
+ my $kspolicy;
+ if (defined $data->{keyserverpolicy} &&
+ $data->{keyserverpolicy} =~ /^(always|never|unlessvalid)$/) {
+ $kspolicy = $1;
+ msvalog("verbose", "using requested keyserver policy: %s\n", $1);
+ } else {
+ $kspolicy = get_keyserver_policy();
+ }
+ msvalog('debug', "keyserver policy: %s\n", $kspolicy);
# needed because $gnupg spawns child processes
$ENV{PATH} = '/usr/local/bin:/usr/bin:/bin';
- if (get_keyserver_policy() eq 'always') {
+ if ($kspolicy eq 'always') {
fetch_uid_from_keyserver($uid);
$lastloop = 1;
- } elsif (get_keyserver_policy() eq 'never') {
+ } elsif ($kspolicy eq 'never') {
$lastloop = 1;
}
my $foundvalid = 0;
diff --git a/msva.protocol.README b/msva.protocol.README
index d8ca551..0d7fd51 100644
--- a/msva.protocol.README
+++ b/msva.protocol.README
@@ -14,7 +14,8 @@ GET / -- initial contact query, protocol version compatibility.
(returns: protoversion, server, available)
POST /reviewcert -- request validation of a certificate
- (query parameters: uid, context, pkc)
+ (required query parameters: uid, context, pkc)
+ (optional query parameters: keyserverpolicy)
(returns: valid, message)
Query parameters are posted as a JSON blob (*not* as
@@ -23,9 +24,9 @@ www-form-encoded).
The variables that are returned are application/json as well.
(PKC means: public key carrier: raw key, OpenPGP cert, or X.509 cert)
-(UID means: User ID (like in OpenPGP))
+(UID means: User ID (similar to OpenPGP))
(context means: (this is too vague right now) something like "this certificate was used to try to identify an HTTPS server")
-
+(keyserverpolicy is optional; it states an advisory preference for how/whether the agent should contact the keyserver network for information about the key. The options are `always`, `never`, and `unlessvalid` (see the `msva-perl(1)` man page section about the `KEYSERVER_POLICY` environment variable for more details). Be aware that the agent may disregard, override, or simply not implement this preference.)
Full details on the Monkeysphere Validation Agent protocol should be
available at http://web.monkeysphere.info/validation-agent/protocol
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/msva-perl.git
More information about the Pkg-privacy-commits
mailing list