diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 09:59:16 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 09:59:16 +0000 |
| commit | abd376d1e24e6665ef3662eb23ad76adadf78f72 (patch) | |
| tree | ec7213f75b7e8c9cdbb4d335ed9ca7c11aae6f5f /debian/patches/gpg-drop-import-clean-from-default-keyserver-import-optio.patch | |
| parent | Adding upstream version 2.2.27. (diff) | |
| download | gnupg2-abd376d1e24e6665ef3662eb23ad76adadf78f72.tar.xz gnupg2-abd376d1e24e6665ef3662eb23ad76adadf78f72.zip | |
Adding debian version 2.2.27-2+deb11u2.debian/2.2.27-2+deb11u2debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/gpg-drop-import-clean-from-default-keyserver-import-optio.patch')
| -rw-r--r-- | debian/patches/gpg-drop-import-clean-from-default-keyserver-import-optio.patch | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/debian/patches/gpg-drop-import-clean-from-default-keyserver-import-optio.patch b/debian/patches/gpg-drop-import-clean-from-default-keyserver-import-optio.patch new file mode 100644 index 0000000..6fa2283 --- /dev/null +++ b/debian/patches/gpg-drop-import-clean-from-default-keyserver-import-optio.patch @@ -0,0 +1,49 @@ +From: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +Date: Mon, 15 Jul 2019 16:24:35 -0400 +Subject: gpg: drop import-clean from default keyserver import options + +* g10/gpg.c (main): drop IMPORT_CLEAN from the +default opt.keyserver_options.import_options +* doc/gpg.texi: reflect this change in the documentation + +Given that SELF_SIGS_ONLY is already set, it's not clear what +additional benefit IMPORT_CLEAN provides. Furthermore, IMPORT_CLEAN +means that receiving an OpenPGP certificate from a keyserver will +potentially delete data that is otherwise held in the local keyring, +which is surprising to users who expect retrieval from the keyservers +to be purely additive. + +GnuPG-Bug-Id: 4628 +Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +--- + doc/gpg.texi | 2 +- + g10/gpg.c | 3 +-- + 2 files changed, 2 insertions(+), 3 deletions(-) + +diff --git a/doc/gpg.texi b/doc/gpg.texi +index 7b603d7..104318a 100644 +--- a/doc/gpg.texi ++++ b/doc/gpg.texi +@@ -1982,7 +1982,7 @@ are available for all keyserver types, some common options are: + + @end table + +-The default list of options is: "self-sigs-only, import-clean, ++The default list of options is: "self-sigs-only, + repair-keys, repair-pks-subkey-bug, export-attributes, + honor-pka-record". + +diff --git a/g10/gpg.c b/g10/gpg.c +index 6b44cfb..caa0487 100644 +--- a/g10/gpg.c ++++ b/g10/gpg.c +@@ -2348,8 +2348,7 @@ main (int argc, char **argv) + opt.export_options = EXPORT_ATTRIBUTES; + opt.keyserver_options.import_options = (IMPORT_REPAIR_KEYS + | IMPORT_REPAIR_PKS_SUBKEY_BUG +- | IMPORT_SELF_SIGS_ONLY +- | IMPORT_CLEAN); ++ | IMPORT_SELF_SIGS_ONLY); + opt.keyserver_options.export_options = EXPORT_ATTRIBUTES; + opt.keyserver_options.options = KEYSERVER_HONOR_PKA_RECORD; + opt.verify_options = (LIST_SHOW_UID_VALIDITY |