pacman/lib/libalpm
Jonas Witschel 48752f1b4b signing: add ability to import keys using a WKD
Currently pacman relies on the SKS keyserver network to fetch unknown
PGP keys. These keyservers are vulnerable to signature spamming attacks,
potentionally making it impossible to import the required keys. An
alternative to keyservers is a so-called Web Key Directory (WKD), a
well-known, trusted location on a server from where the keys can be
fetched.

This commit adds the ability to retrieve keys from a WKD. Due to the
mentioned vulnerabilities, the WKD is tried first, falling back to the
keyservers only if no appropriate key is found there.

In contrast to keyservers, keys in a WKD are not looked up using their
fingerprint, but by email address. Since the email address of the
signing key is usually not included in the signature, we will use the
packager email address to perform the lookup.

Also see FS#63171.

Signed-off-by: Jonas Witschel <diabonas@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-07 11:21:46 +10:00
..
po Prepare translations for next release 2019-08-12 11:42:10 +10:00
.gitignore libalpm: add pkg-config file 2012-04-25 20:02:36 -04:00
add.c libalpm/add.c: move assignment into conditional in alpm_add_pkg 2019-01-04 11:32:49 +10:00
add.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
alpm.c Fix clang 8 string-plus-int warnings 2019-05-08 10:12:14 +10:00
alpm.h Remove support for deltas from libalpm 2019-03-07 11:12:12 +10:00
alpm_list.c Remove all modelines from the project 2018-05-14 09:59:15 +10:00
alpm_list.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
backup.c Remove all modelines from the project 2018-05-14 09:59:15 +10:00
backup.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
base64.c base64.c: comment out unused variable 2014-01-15 15:54:56 +10:00
base64.h Do not #define _RESERVED_IDENTIFIERS 2016-09-25 18:04:57 +10:00
be_local.c be_local.c: remove aligment in local_pkg_ops 2019-01-10 14:10:55 +10:00
be_package.c signing: move key import confirmation before key_search 2019-10-07 11:07:39 +10:00
be_sync.c Remove support for deltas from libalpm 2019-03-07 11:12:12 +10:00
conflict.c Remove the last traces of the pacman --force option 2018-08-10 12:38:03 +10:00
conflict.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
db.c Remove all modelines from the project 2018-05-14 09:59:15 +10:00
db.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
deps.c Remove all modelines from the project 2018-05-14 09:59:15 +10:00
deps.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
diskspace.c Remove all modelines from the project 2018-05-14 09:59:15 +10:00
diskspace.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
dload.c dload: never return NULL from get_filename 2019-10-07 10:55:49 +10:00
dload.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
error.c Remove support for deltas from libalpm 2019-03-07 11:12:12 +10:00
filelist.c Remove all modelines from the project 2018-05-14 09:59:15 +10:00
filelist.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
graph.c Remove all modelines from the project 2018-05-14 09:59:15 +10:00
graph.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
group.c Remove all modelines from the project 2018-05-14 09:59:15 +10:00
group.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
handle.c Remove support for deltas from libalpm 2019-03-07 11:12:12 +10:00
handle.h Remove support for deltas from libalpm 2019-03-07 11:12:12 +10:00
hook.c hooks: rename type File to Path 2019-06-06 10:38:31 +10:00
hook.h libalpm: ignore .hook suffix when sorting hooks 2018-08-10 12:37:19 +10:00
ini.c run hooks during trans_commit 2015-10-18 10:59:23 +10:00
ini.h run hooks during trans_commit 2015-10-18 10:59:23 +10:00
libalpm.pc.in build: check for gpgme with pkg-config before gpgme-config 2019-03-19 14:05:53 +10:00
libarchive-compat.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
log.c use consistent time notation for the log 2019-06-20 17:00:53 +10:00
log.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
Makefile.am autotools: distribute meson files 2019-10-04 11:25:48 +10:00
meson.build Remove support for deltas from libalpm 2019-03-07 11:12:12 +10:00
package.c free makedepends/checkdepends when freeing packages 2019-06-20 14:45:58 +10:00
package.h Remove support for deltas from libalpm 2019-03-07 11:12:12 +10:00
pkghash.c Remove all modelines from the project 2018-05-14 09:59:15 +10:00
pkghash.h Update coyrights for 2018 2018-03-14 13:31:31 +10:00
rawstr.c Remove all modelines from the project 2018-05-14 09:59:15 +10:00
remove.c Move skipping of duplicate sync/remove targets into libalpm 2019-01-04 11:31:55 +10:00
remove.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
signing.c signing: add ability to import keys using a WKD 2019-10-07 11:21:46 +10:00
signing.h signing: move key import confirmation before key_search 2019-10-07 11:07:39 +10:00
sync.c signing: move key import confirmation before key_search 2019-10-07 11:07:39 +10:00
sync.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
trans.c Remove all modelines from the project 2018-05-14 09:59:15 +10:00
trans.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
util-common.c Split common utility functions for libalpm and pacman 2013-01-04 21:49:37 +10:00
util-common.h Split common utility functions for libalpm and pacman 2013-01-04 21:49:37 +10:00
util.c handle EINTR while polling scripts/hooks 2018-10-21 19:19:48 +10:00
util.h Remove all modelines from the project 2018-05-14 09:59:15 +10:00
version.c Remove all modelines from the project 2018-05-14 09:59:15 +10:00