webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

validate GPG keys by fingerprint

Browse Source 
Validate GPG keys by fingerprint and not by 8-bit key-ID.

This makes exploiting bug #11539 harder, but not impossible
and does not affect existing installations.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Peter Müller
2017-11-12 15:40:28 +01:00
committed by Michael Tremer
parent b7a5076ca0
commit bb6481a820
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/pakfire/lib/functions.pl
View File

@@ -34,8 +34,8 @@ use Net::Ping;
package Pakfire;
# GPG Keys
my $myid = "64D96617"; # Our own gpg-key paks@ipfire.org
my $trustid = "65D0FD58"; # gpg-key of CaCert
my $myid = "179740DC4D8C47DC63C099C74BDE364C64D96617"; # Our own gpg-key paks@ipfire.org
my $trustid = "A31D4F81EF4EBD07B456FA04D2BB0D0165D0FD58"; # gpg-key of CaCert
# A small color-hash :D
my %color;