Closed hanazuki closed 4 years ago
It might be more robust to every time throw away our used keyring and create a new one.
Thank you for submitting this, and apologies for my slow response!
@larskanis you wrote the keyring code in a91d840, can you take a look at this? We don't have test coverage on it and there seems to be some portability concerns (based on the commit message) that I don't want to break.
It might be more robust to every time throw away our used keyring and create a new one.
The portability issues mentioned in a91d840acf316a65f5dae7045a194b75631bb2ff are the reason why the keyring isn't deleted as whole file. But gpg --status-fd
is made for batch processing, so that this interface shouldn't change, so that I think our implementation is reasonable safe. It was just buggy in that way that it assumed only one key.
Thanks for reviewing, @larskanis. And thanks, @hanazuki, for the PR! I'm merging now and will release a new version shortly.
v2.5.0 has been released with this change. Thank you again!
@flavorjones Thank you! @larskanis Thank you for your review and advice.
In case multiple GPG public keys are given, the current implementation only removes the first key after use and leaves the others, which will be used to verify subsequent downloads (insecure). This patch makes sure to remove all of them.