diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2019-08-19 17:34:10 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2019-08-20 10:07:29 +0200 |
commit | 4ce96162f089e62d0d27ab305c227e0823439c10 (patch) | |
tree | 0441f93e8f76299a8d2b2c5db155df049c4c2f83 | |
parent | 7555cfeafb28fccd93aac9441cc18f985036cfc7 (diff) |
net: Drop SKS pool in favor of keys.openpgp.org.
-rw-r--r-- | ffi/examples/configure.c | 2 | ||||
-rw-r--r-- | ffi/examples/keyserver.c | 2 | ||||
-rw-r--r-- | ffi/include/sequoia/net.h | 9 | ||||
-rw-r--r-- | ffi/lang/python/sequoia/net.py | 4 | ||||
-rw-r--r-- | ffi/src/net.rs | 13 | ||||
-rw-r--r-- | net/src/lib.rs | 16 | ||||
-rw-r--r-- | net/src/sks-keyservers.netCA.der | bin | 1423 -> 0 bytes | |||
-rw-r--r-- | store/src/backend/mod.rs | 2 | ||||
-rw-r--r-- | tool/src/sq.rs | 2 |
9 files changed, 22 insertions, 28 deletions
diff --git a/ffi/examples/configure.c b/ffi/examples/configure.c index 37401047..ca3d781a 100644 --- a/ffi/examples/configure.c +++ b/ffi/examples/configure.c @@ -31,7 +31,7 @@ main (int argc, char **argv) error (1, 0, "Initializing sequoia failed: %s", pgp_error_to_string (err)); - ks = sq_keyserver_sks_pool (ctx); + ks = sq_keyserver_keys_openpgp_org (ctx); if (ks == NULL) { pgp_error_t err = sq_context_last_error (ctx); diff --git a/ffi/examples/keyserver.c b/ffi/examples/keyserver.c index 3a0acae7..715795d8 100644 --- a/ffi/examples/keyserver.c +++ b/ffi/examples/keyserver.c @@ -29,7 +29,7 @@ main (int argc, char **argv) error (1, 0, "Initializing sequoia failed: %s", pgp_error_to_string (err)); - ks = sq_keyserver_sks_pool (ctx); + ks = sq_keyserver_keys_openpgp_org (ctx); if (ks == NULL) { pgp_error_t err = sq_context_last_error (ctx); diff --git a/ffi/include/sequoia/net.h b/ffi/include/sequoia/net.h index 4e2f030b..8b74f727 100644 --- a/ffi/include/sequoia/net.h +++ b/ffi/include/sequoia/net.h @@ -34,15 +34,14 @@ sq_keyserver_t sq_keyserver_with_cert (sq_context_t ctx, size_t len); /*/ -/// Returns a handle for the SKS keyserver pool. +/// Returns a handle for keys.openpgp.org. /// -/// The pool `hkps://hkps.pool.sks-keyservers.net` provides HKP -/// services over https. It is authenticated using a certificate -/// included in this library. It is a good default choice. +/// The server at `hkps://keys.openpgp.org` distributes updates for +/// OpenPGP certificates. It is a good default choice. /// /// Returns `NULL` on errors. /*/ -sq_keyserver_t sq_keyserver_sks_pool (sq_context_t ctx); +sq_keyserver_t sq_keyserver_keys_openpgp_org (sq_context_t ctx); /*/ /// Frees a keyserver object. diff --git a/ffi/lang/python/sequoia/net.py b/ffi/lang/python/sequoia/net.py index c5f4a7f4..a89c4e4f 100644 --- a/ffi/lang/python/sequoia/net.py +++ b/ffi/lang/python/sequoia/net.py @@ -19,8 +19,8 @@ class KeyServer(SQObject): return KeyServer(ks, context=ctx) @classmethod - def sks_pool(cls, ctx): - return KeyServer(lib.sq_keyserver_sks_pool(ctx.ref()), + def keys_openpgp_org(cls, ctx): + return KeyServer(lib.sq_keyserver_keys_openpgp_org(ctx.ref()), context=ctx) def get(self, keyid): diff --git a/ffi/src/net.rs b/ffi/src/net.rs index 5709e09a..29e46458 100644 --- a/ffi/src/net.rs +++ b/ffi/src/net.rs @@ -22,7 +22,7 @@ //! pgp_tpk_t tpk; //! //! ctx = sq_context_new (NULL); -//! ks = sq_keyserver_sks_pool (ctx); +//! ks = sq_keyserver_keys_openpgp_org (ctx); //! id = pgp_keyid_from_bytes ((uint8_t *) "\x24\x7F\x6D\xAB\xC8\x49\x14\xFE"); //! tpk = sq_keyserver_get (ctx, ks, id); //! ``` @@ -89,18 +89,17 @@ fn sq_keyserver_with_cert(ctx: *mut Context, ffi_try_box!(KeyServer::with_cert(&ctx.c, &uri, cert)) } -/// Returns a handle for the SKS keyserver pool. +/// Returns a handle for keys.openpgp.org. /// -/// The pool `hkps://hkps.pool.sks-keyservers.net` provides HKP -/// services over https. It is authenticated using a certificate -/// included in this library. It is a good default choice. +/// The server at `hkps://keys.openpgp.org` distributes updates for +/// OpenPGP certificates. It is a good default choice. /// /// Returns `NULL` on errors. #[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C" -fn sq_keyserver_sks_pool(ctx: *mut Context) -> *mut KeyServer { +fn sq_keyserver_keys_openpgp_org(ctx: *mut Context) -> *mut KeyServer { let ctx = ffi_param_ref_mut!(ctx); ffi_make_fry_from_ctx!(ctx); - ffi_try_box!(KeyServer::sks_pool(&ctx.c)) + ffi_try_box!(KeyServer::keys_openpgp_org(&ctx.c)) } /// Frees a keyserver object. diff --git a/net/src/lib.rs b/net/src/lib.rs index ad023d67..e37e6ece 100644 --- a/net/src/lib.rs +++ b/net/src/lib.rs @@ -26,7 +26,7 @@ //! # fn f() -> Result<()> { //! let mut core = Core::new().unwrap(); //! let ctx = Context::new()?; -//! let mut ks = KeyServer::sks_pool(&ctx)?; +//! let mut ks = KeyServer::keys_openpgp_org(&ctx)?; //! let keyid = KeyID::from_hex("31855247603831FD").unwrap(); //! println!("{:?}", core.run(ks.get(&keyid))); //! Ok(()) @@ -127,16 +127,12 @@ impl KeyServer { Self::make(ctx, client, uri) } - /// Returns a handle for the SKS keyserver pool. + /// Returns a handle for keys.openpgp.org. /// - /// The pool `hkps://hkps.pool.sks-keyservers.net` provides HKP - /// services over https. It is authenticated using a certificate - /// included in this library. It is a good default choice. - pub fn sks_pool(ctx: &Context) -> Result<Self> { - let uri = "hkps://hkps.pool.sks-keyservers.net"; - let cert = Certificate::from_der( - include_bytes!("sks-keyservers.netCA.der")).unwrap(); - Self::with_cert(ctx, uri, cert) + /// The server at `hkps://keys.openpgp.org` distributes updates + /// for OpenPGP certificates. It is a good default choice. + pub fn keys_openpgp_org(ctx: &Context) -> Result<Self> { + Self::new(ctx, "hkps://keys.openpgp.org") } /// Common code for the above functions. diff --git a/net/src/sks-keyservers.netCA.der b/net/src/sks-keyservers.netCA.der Binary files differdeleted file mode 100644 index 80ca132b..00000000 --- a/net/src/sks-keyservers.netCA.der +++ /dev/null diff --git a/store/src/backend/mod.rs b/store/src/backend/mod.rs index 6312373f..6351a676 100644 --- a/store/src/backend/mod.rs +++ b/store/src/backend/mod.rs @@ -896,7 +896,7 @@ impl KeyServer { let ctx = core::Context::configure() .network_policy(network_policy).build()?; - let keyserver = net::KeyServer::sks_pool(&ctx)?; + let keyserver = net::KeyServer::keys_openpgp_org(&ctx)?; Ok((KeyServer::new(c.clone(), id), fingerprint.to_keyid(), diff --git a/tool/src/sq.rs b/tool/src/sq.rs index 0e8a1439..02350b38 100644 --- a/tool/src/sq.rs +++ b/tool/src/sq.rs @@ -304,7 +304,7 @@ fn real_main() -> Result<(), failure::Error> { let mut ks = if let Some(uri) = m.value_of("server") { KeyServer::new(&ctx, &uri) } else { - KeyServer::sks_pool(&ctx) + KeyServer::keys_openpgp_org(&ctx) }.context("Malformed keyserver URI")?; match m.subcommand() { |