diff options
author | Joey Hess <joeyh@joeyh.name> | 2017-05-20 17:09:28 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2017-05-20 17:21:08 -0400 |
commit | 73a310ce49c91f0884d05a8d2cd8c96c3c5447d3 (patch) | |
tree | 1d7489b13e5ae950a849508857111966e538625e /ControlWindow.hs | |
parent | 34b0151e125a6698f57ea476ccfa922c6275edf1 (diff) | |
download | debug-me-73a310ce49c91f0884d05a8d2cd8c96c3c5447d3.tar.gz |
developer keyring verification
* gpg keyrings in /usr/share/debug-me/ will be checked
to see if a connecting person is a known developer of software
installed on the system, and so implicitly trusted already.
Software packages/projects can install keyrings to that location.
(Thanks to Sean Whitton for the idea.)
* make install will install /usr/share/debug-me/debug-me_developer.gpg,
which contains the key of Joey Hess. (stack and cabal installs don't
include this file because they typically don't install system-wide)
* debug-me.cabal: Added dependency on time.
This commit was sponsored by Francois Marier on Patreon.
Diffstat (limited to 'ControlWindow.hs')
-rw-r--r-- | ControlWindow.hs | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/ControlWindow.hs b/ControlWindow.hs index c5a6be9..bd79d0f 100644 --- a/ControlWindow.hs +++ b/ControlWindow.hs @@ -15,6 +15,7 @@ import ControlSocket import VirtualTerminal import Gpg import Gpg.Wot +import Gpg.Keyring import Output import System.IO @@ -163,6 +164,8 @@ askToAllow ochan promptchan responsechan k@(GpgSigned pk _ _) = do ws <- downloadWotStats gpgkeyid putStrLn $ unlines $ map sanitizeForDisplay $ describeWot ws ss + mapM_ (putStrLn . keyringToDeveloperDesc ws) + =<< findKeyringsContaining gpgkeyid promptconnect where promptconnect :: IO () |