about summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorMichael Vetter <jubalh@iodoru.org>2022-05-03 23:11:25 +0200
committerMichael Vetter <jubalh@iodoru.org>2022-05-03 23:11:25 +0200
commitc3deb5d325b7e327e14bdead1fb03de5ba42644a (patch)
treec06345ce600b084b85abb1fdb20742801a032ec4
parentc9e6a89aeaea87daaf572edefe3f9dc5d48e912e (diff)
downloadprofani-tty-c3deb5d325b7e327e14bdead1fb03de5ba42644a.tar.gz
ox: dont require marginal trust level
Maybe we can make this configurable later.
So users have the freedom to be more strict.

This commit partly reverts 62018f48c5f1a0410445fce5bca5fdd6a9e4d907.

Example to edit trust level:
```
gpg --edit-key somekeyid
gpg (GnuPG) 2.3.4; Copyright (C) 2021 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

pub  rsa4096/keyid
     created: 2020-06-26  expires: 2022-06-26  usage: SC
     trust: unknown       validity: full
sub  rsa4096/keyid
     created: 2020-06-26  expires: 2022-06-26  usage: E
[  full  ] (1). xmpp:user@domain.de

gpg> trust
pub  rsa4096/keyid
     created: 2020-06-26  expires: 2022-06-26  usage: SC
     trust: unknown       validity: full
sub  rsa4096/keyid
     created: 2020-06-26  expires: 2022-06-26  usage: E
[  full  ] (1). xmpp:user@domain.de

Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)

  1 = I don't know or won't say
  2 = I do NOT trust
  3 = I trust marginally
  4 = I trust fully
  5 = I trust ultimately
  m = back to the main menu

Your decision? 3

pub  rsa4096/keyid
     created: 2020-06-26  expires: 2022-06-26  usage: SC
     trust: marginal      validity: full
sub  rsa4096/keyid
     created: 2020-06-26  expires: 2022-06-26  usage: E
[  full  ] (1). xmpp:user@domain.de
Please note that the shown key validity is not necessarily correct
unless you restart the program.

gpg> quit
```
Diffstat
-rw-r--r--src/pgp/gpg.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/pgp/gpg.c b/src/pgp/gpg.c
index 25704847..bdb00408 100644
--- a/src/pgp/gpg.c
+++ b/src/pgp/gpg.c
@@ -1114,10 +1114,15 @@ _ox_key_is_usable(gpgme_key_t key, const char* const barejid, gboolean secret)
         result = FALSE;
     }
 
+    // This might be a nice features but AFAIK is not defined in the XEP.
+    // If we add this we need to expand our documentation on how to set the
+    // trust leven in gpg. I'll add an example to this commit body.
+    /*
     if (key->owner_trust < GPGME_VALIDITY_MARGINAL) {
         log_info("OX: Owner trust of %s's key is < GPGME_VALIDITY_MARGINAL", barejid);
         result = FALSE;
     }
+    */
 
     return result;
 }
generated by cgit-pink 1.4.1-2-gfad0 (git 2.36.2.497.gbbea4dcf42) at 2024-07-03 00:19:29 +0000