saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-17 10:10:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Change default GPG keyserver from pgp.mit.edu to keys.openpgp.org.

Browse source
This commit is contained in:
Gareth J. Greenaway 2023-03-24 10:31:29 -07:00 committed by Pedro Algarvio
parent 8747530732
commit 63c6bea28a
3 changed files with 23 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
changelog/63806.fixed.md Normal file
View file

@ -0,0 +1 @@
Change default GPG keyserver from pgp.mit.edu to keys.openpgp.org.

10
salt/modules/gpg.py
View file

@ -66,6 +66,8 @@ VERIFY_TRUST_LEVELS = {
"4": "Ultimate",
}
_DEFAULT_KEY_SERVER = "keys.openpgp.org"
try:
import gnupg
@ -216,7 +218,7 @@ def search_keys(text, keyserver=None, user=None):
Text to search the keyserver for, e.g. email address, keyID or fingerprint.
keyserver
Keyserver to use for searching for GPG keys, defaults to pgp.mit.edu.
Keyserver to use for searching for GPG keys, defaults to keys.openpgp.org.
user
Which user's keychain to access, defaults to user Salt is running as.
@ -235,7 +237,7 @@ def search_keys(text, keyserver=None, user=None):
"""
if not keyserver:
keyserver = "pgp.mit.edu"
keyserver = _DEFAULT_KEY_SERVER
_keys = []
for _key in _search_keys(text, keyserver, user):
@ -881,7 +883,7 @@ def receive_keys(keyserver=None, keys=None, user=None, gnupghome=None):
Receive key(s) from keyserver and add them to keychain
keyserver
Keyserver to use for searching for GPG keys, defaults to pgp.mit.edu
Keyserver to use for searching for GPG keys, defaults to keys.openpgp.org
keys
The keyID(s) to retrieve from the keyserver. Can be specified as a comma
@ -911,7 +913,7 @@ def receive_keys(keyserver=None, keys=None, user=None, gnupghome=None):
gpg = _create_gpg(user, gnupghome)
if not keyserver:
keyserver = "pgp.mit.edu"
keyserver = _DEFAULT_KEY_SERVER
if isinstance(keys, str):
keys = keys.split(",")

18
tests/pytests/unit/modules/test_gpg.py
View file

@ -15,7 +15,7 @@ import psutil
import pytest
import salt.modules.gpg as gpg
from tests.support.mock import MagicMock, patch
from tests.support.mock import MagicMock, call, patch
pytest.importorskip("gnupg")
@ -879,13 +879,27 @@ def test_search_keys(gpghome):
}
]
mock_search_keys = MagicMock(return_value=_search_result)
mock_opt = MagicMock(return_value="root")
with patch.dict(gpg.__salt__, {"user.info": MagicMock(return_value=_user_mock)}):
with patch.dict(gpg.__salt__, {"config.option": mock_opt}):
with patch.object(gpg, "_search_keys", return_value=_search_result):
with patch.object(gpg, "_search_keys", mock_search_keys):
ret = gpg.search_keys("person@example.com")
assert ret == _expected_result
assert (
call("person@example.com", "keys.openpgp.org", None)
in mock_search_keys.mock_calls
)
ret = gpg.search_keys("person@example.com", "keyserver.ubuntu.com")
assert ret == _expected_result
assert (
call("person@example.com", "keyserver.ubuntu.com", None)
in mock_search_keys.mock_calls
)
def test_gpg_import_pub_key(gpghome):
config_user = MagicMock(return_value="salt")