From: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri, 16 Mar 2018 14:36:05 +0000 (+0000)
Subject: pakfire: Drop old key import mechanism
X-Git-Tag: v2.19-core120~42
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=35b892b0dd69c482fb3024f8e1dfbd13679b07d8;p=ipfire-2.x.git

pakfire: Drop old key import mechanism

This was error-prone and allowed to potentially inject another
key.

Fixes: #11539
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/config/rootfiles/core/120/filelists/files b/config/rootfiles/core/120/filelists/files
index 9dbc270fe8..c8877f5281 100644
--- a/config/rootfiles/core/120/filelists/files
+++ b/config/rootfiles/core/120/filelists/files
@@ -4,6 +4,7 @@ etc/sysctl.conf
 etc/fcron.daily/openvpn-crl-updater
 etc/rc.d/init.d/dhcp
 etc/rc.d/init.d/unbound
+opt/pakfire/lib/functions.pl
 opt/pakfire/pakfire.key
 srv/web/ipfire/cgi-bin/ovpnmain.cgi
 srv/web/ipfire/cgi-bin/proxy.cgi
diff --git a/src/pakfire/lib/functions.pl b/src/pakfire/lib/functions.pl
index 0bf702e5b0..c97d4254dc 100644
--- a/src/pakfire/lib/functions.pl
+++ b/src/pakfire/lib/functions.pl
@@ -33,9 +33,6 @@ use Net::Ping;
 
 package Pakfire;
 
-# GPG Keys
-my $myid = "179740DC4D8C47DC63C099C74BDE364C64D96617";		# Our own gpg-key paks@ipfire.org
-
 # A small color-hash :D
 my %color;
 	$color{'normal'}      = "\033[0m"; 
@@ -899,19 +896,6 @@ sub senduuid {
 	}
 }
 
-sub checkcryptodb {
-	logger("CRYPTO INFO: Checking GnuPG Database");
-	system("gpg --fingerprint $myid >/dev/null");
-	return if ($? == 0);
-
-	message("CRYPTO WARN: The GnuPG isn't configured correctly. Trying now to fix this.");
-	message("CRYPTO WARN: It's normal to see this on first execution.");
-	message("CRYPTO WARN: If this message is being shown repeatedly, check if time and date are set correctly, and if IPFire can connect via port 11371 TCP.");
-
-	my $command = "gpg --keyserver pgp.ipfire.org --always-trust --status-fd 2";
-	system("$command --recv-key $myid >> $Conf::logdir/gnupg-database.log 2>&1");
-}
-
 sub callback {
    my ($data, $response, $protocol) = @_;
    $final_data .= $data;
diff --git a/src/pakfire/pakfire b/src/pakfire/pakfire
index da68454dc6..202c1e5a14 100644
--- a/src/pakfire/pakfire
+++ b/src/pakfire/pakfire
@@ -30,7 +30,6 @@
 	my $force = "noforce";
 	
 	&Pakfire::logger("PAKFIRE INFO: IPFire Pakfire $Conf::version started!");
-	&Pakfire::checkcryptodb;
 
 	### Check if we are running as root
 	#