validate GPG keys by fingerprint
authorPeter Müller <peter.mueller@link38.eu>
Sun, 12 Nov 2017 14:40:28 +0000 (15:40 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Mon, 13 Nov 2017 22:41:21 +0000 (22:41 +0000)
commitbb6481a82072cf2df27306508c8b72b584eb4f80
tree1fd238fc2c51c2d97782b9b70bf87bbd89914976
parentb7a5076ca0b7d378cfac7c14fb37b51986daa1cf
validate GPG keys by fingerprint

Validate GPG keys by fingerprint and not by 8-bit key-ID.

This makes exploiting bug #11539 harder, but not impossible
and does not affect existing installations.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
src/pakfire/lib/functions.pl