Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/lib/portage/sync/syncbase.py
diff options
context:
space:
mode:
Diffstat (limited to 'lib/portage/sync/syncbase.py')
-rw-r--r--lib/portage/sync/syncbase.py9
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/portage/sync/syncbase.py b/lib/portage/sync/syncbase.py
index 46644d68e..74818a420 100644
--- a/lib/portage/sync/syncbase.py
+++ b/lib/portage/sync/syncbase.py
@@ -1,4 +1,4 @@
-# Copyright 2014-2018 Gentoo Foundation
+# Copyright 2014-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
'''
@@ -252,6 +252,13 @@ class SyncBase(object):
@type openpgp_env: gemato.openpgp.OpenPGPEnvironment
"""
out = portage.output.EOutput(quiet=('--quiet' in self.options['emerge_config'].opts))
+
+ if not self.repo.sync_openpgp_key_refresh:
+ out.ewarn('Key refresh is disabled via a repos.conf sync-openpgp-key-refresh')
+ out.ewarn('setting, and this is a security vulnerability because it prevents')
+ out.ewarn('detection of revoked keys!')
+ return
+
out.ebegin('Refreshing keys via WKD')
if openpgp_env.refresh_keys_wkd():
out.eend(0)