Make SSL-only friend criteria stricter

libretroshare/src/pgp/pgphandler.cc

@@ -1667,6 +1667,9 @@ bool PGPHandler::getGPGFilteredList(std::list<RsPgpId>& list,bool (*filter)(cons
 	return true ;
 }
 
+bool PGPHandler::isPgpPubKeyAvailable(const RsPgpId &id)
+{ return _public_keyring_map.find(id) != _public_keyring_map.end(); }
+
 bool PGPHandler::isGPGId(const RsPgpId &id)
 {
 	return _public_keyring_map.find(id) != _public_keyring_map.end() ;

libretroshare/src/pgp/pgphandler.h

@@ -148,6 +148,15 @@ class PGPHandler
 
 		const PGPCertificateInfo *getCertificateInfo(const RsPgpId& id) const ;
 
+		/**
+		 * @brief Check if a PGP publick key is available
+		 * @param id id of the key to check
+		 * @return true if the public key for the given id is available,
+		 *	false otherwise
+		 */
+		bool isPgpPubKeyAvailable(const RsPgpId& id);
+
+		RS_DEPRECATED_FOR(isPgpPubKeyAvailable)
 		bool isGPGId(const RsPgpId &id);
 		bool isGPGSigned(const RsPgpId &id);
 		bool isGPGAccepted(const RsPgpId &id);

libretroshare/src/pqi/p3peermgr.cc

@@ -1138,7 +1138,7 @@ bool p3PeerMgrIMPL::addSslOnlyFriend(
 	 * Instead if pstate.skip_pgp_signature_validation would have been
 	 * superficially set to true the PGP signature verification would have been
 	 * skipped and the attacker connection would be accepted. */
-	if(!AuthGPG::getAuthGPG()->isGPGAccepted(pgp_id))
+	if(!AuthGPG::getAuthGPG()->isPgpPubKeyAvailable(pgp_id))
 		pstate.skip_pgp_signature_validation = true;
 
 	pstate.gpg_id = pgp_id;