mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-02 22:46:30 +02:00
* configure.ac: Do not build gpg by default.
* gpgsm.c: New options --{enable,disable}-trusted-cert-crl-check. * certchain.c (gpgsm_validate_chain): Make use of it. * certchain.c (gpgsm_validate_chain): Check revocations even for expired certificates. This is required because on signature verification an expired key is fine whereas a revoked one is not. * gpgconf-comp.c: Add gpgsm option disable-trusted-cert-crl-check.
This commit is contained in:
parent
314c234e7d
commit
3ff9a743bf
15 changed files with 97 additions and 43 deletions
|
@ -97,6 +97,7 @@ struct {
|
|||
int ignore_time_conflict; /* Ignore certain time conflicts */
|
||||
|
||||
int no_crl_check; /* Don't do a CRL check */
|
||||
int no_trusted_cert_crl_check; /* Don't run a CRL check for trusted certs. */
|
||||
int force_crl_refresh; /* Force refreshing the CRL. */
|
||||
int enable_ocsp; /* Default to use OCSP checks. */
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue