1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

dirmngr: For CRL issuer verification trust the system's root CA.

* dirmngr/crlcache.c (crl_parse_insert): Add
VALIDATE_FLAG_TRUST_SYSTEM.
--

GnuPG-bug-id: 6963
This commit is contained in:
Werner Koch 2024-01-26 13:14:14 +01:00
parent eaf6a7ab87
commit 4dc09bc5e7
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B

View File

@ -2086,6 +2086,7 @@ crl_parse_insert (ctrl_t ctrl, ksba_crl_t crl,
err = validate_cert_chain (ctrl, crlissuer_cert, NULL, err = validate_cert_chain (ctrl, crlissuer_cert, NULL,
(VALIDATE_FLAG_TRUST_CONFIG (VALIDATE_FLAG_TRUST_CONFIG
| VALIDATE_FLAG_TRUST_SYSTEM
| VALIDATE_FLAG_CRL | VALIDATE_FLAG_CRL
| VALIDATE_FLAG_RECURSIVE), | VALIDATE_FLAG_RECURSIVE),
r_trust_anchor); r_trust_anchor);