security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

gpgsm: Avoid increasing error count when enumerating an expired cert.

Browse source 
* sm/certchain.c (check_validity_period_cm): Add arg no_log_expired to
avoid bumping of the error counter due to the do_list function.
* sm/certlist.c (gpgsm_add_to_certlist): Set no_log_expired when
checking the expiration.
--

I modified the original patch to make the patch smaller and the code
easier to read.  - wk@gnupg.org
This commit is contained in:
Ramón García 2025-03-18 10:04:37 +01:00 committed by Werner Koch
parent 029ac17b40
commit 53f5aad905
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
3 changed files with 42 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

4
sm/certlist.c
View file

@ -376,7 +376,7 @@ gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
current_time_loaded = 1;
}
rc = check_validity_period_cm (current_time, current_time,
cert, exp_time, 0, NULL, 0);
cert, exp_time, 0, NULL, 0, 0);
}
if (gpg_err_code (rc) == GPG_ERR_WRONG_KEY_USAGE)
{
@ -458,7 +458,7 @@ gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
current_time,
cert,
exp_time,
0, NULL, 0)
0, NULL, 0, 1)
) == GPG_ERR_CERT_EXPIRED
)
)