From 640688c4e290ec6fc2424759bf59e0a598ad7e01 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 24 Jun 2002 14:34:52 +0000 Subject: [PATCH] * gpgsm.c, gpgsm.h: New option --debug-no-path-validation. * certpath.c (gpgsm_validate_path): Use it here instead of the debug flag hack. * certpath.c (check_cert_policy): Return No_Policy_Match if the policy file could not be opened. --- sm/ChangeLog | 9 +++++++++ sm/certchain.c | 4 ++-- sm/certpath.c | 4 ++-- sm/gpgsm.c | 4 ++++ sm/gpgsm.h | 2 +- 5 files changed, 18 insertions(+), 5 deletions(-) diff --git a/sm/ChangeLog b/sm/ChangeLog index b612c1da8..237365847 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -1,3 +1,12 @@ +2002-06-24 Werner Koch + + * gpgsm.c, gpgsm.h: New option --debug-no-path-validation. + * certpath.c (gpgsm_validate_path): Use it here instead of the + debug flag hack. + + * certpath.c (check_cert_policy): Return No_Policy_Match if the + policy file could not be opened. + 2002-06-20 Werner Koch * certlist.c (gpgsm_add_to_certlist): Fixed locating of a diff --git a/sm/certchain.c b/sm/certchain.c index 01696fc27..5cae1ea75 100644 --- a/sm/certchain.c +++ b/sm/certchain.c @@ -127,7 +127,7 @@ check_cert_policy (KsbaCert cert) log_error ("failed to open `%s': %s\n", opt.policy_file, strerror (errno)); xfree (policies); - return GNUPG_Configuration_Error; + return GNUPG_No_Policy_Match; } for (;;) @@ -326,7 +326,7 @@ gpgsm_validate_path (CTRL ctrl, KsbaCert cert, time_t *r_exptime) if (r_exptime) *r_exptime = 0; - if ((opt.debug & 4096)) + if (opt.no_path_validation) { log_info ("WARNING: bypassing path validation\n"); return 0; diff --git a/sm/certpath.c b/sm/certpath.c index 01696fc27..5cae1ea75 100644 --- a/sm/certpath.c +++ b/sm/certpath.c @@ -127,7 +127,7 @@ check_cert_policy (KsbaCert cert) log_error ("failed to open `%s': %s\n", opt.policy_file, strerror (errno)); xfree (policies); - return GNUPG_Configuration_Error; + return GNUPG_No_Policy_Match; } for (;;) @@ -326,7 +326,7 @@ gpgsm_validate_path (CTRL ctrl, KsbaCert cert, time_t *r_exptime) if (r_exptime) *r_exptime = 0; - if ((opt.debug & 4096)) + if (opt.no_path_validation) { log_info ("WARNING: bypassing path validation\n"); return 0; diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 385648cb4..9fe3205cb 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -82,6 +82,7 @@ enum cmd_and_opt_values { oDebug, oDebugAll, oDebugWait, + oDebugNoPathValidation, oLogFile, oEnableSpecialFilenames, @@ -302,6 +303,7 @@ static ARGPARSE_OPTS opts[] = { { oDebug, "debug" ,4|16, "@"}, { oDebugAll, "debug-all" ,0, "@"}, { oDebugWait, "debug-wait" ,1, "@"}, + { oDebugNoPathValidation, "debug-no-path-validation" ,1, "@"}, { oStatusFD, "status-fd" ,1, N_("|FD|write status info to this FD") }, { aDummy, "no-comment", 0, "@"}, { aDummy, "completes-needed", 1, "@"}, @@ -844,6 +846,8 @@ main ( int argc, char **argv) case oDebug: opt.debug |= pargs.r.ret_ulong; break; case oDebugAll: opt.debug = ~0; break; case oDebugWait: debug_wait = pargs.r.ret_int; break; + case oDebugNoPathValidation: opt.no_path_validation = 1; break; + case oStatusFD: ctrl.status_fd = pargs.r.ret_int; break; case oLoggerFD: log_set_fd (pargs.r.ret_int ); break; diff --git a/sm/gpgsm.h b/sm/gpgsm.h index a3cf903d3..b4f7ebe5c 100644 --- a/sm/gpgsm.h +++ b/sm/gpgsm.h @@ -78,7 +78,7 @@ struct { char *policy_file; /* full pathname of policy file */ int no_policy_check; /* ignore certificate policies */ - + int no_path_validation; /* Bypass all cert path validity tests */ } opt;