* gpgsm.c, gpgsm.h: New option --debug-no-path-validation.

* certpath.c (gpgsm_validate_path): Use it here instead of the debug flag hack. * certpath.c (check_cert_policy): Return No_Policy_Match if the policy file could not be opened.
2024-09-21 15:01:41 +02:00 · 2002-06-24 14:34:52 +00:00 · 2002-06-24 14:34:52 +00:00 · 640688c4e2
commit 640688c4e2
parent 42cf865350
5 changed files with 18 additions and 5 deletions
--- a/sm/ChangeLog
+++ b/sm/ChangeLog
@ -1,3 +1,12 @@
 2002-06-24  Werner Koch  <wk@gnupg.org>
 	* gpgsm.c, gpgsm.h: New option --debug-no-path-validation.
 	* certpath.c (gpgsm_validate_path): Use it here instead of the
 	debug flag hack.
 	* certpath.c (check_cert_policy): Return No_Policy_Match if the
 	policy file could not be opened.
 2002-06-20  Werner Koch  <wk@gnupg.org>
 	* certlist.c (gpgsm_add_to_certlist): Fixed locating of a
--- a/sm/certchain.c
+++ b/sm/certchain.c
@ -127,7 +127,7 @@ check_cert_policy (KsbaCert cert)
      log_error ("failed to open `%s': %s\n",
                 opt.policy_file, strerror (errno));
      xfree (policies);
-      return GNUPG_Configuration_Error;
+      return GNUPG_No_Policy_Match;
    }
  for (;;) 
@ -326,7 +326,7 @@ gpgsm_validate_path (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
  if (r_exptime)
    *r_exptime = 0;
-  if ((opt.debug & 4096))
+  if (opt.no_path_validation)
    {
      log_info ("WARNING: bypassing path validation\n");
      return 0;
--- a/sm/certpath.c
+++ b/sm/certpath.c
@ -127,7 +127,7 @@ check_cert_policy (KsbaCert cert)
      log_error ("failed to open `%s': %s\n",
                 opt.policy_file, strerror (errno));
      xfree (policies);
-      return GNUPG_Configuration_Error;
+      return GNUPG_No_Policy_Match;
    }
  for (;;) 
@ -326,7 +326,7 @@ gpgsm_validate_path (CTRL ctrl, KsbaCert cert, time_t *r_exptime)
  if (r_exptime)
    *r_exptime = 0;
-  if ((opt.debug & 4096))
+  if (opt.no_path_validation)
    {
      log_info ("WARNING: bypassing path validation\n");
      return 0;
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@ -82,6 +82,7 @@ enum cmd_and_opt_values {
  oDebug,
  oDebugAll,
  oDebugWait,
  oDebugNoPathValidation,
  oLogFile,
  oEnableSpecialFilenames,
@ -302,6 +303,7 @@ static ARGPARSE_OPTS opts[] = {
    { oDebug, "debug"     ,4|16, "@"},
    { oDebugAll, "debug-all" ,0, "@"},
    { oDebugWait, "debug-wait" ,1, "@"},
    { oDebugNoPathValidation, "debug-no-path-validation" ,1, "@"},
    { oStatusFD, "status-fd" ,1, N_("|FD|write status info to this FD") },
    { aDummy, "no-comment", 0,   "@"},
    { aDummy, "completes-needed", 1, "@"},
@ -844,6 +846,8 @@ main ( int argc, char **argv)
        case oDebug: opt.debug |= pargs.r.ret_ulong; break;
        case oDebugAll: opt.debug = ~0; break;
        case oDebugWait: debug_wait = pargs.r.ret_int; break;
        case oDebugNoPathValidation: opt.no_path_validation = 1; break;
        case oStatusFD: ctrl.status_fd = pargs.r.ret_int; break;
        case oLoggerFD: log_set_fd (pargs.r.ret_int ); break;
--- a/sm/gpgsm.h
+++ b/sm/gpgsm.h
@ -78,7 +78,7 @@ struct {
  char *policy_file;        /* full pathname of policy file */
  int no_policy_check;      /* ignore certificate policies */
-
+  int no_path_validation;   /* Bypass all cert path validity tests */
 } opt;