dirmngr: Distinguish between "no crl" and "crl not trusted".

* dirmngr/crlcache.h (CRL_CACHE_NOTTRUSTED): New. * dirmngr/crlcache.c (cache_isvalid): Set this status. (crl_cache_cert_isvalid): Map it to GPG_ERR_NOT_TRUSTED. (crl_cache_reload_crl): Move diagnostic to ... * dirmngr/crlfetch.c (crl_fetch): here. * dirmngr/server.c (cmd_isvalid): Map it to GPG_ERR_NOT_TRUSTED. * dirmngr/validate.c (check_revocations): Handle new status. Improve diagnostics. * common/status.c (get_inv_recpsgnr_code): Map INV_CRL_OBJ. * common/audit.c (proc_type_verify): Ditto. -- This avoids repeated loading of CRLs in case of untrusted root certificates.
2025-07-03 22:56:33 +02:00 · 2023-03-09 18:28:39 +01:00 · 2023-03-09 18:28:39 +01:00 · b52a0e244a
commit b52a0e244a
parent 65288fc52f
8 changed files with 33 additions and 12 deletions
--- a/dirmngr/server.c
+++ b/dirmngr/server.c
@ -1360,8 +1360,11 @@ cmd_isvalid (assuan_context_t ctx, char *line)
              goto again;
            }
          break;
+        case CRL_CACHE_NOTTRUSTED:
+          err = gpg_error (GPG_ERR_NOT_TRUSTED);
+          break;
        case CRL_CACHE_CANTUSE:
-          err = gpg_error (GPG_ERR_NO_CRL_KNOWN);
+          err = gpg_error (GPG_ERR_INV_CRL_OBJ);
          break;
        default:
          log_fatal ("crl_cache_isvalid returned invalid code\n");
@ -1469,7 +1472,7 @@ cmd_checkcrl (assuan_context_t ctx, char *line)
        goto leave;
    }

-  assert (cert);
+  log_assert (cert);

  err = crl_cache_cert_isvalid (ctrl, cert, ctrl->force_crl_refresh);
  if (gpg_err_code (err) == GPG_ERR_NO_CRL_KNOWN)