mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-03 22:56:33 +02:00
* verify.c (gpgsm_verify): Print STATUS_NEWSIG for each signature.
* certchain.c (gpgsm_validate_chain) <gpgsm_cert_use_cer_p>: Do not just warn if a cert is not suitable; bail out immediately. * call-dirmngr.c (isvalid_status_cb): New. (unhexify_fpr): New. Taken from ../g10/call-agent.c (gpgsm_dirmngr_isvalid): Add new arg CTRL, changed caller to pass it thru. Detect need to check the respondert cert and do that. * certchain.c (gpgsm_validate_chain): Add new arg FLAGS. Changed all callers.
This commit is contained in:
Werner Koch
parent
d3411b3277
commit
da89d93c77
8 changed files with 159 additions and 22 deletions
|
|
@ -263,6 +263,9 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
|
|||
err = 0;
|
||||
break;
|
||||
}
|
||||
|
||||
gpgsm_status (ctrl, STATUS_NEWSIG, NULL);
|
||||
|
||||
if (DBG_X509)
|
||||
{
|
||||
log_debug ("signer %d - issuer: `%s'\n",
|
||||
|
|
@ -458,7 +461,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
|
|||
|
||||
if (DBG_X509)
|
||||
log_debug ("signature okay - checking certs\n");
|
||||
rc = gpgsm_validate_chain (ctrl, cert, keyexptime, 0, NULL);
|
||||
rc = gpgsm_validate_chain (ctrl, cert, keyexptime, 0, NULL, 0);
|
||||
if (gpg_err_code (rc) == GPG_ERR_CERT_EXPIRED)
|
||||
{
|
||||
gpgsm_status (ctrl, STATUS_EXPKEYSIG, NULL);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue