mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
gpgsm: Improve cert lookup callback from dirmngr.
* sm/gpgsm.h (FIND_CERT_ALLOW_AMBIG): New. (FIND_CERT_WITH_EPHEM): New. * sm/certlist.c (gpgsm_find_cert): Replace arg allow_ambiguous by a generic flags arg. Implement the new flag FIND_CERT_WITH_EPHEM. * sm/call-dirmngr.c (inq_certificate): Return also ephemeral marked certs. -- The dirmngr may need to get a certificate from gpgsm's store in the course of verifying a CRL. In some cases the certificate is still marked as epehemeral - this needs to be returned as well. This _may_ also fix GnuPG-bug-id: 4436
This commit is contained in:
parent
332098a0f7
commit
ffc2522855
@ -415,8 +415,8 @@ inq_certificate (void *opaque, const char *line)
|
|||||||
int err;
|
int err;
|
||||||
ksba_cert_t cert;
|
ksba_cert_t cert;
|
||||||
|
|
||||||
|
err = gpgsm_find_cert (parm->ctrl, line, ski, &cert,
|
||||||
err = gpgsm_find_cert (parm->ctrl, line, ski, &cert, 1);
|
FIND_CERT_ALLOW_AMBIG|FIND_CERT_WITH_EPHEM);
|
||||||
if (err)
|
if (err)
|
||||||
{
|
{
|
||||||
log_error ("certificate not found: %s\n", gpg_strerror (err));
|
log_error ("certificate not found: %s\n", gpg_strerror (err));
|
||||||
@ -954,7 +954,8 @@ run_command_inq_cb (void *opaque, const char *line)
|
|||||||
if (!*line)
|
if (!*line)
|
||||||
return gpg_error (GPG_ERR_ASS_PARAMETER);
|
return gpg_error (GPG_ERR_ASS_PARAMETER);
|
||||||
|
|
||||||
err = gpgsm_find_cert (parm->ctrl, line, NULL, &cert, 1);
|
err = gpgsm_find_cert (parm->ctrl, line, NULL, &cert,
|
||||||
|
FIND_CERT_ALLOW_AMBIG);
|
||||||
if (err)
|
if (err)
|
||||||
{
|
{
|
||||||
log_error ("certificate not found: %s\n", gpg_strerror (err));
|
log_error ("certificate not found: %s\n", gpg_strerror (err));
|
||||||
|
@ -514,11 +514,12 @@ gpgsm_release_certlist (certlist_t list)
|
|||||||
int
|
int
|
||||||
gpgsm_find_cert (ctrl_t ctrl,
|
gpgsm_find_cert (ctrl_t ctrl,
|
||||||
const char *name, ksba_sexp_t keyid, ksba_cert_t *r_cert,
|
const char *name, ksba_sexp_t keyid, ksba_cert_t *r_cert,
|
||||||
int allow_ambiguous)
|
unsigned int flags)
|
||||||
{
|
{
|
||||||
int rc;
|
int rc;
|
||||||
KEYDB_SEARCH_DESC desc;
|
KEYDB_SEARCH_DESC desc;
|
||||||
KEYDB_HANDLE kh = NULL;
|
KEYDB_HANDLE kh = NULL;
|
||||||
|
int allow_ambiguous = (flags & FIND_CERT_ALLOW_AMBIG);
|
||||||
|
|
||||||
*r_cert = NULL;
|
*r_cert = NULL;
|
||||||
rc = classify_user_id (name, &desc, 0);
|
rc = classify_user_id (name, &desc, 0);
|
||||||
@ -529,6 +530,9 @@ gpgsm_find_cert (ctrl_t ctrl,
|
|||||||
rc = gpg_error (GPG_ERR_ENOMEM);
|
rc = gpg_error (GPG_ERR_ENOMEM);
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
if ((flags & FIND_CERT_WITH_EPHEM))
|
||||||
|
keydb_set_ephemeral (kh, 1);
|
||||||
|
|
||||||
nextone:
|
nextone:
|
||||||
rc = keydb_search (ctrl, kh, &desc, 1);
|
rc = keydb_search (ctrl, kh, &desc, 1);
|
||||||
if (!rc)
|
if (!rc)
|
||||||
|
@ -359,8 +359,11 @@ int gpgsm_add_cert_to_certlist (ctrl_t ctrl, ksba_cert_t cert,
|
|||||||
int gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
|
int gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
|
||||||
certlist_t *listaddr, int is_encrypt_to);
|
certlist_t *listaddr, int is_encrypt_to);
|
||||||
void gpgsm_release_certlist (certlist_t list);
|
void gpgsm_release_certlist (certlist_t list);
|
||||||
|
|
||||||
|
#define FIND_CERT_ALLOW_AMBIG 1
|
||||||
|
#define FIND_CERT_WITH_EPHEM 2
|
||||||
int gpgsm_find_cert (ctrl_t ctrl, const char *name, ksba_sexp_t keyid,
|
int gpgsm_find_cert (ctrl_t ctrl, const char *name, ksba_sexp_t keyid,
|
||||||
ksba_cert_t *r_cert, int allow_ambiguous);
|
ksba_cert_t *r_cert, unsigned int flags);
|
||||||
|
|
||||||
/*-- keylist.c --*/
|
/*-- keylist.c --*/
|
||||||
gpg_error_t gpgsm_list_keys (ctrl_t ctrl, strlist_t names,
|
gpg_error_t gpgsm_list_keys (ctrl_t ctrl, strlist_t names,
|
||||||
|
Loading…
x
Reference in New Issue
Block a user