(gpgsm_validate_path): And call it from here.
* gpgsm.c (main): New options --policy-file,
--disable-policy-checks and --enable-policy-checks.
* gpgsm.h (opt): Added policy_file, no_policy_checks.
name identifies a certificate unambiguously.
(gpgsm_find_cert): Ditto.
* server.c (cmd_listkeys): Check that the data stream is available.
(cmd_listsecretkeys): Ditto.
(has_option): New.
(cmd_sign): Fix ambiguousity in option recognition.
* gpgsm.c (main): Enable --logger-fd.
* encrypt.c (gpgsm_encrypt): Increased buffer size for better
performance.
* call-agent.c (gpgsm_agent_pksign): Check the S-Exp received from
the agent.
* keylist.c (list_cert_colon): Filter out control characters.
* server.c (reset_notify): Close input and output FDs.
(cmd_encrypt,cmd_decrypt,cmd_verify,cmd_sign.cmd_import)
(cmd_genkey): Close the FDs and release the recipient list even in
the error case.
* protect.c (agent_private_key_type): New.
* agent.h: Add PRIVATE_KEY_ enums.
* findkey.c (agent_key_from_file): Use it to decide whether we
have to unprotect a key.
(unprotect): Cache the passphrase.
* findkey.c (agent_key_from_file,agent_key_available): The key
files do now require a ".key" suffix to make a script's life
easier.
* genkey.c (store_key): Ditto.
* keylist.c (list_cert_colon): New arg HAVE_SECRET, print "crs"
when we know that the secret key is available.
(gpgsm_list_keys): New arg MODE, check whether a secret key is
available. Changed all callers.
* gpgsm.c (main): New command --list-secret-keys.
* server.c (cmd_listsecretkeys): New.
(cmd_listkeys): Return secret keys with "crs" record.
Note, that I have not yet achieved to generate a cert with the
subjectAltName using OpenSSL. It seems that openssl requires the
email address to be part of the subject DN (subjectAltName=email:copy)
but this is something we don't want to do.
* assuan-pipe-connect.c: this.
(assuan_pipe_disconnect): Removed.
(do_finish, do_deinit): New
(assuan_pipe_connect): and set them into the context.
* assuan-socket-connect.c: New.
* assuan-util.c (_assuan_log_sanitized_string): New.
* assuan-pipe-server.c (assuan_init_pipe_server): Factored most
code out to ...
(_assuan_new_context): new func.
(_assuan_release_context): New
* assuan-connect.c (assuan_pipe_connect): Use the new functions.
* assuan-handler.c (std_handler_option): New.
(std_cmd_tbl): Add OPTION as standard command.
(assuan_register_option_handler): New.
(dispatch_command): Use case insensitive matching as a fallback.
(my_strcasecmp): New.
* cache.c: New.
* command.c (cmd_get_passphrase): Use the cache.
(cmd_clear_passphrase): Ditto.
* gpg-agent.c: Removed unused cruft and implement the socket
based server.
(my_strusage): Take bug report address from configure.ac.
* command.c (start_command_handler): Add an argument to start as
regular server.
(start_command_handler): Enable Assuan logging.
assuan logging if enabled.
* call-agent.c (inq_ciphertext_cb): Don't show the session key in
an Assuan log file.
* gpgsm.c (my_strusage): Take bugreport address from configure.ac
based server.
(my_strusage): Take bug report address from configure.ac.
* command.c (start_command_handler): Add an argument to start as
regular server.
(start_command_handler): Enable Assuan logging.
storing it.
* certpath.c (gpgsm_basic_cert_check): New.
* keydb.c (keydb_store_cert): New.
* import.c (store_cert): Removed and change all caller to use
the new function.
* verify.c (store_cert): Ditto.
* certlist.c (gpgsm_add_to_certlist): Validate the path
* certpath.c (gpgsm_validate_path): Check the trust list.
* call-agent.c (gpgsm_agent_istrusted): New.
* certlist.c (gpgsm_find_cert): New.
DirMngr should now work. Remember that there is a --disable-crl-check
option in gpgsm to be used when there is a problem with the dirmngr
communication or you want to do faster tests.