security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-07 23:27:48 +02:00
Code Activity
0b583a555e
gnupg/sm
History
Werner Koch 0b583a555e
sm: Consider certificates w/o CRL DP as valid. 
* sm/certchain.c (is_cert_still_valid): Shortcut if tehre is no DP.
* common/audit.c (proc_type_verify): Print "n/a" if a cert has no
distribution point.
* sm/gpgsm.h (opt): Add field enable_issuer_based_crl_check.
* sm/gpgsm.c (oEnableIssuerBasedCRLCheck): New.
(opts): Add option --enable-issuer-based-crl-check.
(main): Set option.
--

If the issuer does not provide a DP and the user wants such an issuer,
we expect that a certificate does not need revocation checks.  The new
option --enable-issuer-based-crl-check can be used to revert to the
old behaviour which requires that a suitable LDAP server has been
configured to lookup a CRL by issuer.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-27 21:16:07 +01:00
..
call-agent.c gpg: Use gpgrt's new option parser to provide a global conf file. 2020-02-20 11:13:32 +01:00
call-dirmngr.c gpg: Use gpgrt's new option parser to provide a global conf file. 2020-02-20 11:13:32 +01:00
certchain.c sm: Consider certificates w/o CRL DP as valid. 2020-03-27 21:16:07 +01:00
certcheck.c Use the gpgrt log functions if possible. 2017-11-27 15:00:25 +01:00
certdump.c Use the gpgrt log functions if possible. 2017-11-27 15:00:25 +01:00
certlist.c sm: Print a better diagnostic for encryption certificate selection. 2019-06-04 09:24:03 +02:00
certreqgen-ui.c common: Extend function pubkey_algo_string. 2019-04-02 18:50:55 +02:00
certreqgen.c gpgsm: Fix the previous commit. 2020-03-27 19:42:14 +09:00
ChangeLog-2011 Generate the ChangeLog from commit logs. 2011-12-01 11:09:02 +01:00
decrypt.c sm: Support AES-256 key. 2019-08-05 10:15:08 +09:00
delete.c sm: Change keydb code to use the keybox locking. 2019-05-14 13:36:08 +02:00
encrypt.c gpg,sm: String changes for compliance diagnostics. 2017-07-28 17:46:43 +02:00
export.c Spelling cleanup. 2020-02-18 18:07:46 -05:00
fingerprint.c Spelling cleanup. 2020-02-18 18:07:46 -05:00
gpgsm-w32info.rc w32: Add icons and version information. 2013-05-07 21:35:48 +02:00
gpgsm.c sm: Consider certificates w/o CRL DP as valid. 2020-03-27 21:16:07 +01:00
gpgsm.h sm: Consider certificates w/o CRL DP as valid. 2020-03-27 21:16:07 +01:00
import.c Use the gpgrt log functions if possible. 2017-11-27 15:00:25 +01:00
keydb.c Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
keydb.h sm: Add a couple of debug calls to the keydb module. 2019-05-15 08:52:21 +02:00
keylist.c sm: Add a couple of debug calls to the keydb module. 2019-05-15 08:52:21 +02:00
Makefile.am Remove -I option to common. 2017-03-07 20:25:54 +09:00
minip12.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
minip12.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
misc.c sm: Prepare algo mapping to handle values > 255. 2019-02-21 08:51:50 +01:00
passphrase.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
passphrase.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
qualified.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
server.c sm: New option --issuer-der for the listkey commands. 2020-02-03 14:54:23 +01:00
sign.c Spelling cleanup. 2020-02-18 18:07:46 -05:00
verify.c Use the gpgrt log functions if possible. 2017-11-27 15:00:25 +01:00