security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Activity
gnupg/sm
History
Werner Koch 715285bcbc gpgsm: Handle re-issued CA certificates in a better way. 
* sm/certchain.c (find_up_search_by_keyid): Consider all matching
certificates.
(find_up): Add some debug messages.
--

The DFN-Verein recently re-issued its CA certificates without
generating new keys.  Thus looking up the chain using the authority
keyids works but may use still existing old certificates.  This may
break the CRL lookup in the Dirmngr.  The hack to fix this is by using
the latest issued certificate with the same subject key identifier.

As usual Peter Gutman's X.509 style guide has some comments on that
re-issuing.

GnuPG-bug-id: 1644
 		2014-06-02 16:02:30 +02:00
..
ChangeLog-2011 Generate the ChangeLog from commit logs. 2011-12-01 11:09:02 +01:00
Makefile.am w32: Add icons and version information. 2013-05-07 21:35:48 +02:00
base64.c Fix faulty gcc warnings 2011-03-03 12:40:54 +01:00
call-agent.c Use has_leading_keyword in the assuan callbacks. 2013-02-22 10:56:13 +01:00
call-dirmngr.c Use has_leading_keyword in the assuan callbacks. 2013-02-22 10:56:13 +01:00
certchain.c gpgsm: Handle re-issued CA certificates in a better way. 2014-06-02 16:02:30 +02:00
certcheck.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
certdump.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
certlist.c Fix typos spotted during translations 2012-08-24 09:44:33 +02:00
certreqgen-ui.c gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id. 2014-01-30 18:48:37 +01:00
certreqgen.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
decrypt.c Fix typos spotted during translations 2012-08-24 09:44:33 +02:00
delete.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
encrypt.c Fix typos spotted during translations 2012-08-24 09:44:33 +02:00
export.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
fingerprint.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
gpgsm-w32info.rc w32: Add icons and version information. 2013-05-07 21:35:48 +02:00
gpgsm.c Make more use of *_NAME macros. 2014-05-08 10:28:23 +02:00
gpgsm.h gpgsm: Add new validation model "steed". 2011-12-07 16:15:15 +01:00
import.c Fix regression in gpg's mail address parsing. 2011-04-25 23:59:25 +02:00
keydb.c gpgsm: Add a way to save a found state. 2014-06-02 15:55:00 +02:00
keydb.h gpgsm: Add a way to save a found state. 2014-06-02 15:55:00 +02:00
keylist.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
minip12.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
minip12.h Implement export of pkcs#12 objects using a direct agent connection. 2010-06-21 10:01:24 +00:00
misc.c Do not use a broken ttyname. 2012-11-20 19:03:49 +01:00
qualified.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
server.c dirmngr: Default to a user socket name and enable autostart. 2014-03-14 12:36:36 +01:00
sign.c Fix typos spotted during translations 2012-08-24 09:44:33 +02:00
verify.c Fix typos spotted during translations 2012-08-24 09:44:33 +02:00