security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-09 23:39:51 +02:00
Code Activity
6209c6d9ad
gnupg/sm
History
Werner Koch 684b0bd4bf gpgsm: Handle re-issued CA certificates in a better way. 
* sm/certchain.c (find_up_search_by_keyid): Consider all matching
certificates.
(find_up): Add some debug messages.
--

The DFN-Verein recently re-issued its CA certificates without
generating new keys.  Thus looking up the chain using the authority
keyids works but may use still existing old certificates.  This may
break the CRL lookup in the Dirmngr.  The hack to fix this is by using
the latest issued certificate with the same subject key identifier.

As usual Peter Gutman's X.509 style guide has some comments on that
re-issuing.

GnuPG-bug-id: 1644

Resolved conflicts:
	sm/certchain.c  - whitespace fixes.
2014-06-02 16:07:26 +02:00
..
base64.c Changed to GPLv3. 2007-07-04 19:49:40 +00:00
call-agent.c Return a more specific error code for missing issuer certificates 2010-09-16 14:32:38 +00:00
call-dirmngr.c Try to get the only-valid-if-cert-valid cert from the dirmngr first. 2011-07-21 10:39:38 +02:00
certchain.c gpgsm: Handle re-issued CA certificates in a better way. 2014-06-02 16:07:26 +02:00
certcheck.c Add provisions to build with Libgcrypt 1.6. 2012-05-24 10:55:11 +02:00
certdump.c Print NO_SECKEY status line in gpgsm. 2009-03-25 16:05:16 +00:00
certlist.c Fix typos spotted during translations 2012-08-24 10:34:43 +02:00
certreqgen-ui.c Create a pkcs#10 request directly from a card. 2009-07-02 09:49:31 +00:00
certreqgen.c Add provisions to build with Libgcrypt 1.6. 2012-05-24 10:55:11 +02:00
ChangeLog-2011 Generate the ChangeLog from commit logs. 2011-12-02 19:28:02 +01:00
decrypt.c Fix typos spotted during translations 2012-08-24 10:34:43 +02:00
delete.c Allow deletion of ephemeral keys. 2009-03-23 16:17:49 +00:00
encrypt.c Fix typos spotted during translations 2012-08-24 10:34:43 +02:00
export.c Import/export of pkcs#12 now uses the gpg-agent directly. 2009-04-01 10:51:53 +00:00
fingerprint.c Print NO_SECKEY status line in gpgsm. 2009-03-25 16:05:16 +00:00
gpgsm-w32info.rc w32: Add icons and version information. 2013-05-07 21:17:04 +02:00
gpgsm.c Fix typos spotted during translations 2012-08-24 10:34:43 +02:00
gpgsm.h Add option --ignore-cert-extension 2009-12-10 13:00:09 +00:00
import.c Return a more specific error code for missing issuer certificates 2010-09-16 14:32:38 +00:00
keydb.c gpgsm: Add a way to save a found state. 2014-06-02 16:04:47 +02:00
keydb.h gpgsm: Add a way to save a found state. 2014-06-02 16:04:47 +02:00
keylist.c 2009-07-29 Marcus Brinkmann <marcus@g10code.com> 2009-07-29 16:05:49 +00:00
Makefile.am w32: Add icons and version information. 2013-05-07 21:17:04 +02:00
misc.c Reworked passing of envars to Pinentry. 2009-07-07 10:02:41 +00:00
qualified.c Marked all unused args on non-W32 platforms. 2008-10-20 13:53:23 +00:00
server.c 2009-11-10 Marcus Brinkmann <marcus@g10code.de> 2013-09-18 08:31:53 +02:00
sign.c Fix typos spotted during translations 2012-08-24 10:34:43 +02:00
verify.c Fix typos spotted during translations 2012-08-24 10:34:43 +02:00