1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Werner Koch 1424c12e4c
sm: Consider certificates w/o CRL DP as valid.
* sm/certchain.c (is_cert_still_valid): Shortcut if tehre is no DP.
* common/audit.c (proc_type_verify): Print "n/a" if a cert has no
distribution point.
* sm/gpgsm.h (opt): Add field enable_issuer_based_crl_check.
* sm/gpgsm.c (oEnableIssuerBasedCRLCheck): New.
(opts): Add option --enable-issuer-based-crl-check.
(main): Set option.
--

If the issuer does not provide a DP and the user wants such an issuer,
we expect that a certificate does not need revocation checks.  The new
option --enable-issuer-based-crl-check can be used to revert to the
old behaviour which requires that a suitable LDAP server has been
configured to lookup a CRL by issuer.

Signed-off-by: Werner Koch <wk@gnupg.org>

(cherry picked from master)
2020-03-27 21:20:13 +01:00
..
2014-12-14 12:15:21 +01:00
sm/
2006-11-14 10:23:21 +00:00
2016-09-20 09:32:25 +09:00
DCO
2013-04-17 11:26:27 +02:00
2003-01-09 13:24:01 +00:00
2016-09-20 09:56:22 +09:00
2010-06-10 10:39:44 +00:00
2007-07-04 19:49:40 +00:00
2007-03-08 18:31:56 +00:00
2014-07-03 11:03:22 +02:00
2017-12-08 07:40:06 +01:00
2007-05-08 13:59:41 +00:00
2006-08-21 20:20:23 +00:00
2016-09-17 16:00:37 +09:00
2016-09-20 09:56:22 +09:00
2008-06-25 11:14:48 +00:00
2012-11-30 12:47:49 -05:00
2018-06-06 17:26:20 +02:00
2011-08-12 14:40:47 +02:00
2019-07-11 21:27:59 -04:00
2017-02-21 13:11:46 -05:00
2006-12-06 16:38:34 +00:00
2017-08-28 11:18:26 +02:00
2019-05-28 21:09:13 -04:00