mirror of git://git.gnupg.org/gnupg.git
8c167febc0
* sm/gpgsm.h (struct server_control_s): Add field 'current_time'.
* sm/certchain.c (find_up_search_by_keyid): Detect a corner case.
Also simplify by using ref-ed cert objects in place of an anyfound
var.
--
See the code for a description of the problem. Tested using the certs
from the bug report and various command lines
gpgsm --faked-system-time=XXXX --disable-crl-checks \
-ea -v --debug x509 -r 0x95599828
with XXXX being 20190230T000000 -> target cert too young
with XXXX being 20190330T000000 -> okay
with XXXX being 20190830T000000 -> okay, using the long term cert
with XXXX being 20220330T000000 -> target cert expired
The --disabled-crl-checks option is required because in our a simple
test setting dirmngr does not know about the faked time.
GnuPG-bug-id: 4696
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit
|
||
---|---|---|
.. | ||
ChangeLog-2011 | ||
Makefile.am | ||
call-agent.c | ||
call-dirmngr.c | ||
certchain.c | ||
certcheck.c | ||
certdump.c | ||
certlist.c | ||
certreqgen-ui.c | ||
certreqgen.c | ||
decrypt.c | ||
delete.c | ||
encrypt.c | ||
export.c | ||
fingerprint.c | ||
gpgsm-w32info.rc | ||
gpgsm.c | ||
gpgsm.h | ||
import.c | ||
keydb.c | ||
keydb.h | ||
keylist.c | ||
minip12.c | ||
minip12.h | ||
misc.c | ||
passphrase.c | ||
passphrase.h | ||
qualified.c | ||
server.c | ||
sign.c | ||
verify.c |