diff options
| author | Werner Koch <[email protected]> | 2025-07-24 10:30:01 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2025-07-24 10:30:38 +0000 |
| commit | 67a3020d0f3beed89270f2d004c3da5ee9cbfc63 (patch) | |
| tree | 623bf22a402682437f51610c329f3e25936b1872 | |
| parent | gpg: Add a notation with version information to signatures. (diff) | |
| download | gnupg-67a3020d0f3beed89270f2d004c3da5ee9cbfc63.tar.gz gnupg-67a3020d0f3beed89270f2d004c3da5ee9cbfc63.zip | |
gpgsm: Fix caching of the trustlist's flags.
* sm/call-agent.c (istrusted_status_cb): Clear the helper flags.
--
GnuPG-bug-id: 7738
Fixes-commit: ef2be95258d2e02659e96f6c4df5a9a1a233c8fd
which introduced the caching but go the flags wrong. The fallout from
this was that the qualified signature consent was show for non QES
certificates. Other flags are almost always the same and thus no
other harm was done.
| -rw-r--r-- | sm/call-agent.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/sm/call-agent.c b/sm/call-agent.c index f2b7b6fba..c2875626b 100644 --- a/sm/call-agent.c +++ b/sm/call-agent.c @@ -979,6 +979,9 @@ istrusted_status_cb (void *opaque, const char *line) } else if ((s = has_leading_keyword (line, "TRUSTLISTFPR")) && *s) { + /* We see this only with the "LISTTRUSTED --status" command but + * not with ISTRUSTED. Thus the cache will only be filled by + * the former command. */ istrusted_cache_t ci; ci = xtrymalloc (sizeof *ci + strlen (s)); @@ -988,6 +991,9 @@ istrusted_status_cb (void *opaque, const char *line) memset (&ci->flags, 0, sizeof ci->flags); ci->next = parm->cache; parm->cache = ci; + /* Also need to clear the parm's flags which will be copied to + * the cache. */ + memset (&parm->flags, 0, sizeof ci->flags); } return 0; } |