sm: Fix use of value NONE in gnupg_isotime_t type.

* common/gettime.h (GNUPG_ISOTIME_NONE): New. * sm/call-dirmngr.c (gpgsm_dirmngr_isvalid): Use it. * sm/certlist.c (gpgsm_add_to_certlist): Likewise. * sm/import.c (check_and_store): Likewise. * sm/keylist.c (list_cert_colon, list_cert_raw): Likewise. (list_cert_std): Likewise. * sm/sign.c (gpgsm_sign): Likewise. -- Signed-off-by: NIIBE Yutaka <[email protected]> (cherry picked from commit 05fdaa1737523fad72b6ffb9e7a90d5344ff64a5)
author: NIIBE Yutaka <[email protected]> 2022-02-18 02:11:12 +0000
committer: Werner Koch <[email protected]> 2023-08-28 06:39:16 +0000
commit: 7d8564cf8873c384b861f734398a404c8b276e55 (patch)
tree: bbb5572faa77394139e5cc5dab8a5890bb2f70b6
parent: gpg: Do not continue the export after a cancel for the primary key. (diff)
download: gnupg-7d8564cf8873c384b861f734398a404c8b276e55.tar.gz
gnupg-7d8564cf8873c384b861f734398a404c8b276e55.zip
6 files changed, 18 insertions, 7 deletions
diff --git a/common/gettime.h b/common/gettime.h
index 73f188634..4f7199f92 100644
--- a/common/gettime.h
+++ b/common/gettime.h
@@ -38,6 +38,11 @@
    the KSBA type ksba_isotime_t. */
 typedef char gnupg_isotime_t[16];
 
+/* Constant string of 16-byte, which is compatible to the type
+   gnupg_iso_time_t.  */
+#define GNUPG_ISOTIME_NONE \
+        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+
 time_t gnupg_get_time (void);
 struct tm *gnupg_gmtime (const time_t *timep, struct tm *result);
 void   gnupg_get_isotime (gnupg_isotime_t timebuf);
diff --git a/sm/call-dirmngr.c b/sm/call-dirmngr.c
index 56710c8ae..0bd805e1b 100644
--- a/sm/call-dirmngr.c
+++ b/sm/call-dirmngr.c
@@ -605,7 +605,8 @@ gpgsm_dirmngr_isvalid (ctrl_t ctrl,
                 {
                   /* Note the no_dirmngr flag: This avoids checking
                      this certificate over and over again. */
-                  rc = gpgsm_validate_chain (ctrl, rspcert, "", NULL, 0, NULL,
+                  rc = gpgsm_validate_chain (ctrl, rspcert, GNUPG_ISOTIME_NONE,
+                                             NULL, 0, NULL,
                                              VALIDATE_FLAG_NO_DIRMNGR, NULL);
                   if (rc)
                     {
diff --git a/sm/certlist.c b/sm/certlist.c
index 74dd10887..3cd68089b 100644
--- a/sm/certlist.c
+++ b/sm/certlist.c
@@ -468,7 +468,7 @@ gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
                     }
                 }
               if (!rc)
-                rc = gpgsm_validate_chain (ctrl, cert, "", NULL,
+                rc = gpgsm_validate_chain (ctrl, cert, GNUPG_ISOTIME_NONE, NULL,
                                            0, NULL, 0, NULL);
               if (!rc)
                 {
diff --git a/sm/import.c b/sm/import.c
index d4ff2c1c5..8f5d273f7 100644
--- a/sm/import.c
+++ b/sm/import.c
@@ -192,7 +192,8 @@ check_and_store (ctrl_t ctrl, struct stats_s *stats,
   */
   rc = gpgsm_basic_cert_check (ctrl, cert);
   if (!rc && ctrl->with_validation)
-    rc = gpgsm_validate_chain (ctrl, cert, "", NULL, 0, NULL, 0, NULL);
+    rc = gpgsm_validate_chain (ctrl, cert,
+                               GNUPG_ISOTIME_NONE, NULL, 0, NULL, 0, NULL);
   if (!rc || (!ctrl->with_validation
               && (gpg_err_code (rc) == GPG_ERR_MISSING_CERT
                   || gpg_err_code (rc) == GPG_ERR_MISSING_ISSUER_CERT)))
diff --git a/sm/keylist.c b/sm/keylist.c
index 1d6c93359..9b1a95fca 100644
--- a/sm/keylist.c
+++ b/sm/keylist.c
@@ -415,7 +415,8 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
   char *kludge_uid;
 
   if (ctrl->with_validation)
-    valerr = gpgsm_validate_chain (ctrl, cert, "", NULL, 1, NULL, 0, NULL);
+    valerr = gpgsm_validate_chain (ctrl, cert,
+                                   GNUPG_ISOTIME_NONE, NULL, 1, NULL, 0, NULL);
   else
     valerr = 0;
 
@@ -1107,7 +1108,8 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
 
   if (with_validation)
     {
-      err = gpgsm_validate_chain (ctrl, cert, "", NULL, 1, fp, 0, NULL);
+      err = gpgsm_validate_chain (ctrl, cert,
+                                  GNUPG_ISOTIME_NONE, NULL, 1, fp, 0, NULL);
       if (!err)
         es_fprintf (fp, "  [certificate is good]\n");
       else
@@ -1354,7 +1356,8 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, estream_t fp, int have_secret,
       size_t buflen;
       char buffer[1];
 
-      err = gpgsm_validate_chain (ctrl, cert, "", NULL, 1, fp, 0, NULL);
+      err = gpgsm_validate_chain (ctrl, cert,
+                                  GNUPG_ISOTIME_NONE, NULL, 1, fp, 0, NULL);
       tmperr = ksba_cert_get_user_data (cert, "is_qualified",
                                         &buffer, sizeof (buffer), &buflen);
       if (!tmperr && buflen)
diff --git a/sm/sign.c b/sm/sign.c
index 0dfd15864..d6789fb94 100644
--- a/sm/sign.c
+++ b/sm/sign.c
@@ -410,7 +410,8 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
          check that the signer's certificate is usable and valid.  */
       rc = gpgsm_cert_use_sign_p (cert, 0);
       if (!rc)
-        rc = gpgsm_validate_chain (ctrl, cert, "", NULL, 0, NULL, 0, NULL);
+        rc = gpgsm_validate_chain (ctrl, cert,
+                                   GNUPG_ISOTIME_NONE, NULL, 0, NULL, 0, NULL);
       if (rc)
         {
           char *tmpfpr;
author	NIIBE Yutaka <[email protected]>	2022-02-18 02:11:12 +0000
committer	Werner Koch <[email protected]>	2023-08-28 06:39:16 +0000
commit	7d8564cf8873c384b861f734398a404c8b276e55 (patch)
tree	bbb5572faa77394139e5cc5dab8a5890bb2f70b6
parent	gpg: Do not continue the export after a cancel for the primary key. (diff)
download	gnupg-7d8564cf8873c384b861f734398a404c8b276e55.tar.gz gnupg-7d8564cf8873c384b861f734398a404c8b276e55.zip