diff options
| author | Werner Koch <[email protected]> | 2022-08-31 16:11:36 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2022-08-31 16:11:36 +0000 |
| commit | 17073c9abcfb0546e40f3fa6af655c87305f71b5 (patch) | |
| tree | 2d44dd1b106fd63ee4065929b0e76b4ff9dad96d /dirmngr/certcache.c | |
| parent | dirmngr: Reject certificate which is not valid into cache. (diff) | |
| download | gnupg-17073c9abcfb0546e40f3fa6af655c87305f71b5.tar.gz gnupg-17073c9abcfb0546e40f3fa6af655c87305f71b5.zip | |
dirmngr: New option --debug-cache-expired-certs.
* dirmngr/dirmngr.h (opt): Add debug_cache_expired_certs:
* dirmngr/dirmngr.c (oDebugCacheExpiredCerts): New.
(opts): Add option.
(parse_rereadable_options): Set option.
* dirmngr/certcache.c (put_cert): Handle the option.
Diffstat (limited to 'dirmngr/certcache.c')
| -rw-r--r-- | dirmngr/certcache.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/dirmngr/certcache.c b/dirmngr/certcache.c index 30d4d89fa..1e73d6f85 100644 --- a/dirmngr/certcache.c +++ b/dirmngr/certcache.c @@ -271,8 +271,9 @@ put_cert (ksba_cert_t cert, int permanent, unsigned int trustclass, cert_item_t ci; fingerprint_list_t ignored; - if (permanent) - { /* Do a little validation. */ + /* Do not keep expired certificates in the permanent cache. */ + if (permanent && !opt.debug_cache_expired_certs) + { ksba_isotime_t not_after; ksba_isotime_t current_time; |