diff options
| author | Werner Koch <[email protected]> | 2002-09-19 12:59:57 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2002-09-19 12:59:57 +0000 |
| commit | 8bd507e5a2952d88c09fd3393b93d50960818e50 (patch) | |
| tree | 2094bc1dbf163716a27c4f667b11c526c06cb508 /sm/certchain.c | |
| parent | From stable branch (diff) | |
| download | gnupg-NEWPG-0-9-2.tar.gz gnupg-NEWPG-0-9-2.zip | |
* certcheck.c (gpgsm_check_cert_sig): Add cert hash debugging.NEWPG-0-9-2
* certchain.c (find_up): Print info when the cert was not found
by the autorithyKeyIdentifier.
Diffstat (limited to '')
| -rw-r--r-- | sm/certchain.c | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/sm/certchain.c b/sm/certchain.c index 8ebd8c023..b01398f18 100644 --- a/sm/certchain.c +++ b/sm/certchain.c @@ -237,6 +237,19 @@ find_up (KEYDB_HANDLE kh, KsbaCert cert, const char *issuer) keydb_set_ephemeral (kh, old); } } + /* print a note so that the user does not feel too helpless when + an issuer certificate was found and gpgsm prints BAD + signature becuase it is not the correct one. */ + if (rc == -1) + { + log_info ("issuer certificate (#"); + gpgsm_dump_serial (authidno); + log_printf ("/"); + gpgsm_dump_string (s); + log_printf (") not found\n"); + } + else if (rc) + log_error ("failed to find authorityKeyIdentifier: rc=%d\n", rc); ksba_name_release (authid); xfree (authidno); /* Fixme: don't know how to do dirmngr lookup with serial+issuer. */ @@ -267,7 +280,7 @@ find_up (KEYDB_HANDLE kh, KsbaCert cert, const char *issuer) log_info (_("looking up issuer at external location\n")); /* dirmngr is confused about unknown attributes so has a quick and ugly hack we locate the CN and use this and the - following. Fixme: we should have far ebtter parsing in the + following. Fixme: we should have far better parsing in the dirmngr. */ s = strstr (issuer, "CN="); if (!s || s == issuer || s[-1] != ',') @@ -588,7 +601,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) { if (rc == -1) { - log_info ("issuer certificate ("); + log_info ("issuer certificate (#/"); gpgsm_dump_string (issuer); log_printf (") not found\n"); } @@ -735,7 +748,7 @@ gpgsm_basic_cert_check (KsbaCert cert) { if (rc == -1) { - log_info ("issuer certificate ("); + log_info ("issuer certificate (#/"); gpgsm_dump_string (issuer); log_printf (") not found\n"); } |