From 45a817bf4a6f7624d49cd61247b7efeb3b7ad726 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 17 Feb 2004 15:05:04 +0000 Subject: * gpgsm.c: New option --with-md5-fingerprint. * keylist.c (list_cert_std): Print MD5 fpr. * gpgsm.c: New options --with-validation. * server.c (option_handler): New option "with-validation". * keylist.c (list_cert_std, list_internal_keys): New args CTRL and WITH_VALIDATION. Changed callers to set it. (list_external_cb, list_external_keys): Pass CTRL to the callback. (list_cert_colon): Add arg CTRL. Check validation if requested. * certchain.c (unknown_criticals, allowed_ca, check_cert_policy) (gpgsm_validate_chain): New args LISTMODE and FP. (do_list): New helper for info output. (find_up): New arg FIND_NEXT. (gpgsm_validate_chain): After a bad signature try again with other CA certificates. * import.c (print_imported_status): New arg NEW_CERT. Print additional STATUS_IMPORT_OK becuase that is what gpgme expects. (check_and_store): Always call above function after import. * server.c (get_status_string): Added STATUS_IMPORT_OK. --- sm/import.c | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) (limited to 'sm/import.c') diff --git a/sm/import.c b/sm/import.c index b11cd75b6..47f062790 100644 --- a/sm/import.c +++ b/sm/import.c @@ -57,12 +57,17 @@ static gpg_error_t parse_p12 (ksba_reader_t reader, FILE **retfp); static void -print_imported_status (CTRL ctrl, ksba_cert_t cert) +print_imported_status (CTRL ctrl, ksba_cert_t cert, int new_cert) { char *fpr; - + fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1); - gpgsm_status2 (ctrl, STATUS_IMPORTED, fpr, "[X.509]", NULL); + if (new_cert) + gpgsm_status2 (ctrl, STATUS_IMPORTED, fpr, "[X.509]", NULL); + + gpgsm_status2 (ctrl, STATUS_IMPORT_OK, + new_cert? "1":"0", fpr, NULL); + xfree (fpr); } @@ -146,7 +151,7 @@ check_and_store (CTRL ctrl, struct stats_s *stats, ksba_cert_t cert, int depth) /* Some basic checks, but don't care about missing certificates; this is so that we are able to import entire certificate chains w/o requirening a special order (i.e. root-CA first). This used - to be different but becuase gpgsm_verify even imports + to be different but because gpgsm_verify even imports certificates without any checks, it doesn't matter much and the code gets much cleaner. A housekeeping function to remove certificates w/o an anchor would be nice, though. */ @@ -161,11 +166,14 @@ check_and_store (CTRL ctrl, struct stats_s *stats, ksba_cert_t cert, int depth) if (!existed) { - print_imported_status (ctrl, cert); + print_imported_status (ctrl, cert, 1); stats->imported++; } else - stats->unchanged++; + { + print_imported_status (ctrl, cert, 0); + stats->unchanged++; + } if (opt.verbose > 1 && existed) { -- cgit v1.2.3