aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWerner Koch <[email protected]>2002-01-14 12:15:30 +0000
committerWerner Koch <[email protected]>2002-01-14 12:15:30 +0000
commit438b2bcb8cade4875887340387f357fb8594f632 (patch)
treeeacbb3d18f5e330dc9a5a7876f0d2c2f88940ddb
parent* assuan-client.c (_assuan_read_from_server): Skip spaces after (diff)
downloadgnupg-438b2bcb8cade4875887340387f357fb8594f632.tar.gz
gnupg-438b2bcb8cade4875887340387f357fb8594f632.zip
* call-dirmngr.c (inq_certificate): Changed for new interface semantic.
* certlist.c (gpgsm_find_cert): New. DirMngr should now work. Remember that there is a --disable-crl-check option in gpgsm to be used when there is a problem with the dirmngr communication or you want to do faster tests.
Diffstat (limited to '')
-rw-r--r--sm/ChangeLog7
-rw-r--r--sm/call-dirmngr.c58
-rw-r--r--sm/certlist.c28
-rw-r--r--sm/gpgsm.h1
4 files changed, 77 insertions, 17 deletions
diff --git a/sm/ChangeLog b/sm/ChangeLog
index b319c27ad..86423339e 100644
--- a/sm/ChangeLog
+++ b/sm/ChangeLog
@@ -1,6 +1,11 @@
+2002-01-14 Werner Koch <[email protected]>
+
+ * call-dirmngr.c (inq_certificate): Changed for new interface semantic.
+ * certlist.c (gpgsm_find_cert): New.
+
2002-01-13 Werner Koch <[email protected]>
- * fingerprint.c (gpgsm_get_certid): Print the serialand not the
+ * fingerprint.c (gpgsm_get_certid): Print the serial and not the
hash after the dot.
2002-01-11 Werner Koch <[email protected]>
diff --git a/sm/call-dirmngr.c b/sm/call-dirmngr.c
index 4e3de3629..3a1253452 100644
--- a/sm/call-dirmngr.c
+++ b/sm/call-dirmngr.c
@@ -35,16 +35,9 @@
static ASSUAN_CONTEXT dirmngr_ctx = NULL;
-struct cipher_parm_s {
+struct inq_certificate_parm_s {
ASSUAN_CONTEXT ctx;
- const char *ciphertext;
- size_t ciphertextlen;
-};
-
-struct genkey_parm_s {
- ASSUAN_CONTEXT ctx;
- const char *sexp;
- size_t sexplen;
+ KsbaCert cert;
};
@@ -130,16 +123,48 @@ start_dirmngr (void)
static AssuanError
inq_certificate (void *opaque, const char *line)
{
+ struct inq_certificate_parm_s *parm = opaque;
AssuanError rc;
+ const unsigned char *der;
+ size_t derlen;
- if (strncmp (line, "SENDCERT ", 9) || !line[9])
+ if (!(!strncmp (line, "SENDCERT", 8) && (line[8] == ' ' || !line[8])))
{
log_error ("unsupported inquiry `%s'\n", line);
return ASSUAN_Inquire_Unknown;
}
+ line += 8;
+
+ if (!*line)
+ { /* send the current certificate */
+ der = ksba_cert_get_image (parm->cert, &derlen);
+ if (!der)
+ rc = ASSUAN_Inquire_Error;
+ else
+ rc = assuan_send_data (parm->ctx, der, derlen);
+ }
+ else
+ { /* send the given certificate */
+ int err;
+ KsbaCert cert;
+
+ err = gpgsm_find_cert (line, &cert);
+ if (err)
+ {
+ log_error ("certificate not found: %s\n", gnupg_strerror (err));
+ rc = ASSUAN_Inquire_Error;
+ }
+ else
+ {
+ der = ksba_cert_get_image (cert, &derlen);
+ if (!der)
+ rc = ASSUAN_Inquire_Error;
+ else
+ rc = assuan_send_data (parm->ctx, der, derlen);
+ ksba_cert_release (cert);
+ }
+ }
- /* rc = assuan_send_data (parm->ctx, parm->sexp, parm->sexplen);*/
- rc = 0;
return rc;
}
@@ -158,6 +183,7 @@ gpgsm_dirmngr_isvalid (KsbaCert cert)
int rc;
char *certid;
char line[ASSUAN_LINELENGTH];
+ struct inq_certificate_parm_s parm;
rc = start_dirmngr ();
if (rc)
@@ -170,13 +196,13 @@ gpgsm_dirmngr_isvalid (KsbaCert cert)
return seterr (General_Error);
}
+ parm.ctx = dirmngr_ctx;
+ parm.cert = cert;
+
snprintf (line, DIM(line)-1, "ISVALID %s", certid);
line[DIM(line)-1] = 0;
xfree (certid);
- rc = assuan_transact (dirmngr_ctx, line, NULL, NULL, inq_certificate, NULL);
+ rc = assuan_transact (dirmngr_ctx, line, NULL, NULL, inq_certificate, &parm);
return map_assuan_err (rc);
}
-
-
-
diff --git a/sm/certlist.c b/sm/certlist.c
index 097f42d14..0035d527c 100644
--- a/sm/certlist.c
+++ b/sm/certlist.c
@@ -86,3 +86,31 @@ gpgsm_release_certlist (CERTLIST list)
}
}
+
+/* Like gpgsm_add_to_certlist, but lookonly for one certificate */
+int
+gpgsm_find_cert (const char *name, KsbaCert *r_cert)
+{
+ int rc;
+ KEYDB_SEARCH_DESC desc;
+ KEYDB_HANDLE kh = NULL;
+
+ *r_cert = NULL;
+ /* fixme: check that we identify excactly one cert with the name */
+ rc = keydb_classify_name (name, &desc);
+ if (!rc)
+ {
+ kh = keydb_new (0);
+ if (!kh)
+ rc = GNUPG_Out_Of_Core;
+ else
+ {
+ rc = keydb_search (kh, &desc, 1);
+ if (!rc)
+ rc = keydb_get_cert (kh, r_cert);
+ }
+ }
+
+ keydb_release (kh);
+ return rc == -1? GNUPG_No_Public_Key: rc;
+}
diff --git a/sm/gpgsm.h b/sm/gpgsm.h
index 0ec923d76..481bd2bf7 100644
--- a/sm/gpgsm.h
+++ b/sm/gpgsm.h
@@ -162,6 +162,7 @@ int gpgsm_validate_path (KsbaCert cert);
/*-- cetlist.c --*/
int gpgsm_add_to_certlist (const char *name, CERTLIST *listaddr);
void gpgsm_release_certlist (CERTLIST list);
+int gpgsm_find_cert (const char *name, KsbaCert *r_cert);
/*-- keylist.c --*/
void gpgsm_list_keys (CTRL ctrl, STRLIST names, FILE *fp);
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-29 20:49:15 +0000