diff options
| author | Werner Koch <[email protected]> | 2015-10-06 11:10:26 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2015-10-06 11:10:26 +0000 |
| commit | 9db6547a00cded92c00c8f8382b1b605be1027d2 (patch) | |
| tree | b84db8a02b2887a0af0b1f22264e68bdb5995e46 | |
| parent | gpg: Fail decryption for AES etc message w/o MDC. (diff) | |
| download | gnupg-9db6547a00cded92c00c8f8382b1b605be1027d2.tar.gz gnupg-9db6547a00cded92c00c8f8382b1b605be1027d2.zip | |
dirmngr: Do tilde expansion for --hkp-cacert.
* dirmngr/dirmngr.c (parse_rereadable_options): Do tilde expansion and
check for cert file existance in option --hkp-cacert.
--
GnuPG-bug-id: 2120
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to '')
| -rw-r--r-- | dirmngr/dirmngr.c | 15 | ||||
| -rw-r--r-- | doc/dirmngr.texi | 2 | ||||
| -rw-r--r-- | g10/dirmngr-conf.skel | 2 |
3 files changed, 16 insertions, 3 deletions
diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c index 847a65d51..a32040e7b 100644 --- a/dirmngr/dirmngr.c +++ b/dirmngr/dirmngr.c @@ -580,7 +580,20 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) case oMaxReplies: opt.max_replies = pargs->r.ret_int; break; case oHkpCaCert: - http_register_tls_ca (pargs->r.ret_str); + { + char *tmpname; + + /* Do tilde expansion and print a warning if the file can't be + accessed. */ + tmpname = make_absfilename_try (pargs->r.ret_str, NULL); + if (!tmpname || access (tmpname, F_OK)) + log_info (_("can't access '%s': %s\n"), + tmpname? tmpname : pargs->r.ret_str, + gpg_strerror (gpg_error_from_syserror())); + else + http_register_tls_ca (tmpname); + xfree (tmpname); + } break; case oIgnoreCertExtension: diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi index a5bcc73d9..18e818975 100644 --- a/doc/dirmngr.texi +++ b/doc/dirmngr.texi @@ -433,7 +433,7 @@ Use the root certificates in @var{file} for verification of the TLS certificates used with @code{hkps} (keyserver access over TLS). If the file is in PEM format a suffix of @code{.pem} is expected for @var{file}. This option may be given multiple times to add more -root certificates. +root certificates. Tilde expansion is supported. @end table diff --git a/g10/dirmngr-conf.skel b/g10/dirmngr-conf.skel index 0888fb7f4..88578439e 100644 --- a/g10/dirmngr-conf.skel +++ b/g10/dirmngr-conf.skel @@ -56,6 +56,6 @@ keyserver hkp://keys.gnupg.net # used for the connection. Enter the full name of a file with the # root certificates here. If that file is in PEM format a ".pem" # suffix is expected. This option may be given multiple times to add -# more root certificates. +# more root certificates. Tilde expansion is supported. #hkp-cacert /path/to/CA/sks-keyservers.netCA.pem |