diff options
| author | Werner Koch <[email protected]> | 2007-08-10 16:52:05 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2007-08-10 16:52:05 +0000 |
| commit | 74d344a521c8a7a294b8da2cf2647e112fd5b310 (patch) | |
| tree | c2cc77b642ad52a26ea4d99a05f82f725f536d11 /agent/trustlist.c | |
| parent | Factored common gpgconf constants out (diff) | |
| download | gnupg-74d344a521c8a7a294b8da2cf2647e112fd5b310.tar.gz gnupg-74d344a521c8a7a294b8da2cf2647e112fd5b310.zip | |
Implemented the chain model for X.509 validation.
Diffstat (limited to 'agent/trustlist.c')
| -rw-r--r-- | agent/trustlist.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/agent/trustlist.c b/agent/trustlist.c index d3c409b0b..deb0d95cd 100644 --- a/agent/trustlist.c +++ b/agent/trustlist.c @@ -1,5 +1,5 @@ /* trustlist.c - Maintain the list of trusted keys - * Copyright (C) 2002, 2004, 2006 Free Software Foundation, Inc. + * Copyright (C) 2002, 2004, 2006, 2007 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -42,6 +42,7 @@ struct trustitem_s int for_smime:1; /* Set by '*' or 'S' as first flag. */ int relax:1; /* Relax checking of root certificate constraints. */ + int cm:1; /* Use chain model for validation. */ } flags; unsigned char fpr[20]; /* The binary fingerprint. */ }; @@ -267,6 +268,8 @@ read_one_trustfile (const char *fname, int allow_include, } else if (n == 5 && !memcmp (p, "relax", 5)) ti->flags.relax = 1; + else if (n == 2 && !memcmp (p, "cm", 2)) + ti->flags.cm = 1; else log_error ("flag `%.*s' in `%s', line %d ignored\n", n, p, fname, lnr); @@ -396,6 +399,14 @@ agent_istrusted (ctrl_t ctrl, const char *fpr) if (err) return err; } + else if (ti->flags.cm) + { + err = agent_write_status (ctrl, + "TRUSTLISTFLAG", "cm", + NULL); + if (err) + return err; + } return 0; /* Trusted. */ } } |