diff options
| author | Werner Koch <[email protected]> | 2017-02-17 20:31:33 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2017-02-17 20:31:33 +0000 |
| commit | f07811ee2c0a8044551e2ec063eda61cff7f6e39 (patch) | |
| tree | 36f07a12fc3c897a4ef2a4bd9d39cc8e01045021 /dirmngr/crlcache.c | |
| parent | dirmngr: Add options --tls and --systrust to the VALIDATE cmd. (diff) | |
| download | gnupg-f07811ee2c0a8044551e2ec063eda61cff7f6e39.tar.gz gnupg-f07811ee2c0a8044551e2ec063eda61cff7f6e39.zip | |
dirmngr: Add option --no-crl to the VALIDATE cmd.
* dirmngr/validate.h: Remove enums VALIDATE_MODE_*.
(VALIDATE_FLAG_SYSTRUST, VALIDATE_FLAG_EXTRATRUST)
(VALIDATE_FLAG_CRL, VALIDATE_FLAG_RECURSIVE)
(VALIDATE_FLAG_OCSP, VALIDATE_FLAG_TLS)
(VALIDATE_FLAG_NOCRLCHECK): New constants.
* dirmngr/validate.c (validate_cert_chain): Change arg 'mode' to
'flags'. Change code accordingly. Remove NO-CRL in TLS mode kludge.
* dirmngr/crlcache.c (crl_parse_insert): Change to use flag values for
the validate_cert_chain call.
* dirmngr/server.c (cmd_validate): Ditto. Add new option --no-crl.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'dirmngr/crlcache.c')
| -rw-r--r-- | dirmngr/crlcache.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/dirmngr/crlcache.c b/dirmngr/crlcache.c index 2e471cb09..3cd8cf420 100644 --- a/dirmngr/crlcache.c +++ b/dirmngr/crlcache.c @@ -1851,7 +1851,8 @@ crl_parse_insert (ctrl_t ctrl, ksba_crl_t crl, md = NULL; err = validate_cert_chain (ctrl, crlissuer_cert, NULL, - VALIDATE_MODE_CRL_RECURSIVE, + (VALIDATE_FLAG_CRL + | VALIDATE_FLAG_RECURSIVE), r_trust_anchor); if (err) { |