aboutsummaryrefslogtreecommitdiffstats
path: root/sm/certlist.c
diff options
context:
space:
mode:
authorWerner Koch <[email protected]>2023-08-31 09:13:38 +0000
committerWerner Koch <[email protected]>2023-08-31 10:30:26 +0000
commit776876ce1c4c5da3a0fe1dc538fc7a67cf18c054 (patch)
tree45ffc94f904bc7158f32f6708b928ea2d9b80a9f /sm/certlist.c
parentdoc: Add some hints for AD queries. (diff)
downloadgnupg-776876ce1c4c5da3a0fe1dc538fc7a67cf18c054.tar.gz
gnupg-776876ce1c4c5da3a0fe1dc538fc7a67cf18c054.zip
gpgsm: Add --always-trust feature.
* sm/gpgsm.h (opt): Re-purpose unused flag always_trust. (struct server_control_s): Add "always_trust". (VALIDATE_FLAG_BYPASS): New. * sm/gpgsm.c (oAlwaysTrust): New. (opts): Add "--always-trust" (main): Set option. * sm/server.c (option_handler): Add option "always-trust". (reset_notify): Clear that option. (cmd_encrypt): Ditto. (cmd_getinfo): Add sub-command always-trust. * sm/certchain.c (gpgsm_validate_chain): Handle VALIDATE_FLAG_BYPASS. * sm/certlist.c (gpgsm_add_to_certlist): Set that flag for recipients in always-trust mode. -- GnuPG-bug-id: 6559
Diffstat (limited to 'sm/certlist.c')
-rw-r--r--sm/certlist.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/sm/certlist.c b/sm/certlist.c
index fdf31a198..53d90ac30 100644
--- a/sm/certlist.c
+++ b/sm/certlist.c
@@ -448,6 +448,11 @@ gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
if (!rc && !is_cert_in_certlist (cert, *listaddr))
{
+ unsigned int valflags = 0;
+
+ if (!secret && (opt.always_trust || ctrl->always_trust))
+ valflags |= VALIDATE_FLAG_BYPASS;
+
if (!rc && secret)
{
char *p;
@@ -461,9 +466,10 @@ gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
xfree (p);
}
}
+
if (!rc)
rc = gpgsm_validate_chain (ctrl, cert, GNUPG_ISOTIME_NONE, NULL,
- 0, NULL, 0, NULL);
+ 0, NULL, valflags, NULL);
if (!rc)
{
certlist_t cl = xtrycalloc (1, sizeof *cl);
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-27 07:38:36 +0000