aboutsummaryrefslogtreecommitdiffstats
path: root/sm/certchain.c
diff options
context:
space:
mode:
Diffstat (limited to 'sm/certchain.c')
-rw-r--r--sm/certchain.c17
1 files changed, 16 insertions, 1 deletions
diff --git a/sm/certchain.c b/sm/certchain.c
index efe8cb1d5..abce4c327 100644
--- a/sm/certchain.c
+++ b/sm/certchain.c
@@ -1193,6 +1193,8 @@ is_cert_still_valid (ctrl_t ctrl, int chain_model, int lm, estream_t fp,
int *any_revoked, int *any_no_crl, int *any_crl_too_old)
{
gpg_error_t err;
+ gnupg_isotime_t revoked_at;
+ char *reason;
if (ctrl->offline || (opt.no_crl_check && !ctrl->use_ocsp))
{
@@ -1221,7 +1223,20 @@ is_cert_still_valid (ctrl_t ctrl, int chain_model, int lm, estream_t fp,
err = gpgsm_dirmngr_isvalid (ctrl,
subject_cert, issuer_cert,
- chain_model? 2 : !!ctrl->use_ocsp);
+ chain_model? 2 : !!ctrl->use_ocsp,
+ revoked_at, &reason);
+ if (gpg_err_code (err) == GPG_ERR_CERT_REVOKED)
+ {
+ gnupg_copy_time (ctrl->revoked_at, revoked_at);
+ xfree (ctrl->revocation_reason);
+ ctrl->revocation_reason = reason;
+ reason = NULL;
+ }
+ else
+ {
+ xfree (reason);
+ reason = (NULL);
+ }
audit_log_ok (ctrl->audit, AUDIT_CRL_CHECK, err);
if (err)
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-28 05:11:59 +0000