diff options
| author | Werner Koch <wk@gnupg.org> | 2023-04-03 14:06:36 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2023-04-03 14:10:33 +0200 |
| commit | a5360ae4c7bfe6df6754409d5bd5c5a521ae5e6f (patch) | |
| tree | 035902bfb2546b1b2c0e8446733d681b0a57c4d0 /agent | |
| parent | gpgsm: Create binary detached sigs with definite form length octets. (diff) | |
| download | gnupg2-a5360ae4c7bfe6df6754409d5bd5c5a521ae5e6f.tar.xz gnupg2-a5360ae4c7bfe6df6754409d5bd5c5a521ae5e6f.zip | |
agent: Add trustlist flag "de-vs".
* agent/trustlist.c (struct trustitem_s): Add field de_vs.
(read_one_trustfile): Parse it.
(istrusted_internal): Emit TRUSTLISTFLAG status line.
* sm/gpgsm.h (struct rootca_flags_s): Add field de_vs.
* sm/call-agent.c (istrusted_status_cb): Detect the flags.
* sm/sign.c (write_detached_signature): Remove unused vars.
--
Right now this flag has no effect; we first need to specify the exact
behaviour.
GnuPG-bug-id: 5079
Diffstat (limited to 'agent')
| -rw-r--r-- | agent/trustlist.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/agent/trustlist.c b/agent/trustlist.c index 4d23eb1b0..330f233b8 100644 --- a/agent/trustlist.c +++ b/agent/trustlist.c @@ -45,6 +45,7 @@ struct trustitem_s constraints. */ int cm:1; /* Use chain model for validation. */ int qual:1; /* Root CA for qualified signatures. */ + int de_vs:1; /* Root CA for de-vs compliant PKI. */ } flags; unsigned char fpr[20]; /* The binary fingerprint. */ }; @@ -324,6 +325,8 @@ read_one_trustfile (const char *fname, int systrust, ti->flags.cm = 1; else if (n == 4 && !memcmp (p, "qual", 4) && systrust) ti->flags.qual = 1; + else if (n == 4 && !memcmp (p, "de-vs", 4) && systrust) + ti->flags.de_vs = 1; else log_error ("flag '%.*s' in '%s', line %d ignored\n", n, p, fname, lnr); @@ -476,7 +479,8 @@ istrusted_internal (ctrl_t ctrl, const char *fpr, int *r_disabled, in a locked state. */ if (already_locked) ; - else if (ti->flags.relax || ti->flags.cm || ti->flags.qual) + else if (ti->flags.relax || ti->flags.cm || ti->flags.qual + || ti->flags.de_vs) { unlock_trusttable (); locked = 0; @@ -487,6 +491,8 @@ istrusted_internal (ctrl_t ctrl, const char *fpr, int *r_disabled, err = agent_write_status (ctrl,"TRUSTLISTFLAG", "cm", NULL); if (!err && ti->flags.qual) err = agent_write_status (ctrl,"TRUSTLISTFLAG", "qual",NULL); + if (!err && ti->flags.de_vs) + err = agent_write_status (ctrl,"TRUSTLISTFLAG", "de-vs",NULL); } if (!err) |