diff options
| author | Werner Koch <wk@gnupg.org> | 2021-10-06 10:31:41 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2021-10-06 10:35:51 +0200 |
| commit | 4b3e9a44b58e74b3eb4a59f88ee017fe7483a17d (patch) | |
| tree | 7f9240291d53a3b9155394fcb5d6cc5eca14ecc5 /common | |
| parent | dirmngr: Fix Let's Encrypt certificate chain validation. (diff) | |
| download | gnupg2-4b3e9a44b58e74b3eb4a59f88ee017fe7483a17d.tar.xz gnupg2-4b3e9a44b58e74b3eb4a59f88ee017fe7483a17d.zip | |
dirmngr: New option --ignore-cert
* dirmngr/dirmngr.h (struct fingerprint_list_s): Add field binlen.
(opt): Add field ignored_certs.
* dirmngr/dirmngr.c: Add option --ignore-cert
(parse_rereadable_options): Handle that option.
(parse_ocsp_signer): Rename to ...
(parse_fingerprint_item): this and add two args.
* dirmngr/certcache.c (put_cert): Ignore all to be igored certs.
Change callers to handle the new error return.
--
This option is useful as a workaround in case we ill run into other
chain validation errors like what we fixed in
GnuPG-bug-id: 5639
Diffstat (limited to 'common')
| -rw-r--r-- | common/convert.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/common/convert.c b/common/convert.c index 1efaccedf..d9b4353b7 100644 --- a/common/convert.c +++ b/common/convert.c @@ -43,7 +43,8 @@ LENGTH bytes. The function checks that the STRING will convert exactly to LENGTH bytes. The string is delimited by either end of string or a white space character. The function returns -1 on - error or the length of the parsed string. */ + error or the length of the parsed string. In-place conversion is + allowed but the Source string might be garbled on error. */ int hex2bin (const char *string, void *buffer, size_t length) { |