summaryrefslogtreecommitdiffstats
path: root/dirmngr/t-ldap-parse-uri.c
diff options
context:
space:
mode:
authorWerner Koch <wk@gnupg.org>2023-03-09 18:28:39 +0100
committerWerner Koch <wk@gnupg.org>2023-03-09 18:28:39 +0100
commitb52a0e244ae18aec4b9c93f90432a551fac95a40 (patch)
treedb5677d70b5d85de0def204d88d43b4f15a597a0 /dirmngr/t-ldap-parse-uri.c
parentkeyboxd: Allow import of v0 certificates. (diff)
downloadgnupg2-b52a0e244ae18aec4b9c93f90432a551fac95a40.tar.xz
gnupg2-b52a0e244ae18aec4b9c93f90432a551fac95a40.zip
dirmngr: Distinguish between "no crl" and "crl not trusted".
* dirmngr/crlcache.h (CRL_CACHE_NOTTRUSTED): New. * dirmngr/crlcache.c (cache_isvalid): Set this status. (crl_cache_cert_isvalid): Map it to GPG_ERR_NOT_TRUSTED. (crl_cache_reload_crl): Move diagnostic to ... * dirmngr/crlfetch.c (crl_fetch): here. * dirmngr/server.c (cmd_isvalid): Map it to GPG_ERR_NOT_TRUSTED. * dirmngr/validate.c (check_revocations): Handle new status. Improve diagnostics. * common/status.c (get_inv_recpsgnr_code): Map INV_CRL_OBJ. * common/audit.c (proc_type_verify): Ditto. -- This avoids repeated loading of CRLs in case of untrusted root certificates.
Diffstat (limited to 'dirmngr/t-ldap-parse-uri.c')
0 files changed, 0 insertions, 0 deletions