diff options
author | DongHun Kwak <dh0128.kwak@samsung.com> | 2021-02-09 16:00:39 +0900 |
---|---|---|
committer | DongHun Kwak <dh0128.kwak@samsung.com> | 2021-02-09 16:00:39 +0900 |
commit | d91af91dcdf2dd7a0198747a2b4aa864ff288851 (patch) | |
tree | 0b3a9ddfe22b8b073197d1ac48f2fbccd889c466 /sm | |
parent | 1e562bb46de05304792f6ca03421d0ccd0c2c4ae (diff) | |
download | gpg2-d91af91dcdf2dd7a0198747a2b4aa864ff288851.tar.gz gpg2-d91af91dcdf2dd7a0198747a2b4aa864ff288851.tar.bz2 gpg2-d91af91dcdf2dd7a0198747a2b4aa864ff288851.zip |
Imported Upstream version 2.2.11upstream/2.2.11
Diffstat (limited to 'sm')
-rw-r--r-- | sm/call-dirmngr.c | 28 | ||||
-rw-r--r-- | sm/gpgsm.c | 2 |
2 files changed, 27 insertions, 3 deletions
diff --git a/sm/call-dirmngr.c b/sm/call-dirmngr.c index 3a38bca..fb05413 100644 --- a/sm/call-dirmngr.c +++ b/sm/call-dirmngr.c @@ -390,7 +390,7 @@ inq_certificate (void *opaque, const char *line) } else { - log_error ("unsupported inquiry '%s'\n", line); + log_error ("unsupported certificate inquiry '%s'\n", line); return gpg_error (GPG_ERR_ASS_UNKNOWN_INQUIRE); } @@ -950,9 +950,33 @@ run_command_inq_cb (void *opaque, const char *line) line = s; log_info ("dirmngr: %s\n", line); } + else if ((s = has_leading_keyword (line, "ISTRUSTED"))) + { + /* The server is asking us whether the certificate is a trusted + root certificate. */ + char fpr[41]; + struct rootca_flags_s rootca_flags; + int n; + + line = s; + + for (s=line,n=0; hexdigitp (s); s++, n++) + ; + if (*s || n != 40) + return gpg_error (GPG_ERR_ASS_PARAMETER); + for (s=line, n=0; n < 40; s++, n++) + fpr[n] = (*s >= 'a')? (*s & 0xdf): *s; + fpr[n] = 0; + + if (!gpgsm_agent_istrusted (parm->ctrl, NULL, fpr, &rootca_flags)) + rc = assuan_send_data (parm->ctx, "1", 1); + else + rc = 0; + return rc; + } else { - log_error ("unsupported inquiry '%s'\n", line); + log_error ("unsupported command inquiry '%s'\n", line); rc = gpg_error (GPG_ERR_ASS_UNKNOWN_INQUIRE); } @@ -1660,7 +1660,7 @@ main ( int argc, char **argv) || cmd == aClearsign, opt.extra_digest_algo)) log_error (_("digest algorithm '%s' may not be used in %s mode\n"), - forced_digest_algo, + extra_digest_algo, gnupg_compliance_option_string (opt.compliance)); if (log_get_errorcount(0)) |