Add learn-card patch
authorWerner Koch <wk@gnupg.org>
Thu, 30 Jul 2009 15:33:59 +0000 (15:33 +0000)
committerWerner Koch <wk@gnupg.org>
Thu, 30 Jul 2009 15:33:59 +0000 (15:33 +0000)
ChangeLog
Makefile.am
patches/gnupg2-2.0.12/08-sm-learn-card.patch [new file with mode: 0644]

index b09ec36..692a2a8 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2009-07-30  Werner Koch  <wk@g10code.com>
+
+       * patches/gnupg2-2.0.12/08-sm-learn-card.patch: New.
+
 2009-07-29  Colin Leroy  <colin@colino.net>
 
        * packages/packages.current: Update Claws Mail (focus
index d721af2..6fae140 100644 (file)
@@ -49,6 +49,7 @@ EXTRA_DIST = autogen.sh README.SVN \
        patches/gnupg2-2.0.12/05-dns-sd.patch \
         patches/gnupg2-2.0.12/06-opgp-sign3072.patch \
         patches/gnupg2-2.0.12/07-gpg-no-detached.patch \
+        patches/gnupg2-2.0.12/08-sm-learn-card.patch \
        patches/gpgol-0.9.91/01-gpgme.patch \
         patches/gpa-0.9.0/01-title-prop.patch \
        patches/libetpan-0.57/01-gnutls_compat.patch \
diff --git a/patches/gnupg2-2.0.12/08-sm-learn-card.patch b/patches/gnupg2-2.0.12/08-sm-learn-card.patch
new file mode 100644 (file)
index 0000000..5ca5afd
--- /dev/null
@@ -0,0 +1,33 @@
+#! /bin/sh
+patch -p0 -f $* < $0
+exit $?
+
+[sm]
+2009-07-30  Werner Koch  <wk@g10code.com>
+
+       * call-agent.c (learn_cb): Do not store as ephemeral.
+
+
+
+--- sm/call-agent.c     (revision 5101)
++++ sm/call-agent.c     (working copy)
+@@ -875,13 +875,11 @@
+       return 0;
+     }
++  /* We do not store a certifciate with missing issuers as ephemeral
++     because we can assume that the --learn-card command has been used
++     on purpose.  */
+   rc = gpgsm_basic_cert_check (parm->ctrl, cert);
+-  if (gpg_err_code (rc) == GPG_ERR_MISSING_CERT)
+-    { /* For later use we store it in the ephemeral database. */
+-      log_info ("issuer certificate missing - storing as ephemeral\n");
+-      keydb_store_cert (cert, 1, NULL);
+-    }
+-  else if (rc)
++  if (rc && gpg_err_code (rc) != GPG_ERR_MISSING_CERT)
+     log_error ("invalid certificate: %s\n", gpg_strerror (rc));
+   else
+     {
+
+