dirmngr: New Assuan option "http-crl".
authorWerner Koch <wk@gnupg.org>
Tue, 21 Feb 2017 08:37:07 +0000 (09:37 +0100)
committerWerner Koch <wk@gnupg.org>
Tue, 21 Feb 2017 08:37:07 +0000 (09:37 +0100)
commit493c142e582ff5ef1b5fdfcb9653715ef43e83e9
treecd404a685a10396849d38a9e795432c9d8e1a3e1
parent39c745038181edd097e188434b3f9c971ed3987f
dirmngr: New Assuan option "http-crl".

* dirmngr/dirmngr.h (server_control_s): New flag 'http_no_crl'.
* dirmngr/dirmngr.c (dirmngr_init_default_ctrl): Set this flag.
* dirmngr/server.c (option_handler): New option "http-crl"
* dirmngr/http.h (HTTP_FLAG_NO_CRL): New flag.
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Consult this flag.
* dirmngr/ks-engine-hkp.c (send_request): Set flag depending on CTRL.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.

* dirmngr/t-http.c (main): New option --no-crl.
--

This new option can be used to enable CRL checks on a per session
base.  The default is not to use CRLs for https connections.

Signed-off-by: Werner Koch <wk@gnupg.org>
dirmngr/dirmngr.c
dirmngr/dirmngr.h
dirmngr/http-ntbtls.c
dirmngr/http.c
dirmngr/http.h
dirmngr/ks-engine-hkp.c
dirmngr/ks-engine-http.c
dirmngr/server.c
dirmngr/t-http.c