dirmngr: Use system certs if --hkp-cacert is not used.
authorWerner Koch <wk@gnupg.org>
Mon, 18 Sep 2017 20:49:05 +0000 (22:49 +0200)
committerWerner Koch <wk@gnupg.org>
Mon, 18 Sep 2017 20:49:05 +0000 (22:49 +0200)
commitdf692a6167be5486f9a29da003a00292fd895176
tree10d83f1fa7a1b46b59e9301c22ddc11a7b2b9cdc
parent9588dd116c0118f31fc33dc09a1d08125ab8cdc9
dirmngr: Use system certs if --hkp-cacert is not used.

* dirmngr/certcache.c (any_cert_of_class): New var.
(put_cert): Set it.
(cert_cache_deinit): Clear it.
(cert_cache_any_in_class): New func.
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Add hack to
override empty list of HKP certs.
--

This patch carries the changes for GNUTLS from commit
7c1613d41566f7d8db116790087de323621205fe over to NTBTLS.  NTBTLS works
quite different and thus we need to do it this way.

Signed-off-by: Werner Koch <wk@gnupg.org>
dirmngr/certcache.c
dirmngr/certcache.h
dirmngr/http-ntbtls.c