[PATCH 15/15] tests: disable CRL checks from gpgsm
Tomi Ollila
tomi.ollila at iki.fi
Wed Apr 29 13:12:33 PDT 2020
On Tue, Apr 28 2020, Daniel Kahn Gillmor wrote:
> GPGME has a strange failure mode when it is in offline mode, and/or
> when certificates don't have any CRLs: in particular, it refuses to
> accept the validity of any certificate other than a "root" cert.
>
> This can be worked around by setting the `disable-crl-checks`
> configuration variable for gpgsm.
>
> I've reported this to the GPGME upstream at
> https://dev.gnupg.org/T4883, but I have no idea how it will be
> resolved. In the meantime, we'll just work around it.
>
> Note that this fixes the test for verification of
> id:smime-multipart-signed at protected-headers.example, because
> multipart/signed messages are already handled correctly (one-part
> PKCS#7 messages will get fixed later).
>
> Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Rest of the series look tolerable to me. That one missing
"inconsistent quotes" is inconsistent with added quotes
in one of the changes in previous email (which just did that)
Otherwise OK (provided that tests pass)
(except that https://www.ietf.org/id/draft-dkg-lamps-samples-01.html
if not found (by me either, like David)
Tomi
More information about the notmuch
mailing list