2015-01-29 17:00:00 +00:00
|
|
|
diff -up gnupg-2.1.1/sm/certlist.c.keyusage gnupg-2.1.1/sm/certlist.c
|
|
|
|
|
--- gnupg-2.1.1/sm/certlist.c.keyusage 2014-11-27 11:51:36.000000000 +0100
|
|
|
|
|
+++ gnupg-2.1.1/sm/certlist.c 2015-01-29 17:30:57.117135497 +0100
|
2014-09-27 18:55:11 +00:00
|
|
|
@@ -146,10 +146,9 @@ cert_usage_p (ksba_cert_t cert, int mode
|
|
|
|
|
|
|
|
|
|
if (mode == 5)
|
|
|
|
|
{
|
2015-01-29 17:00:00 +00:00
|
|
|
- if (use != ~0
|
2014-09-27 18:55:11 +00:00
|
|
|
- && (have_ocsp_signing
|
|
|
|
|
- || (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
|
|
|
|
|
- |KSBA_KEYUSAGE_CRL_SIGN))))
|
|
|
|
|
+ if (have_ocsp_signing
|
|
|
|
|
+ || (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
|
|
|
|
|
+ |KSBA_KEYUSAGE_CRL_SIGN)))
|
|
|
|
|
return 0;
|
|
|
|
|
log_info (_("certificate should not have "
|
|
|
|
|
"been used for OCSP response signing\n"));
|
