Changeset c25fc5d in mod_gnutls for t/Makefile


Ignore:
Timestamp:
Nov 15, 2013, 9:44:36 PM (9 years ago)
Author:
Daniel Kahn Gillmor <dkg@…>
Branches:
asyncio, debian/master, debian/stretch-backports, jessie-backports, main, master, proxy-ticket, upstream
Children:
925318f
Parents:
dee490f
Message:

OpenPGP certificate needs either sign or encrypt capabilities

GnuTLS selects the OpenPGP certificate to use based on its
capabilities. For ciphersuites doing key exchange via DHE (and
ECDHE), it wants the cert to be marked as usable for signing. For
ciphersuites doing key exchange via RSA, it wants the key to be marked
as usable for encryption.

In our test suite, we'll mark the key as usable for signing.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • t/Makefile

    rdee490f rc25fc5d  
    4242%/secring.gpg: %.uid %/secret.key
    4343        rm -f $(dir $@)pubring.gpg $(dir $@)secring.gpg $(dir $@)trustdb.gpg
    44         PEM2OPENPGP_EXPIRATION=86400 PEM2OPENPGP_USAGE_FLAGS=authenticate,certify pem2openpgp "$$(cat $<)" < $(dir $@)secret.key | GNUPGHOME=$(dir $@) gpg --import
     44        PEM2OPENPGP_EXPIRATION=86400 PEM2OPENPGP_USAGE_FLAGS=authenticate,certify,sign pem2openpgp "$$(cat $<)" < $(dir $@)secret.key | GNUPGHOME=$(dir $@) gpg --import
    4545        printf "%s:6:\n" "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" | GNUPGHOME=$(dir $@) gpg --import-ownertrust
    4646
Note: See TracChangeset for help on using the changeset viewer.