Rewrite the post-processing of external X.509 certificate imports
The main reason for the rewrite was that the call KeyCache::mutableInstance()->refresh(keys); clears the key cache and only adds the passed keys (i.e. the imported X.509 certificates) to the key cache. In particular, this removed all OpenPGP keys and all previously existing X.509 certificates from the key cache. That was certainly not intended. The new approach is a bit slower because it does an update for each imported X.509 certificate instead of for all certificates with a single keylisting. This change also fixes a regression introduced with commit 0b7978d5 which performed the validation for external and local CMS imports. GnuPG-bug-id: 5638
parent
53810860
Please register or sign in to comment