gpg-agent: SSH certificate support
Werner Koch
wk at gnupg.org
Fri Aug 5 13:28:44 CEST 2016
On Fri, 5 Aug 2016 10:48, gniibe at fsij.org said:
> read_key_file (const unsigned char *grip, gcry_sexp_t *result, int *ssh)
>
> When SSH is not NULL, it means allowing returning SSH certificate.
I would suggest to change to "char **ssh" and return a malloced buffer
with the certificate (in some encoding). The creation and parsing of
the s-expressions is quite complicate when not using Lisp and we need to
return that data anyway as a plain buffer. This way we reduce the risk
of introducing bugs in code paths not related to the ssh certificates.
To be future proof an strlist_t could also be used which would allow to
return several certifciates or other info.
> Anyway, here is a clean up part.
Thanks.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
/* Join us at OpenPGP.conf <https://openpgp-conf.org> */
More information about the Gnupg-devel
mailing list