Page MenuHome GnuPG

gpgme: add option to disable S/MIME CRL checks
Open, Needs TriagePublic


It may sometimes be necessary to run gpgsm with CRL checks being disabled, e.g. in an isolated (no network) environment. Whilst this is trivial when running gpgsm interactively using the --disable-crl-check argument, I did not find an option to achieve this easily using gpgme. I know that I could add the option to gpgsm.conf, but this would of course affect all gpgsm operations which may not be intended.

I therefore suggest to extend the gpgme_set_ctx_flag() api to accept the options enable-crl-check and disable-crl-check which shall be ignored (or raise an error) for gpg contexts, and passes the respective option to gpgsm.