[Pkg-gnupg-commit] [gnupg2] 44/241: gpg: When evaluating trust reg exps, treat tofu+pgp like pgp.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Dec 9 20:31:51 UTC 2015
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit cbaca254ac818c49c18d4480d3c7bd246cc57ae8
Author: Neal H. Walfield <neal at g10code.com>
Date: Wed Oct 21 13:31:00 2015 +0200
gpg: When evaluating trust reg exps, treat tofu+pgp like pgp.
* g10/trustdb.c (validate_one_keyblock): When checking trust regular
expressions, treat the tofu+pgp trust model the same as the pgp trust
model.
--
Signed-off-by: Neal H. Walfield <neal at g10code.com>
---
g10/trustdb.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/g10/trustdb.c b/g10/trustdb.c
index 296083c..022131a 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -1579,7 +1579,8 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
since we don't accept a regexp on the sig unless it's a
trust sig. */
if (kr && (!kr->trust_regexp
- || opt.trust_model != TM_PGP
+ || !(opt.trust_model == TM_PGP
+ || opt.trust_model == TM_TOFU_PGP)
|| (uidnode
&& check_regexp(kr->trust_regexp,
uidnode->pkt->pkt.user_id->name))))
@@ -1589,7 +1590,8 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
lesser trust sig or value. I could make a decent
argument for any of these cases, but this seems to be
what PGP does, and I'd like to be compatible. -dms */
- if (opt.trust_model == TM_PGP
+ if ((opt.trust_model == TM_PGP
+ || opt.trust_model == TM_TOFU_PGP)
&& sig->trust_depth
&& pk->trust_timestamp <= sig->timestamp)
{
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list