[Pkg-gnupg-commit] [gnupg1] 16/35: g10: Fix checking key for signature validation.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Aug 29 14:48:40 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg1.
commit f474b161f6c8c7a3dc0fb90d25ffceacba1ff117
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Thu Aug 4 16:21:39 2016 +0900
g10: Fix checking key for signature validation.
* g10/sig-check.c (signature_check2): Not only subkey, but also primary
key should have flags.valid=1.
--
(backport of master
commit 6f284e6ed63f514b15fe610f490ffcefc87a2164)
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
---
g10/sig-check.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/g10/sig-check.c b/g10/sig-check.c
index 6bac630..8dd0373 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -76,9 +76,9 @@ signature_check2( PKT_signature *sig, MD_HANDLE digest, u32 *r_expiredate,
}
else if( get_pubkey( pk, sig->keyid ) )
rc = G10ERR_NO_PUBKEY;
- else if(!pk->is_valid && !pk->is_primary)
+ else if(!pk->is_valid)
rc=G10ERR_BAD_PUBKEY; /* you cannot have a good sig from an
- invalid subkey */
+ invalid key */
else
{
if(r_expiredate)
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg1.git
More information about the Pkg-gnupg-commit
mailing list