[Pkg-gnupg-commit] [gnupg2] 39/112: g10: Fix checking key for signature validation.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Aug 30 17:48:17 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit 6f284e6ed63f514b15fe610f490ffcefc87a2164
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Thu Aug 4 16:21:39 2016 +0900
g10: Fix checking key for signature validation.
* g10/sig-check.c (check_signature2): Not only subkey, but also primary
key should have flags.valid=1.
--
The tweak of gpgv in e32c575e0f3704e7563048eea6d26844bdfc494b only makes
sense with this change.
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
---
g10/sig-check.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/g10/sig-check.c b/g10/sig-check.c
index 7000b48..334add7 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -118,9 +118,9 @@ check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
}
else if( get_pubkey( pk, sig->keyid ) )
rc = GPG_ERR_NO_PUBKEY;
- else if(!pk->flags.valid && !pk->flags.primary)
+ else if(!pk->flags.valid)
{
- /* You cannot have a good sig from an invalid subkey. */
+ /* You cannot have a good sig from an invalid key. */
rc = GPG_ERR_BAD_PUBKEY;
}
else
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list