[svn] GnuPG - r4303 - trunk/sm

svn author wk cvs at cvs.gnupg.org
Tue Oct 17 09:39:21 CEST 2006


Author: wk
Date: 2006-10-17 09:39:21 +0200 (Tue, 17 Oct 2006)
New Revision: 4303

Modified:
   trunk/sm/ChangeLog
   trunk/sm/sign.c
Log:
Fixed aegypten bug 372


Modified: trunk/sm/ChangeLog
===================================================================
--- trunk/sm/ChangeLog	2006-10-16 17:36:44 UTC (rev 4302)
+++ trunk/sm/ChangeLog	2006-10-17 07:39:21 UTC (rev 4303)
@@ -1,3 +1,8 @@
+2006-10-17  Werner Koch  <wk at g10code.com>
+
+	* sign.c (gpgsm_get_default_cert): Changed to return only
+	certificates usable for signing.
+
 2006-10-16  Werner Koch  <wk at g10code.com>
 
 	* certchain.c (already_asked_marktrusted) 

Modified: trunk/sm/sign.c
===================================================================
--- trunk/sm/sign.c	2006-10-16 17:36:44 UTC (rev 4302)
+++ trunk/sm/sign.c	2006-10-17 07:39:21 UTC (rev 4303)
@@ -124,8 +124,8 @@
 }
 
 
-/* Get the default certificate which is defined as the first one our
-   keyDB returns and has a secret key available. */
+/* Get the default certificate which is defined as the first cabable
+   of signing our keyDB returns and has a secret key available. */
 int
 gpgsm_get_default_cert (ctrl_t ctrl, ksba_cert_t *r_cert)
 {
@@ -153,20 +153,23 @@
           keydb_release (hd);
           return rc;
         }
-      
-      p = gpgsm_get_keygrip_hexstring (cert);
-      if (p)
+
+      if (!gpgsm_cert_use_sign_p (cert))
         {
-          if (!gpgsm_agent_havekey (ctrl, p))
+          p = gpgsm_get_keygrip_hexstring (cert);
+          if (p)
             {
+              if (!gpgsm_agent_havekey (ctrl, p))
+                {
+                  xfree (p);
+                  keydb_release (hd);
+                  *r_cert = cert;
+                  return 0; /* got it */
+                }
               xfree (p);
-              keydb_release (hd);
-              *r_cert = cert;
-              return 0; /* got it */
             }
-          xfree (p);
         }
-    
+
       ksba_cert_release (cert); 
       cert = NULL;
     }




More information about the Gnupg-commits mailing list