[svn] GnuPG - r5236 - branches/STABLE-BRANCH-1-4/g10
svn author wk
cvs at cvs.gnupg.org
Thu Dec 17 18:56:18 CET 2009
Author: wk
Date: 2009-12-17 18:56:17 +0100 (Thu, 17 Dec 2009)
New Revision: 5236
Modified:
branches/STABLE-BRANCH-1-4/g10/ChangeLog
branches/STABLE-BRANCH-1-4/g10/sig-check.c
Log:
Fix bug#1059 (missing status line signature verification done with a
subkey while on the main key has expired).
Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/ChangeLog 2009-12-17 17:56:00 UTC (rev 5235)
+++ branches/STABLE-BRANCH-1-4/g10/ChangeLog 2009-12-17 17:56:17 UTC (rev 5236)
@@ -1,3 +1,8 @@
+2009-12-17 Werner Koch <wk at g10code.com>
+
+ * sig-check.c (do_check_messages): Evaluate the HAS_EXPIRED flag.
+ Fixes bug#1059.
+
2009-12-15 Werner Koch <wk at g10code.com>
* iso7816.c (do_generate_keypair): s/readonly/read_only/.
Modified: branches/STABLE-BRANCH-1-4/g10/sig-check.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/sig-check.c 2009-12-17 17:56:00 UTC (rev 5235)
+++ branches/STABLE-BRANCH-1-4/g10/sig-check.c 2009-12-17 17:56:17 UTC (rev 5236)
@@ -209,7 +209,11 @@
return G10ERR_TIME_CONFLICT;
}
- if( pk->expiredate && pk->expiredate < cur_time ) {
+ /* Check whether the key has expired. We check the has_expired
+ flag which is set after a full evaluation of the key (getkey.c)
+ as well as a simple compare to the current time in case the
+ merge has for whatever reasons not been done. */
+ if (pk->has_expired || (pk->expiredate && pk->expiredate < cur_time)) {
char buf[11];
if (opt.verbose)
log_info(_("NOTE: signature key %s expired %s\n"),
More information about the Gnupg-commits
mailing list