[git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.30-10-gcaff669

[by NIIBE Yutaka]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, STABLE-BRANCH-2-0 has been updated
       via  caff669212d2465a3a387571305a7230d394c0e0 (commit)
      from  b531f2fd75be3f616073cba714d73324525fd3e4 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit caff669212d2465a3a387571305a7230d394c0e0
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Thu Aug 4 16:21:39 2016 +0900

    g10: Fix checking key for signature validation.
    
    * g10/sig-check.c (signature_check2): Not only subkey, but also primary
    key should have flags.valid=1.
    
    --
    
    (backport of master
    commit 6f284e6ed63f514b15fe610f490ffcefc87a2164)
    
    Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>

diff --git a/g10/sig-check.c b/g10/sig-check.c
index fc5e1fa..7178d06 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -82,9 +82,9 @@ signature_check2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
       }
     else if( get_pubkey( pk, sig->keyid ) )
 	rc = G10ERR_NO_PUBKEY;
-    else if(!pk->is_valid && !pk->is_primary)
+    else if(!pk->is_valid)
         rc=G10ERR_BAD_PUBKEY; /* you cannot have a good sig from an
-				 invalid subkey */
+				 invalid key */
     else
       {
         if(r_expiredate)

-----------------------------------------------------------------------

Summary of changes:
 g10/sig-check.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org