[git] GnuPG - branch, STABLE-BRANCH-1-4, updated. gnupg-1.4.20-16-gf474b16

[by NIIBE Yutaka]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, STABLE-BRANCH-1-4 has been updated
       via  f474b161f6c8c7a3dc0fb90d25ffceacba1ff117 (commit)
      from  0f6bda4ccd2091e386e78c369131388ae5ebc002 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit f474b161f6c8c7a3dc0fb90d25ffceacba1ff117
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Thu Aug 4 16:21:39 2016 +0900

    g10: Fix checking key for signature validation.
    
    * g10/sig-check.c (signature_check2): Not only subkey, but also primary
    key should have flags.valid=1.
    
    --
    
    (backport of master
    commit 6f284e6ed63f514b15fe610f490ffcefc87a2164)
    
    Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>

diff --git a/g10/sig-check.c b/g10/sig-check.c
index 6bac630..8dd0373 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -76,9 +76,9 @@ signature_check2( PKT_signature *sig, MD_HANDLE digest, u32 *r_expiredate,
       }
     else if( get_pubkey( pk, sig->keyid ) )
 	rc = G10ERR_NO_PUBKEY;
-    else if(!pk->is_valid && !pk->is_primary)
+    else if(!pk->is_valid)
         rc=G10ERR_BAD_PUBKEY; /* you cannot have a good sig from an
-				 invalid subkey */
+				 invalid key */
     else
       {
         if(r_expiredate)

-----------------------------------------------------------------------

Summary of changes:
 g10/sig-check.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org