diff options
| author | Werner Koch <[email protected]> | 2009-12-17 17:56:17 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2009-12-17 17:56:17 +0000 |
| commit | 18392e8d61289ee5cd5c178fa4565876a9c47f6d (patch) | |
| tree | 9f2960451cf051ca66d0b39d70680eff92e2af54 | |
| parent | minor changes for VMS (diff) | |
| download | gnupg-18392e8d61289ee5cd5c178fa4565876a9c47f6d.tar.gz gnupg-18392e8d61289ee5cd5c178fa4565876a9c47f6d.zip | |
Fix bug#1059 (missing status line signature verification done with a
subkey while on the main key has expired).
| -rw-r--r-- | g10/ChangeLog | 5 | ||||
| -rw-r--r-- | g10/sig-check.c | 6 |
2 files changed, 10 insertions, 1 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index e08a6ddb2..6cad0870a 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,8 @@ +2009-12-17 Werner Koch <[email protected]> + + * sig-check.c (do_check_messages): Evaluate the HAS_EXPIRED flag. + Fixes bug#1059. + 2009-12-15 Werner Koch <[email protected]> * iso7816.c (do_generate_keypair): s/readonly/read_only/. diff --git a/g10/sig-check.c b/g10/sig-check.c index ee7955aa2..b4c353c59 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -209,7 +209,11 @@ do_check_messages( PKT_public_key *pk, PKT_signature *sig, return G10ERR_TIME_CONFLICT; } - if( pk->expiredate && pk->expiredate < cur_time ) { + /* Check whether the key has expired. We check the has_expired + flag which is set after a full evaluation of the key (getkey.c) + as well as a simple compare to the current time in case the + merge has for whatever reasons not been done. */ + if (pk->has_expired || (pk->expiredate && pk->expiredate < cur_time)) { char buf[11]; if (opt.verbose) log_info(_("NOTE: signature key %s expired %s\n"), |