diff options
| author | Werner Koch <[email protected]> | 2019-03-26 12:31:06 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2019-03-26 12:35:18 +0000 |
| commit | 30972d21824264aef2088d30b4f2e5ce3aca889e (patch) | |
| tree | 6b30367a203b6c77869511bec2de254538c63e9f | |
| parent | agent: Allow other ssh fingerprint algos in KEYINFO. (diff) | |
| download | gnupg-30972d21824264aef2088d30b4f2e5ce3aca889e.tar.gz gnupg-30972d21824264aef2088d30b4f2e5ce3aca889e.zip | |
sm: Allow decryption even if expired other keys are configured.
* sm/gpgsm.c (main): Add special handling for bad keys in decrypt
mode.
--
The problem can easily be tested by adding --encrypt-to EXPIRED_KEY to
a decryption command. With that patch the errors are printed but
decryption continues and the process returns success unless other
errors occur.
GnuPG-bug-id: 4431
Signed-off-by: Werner Koch <[email protected]>
| -rw-r--r-- | sm/gpgsm.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/sm/gpgsm.c b/sm/gpgsm.c index c01d19e5a..a01a7c873 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -1736,6 +1736,8 @@ main ( int argc, char **argv) if (!do_not_setup_keys) { + int errcount = log_get_errorcount (0); + for (sl = locusr; sl ; sl = sl->next) { int rc = gpgsm_add_to_certlist (&ctrl, sl->d, 1, &signerlist, 0); @@ -1764,6 +1766,15 @@ main ( int argc, char **argv) if ((sl->flags & 1)) do_add_recipient (&ctrl, sl->d, &recplist, 1, recp_required); } + + /* We do not require a recipient for decryption but because + * recipients and signers are always checked and log_error is + * sometimes used (for failed signing keys or due to a failed + * CRL checking) that would have bumbed up the error counter. + * We clear the counter in the decryption case because there is + * no reason to force decryption to fail. */ + if (cmd == aDecrypt && !errcount) + log_get_errorcount (1); /* clear counter */ } if (log_get_errorcount(0)) |