gpg: Replace --override-compliance-check by a real fix.

* common/compliance.c (gnupg_pk_is_allowed): Handle EdDSA. * g10/gpg.c (oOverrideComplianceCheck): Remove. (opts): Turn --override-compliance-check into a dummy option. * g10/options.h (opt): Remove override_compliance_check. * g10/sig-check.c (check_key_verify_compliance): Remove use of that option. -- The introduction of --override-compliance-check actually hid the real cause for the signature verification problem in de-vs mode for the Ed25519 key. The real fix is to handle the EdDSA algorithm in gnupg_pk_is_allowed. Fixes-commit: fb26e144adfd93051501d58f5d0d4f8826ddf436 GnuPG-bug-id: 5655
author: Werner Koch <[email protected]> 2023-01-20 10:02:02 +0000
committer: Werner Koch <[email protected]> 2023-01-20 10:03:40 +0000
commit: d98bf02a036321c8450cc836dea39671da5cfa83 (patch)
tree: c35eddad9c21b8b28148a7716c0b0575713fa54a /g10/gpg.c
parent: gpg: Do not require --status-fd along with --require-compliance. (diff)
download: gnupg-d98bf02a036321c8450cc836dea39671da5cfa83.tar.gz
gnupg-d98bf02a036321c8450cc836dea39671da5cfa83.zip
1 files changed, 1 insertions, 15 deletions
diff --git a/g10/gpg.c b/g10/gpg.c
index de40d3828..dd0bf0167 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -360,7 +360,6 @@ enum cmd_and_opt_values
     oShowSessionKey,
     oOverrideSessionKey,
     oOverrideSessionKeyFD,
-    oOverrideComplianceCheck,
     oNoRandomSeedFile,
     oAutoKeyRetrieve,
     oNoAutoKeyRetrieve,
@@ -878,7 +877,6 @@ static gpgrt_opt_t opts[] = {
   ARGPARSE_s_s (oCipherAlgo, "cipher-algo", "@"),
   ARGPARSE_s_s (oDigestAlgo, "digest-algo", "@"),
   ARGPARSE_s_s (oCertDigestAlgo, "cert-digest-algo", "@"),
-  ARGPARSE_s_n (oOverrideComplianceCheck, "override-compliance-check", "@"),
 
 
   ARGPARSE_header (NULL, N_("Options for unattended use")),
@@ -972,6 +970,7 @@ static gpgrt_opt_t opts[] = {
   ARGPARSE_s_s (oNoop, "aead-algo", "@"),
   ARGPARSE_s_s (oNoop, "personal-aead-preferences","@"),
   ARGPARSE_s_n (oNoop, "rfc4880bis", "@"),
+  ARGPARSE_s_n (oNoop, "override-compliance-check", "@"),
 
 
   ARGPARSE_group (302, N_(
@@ -3666,10 +3665,6 @@ main (int argc, char **argv)
             opt.flags.allow_old_cipher_algos = 1;
             break;
 
-          case oOverrideComplianceCheck:
-            opt.flags.override_compliance_check = 1;
-            break;
-
           case oFakedSystemTime:
             {
               size_t len = strlen (pargs.r.ret_str);
@@ -3879,15 +3874,6 @@ main (int argc, char **argv)
 	g10_exit(2);
       }
 
-    /* We allow overriding the compliance check only in non-batch mode
-     * so that the user has a chance to see the message.  */
-    if (opt.flags.override_compliance_check && opt.batch)
-      {
-        opt.flags.override_compliance_check = 0;
-        log_info ("Note: '%s' ignored due to batch mode\n",
-                  "--override-compliance-check");
-      }
-
     set_debug (debug_level);
     if (opt.verbose) /* Print the compatibility flags.  */
       parse_compatibility_flags (NULL, &opt.compat_flags, compatibility_flags);
author	Werner Koch <[email protected]>	2023-01-20 10:02:02 +0000
committer	Werner Koch <[email protected]>	2023-01-20 10:03:40 +0000
commit	d98bf02a036321c8450cc836dea39671da5cfa83 (patch)
tree	c35eddad9c21b8b28148a7716c0b0575713fa54a /g10/gpg.c
parent	gpg: Do not require --status-fd along with --require-compliance. (diff)
download	gnupg-d98bf02a036321c8450cc836dea39671da5cfa83.tar.gz gnupg-d98bf02a036321c8450cc836dea39671da5cfa83.zip