diff options
| author | Werner Koch <[email protected]> | 2015-08-31 22:07:24 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2015-09-01 05:37:12 +0000 |
| commit | f9c83d84e7d33df76898975f5ac852efa9c4882a (patch) | |
| tree | 5245f4744fff3edbbcbc8494db9a780a973f5de0 /g10 | |
| parent | common: Assume an utf-8 locale on iconv errors. (diff) | |
| download | gnupg-f9c83d84e7d33df76898975f5ac852efa9c4882a.tar.gz gnupg-f9c83d84e7d33df76898975f5ac852efa9c4882a.zip | |
gpg: Remove option --no-sig-create-check.
* g10/gpg.c (opts): Remove --no-sig-create-check.
* g10/options.h (struct opt): Remove field no_sig_create_check.
* g10/sign.c (do_sign): Always check unless it is RSA and we are using
Libgcrypt 1.7.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/gpg.c | 3 | ||||
| -rw-r--r-- | g10/options.h | 1 | ||||
| -rw-r--r-- | g10/sign.c | 9 |
3 files changed, 7 insertions, 6 deletions
@@ -337,7 +337,6 @@ enum cmd_and_opt_values oFixedListMode, oLegacyListMode, oNoSigCache, - oNoSigCreateCheck, oAutoCheckTrustDB, oNoAutoCheckTrustDB, oPreservePermissions, @@ -727,7 +726,6 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oAutoKeyRetrieve, "auto-key-retrieve", "@"), ARGPARSE_s_n (oNoAutoKeyRetrieve, "no-auto-key-retrieve", "@"), ARGPARSE_s_n (oNoSigCache, "no-sig-cache", "@"), - ARGPARSE_s_n (oNoSigCreateCheck, "no-sig-create-check", "@"), ARGPARSE_s_n (oMergeOnly, "merge-only", "@" ), ARGPARSE_s_n (oAllowSecretKeyImport, "allow-secret-key-import", "@"), ARGPARSE_s_n (oTryAllSecrets, "try-all-secrets", "@"), @@ -2990,7 +2988,6 @@ main (int argc, char **argv) } break; case oNoSigCache: opt.no_sig_cache = 1; break; - case oNoSigCreateCheck: opt.no_sig_create_check = 1; break; case oAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid = 1; break; case oNoAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid=0; break; case oAllowFreeformUID: opt.allow_freeform_uid = 1; break; diff --git a/g10/options.h b/g10/options.h index 465c5b215..fd2f4a2f6 100644 --- a/g10/options.h +++ b/g10/options.h @@ -191,7 +191,6 @@ struct int try_all_secrets; int no_expensive_trust_checks; int no_sig_cache; - int no_sig_create_check; int no_auto_check_trustdb; int preserve_permissions; int no_homedir_creation; diff --git a/g10/sign.c b/g10/sign.c index afc117e7d..7a8d6978e 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -294,8 +294,13 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig, /* Check that the signature verification worked and nothing is * fooling us e.g. by a bug in the signature create code or by - * deliberately introduced faults. */ - if (!err && !opt.no_sig_create_check) + * deliberately introduced faults. Because Libgcrypt 1.7 does this + * for RSA internally there is no need to do it here again. */ + if (!err +#if GCRYPT_VERSION_NUMBER >= 0x010700 /* Libgcrypt >= 1.7 */ + && !is_RSA (pksk->pubkey_algo) +#endif /* Libgcrypt >= 1.7 */ + ) { PKT_public_key *pk = xmalloc_clear (sizeof *pk); |