diff options
| -rw-r--r-- | g10/ChangeLog | 5 | ||||
| -rw-r--r-- | g10/sig-check.c | 6 |
2 files changed, 10 insertions, 1 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index e08a6ddb2..6cad0870a 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,8 @@ +2009-12-17 Werner Koch <[email protected]> + + * sig-check.c (do_check_messages): Evaluate the HAS_EXPIRED flag. + Fixes bug#1059. + 2009-12-15 Werner Koch <[email protected]> * iso7816.c (do_generate_keypair): s/readonly/read_only/. diff --git a/g10/sig-check.c b/g10/sig-check.c index ee7955aa2..b4c353c59 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -209,7 +209,11 @@ do_check_messages( PKT_public_key *pk, PKT_signature *sig, return G10ERR_TIME_CONFLICT; } - if( pk->expiredate && pk->expiredate < cur_time ) { + /* Check whether the key has expired. We check the has_expired + flag which is set after a full evaluation of the key (getkey.c) + as well as a simple compare to the current time in case the + merge has for whatever reasons not been done. */ + if (pk->has_expired || (pk->expiredate && pk->expiredate < cur_time)) { char buf[11]; if (opt.verbose) log_info(_("NOTE: signature key %s expired %s\n"), |