From d98bf02a036321c8450cc836dea39671da5cfa83 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Fri, 20 Jan 2023 11:02:02 +0100
Subject: gpg: Replace --override-compliance-check by a real fix.

* common/compliance.c (gnupg_pk_is_allowed): Handle EdDSA.
* g10/gpg.c (oOverrideComplianceCheck): Remove.
(opts): Turn --override-compliance-check into a dummy option.
* g10/options.h (opt): Remove override_compliance_check.
* g10/sig-check.c (check_key_verify_compliance): Remove use of that
option.
--

The introduction of --override-compliance-check actually hid the real
cause for the signature verification problem in de-vs mode for the
Ed25519 key.  The real fix is to handle the EdDSA algorithm in
gnupg_pk_is_allowed.

Fixes-commit: fb26e144adfd93051501d58f5d0d4f8826ddf436
GnuPG-bug-id: 5655
---
 g10/options.h | 1 -
 1 file changed, 1 deletion(-)

(limited to 'g10/options.h')

diff --git a/g10/options.h b/g10/options.h
index fa649f8ca..74a6cdb16 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -245,7 +245,6 @@ struct
     unsigned int allow_old_cipher_algos:1;
     unsigned int allow_weak_digest_algos:1;
     unsigned int allow_weak_key_signatures:1;
-    unsigned int override_compliance_check:1;
     unsigned int large_rsa:1;
     unsigned int disable_signer_uid:1;
     unsigned int include_key_block:1;
-- 
cgit v1.2.3