3 files changed, 42 insertions, 8 deletions

diff --git a/src/gpgme.h.in b/src/gpgme.h.in
index d68372cc..dc2f1433 100644
--- a/src/gpgme.h.in
+++ b/src/gpgme.h.in
@@ -549,7 +549,8 @@ typedef enum
     GPGME_STATUS_KEY_CONSIDERED = 94,
     GPGME_STATUS_TOFU_USER = 95,
     GPGME_STATUS_TOFU_STATS = 96,
-    GPGME_STATUS_TOFU_STATS_LONG = 97
+    GPGME_STATUS_TOFU_STATS_LONG = 97,
+    GPGME_STATUS_NOTATION_FLAGS = 98
   }
 gpgme_status_code_t;
 
diff --git a/src/status-table.c b/src/status-table.c
index 5850a361..1318c8ed 100644
--- a/src/status-table.c
+++ b/src/status-table.c
@@ -102,6 +102,7 @@ static struct status_table_s status_table[] =
   { "NO_SGNR", GPGME_STATUS_NO_SGNR },
   { "NODATA", GPGME_STATUS_NODATA },
   { "NOTATION_DATA", GPGME_STATUS_NOTATION_DATA },
+  { "NOTATION_FLAGS", GPGME_STATUS_NOTATION_FLAGS },
   { "NOTATION_NAME", GPGME_STATUS_NOTATION_NAME },
   { "PINENTRY_LAUNCHED", GPGME_STATUS_PINENTRY_LAUNCHED},
   { "PKA_TRUST_BAD", GPGME_STATUS_PKA_TRUST_BAD },
diff --git a/src/verify.c b/src/verify.c
index e6c9665f..1ec09fe8 100644
--- a/src/verify.c
+++ b/src/verify.c
@@ -504,13 +504,14 @@ parse_notation (gpgme_signature_t sig, gpgme_status_code_t code, char *args)
   gpgme_error_t err;
   gpgme_sig_notation_t *lastp = &sig->notations;
   gpgme_sig_notation_t notation = sig->notations;
-  char *end = strchr (args, ' ');
-
-  if (end)
-    *end = '\0';
+  char *p;
 
   if (code == GPGME_STATUS_NOTATION_NAME || code == GPGME_STATUS_POLICY_URL)
     {
+      p = strchr (args, ' ');
+      if (p)
+        *p = '\0';
+
       /* FIXME: We could keep a pointer to the last notation in the list.  */
       while (notation && notation->value)
 	{
@@ -538,9 +539,8 @@ parse_notation (gpgme_signature_t sig, gpgme_status_code_t code, char *args)
 
 	  notation->name_len = strlen (notation->name);
 
-	  /* FIXME: For now we fake the human-readable flag.  The
-	     critical flag can not be reported as it is not
-	     provided.  */
+	  /* Set default flags for use with older gpg versions which
+           * do not emit a NOTATIONS_FLAG line.  */
 	  notation->flags = GPGME_SIG_NOTATION_HUMAN_READABLE;
 	  notation->human_readable = 1;
 	}
@@ -559,6 +559,37 @@ parse_notation (gpgme_signature_t sig, gpgme_status_code_t code, char *args)
 	}
       *lastp = notation;
     }
+  else if (code == GPGME_STATUS_NOTATION_FLAGS)
+    {
+      char *field[2];
+
+      while (notation && notation->next)
+	{
+	  lastp = &notation->next;
+	  notation = notation->next;
+	}
+
+      if (!notation || !notation->name)
+        { /* There are notation flags without a previous notation name.
+           * The crypto backend misbehaves.  */
+          return trace_gpg_error (GPG_ERR_INV_ENGINE);
+        }
+      if (_gpgme_split_fields (args, field, DIM (field)) < 2)
+        { /* Required args missing.  */
+          return trace_gpg_error (GPG_ERR_INV_ENGINE);
+        }
+      notation->flags = 0;
+      if (atoi (field[0]))
+        {
+          notation->flags |= GPGME_SIG_NOTATION_CRITICAL;
+          notation->critical = 1;
+        }
+      if (atoi (field[1]))
+        {
+          notation->flags |= GPGME_SIG_NOTATION_HUMAN_READABLE;
+          notation->human_readable = 1;
+        }
+    }
   else if (code == GPGME_STATUS_NOTATION_DATA)
     {
       int len = strlen (args) + 1;
@@ -918,6 +949,7 @@ _gpgme_verify_status_handler (void *priv, gpgme_status_code_t code, char *args)
       break;
 
     case GPGME_STATUS_NOTATION_NAME:
+    case GPGME_STATUS_NOTATION_FLAGS:
     case GPGME_STATUS_NOTATION_DATA:
     case GPGME_STATUS_POLICY_URL:
       opd->only_newsig_seen = 0;