diff options
| author | David Shaw <[email protected]> | 2005-06-12 20:42:04 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2005-06-12 20:42:04 +0000 |
| commit | 6e9b751b7906b9fc50fde4a87abbbf81f9080e11 (patch) | |
| tree | 4fa564e38fc8c617951bd8966555613d0c6f9549 | |
| parent | * options.h, import.c (parse_import_options, delete_inv_parts): (diff) | |
| download | gnupg-6e9b751b7906b9fc50fde4a87abbbf81f9080e11.tar.gz gnupg-6e9b751b7906b9fc50fde4a87abbbf81f9080e11.zip | |
* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey): Make sure
that even after keys may be merged together, we only have one chosen
selfsig.
Diffstat (limited to '')
| -rw-r--r-- | g10/ChangeLog | 6 | ||||
| -rw-r--r-- | g10/getkey.c | 19 |
2 files changed, 18 insertions, 7 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index 7e0fefdbd..c7fad87c5 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,9 @@ +2005-06-12 David Shaw <[email protected]> + + * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey): Make sure + that even after keys may be merged together, we only have one + chosen selfsig. + 2005-06-09 David Shaw <[email protected]> * options.h, import.c (parse_import_options, delete_inv_parts): diff --git a/g10/getkey.c b/g10/getkey.c index 84eb9aecf..5bd990765 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -1650,7 +1650,8 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) if ( check_key_signature( keyblock, k, NULL ) ) ; /* signature did not verify */ else if ( (IS_UID_SIG (sig) || IS_UID_REV (sig)) - && sig->timestamp >= sigdate ) { + && sig->timestamp >= sigdate ) + { /* Note: we allow to invalidate cert revocations * by a newer signature. An attacker can't use this * because a key should be revoced with a key revocation. @@ -1662,9 +1663,10 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) sigdate = sig->timestamp; signode = k; + signode->pkt->pkt.signature->flags.chosen_selfsig=0; if( sig->version > sigversion ) sigversion = sig->version; - } + } } } } @@ -1941,14 +1943,17 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode ) * figure out other information like the old expiration * time */ } - else if ( IS_SUBKEY_SIG (sig) && sig->timestamp >= sigdate ) { + else if ( IS_SUBKEY_SIG (sig) && sig->timestamp >= sigdate ) + { if(sig->flags.expired) - ; /* signature has expired - ignore it */ - else { + ; /* signature has expired - ignore it */ + else + { sigdate = sig->timestamp; signode = k; - } - } + signode->pkt->pkt.signature->flags.chosen_selfsig=0; + } + } } } } |