diff options
| author | Werner Koch <[email protected]> | 2009-12-17 17:55:43 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2009-12-17 17:55:43 +0000 |
| commit | ad27e8f41bc4c5e5b79e5fc8327aba38e126b8d0 (patch) | |
| tree | 0dae435e1e42353255959b7fc3113d044c8b32aa | |
| parent | Implement --faked-systrem-time for gpg. (diff) | |
| download | gnupg-ad27e8f41bc4c5e5b79e5fc8327aba38e126b8d0.tar.gz gnupg-ad27e8f41bc4c5e5b79e5fc8327aba38e126b8d0.zip | |
Fix bug#1059 (missing status line signature verification done with a
subkey while on the main key has expired).
Diffstat (limited to '')
| -rw-r--r-- | g10/ChangeLog | 3 | ||||
| -rw-r--r-- | g10/sig-check.c | 6 |
2 files changed, 8 insertions, 1 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index e0db8d0c2..38d6eeed6 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,5 +1,8 @@ 2009-12-17 Werner Koch <[email protected]> + * sig-check.c (do_check_messages): Evaluate the HAS_EXPIRED flag. + Fixes bug#1059. + * gpg.c: Add new option --faked-system-time. 2009-12-15 Werner Koch <[email protected]> diff --git a/g10/sig-check.c b/g10/sig-check.c index c415703f7..1feac3862 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -229,7 +229,11 @@ do_check_messages( PKT_public_key *pk, PKT_signature *sig, return G10ERR_TIME_CONFLICT; } - if( pk->expiredate && pk->expiredate < cur_time ) { + /* Check whether the key has expired. We check the has_expired + flag which is set after a full evaluation of the key (getkey.c) + as well as a simple compare to the current time in case the + merge has for whatever reasons not been done. */ + if( pk->has_expired || (pk->expiredate && pk->expiredate < cur_time)) { char buf[11]; if (opt.verbose) log_info(_("NOTE: signature key %s expired %s\n"), |