diff options
| author | David Shaw <[email protected]> | 2005-10-27 16:23:59 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2005-10-27 16:23:59 +0000 |
| commit | b3ea683ac97d0f60ce4a17f1cf18ca11a95b4b2a (patch) | |
| tree | 0f4d983fb6a6b84fb5eed6f5a3c469e57f3b4433 | |
| parent | cygwin fixes (diff) | |
| download | gnupg-b3ea683ac97d0f60ce4a17f1cf18ca11a95b4b2a.tar.gz gnupg-b3ea683ac97d0f60ce4a17f1cf18ca11a95b4b2a.zip | |
* keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix problem with
adding a cert-only designated revoker. Code was looking for a key with
sign ability, and not cert ability. Noted by Timo Schulz.
Diffstat (limited to '')
| -rw-r--r-- | g10/ChangeLog | 7 | ||||
| -rw-r--r-- | g10/getkey.c | 2 | ||||
| -rw-r--r-- | g10/keyedit.c | 8 |
3 files changed, 13 insertions, 4 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index db07564d2..8dd57c7f6 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,10 @@ +2005-10-27 David Shaw <[email protected]> + + * keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix + problem with adding a cert-only designated revoker. Code was + looking for a key with sign ability, and not cert ability. Noted + by Timo Schulz. + 2005-10-27 Werner Koch <[email protected]> * gpg.c [__CYGWIN__]: Set default driver to winscard.dll. diff --git a/g10/getkey.c b/g10/getkey.c index 2dde1bb51..35e74f1d5 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -2345,7 +2345,7 @@ finish_lookup (GETKEY_CTX ctx) KBNODE k; KBNODE foundk = NULL; PKT_user_id *foundu = NULL; -#define USAGE_MASK (PUBKEY_USAGE_SIG|PUBKEY_USAGE_ENC) +#define USAGE_MASK (PUBKEY_USAGE_SIG|PUBKEY_USAGE_ENC|PUBKEY_USAGE_CERT) unsigned int req_usage = ( ctx->req_usage & USAGE_MASK ); /* Request the primary if we're certifying another key, and also if signing data while --pgp6 or --pgp7 is on since pgp 6 and 7 diff --git a/g10/keyedit.c b/g10/keyedit.c index 55fc685c0..1e07b1d41 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -3380,9 +3380,11 @@ menu_addrevoker( KBNODE pub_keyblock, KBNODE sec_keyblock, int sensitive ) goto fail; } - /* Note that I'm requesting SIG here and not CERT. We're making - a certification, but it is okay to be a subkey. */ - revoker_pk->req_usage=PUBKEY_USAGE_SIG; + /* Note that I'm requesting CERT here, which usually implies + primary keys only, but some casual testing shows that PGP and + GnuPG both can handle a designated revokation from a + subkey. */ + revoker_pk->req_usage=PUBKEY_USAGE_CERT; rc=get_pubkey_byname(revoker_pk,answer,NULL,NULL,1); if(rc) { |