diff options
| author | Werner Koch <[email protected]> | 2023-09-06 10:09:55 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2023-09-06 10:12:47 +0000 |
| commit | a02f3cc4e870bee97dfa54ba665d3db2721cdeb7 (patch) | |
| tree | 7f4d834df342e6cf85182b260796e3bdc310eca2 | |
| parent | dirmngr: Allow conf files to disable default keyservers. (diff) | |
| download | gnupg-a02f3cc4e870bee97dfa54ba665d3db2721cdeb7.tar.gz gnupg-a02f3cc4e870bee97dfa54ba665d3db2721cdeb7.zip | |
gpg: Fix validity of re-imported keys.
* g10/trustdb.c (tdb_clear_ownertrusts): Detect stale validity
records.
--
GnuPG-bug-id: 6399
This problem was introduced by an actually very useful patch
2002-12-13 David Shaw <[email protected]>
[...]
* import.c (import_keys_internal): Used here so we don't rebuild
the trustdb if it is still clean.
(import_one, chk_self_sigs): Only mark trustdb dirty if the key
that is being imported has any sigs other than self-sigs.
Suggested by Adrian von Bidder.
[the last part]
The bug exhibited itself only after signing a key, deleting that key
and then re-importing the original non-signed key.
| -rw-r--r-- | g10/trustdb.c | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/g10/trustdb.c b/g10/trustdb.c index 051a534f9..e846abe82 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -730,7 +730,7 @@ tdb_check_or_update (ctrl_t ctrl) if (opt.interactive) update_trustdb (ctrl); else if (!opt.no_auto_check_trustdb) - check_trustdb (ctrl); + check_trustdb (ctrl); } } @@ -983,6 +983,7 @@ update_min_ownertrust (ctrl_t ctrl, u32 *kid, unsigned int new_trust) /* * Clear the ownertrust and min_ownertrust values. + * Also schedule a revalidation if a stale validity record exists. * * Return: True if a change actually happened. */ @@ -1016,6 +1017,26 @@ tdb_clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk) do_sync (); return 1; } + else + { + /* Check whether we have a stale RECTYPE_VALID for that key + * and if its validity ist set, schedule a revalidation. */ + ulong recno = rec.r.trust.validlist; + while (recno) + { + read_record (recno, &rec, RECTYPE_VALID); + if (rec.r.valid.validity) + break; + recno = rec.r.valid.next; + } + if (recno) + { + if (DBG_TRUST) + log_debug ("stale validity value detected" + " - scheduling check\n"); + tdb_revalidation_mark (ctrl); + } + } } else if (gpg_err_code (err) != GPG_ERR_NOT_FOUND) { |