* main.h, keyedit.c, keygen.c: Back out previous (2002-12-01) change.

Minimal isn't always best.

* sign.c (update_keysig_packet): Use the current time rather then a
modification of the original signature time.  Make sure that this doesn't
cause a time warp.

* keygen.c (keygen_add_key_expire): Properly handle a key expiration date
in the past (use a duration of 0).

* keyedit.c (menu_expire): Use update_keysig_packet so any sig subpackets
are maintained during the update.

* build-packet.c (build_sig_subpkt): Mark sig expired or unexpired when
the sig expiration subpacket is added. (build_sig_subpkt_from_sig): Handle
making an expiration subpacket from a sig that has already expired (use a
duration of 0).

* packet.h, sign.c (update_keysig_packet), keyedit.c
(menu_set_primary_uid, menu_set_preferences): Add ability to issue 0x18
subkey binding sigs to update_keysig_packet and change all callers.

1 files changed, 14 insertions, 1 deletions

diff --git a/g10/build-packet.c b/g10/build-packet.c
index d0122b1b0..269cca304 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -763,6 +763,15 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
 	sig->trust_regexp=buffer;
 	break;
 
+	/* This should never happen since we don't currently allow
+	   creating such a subpacket, but just in case... */
+      case SIGSUBPKT_SIG_EXPIRE:
+	if(buffer_to_u32(buffer)+sig->timestamp<=make_timestamp())
+	  sig->flags.expired=1;
+	else
+	  sig->flags.expired=0;
+	break;
+
       default:
 	break;
       }
@@ -869,7 +878,11 @@ build_sig_subpkt_from_sig( PKT_signature *sig )
 
     if(sig->expiredate)
       {
-	u = sig->expiredate-sig->timestamp;
+	if(sig->expiredate>sig->timestamp)
+	  u=sig->expiredate-sig->timestamp;
+	else
+	  u=0;
+
 	buf[0] = (u >> 24) & 0xff;
 	buf[1] = (u >> 16) & 0xff;
 	buf[2] = (u >>  8) & 0xff;