diff options
| author | David Shaw <[email protected]> | 2002-12-29 15:58:44 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2002-12-29 15:58:44 +0000 |
| commit | 0bb73ee428a257f4acc35c1087ae871cee8437b8 (patch) | |
| tree | 5d0a20833e404ee84e56b19d5fa83b07b8fa732f /g10/getkey.c | |
| parent | * keyserver.c (keyserver_refresh): Don't print the "refreshing..." line if (diff) | |
| download | gnupg-0bb73ee428a257f4acc35c1087ae871cee8437b8.tar.gz gnupg-0bb73ee428a257f4acc35c1087ae871cee8437b8.zip | |
* getkey.c (merge_selfsigs_main), main.h, sig-check.c
(check_key_signature2): Pass the ultimately trusted pk directly to
check_key_signature2 to avoid going through the key selection mechanism.
This prevents a deadly embrace when two keys without selfsigs each sign
the other.
Diffstat (limited to 'g10/getkey.c')
| -rw-r--r-- | g10/getkey.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/g10/getkey.c b/g10/getkey.c index abc8b2715..0e41f2d7c 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -1571,6 +1571,8 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked ) else if ( k->pkt->pkttype == PKT_SIGNATURE && uidnode ) { PKT_signature *sig = k->pkt->pkt.signature; + u32 dummy; + int dum2; if(sig->keyid[0] != kid[0] || sig->keyid[1]!=kid[1]) { @@ -1584,9 +1586,10 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked ) trusted key is still valid - if it has been revoked or the user should also renmove the ultimate trust flag. */ - if(get_pubkey_fast(ultimate_pk,sig->keyid)==0 && - check_key_signature(keyblock,k,NULL)==0 && - get_ownertrust(ultimate_pk)==TRUST_ULTIMATE) + if(get_pubkey_fast(ultimate_pk,sig->keyid)==0 + && check_key_signature2(keyblock,k,ultimate_pk, + NULL,&dummy,&dum2)==0 + && get_ownertrust(ultimate_pk)==TRUST_ULTIMATE) { free_public_key(ultimate_pk); pk->is_valid=1; |