* getkey.c (merge_selfsigs_subkey), sig-check.c (signature_check2),

keygen.c (make_backsig): Did some backsig interop testing with the PGP
folks.  All is well, so I'm turning generation of backsigs on for new
keys.  Checking for backsigs on verification is still off.

1 files changed, 6 insertions, 14 deletions

diff --git a/g10/keygen.c b/g10/keygen.c
index 3bf5af48b..72df993c0 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -712,25 +712,17 @@ keygen_add_revkey(PKT_signature *sig, void *opaque)
 }
 
 static int
-make_backsig(PKT_signature *sig, PKT_public_key *pk,
- 	     PKT_public_key *sub_pk, PKT_secret_key *sub_sk)
+make_backsig(PKT_signature *sig,PKT_public_key *pk,
+ 	     PKT_public_key *sub_pk,PKT_secret_key *sub_sk)
 {
   PKT_signature *backsig;
   int rc;
 
-#ifndef DO_BACKSIGS
-  /* This is not enabled yet, as I want to get a bit closer to RFC day
-     before enabling this.  I've been burned before :) */
+  cache_public_key(sub_pk);
 
-  return 0;
-#endif
-
-  cache_public_key (sub_pk);
-
-  rc=make_keysig_packet(&backsig,pk,NULL,sub_pk,sub_sk, 0x19, 0, 0, 0, 0,
- 			NULL,NULL);
-  if( rc )
-    log_error("make_keysig_packet failed for backsig: %s\n", g10_errstr(rc) );
+  rc=make_keysig_packet(&backsig,pk,NULL,sub_pk,sub_sk,0x19,0,0,0,0,NULL,NULL);
+  if(rc)
+    log_error("make_keysig_packet failed for backsig: %s\n",g10_errstr(rc));
   else
     {
       /* get it into a binary packed form. */