* sig-check.c (check_key_signature2): Comments.

* keyring.c (keyring_rebuild_cache): Clear sig cache for any signatures that we can no longer process (say, if the user removed support for a necessary pubkey or digest algorithm).
author: David Shaw <[email protected]> 2004-01-19 22:46:55 +0000
committer: David Shaw <[email protected]> 2004-01-19 22:46:55 +0000
commit: 9915f6ed78296b9532eb1128a52d802b69869200 (patch)
tree: fc3fc1d5f25a7c0da695e275cb9e166bde726684 /g10/sig-check.c
parent: * misc.c (print_cipher_algo_note): May as well call Rijndael AES (diff)
download: gnupg-9915f6ed78296b9532eb1128a52d802b69869200.tar.gz
gnupg-9915f6ed78296b9532eb1128a52d802b69869200.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/g10/sig-check.c b/g10/sig-check.c
index 4aeaaee38..606035d29 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -428,7 +428,10 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
     sig = node->pkt->pkt.signature;
     algo = sig->digest_algo;
 
-    /* check whether we have cached the result of a previous signature check.*/
+    /* Check whether we have cached the result of a previous signature
+       check.  Note that we may no longer have the pubkey or hash
+       needed to verify a sig, but can still use the cached value.  A
+       cache refresh detects and clears these cases. */
     if ( !opt.no_sig_cache ) {
         if (sig->flags.checked) { /*cached status available*/
 	    if( is_selfsig ) {
author	David Shaw <[email protected]>	2004-01-19 22:46:55 +0000
committer	David Shaw <[email protected]>	2004-01-19 22:46:55 +0000
commit	9915f6ed78296b9532eb1128a52d802b69869200 (patch)
tree	fc3fc1d5f25a7c0da695e275cb9e166bde726684 /g10/sig-check.c
parent	* misc.c (print_cipher_algo_note): May as well call Rijndael AES (diff)
download	gnupg-9915f6ed78296b9532eb1128a52d802b69869200.tar.gz gnupg-9915f6ed78296b9532eb1128a52d802b69869200.zip