diff options
| author | David Shaw <[email protected]> | 2003-12-30 00:46:42 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2003-12-30 00:46:42 +0000 |
| commit | d537d547cef144014f46aa050b5e3b911c48cf93 (patch) | |
| tree | 85f447f01b82038836c25b79e0a2546876b53556 /g10/sig-check.c | |
| parent | * gpgkeys_hkp.c (send_key, get_key, main): Work with new HTTP code that (diff) | |
| download | gnupg-d537d547cef144014f46aa050b5e3b911c48cf93.tar.gz gnupg-d537d547cef144014f46aa050b5e3b911c48cf93.zip | |
* misc.c (pull_in_libs): Dead code. Removed.
* sig-check.c (check_revocation_keys): Comments.
* getkey.c (merge_selfsigs_main): Don't bother to check designated revoker
sigs if the key is already revoked.
* packet.h, getkey.c (merge_selfsigs_main): New "maybe_revoked" flag on
PKs. It is set when there is a revocation signature from a valid
revocation key, but the revocation key is not present to verify the
signature.
* pkclist.c (check_signatures_trust): Use it here to give a warning when
showing key trust.
* compress-bz2.c: Include stdio.h. Solaris 9 has a very old bzip2 library
and we can at least guarantee that it won't fail because of the lack of
stdio.h.
* tdbio.c: Fixed format string bugs related to the use of DB_NAME.
Reported by Florian Weimer.
Diffstat (limited to 'g10/sig-check.c')
| -rw-r--r-- | g10/sig-check.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/g10/sig-check.c b/g10/sig-check.c index 3270c682b..4aeaaee38 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -320,20 +320,22 @@ cache_sig_result ( PKT_signature *sig, int result ) } } - /* Check the revocation keys to see if any of them have revoked our pk. sig is the revocation sig. pk is the key it is on. This code will need to be modified if gpg ever becomes multi-threaded. Note that this guarantees that a designated revocation sig will never be considered valid unless it is actually valid, as well as being - issued by a revocation key in a valid direct signature. Note that - this is written so that a revoked revoker can still issue + issued by a revocation key in a valid direct signature. Note also + that this is written so that a revoked revoker can still issue revocations: i.e. If A revokes B, but A is revoked, B is still revoked. I'm not completely convinced this is the proper behavior, but it matches how PGP does it. -dms */ /* Returns 0 if sig is valid (i.e. pk is revoked), non-0 if not - revoked */ + revoked. It is important that G10ERR_NO_PUBKEY is only returned + when a revocation signature is from a valid revocation key + designated in a revkey subpacket, but the revocation key itself + isn't present. */ int check_revocation_keys(PKT_public_key *pk,PKT_signature *sig) { @@ -345,9 +347,9 @@ check_revocation_keys(PKT_public_key *pk,PKT_signature *sig) if(busy) { - /* return -1 (i.e. not revoked), but mark the pk as uncacheable - as we don't really know its revocation status until it is - checked directly. */ + /* return an error (i.e. not revoked), but mark the pk as + uncacheable as we don't really know its revocation status + until it is checked directly. */ pk->dont_cache=1; return rc; |