From 23d8609f4b5ec3432323a676fd7ef225c0ef71a1 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 29 Jul 2015 16:10:54 +0200 Subject: [PATCH] gpg: Do not return "Legacy Key" from lookup if a key is expired. * g10/getkey.c (lookup): Map GPG_ERR_LEGACY_KEY. -- If an expired key is directly followed by a legacy key in the keyring, the lookup function incorrectly returned "legacy key" instead of "unusable key". We fix it by handling not found identical to a legacy key if the last finish lookup failed. Signed-off-by: Werner Koch --- g10/getkey.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/g10/getkey.c b/g10/getkey.c index 5f118ea7d..14b912a4b 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -2633,7 +2633,8 @@ found: *ret_keyblock = ctx->keyblock; /* Return the keyblock. */ ctx->keyblock = NULL; } - else if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND && no_suitable_key) + else if ((gpg_err_code (rc) == GPG_ERR_NOT_FOUND + || gpg_err_code (rc) == GPG_ERR_LEGACY_KEY) && no_suitable_key) rc = want_secret? GPG_ERR_UNUSABLE_SECKEY : GPG_ERR_UNUSABLE_PUBKEY; else if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND) rc = want_secret? GPG_ERR_NO_SECKEY : GPG_ERR_NO_PUBKEY;