mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-02 22:46:30 +02:00
* main.h, keyedit.c, keygen.c: Back out previous (2002-12-01) change.
Minimal isn't always best. * sign.c (update_keysig_packet): Use the current time rather then a modification of the original signature time. Make sure that this doesn't cause a time warp. * keygen.c (keygen_add_key_expire): Properly handle a key expiration date in the past (use a duration of 0). * keyedit.c (menu_expire): Use update_keysig_packet so any sig subpackets are maintained during the update. * build-packet.c (build_sig_subpkt): Mark sig expired or unexpired when the sig expiration subpacket is added. (build_sig_subpkt_from_sig): Handle making an expiration subpacket from a sig that has already expired (use a duration of 0).
This commit is contained in:
David Shaw
parent
6d30580362
commit
2d6a766433
6 changed files with 89 additions and 70 deletions
40
g10/sign.c
40
g10/sign.c
|
|
@ -1268,23 +1268,43 @@ update_keysig_packet( PKT_signature **ret_sig,
|
|||
|
||||
/* hash the public key certificate and the user id */
|
||||
hash_public_key( md, pk );
|
||||
hash_uid (md, orig_sig->version, uid);
|
||||
|
||||
if( orig_sig->sig_class == 0x18 )
|
||||
hash_public_key( md, subpk );
|
||||
else
|
||||
hash_uid (md, orig_sig->version, uid);
|
||||
|
||||
/* create a new signature packet */
|
||||
sig = copy_signature (NULL, orig_sig);
|
||||
if ( sig->version >= 4 && mksubpkt)
|
||||
rc = (*mksubpkt)(sig, opaque);
|
||||
|
||||
/* we increase the timestamp by one second so that a future import
|
||||
of this key will replace the existing one. We also make sure that
|
||||
we don't create a timestamp in the future */
|
||||
sig->timestamp++;
|
||||
while (sig->timestamp >= make_timestamp())
|
||||
sleep (1);
|
||||
/* put the updated timestamp back into the data */
|
||||
/* We need to create a new timestamp so that new sig expiration
|
||||
calculations are done correctly... */
|
||||
sig->timestamp=make_timestamp();
|
||||
|
||||
/* ... but we won't make a timestamp earlier than the existing
|
||||
one. */
|
||||
while(sig->timestamp<=orig_sig->timestamp)
|
||||
{
|
||||
sleep(1);
|
||||
sig->timestamp=make_timestamp();
|
||||
}
|
||||
|
||||
/* Note that already expired sigs will remain expired (with a
|
||||
duration of 0) since build-packet.c:build_sig_subpkt_from_sig
|
||||
detects this case. */
|
||||
|
||||
if( sig->version >= 4 )
|
||||
{
|
||||
/* Put the updated timestamp into the sig. Note that this
|
||||
will automagically lower any sig expiration dates to
|
||||
correctly correspond to the differences in the timestamps
|
||||
(i.e. the duration will shrink). */
|
||||
build_sig_subpkt_from_sig( sig );
|
||||
|
||||
if (mksubpkt)
|
||||
rc = (*mksubpkt)(sig, opaque);
|
||||
}
|
||||
|
||||
if (!rc) {
|
||||
hash_sigversion_to_magic (md, sig);
|
||||
md_final(md);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue