diff --git a/g10/ChangeLog b/g10/ChangeLog index e856bff82..f542eb2ec 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,10 @@ +2003-11-29 David Shaw + + * trustdb.c (validate_keys): Reset the trustdb before checking if + we have any ultimately trusted keys. This ensures that if we + lose all our ultimately trusted keys, we don't leave behind the + old validity calculations. + 2003-11-20 David Shaw * seskey.c (do_encode_md): Comment about earlier (pre-PGP 2.3) diff --git a/g10/trustdb.c b/g10/trustdb.c index a0e80c739..39a21aa26 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -1636,6 +1636,10 @@ validate_keys (int interactive) stored = new_key_hash_table (); used = new_key_hash_table (); full_trust = new_key_hash_table (); + + kdb = keydb_new (0); + reset_trust_records (kdb,NULL); + /* Fixme: Instead of always building a UTK list, we could just build it * here when needed */ if (!utk_list) @@ -1644,10 +1648,6 @@ validate_keys (int interactive) goto leave; } - kdb = keydb_new (0); - - reset_trust_records (kdb,NULL); - /* mark all UTKs as used and fully_trusted and set validity to ultimate */ for (k=utk_list; k; k = k->next)