mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey): Make sure
that even after keys may be merged together, we only have one chosen selfsig.
This commit is contained in:
parent
1594883f2f
commit
6e9b751b79
@ -1,3 +1,9 @@
|
|||||||
|
2005-06-12 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey): Make sure
|
||||||
|
that even after keys may be merged together, we only have one
|
||||||
|
chosen selfsig.
|
||||||
|
|
||||||
2005-06-09 David Shaw <dshaw@jabberwocky.com>
|
2005-06-09 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
* options.h, import.c (parse_import_options, delete_inv_parts):
|
* options.h, import.c (parse_import_options, delete_inv_parts):
|
||||||
|
19
g10/getkey.c
19
g10/getkey.c
@ -1650,7 +1650,8 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
|
|||||||
if ( check_key_signature( keyblock, k, NULL ) )
|
if ( check_key_signature( keyblock, k, NULL ) )
|
||||||
; /* signature did not verify */
|
; /* signature did not verify */
|
||||||
else if ( (IS_UID_SIG (sig) || IS_UID_REV (sig))
|
else if ( (IS_UID_SIG (sig) || IS_UID_REV (sig))
|
||||||
&& sig->timestamp >= sigdate ) {
|
&& sig->timestamp >= sigdate )
|
||||||
|
{
|
||||||
/* Note: we allow to invalidate cert revocations
|
/* Note: we allow to invalidate cert revocations
|
||||||
* by a newer signature. An attacker can't use this
|
* by a newer signature. An attacker can't use this
|
||||||
* because a key should be revoced with a key revocation.
|
* because a key should be revoced with a key revocation.
|
||||||
@ -1662,9 +1663,10 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
|
|||||||
|
|
||||||
sigdate = sig->timestamp;
|
sigdate = sig->timestamp;
|
||||||
signode = k;
|
signode = k;
|
||||||
|
signode->pkt->pkt.signature->flags.chosen_selfsig=0;
|
||||||
if( sig->version > sigversion )
|
if( sig->version > sigversion )
|
||||||
sigversion = sig->version;
|
sigversion = sig->version;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1941,14 +1943,17 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
|
|||||||
* figure out other information like the old expiration
|
* figure out other information like the old expiration
|
||||||
* time */
|
* time */
|
||||||
}
|
}
|
||||||
else if ( IS_SUBKEY_SIG (sig) && sig->timestamp >= sigdate ) {
|
else if ( IS_SUBKEY_SIG (sig) && sig->timestamp >= sigdate )
|
||||||
|
{
|
||||||
if(sig->flags.expired)
|
if(sig->flags.expired)
|
||||||
; /* signature has expired - ignore it */
|
; /* signature has expired - ignore it */
|
||||||
else {
|
else
|
||||||
|
{
|
||||||
sigdate = sig->timestamp;
|
sigdate = sig->timestamp;
|
||||||
signode = k;
|
signode = k;
|
||||||
}
|
signode->pkt->pkt.signature->flags.chosen_selfsig=0;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user