Make gpgv error message about a missing keyring more useful. This fixes

Debian#494040. Also implement readonly semantic for extra safety.
2025-07-02 22:46:30 +02:00 · 2009-04-03 10:34:22 +00:00 · 2009-04-03 10:34:22 +00:00 · 7c98dad98e
commit 7c98dad98e
parent 7d92a25561
6 changed files with 63 additions and 20 deletions
--- a/g10/gpgv.c
+++ b/g10/gpgv.c
@ -193,12 +193,13 @@ main( int argc, char **argv )

  if (opt.verbose > 1)
    set_packet_list_mode(1);
-  
-  if (!nrings)  /* no keyring given: use default one */
-    keydb_add_resource ("trustedkeys" EXTSEP_S "gpg", 0, 0);
+
+  /* Note: We open all keyrings in read-only mode (flag value: 8).  */
+  if (!nrings)  /* No keyring given: use default one. */
+    keydb_add_resource ("trustedkeys" EXTSEP_S "gpg", 8, 0);
  for (sl = nrings; sl; sl = sl->next)
-    keydb_add_resource (sl->d, 0, 0 );
-    
+    keydb_add_resource (sl->d, 8, 0 );
+   
  FREE_STRLIST (nrings);
    
  if ( (rc = verify_signatures( argc, argv ) ))