* keyring.c (keyring_rebuild_cache): Comment.

* sign.c (mk_notation_and_policy): Making a v3 signature with notations or
policy urls is an error, not an info (i.e. increment the errorcount).
Don't print the notation or policy url to stdout since it can be mixed
into the output stream when piping and munge the stream.

g10/ChangeLog

@@ -1,3 +1,13 @@
+2003-08-12  David Shaw  <dshaw@jabberwocky.com>
+
+	* keyring.c (keyring_rebuild_cache): Comment.
+
+	* sign.c (mk_notation_and_policy): Making a v3 signature with
+	notations or policy urls is an error, not an info (i.e. increment
+	the errorcount).  Don't print the notation or policy url to stdout
+	since it can be mixed into the output stream when piping and munge
+	the stream.
+
 2003-08-02  David Shaw  <dshaw@jabberwocky.com>
 
 	* parse-packet.c (parse_signature): Don't give "signature packet

g10/keyring.c

@@ -1367,6 +1367,13 @@ keyring_rebuild_cache (void *token)
         {
           if (node->pkt->pkttype == PKT_SIGNATURE)
             {
+	      /* Note that this doesn't cache the result of a
+		 revocation issued by a designated revoker.  This is
+		 because the pk in question does not carry the revkeys
+		 as we haven't merged the key and selfsigs.  It is
+		 questionable whether this matters very much since
+		 there are very very few designated revoker revocation
+		 packets out there. */
               check_key_signature (keyblock, node, NULL);
               sigcount++;
             }

g10/sign.c

@@ -72,20 +72,25 @@ mk_notation_and_policy( PKT_signature *sig,
     args.pk=pk;
     args.sk=sk;
 
+    /* It is actually impossible to get here when making a v3 key
+       signature since keyedit.c:sign_uids will automatically bump a
+       signature with a notation or policy url up to v4, but it is
+       good to do these checks anyway. */
+
     /* notation data */
     if(IS_SIG(sig) && opt.sig_notation_data)
       {
 	if(sig->version<4)
-	  log_info(_("can't put notation data into v3 (PGP 2.x style) "
+	  log_error(_("can't put notation data into v3 (PGP 2.x style) "
-		     "signatures\n"));
+		      "signatures\n"));
 	else
 	  nd=opt.sig_notation_data;
       }
     else if( IS_CERT(sig) && opt.cert_notation_data )
       {
 	if(sig->version<4)
-	  log_info(_("can't put notation data into v3 (PGP 2.x style) "
+	  log_error(_("can't put notation data into v3 (PGP 2.x style) "
-		     "key signatures\n"));
+		      "key signatures\n"));
 	else
 	  nd=opt.cert_notation_data;
       }
@@ -125,23 +130,20 @@ mk_notation_and_policy( PKT_signature *sig,
 	m_free(buf);
     }
 
-    if(opt.show_notation)
-      show_notation(sig,0);
-
     /* set policy URL */
     if( IS_SIG(sig) && opt.sig_policy_url )
       {
 	if(sig->version<4)
-	  log_info(_("can't put a policy URL into v3 (PGP 2.x style) "
+	  log_error(_("can't put a policy URL into v3 (PGP 2.x style) "
-		     "signatures\n"));
+		      "signatures\n"));
 	else
 	  pu=opt.sig_policy_url;
       }
     else if( IS_CERT(sig) && opt.cert_policy_url )
       {
 	if(sig->version<4)
-	  log_info(_("can't put a policy URL into v3 key (PGP 2.x style) "
+	  log_error(_("can't put a policy URL into v3 key (PGP 2.x style) "
-		     "signatures\n"));
+		      "signatures\n"));
 	else
 	  pu=opt.cert_policy_url;
       }
@@ -164,9 +166,6 @@ mk_notation_and_policy( PKT_signature *sig,
 
 	m_free(s);
       }
-
-    if(opt.show_policy_url)
-      show_policy_url(sig,0);
 }