* hkp.c (hkp_search): Return proper error code on failure.

* keyedit.c (sign_uids): Do not allow signing a user ID without a self-signature. --expert overrides. * options.skel: Use subkeys.pgp.net as the default keyserver. * trustdb.c (validate_one_keyblock): Certifications on revoked or expired uids do not count in the web of trust.
2025-07-02 22:46:30 +02:00 · 2003-06-18 03:25:45 +00:00 · 2003-06-18 03:25:45 +00:00 · a5381060d2
commit a5381060d2
parent d67479006e
5 changed files with 49 additions and 15 deletions
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -397,10 +397,26 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 			    tty_printf(_("  Unable to sign.\n"));
 			  }
 		      }
-		    else if(!uidnode->pkt->pkt.user_id->created)
+		    else if(!uidnode->pkt->pkt.user_id->created && !selfsig)
 		      {
-			tty_printf(_("WARNING: user ID \"%s\" is not "
-				     "self-signed.\n"),user);
+			tty_printf(_("User ID \"%s\" is not self-signed."),
+				   user);
+
+			if(opt.expert)
+			  {
+			    tty_printf("\n");
+			    /* No, so remove the mark and continue */
+			    if(!cpr_get_answer_is_yes("sign_uid.nosig_okay",
+						      _("Are you sure you "
+							"still want to sign "
+							"it? (y/N) ")))
+			      uidnode->flag &= ~NODFLG_MARK_A;
+			  }
+			else
+			  {
+			    uidnode->flag &= ~NODFLG_MARK_A;
+			    tty_printf(_("  Unable to sign.\n"));
+			  }
 		      }

 		    m_free(user);