gpg: Replace --override-compliance-check by a real fix.

* common/compliance.c (gnupg_pk_is_allowed): Handle EdDSA. * g10/gpg.c (oOverrideComplianceCheck): Remove. (opts): Turn --override-compliance-check into a dummy option. * g10/options.h (opt): Remove override_compliance_check. * g10/sig-check.c (check_key_verify_compliance): Remove use of that option. -- The introduction of --override-compliance-check actually hid the real cause for the signature verification problem in de-vs mode for the Ed25519 key. The real fix is to handle the EdDSA algorithm in gnupg_pk_is_allowed. Fixes-commit: 773b8fbbe9 GnuPG-bug-id: 5655
2025-07-02 22:46:30 +02:00 · 2023-01-20 11:02:02 +01:00 · 2023-01-20 11:02:02 +01:00 · aecebdf705
commit aecebdf705
parent de292078a5
5 changed files with 8 additions and 32 deletions
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@ -3424,13 +3424,7 @@ signatures made using SHA-1, those key signatures are considered
 invalid.  This options allows to override this restriction.

@item --override-compliance-check
-@opindex --override-compliance-check
-The signature verification only allows the use of keys suitable in the
-current compliance mode.  If the compliance mode has been forced by a
-global option, there might be no way to check certain signature.  This
-option allows to override this and prints an extra warning in such a
-case.  This option is ignored in --batch mode so that no accidental
-unattended verification may happen.
+This was a temporary introduced option and has no more effect.

@item --no-default-keyring
@opindex no-default-keyring