security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-23 15:07:03 +01:00
Code Activity

gpg: When evaluating trust reg exps, treat tofu+pgp like pgp.

Browse Source 
* g10/trustdb.c (validate_one_keyblock): When checking trust regular
expressions, treat the tofu+pgp trust model the same as the pgp trust
model.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
This commit is contained in:
Neal H. Walfield 2015-10-21 13:31:00 +02:00
parent df57390d68
commit cbaca254ac
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
g10/trustdb.c
View File

@ -1579,7 +1579,8 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
since we don't accept a regexp on the sig unless it's a since we don't accept a regexp on the sig unless it's a
trust sig. */ trust sig. */
if (kr && (!kr->trust_regexp if (kr && (!kr->trust_regexp
|| opt.trust_model != TM_PGP || !(opt.trust_model == TM_PGP
|| opt.trust_model == TM_TOFU_PGP)
|| (uidnode || (uidnode
&& check_regexp(kr->trust_regexp, && check_regexp(kr->trust_regexp,
uidnode->pkt->pkt.user_id->name)))) uidnode->pkt->pkt.user_id->name))))
@ -1589,7 +1590,8 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
lesser trust sig or value. I could make a decent lesser trust sig or value. I could make a decent
argument for any of these cases, but this seems to be argument for any of these cases, but this seems to be
what PGP does, and I'd like to be compatible. -dms */ what PGP does, and I'd like to be compatible. -dms */
if (opt.trust_model == TM_PGP if ((opt.trust_model == TM_PGP
|| opt.trust_model == TM_TOFU_PGP)
&& sig->trust_depth && sig->trust_depth
&& pk->trust_timestamp <= sig->timestamp) && pk->trust_timestamp <= sig->timestamp)
{ {