1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00

* misc.c (pull_in_libs): Dead code. Removed.

* sig-check.c (check_revocation_keys): Comments.

* getkey.c (merge_selfsigs_main): Don't bother to check designated revoker
sigs if the key is already revoked.

* packet.h, getkey.c (merge_selfsigs_main): New "maybe_revoked" flag on
PKs.  It is set when there is a revocation signature from a valid
revocation key, but the revocation key is not present to verify the
signature.

* pkclist.c (check_signatures_trust): Use it here to give a warning when
showing key trust.

* compress-bz2.c: Include stdio.h.  Solaris 9 has a very old bzip2 library
and we can at least guarantee that it won't fail because of the lack of
stdio.h.

* tdbio.c: Fixed format string bugs related to the use of DB_NAME.
Reported by Florian Weimer.
This commit is contained in:
David Shaw 2003-12-30 00:46:42 +00:00
parent f13f772a29
commit d537d547ce
8 changed files with 67 additions and 45 deletions

View file

@ -320,20 +320,22 @@ cache_sig_result ( PKT_signature *sig, int result )
}
}
/* Check the revocation keys to see if any of them have revoked our
pk. sig is the revocation sig. pk is the key it is on. This code
will need to be modified if gpg ever becomes multi-threaded. Note
that this guarantees that a designated revocation sig will never be
considered valid unless it is actually valid, as well as being
issued by a revocation key in a valid direct signature. Note that
this is written so that a revoked revoker can still issue
issued by a revocation key in a valid direct signature. Note also
that this is written so that a revoked revoker can still issue
revocations: i.e. If A revokes B, but A is revoked, B is still
revoked. I'm not completely convinced this is the proper behavior,
but it matches how PGP does it. -dms */
/* Returns 0 if sig is valid (i.e. pk is revoked), non-0 if not
revoked */
revoked. It is important that G10ERR_NO_PUBKEY is only returned
when a revocation signature is from a valid revocation key
designated in a revkey subpacket, but the revocation key itself
isn't present. */
int
check_revocation_keys(PKT_public_key *pk,PKT_signature *sig)
{
@ -345,9 +347,9 @@ check_revocation_keys(PKT_public_key *pk,PKT_signature *sig)
if(busy)
{
/* return -1 (i.e. not revoked), but mark the pk as uncacheable
as we don't really know its revocation status until it is
checked directly. */
/* return an error (i.e. not revoked), but mark the pk as
uncacheable as we don't really know its revocation status
until it is checked directly. */
pk->dont_cache=1;
return rc;