1
#! /bin/sh /usr/share/dpatch/dpatch-run
2
## 489225_catch_expired_primary_key_with_valid_subkey.dpatch by Daniel Leidert (dale) <daniel.leidert@wgdd.de>
4
## All lines beginning with `## DP:' are a description of the patch.
5
## DP: Fix missing status line signature verification done with a subkey while
6
## DP: on the main key has expired.
8
## DP: <URL:http://bugs.debian.org/489225>
9
## DP: <URL:https://bugs.g10code.com/gnupg/issue1059>
10
## DP: <URL:http://lists.gnupg.org/pipermail/gnupg-commits/2009-December/008699.html>
13
diff -urNad trunk~/g10/sig-check.c trunk/g10/sig-check.c
14
--- trunk~/g10/sig-check.c 2009-07-30 13:01:05.000000000 +0200
15
+++ trunk/g10/sig-check.c 2010-01-22 02:33:27.496061461 +0100
17
return G10ERR_TIME_CONFLICT;
20
- if( pk->expiredate && pk->expiredate < cur_time ) {
21
+ /* Check whether the key has expired. We check the has_expired
22
+ flag which is set after a full evaluation of the key (getkey.c)
23
+ as well as a simple compare to the current time in case the
24
+ merge has for whatever reasons not been done. */
25
+ if (pk->has_expired || (pk->expiredate && pk->expiredate < cur_time)) {
28
log_info(_("NOTE: signature key %s expired %s\n"),