mirror of
https://git.notmuchmail.org/git/notmuch
synced 2025-04-22 07:10:46 +02:00
Accept "key-missing" from a signature from a revoked key
We have traditionally expected a signature to show up as "revoked" when the signing key is revoked. However, GnuPG's recent fix to avoid a denial of service against legitimate signatures appears to have changed the status of signature verification from keys which happen to have been revoked. See https://bugs.debian.org/1098995 and https://dev.gnupg.org/T7547 This change makes the test suite a little bit less brittle while we look for a resolution from upstream. It should probably also be backported to debian unstable unless a notmuch release to unstable is imminent. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This commit is contained in:
Daniel Kahn Gillmor
David Bremner
parent
ed29a9c37e
commit
d330971b8b
1 changed files with 1 additions and 0 deletions
|
|
@ -453,6 +453,7 @@ y
|
|||
| gpg --no-tty --quiet --import
|
||||
output=$(notmuch show --format=json --verify subject:"test signed message 001" \
|
||||
| notmuch_json_show_sanitize \
|
||||
| sed -e 's/"key-\(revoked\|missing\)"/"key-revoked"/g' \
|
||||
| sed -e 's|"created": [1234567890]*|"created": 946728000|')
|
||||
expected='[[[{"id": "XXXXX",
|
||||
"match": true,
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue