Adding upstream version 2.2.43.upstream/2.2.43upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 4 insertions, 10 deletions

diff --git a/g10/sig-check.c b/g10/sig-check.c
index eeaf6f0..09d5a8b 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -75,17 +75,10 @@ check_key_verify_compliance (PKT_public_key *pk)
                             NULL))
     {
       /* Compliance failure.  */
-      log_info (_("key %s may not be used for signing in %s mode\n"),
+      log_error (_("key %s may not be used for signing in %s mode\n"),
                  keystr_from_pk (pk),
                  gnupg_compliance_option_string (opt.compliance));
-      if (opt.flags.override_compliance_check)
-        log_info (_("continuing verification anyway due to option %s\n"),
-                  "--override-compliance-failure");
-      else
-        {
-          log_inc_errorcount (); /* We used log info above.  */
-          err = gpg_error (GPG_ERR_PUBKEY_ALGO);
-        }
+      err = gpg_error (GPG_ERR_PUBKEY_ALGO);
     }
 
   return err;
@@ -342,7 +335,8 @@ check_signature_metadata_validity (PKT_public_key *pk, PKT_signature *sig,
   if (r_revoked)
     *r_revoked = 0;
 
-  if (pk->timestamp > sig->timestamp )
+  if (pk->timestamp > sig->timestamp
+      && !(parse_key_usage (sig) & PUBKEY_USAGE_RENC))
     {
       ulong d = pk->timestamp - sig->timestamp;
       if ( d < 86400 )