ENGINE-583: ensure checks for expiration follow the same path. ENGINE-559
authorKrista 'DarthMama' Bennett <krista@pep.foundation>
Tue, 09 Jul 2019 12:30:56 +0200
branchENGINE-559
changeset 39176d33fd0289b2
parent 3916 54f53e338f86
child 3919 0700d69d0210
ENGINE-583: ensure checks for expiration follow the same path.
src/pgp_sequoia.c
     1.1 --- a/src/pgp_sequoia.c	Tue Jul 09 11:40:15 2019 +0200
     1.2 +++ b/src/pgp_sequoia.c	Tue Jul 09 12:30:56 2019 +0200
     1.3 @@ -15,7 +15,7 @@
     1.4  
     1.5  #include "wrappers.h"
     1.6  
     1.7 -#define TRACING 0
     1.8 +#define TRACING 1
     1.9  #ifndef TRACING
    1.10  #  ifndef NDEBUG
    1.11  #    define TRACING 0
    1.12 @@ -2412,10 +2412,21 @@
    1.13  
    1.14      *comm_type = PEP_ct_OpenPGP_unconfirmed;
    1.15  
    1.16 -    if (pgp_tpk_expired(tpk)) {
    1.17 +    bool expired = false;
    1.18 +    
    1.19 +    // FIXME: we should refactor this and pgp_key_expired. For now, we 
    1.20 +    // MUST guarantee the same behaviour.
    1.21 +    pgp_key_expired(session, fpr, time(NULL), &expired);
    1.22 +    
    1.23 +    if (expired) {
    1.24          *comm_type = PEP_ct_key_expired;
    1.25 -        goto out;
    1.26 +        goto out;        
    1.27      }
    1.28 +    
    1.29 +    // if (pgp_tpk_expired(tpk)) {
    1.30 +    //     *comm_type = PEP_ct_key_expired;
    1.31 +    //     goto out;
    1.32 +    // }
    1.33  
    1.34      pgp_revocation_status_t rs = pgp_tpk_revocation_status(tpk);
    1.35      pgp_revocation_status_variant_t rsv = pgp_revocation_status_variant(rs);