X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=userdir_gpg.py;h=ab192c7f95d290b21d7828b07e0933c9d29fee5d;hb=734f08196ff3c48d9f7440bf8731f3cd72f128aa;hp=455ba3fd60e99e5dc2d4d9d75a6aafc05ad800c7;hpb=6730238ac1007b899b87675301db3a01dfece0da;p=mirror%2Fuserdir-ldap.git

diff --git a/userdir_gpg.py b/userdir_gpg.py
index 455ba3f..ab192c7 100644
--- a/userdir_gpg.py
+++ b/userdir_gpg.py
@@ -27,7 +27,7 @@
 #    pgp2 encrypting mode.
 
 import string, mimetools, multifile, sys, StringIO, os, tempfile, re;
-import rfc822, time, fcntl, FCNTL, anydbm
+import rfc822, time, fcntl, anydbm
 
 # General GPG options
 GPGPath = "gpg"
@@ -368,12 +368,12 @@ def GPGCheckSig(Message):
             Why = "Unable to verify signature, signing key missing.";
 
 	 # Expired signature
-	 if Split[1] == "SIGEXPIRED":
+	 if Split[1] == "SIGEXPIRED" or Split[1] == "EXPSIG":
 	    GoodSig = 0;
             Why = "Signature has expired";
 	    
 	 # Revoked key
-	 if Split[1] == "KEYREVOKED":
+	 if Split[1] == "KEYREVOKED" or Split[1] == "REVKEYSIG":
 	    GoodSig = 0;
             Why = "Signing key has been revoked";
 
@@ -389,7 +389,11 @@ def GPGCheckSig(Message):
 
          # ValidSig has the key finger print
 	 if Split[1] == "VALIDSIG":
-	    KeyFinger = Split[2];
+	    # Use the fingerprint of the primary key when available
+	    if len(Split) >= 12:
+               KeyFinger = Split[11];
+            else:
+	       KeyFinger = Split[2];
 
       # Reopen the stream as a readable stream
       Text = Res[2].read();
@@ -485,7 +489,7 @@ def TemplateSubst(Map,Template):
 class ReplayCache:
    def __init__(self,Database):
       self.Lock = open(Database + ".lock","w",0600);
-      fcntl.flock(self.Lock.fileno(),FCNTL.LOCK_EX);
+      fcntl.flock(self.Lock.fileno(),fcntl.LOCK_EX);
       self.DB = anydbm.open(Database,"c",0600);
       self.CleanCutOff = CleanCutOff;
       self.AgeCutOff = AgeCutOff;