Bug#736548: monkeysign: Reports "key is expired, cannot sign" on non-expired key

Jerome Charaoui Sat, 16 Jul 2016 14:33:58 -0700

tag patch
thanks

This ugly little patch appears to fix the problem for me.


Thanks,

-- Jerome

From 818778fb4ed3d288bd03c0d27c452255629e8304 Mon Sep 17 00:00:00 2001
From: Jerome Charaoui <jer...@riseup.net>
Date: Sat, 16 Jul 2016 17:18:26 -0400
Subject: [PATCH] Ignore KEYEXPIRED GnuPG error (closes #736548)

Allows us to sign a key which has one or more expired subkeys.
---
 monkeysign/gpg.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/monkeysign/gpg.py b/monkeysign/gpg.py
index 456cf3b..5e4e874 100644
--- a/monkeysign/gpg.py
+++ b/monkeysign/gpg.py
@@ -478,6 +478,13 @@ class Keyring():
                     multiuid = self.context.seek(proc.stderr, 'GET_BOOL keyedit.sign_all.okay')
                 except GpgProtocolError as e:
                     raise GpgRuntimeError(self.context.returncode, _('cannot select uid for signing: %s') % e.found().decode('utf-8'))
+            elif '[GNUPG:] KEYEXPIRED' in str(e):
+                # This is a protocol error but should be ignored,
+                # see doc/DETAILS in GnuPG documentation.
+                try:
+                    multiuid = self.context.seek(proc.stderr, 'GET_BOOL keyedit.sign_all.okay')
+                except GpgProtocolError as e:
+                    raise GpgRuntimeError(self.context.returncode, _('cannot select uid for signing: %s') % e.found().decode('utf-8'))
             else:
                 raise GpgRuntimeError(self.context.returncode, _('cannot select uid for signing: %s') % e.found().decode('utf-8'))
         if multiuid:
-- 
2.8.1

signature.asc
Description: OpenPGP digital signature

Bug#736548: monkeysign: Reports "key is expired, cannot sign" on non-expired key

Reply via email to