I did a simple "test-suite" to test problem and
fix at:
$ bzr get lp:~mvo/+junk/apt-gpgv-tests
$ cd apt-gpgv-tests
$ sudo ./test.sh
It does test "good","expired","revoked","revoked+good","expired+good".
It should fail for expired and revoked (they are no good) but should
pass for revoked+good and expired+good. Basicly it will ignore expired
or revoked signatures if there is anohter valid signature on the
Release file.
I did a simple "test-suite" to test problem and
fix at:
$ bzr get lp:~mvo/+junk/apt-gpgv-tests
$ cd apt-gpgv-tests
$ sudo ./test.sh
It does test "good", "expired" ,"revoked" ,"revoked+ good"," expired+ good".
It should fail for expired and revoked (they are no good) but should
pass for revoked+good and expired+good. Basicly it will ignore expired
or revoked signatures if there is anohter valid signature on the
Release file.
Again, feedback/review is very welcome.
Cheers,
Michael