gpgv: Fix legacy fallback on unavailable keys

If a repository is signed with multiple keys, apt 2.4.0 would
ignore the fallback result if some keys were still missing,
causing signature verification to fail.

Rework the logic such that when checking if fallback was "succesful",
missing keys are ignored - it only matters if we managed to verify
one key now, whether good or bad.

Likewise, simplify the logic when to do the fallback:

If there was a bad signature in trusted.gpg.d, do NOT fallback at all
- this is a minor security issue, as a key in trusted.gpg.d could
fail silently with a bad signature, and then a key in trusted.gpg
might allow the signature to succeed (as trusted.gpg.d key is then
missing).

Only fallback if we are missing a good signature, and there are
keys we have not yet checked.

0 files changed, 0 insertions, 0 deletions