Revert "Temporarily downgrade key assertions to "soon worthless""

We temporarily downgraded the errors to warnings to give the launchpad PPAs time to be fixed, but warnings are not safe: Untrusted keys could be hiding on your system, but just not used at the moment. Hence revert this so we get the errors we want. This reverts commit 66998ed3d299bede651ad40368bdb270f5f5b0f9. LP: #2060721 Gbp-Dch: full
author: Julian Andres Klode <julian.klode@canonical.com> 2024-04-09 19:56:26 +0200
committer: Julian Andres Klode <julian.klode@canonical.com> 2024-04-09 19:59:52 +0200
commit: 81c65f7e86b8f16eaaa91d9c205a594b0ebde159 (patch)
tree: 034ff840ab72ba055abf1400d067b53e16f357e3 /methods
parent: a0a76c2e20c1ddefd76a4a539a9350b96d66006e (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/methods/gpgv.cc b/methods/gpgv.cc
index e465c3595..20ef2861d 100644
--- a/methods/gpgv.cc
+++ b/methods/gpgv.cc
@@ -253,7 +253,14 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
 	 auto const asserted = atoi(tokens[1].c_str());
 	 auto const pkstr = tokens[2];
 	 if (not asserted)
-	    Signers.SoonWorthless.push_back({fpr, pkstr});
+	 {
+	    std::string reason;
+	    strprintf(reason, _("untrusted public key algorithm: %s"), pkstr.c_str());
+	    Signers.Worthless.push_back({fpr, reason});
+	    Signers.Good.erase(std::remove_if(Signers.Good.begin(), Signers.Good.end(), [&](std::string const &goodsig)
+					      { return IsTheSameKey(fpr, goodsig); }),
+			       Signers.Good.end());
+	 }
       }
       else if (strncmp(buffer, GNUPGGOODSIG, sizeof(GNUPGGOODSIG)-1) == 0)
 	 PushEntryWithKeyID(Signers.Good, buffer, Debug);
author	Julian Andres Klode <julian.klode@canonical.com>	2024-04-09 19:56:26 +0200
committer	Julian Andres Klode <julian.klode@canonical.com>	2024-04-09 19:59:52 +0200
commit	81c65f7e86b8f16eaaa91d9c205a594b0ebde159 (patch)
tree	034ff840ab72ba055abf1400d067b53e16f357e3 /methods
parent	a0a76c2e20c1ddefd76a4a539a9350b96d66006e (diff)