From 4f5ef6219ee371a1f70d13fe4dd14a25377da075 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun, 3 Jun 2012 13:33:16 +0200
Subject: [PATCH] fixes in openpgp certificate verification.

---
 lib/openpgp/pgpverify.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/openpgp/pgpverify.c b/lib/openpgp/pgpverify.c
index 4835462c1..ca3be6ed0 100644
--- a/lib/openpgp/pgpverify.c
+++ b/lib/openpgp/pgpverify.c
@@ -106,8 +106,11 @@ gnutls_openpgp_crt_verify_ring (gnutls_openpgp_crt_t key,
       rc = gnutls_openpgp_keyring_check_id (keyring, id, 0);
       /* If it exists in the keyring don't treat it as unknown. */
       if (rc == 0 && *verify & GNUTLS_CERT_SIGNER_NOT_FOUND)
-        *verify ^= GNUTLS_CERT_SIGNER_NOT_FOUND;
+        *verify &= ~GNUTLS_CERT_SIGNER_NOT_FOUND;
     }
+  
+  if (*verify != 0)
+    *verify |= GNUTLS_CERT_INVALID;
 
   return 0;
 }
-- 
2.11.4.GIT