progs/catsign.c; Verify equality of keys more directly.

Rather than comparing the two keys' `id' slots, just compare the
pointers.  It's not like we got them from different keyrings or
anything.  This makes it clear that we're checking that we really have
the /same/ key, found by two different paths.

Fortunately, this isn't a security problem: the code in `key/key-io.c'
won't allow two keys with the same `id' value to exist in the same
keyring.  This change therefore doesn't have any observable effect.
But, seeing as I just had a panic regarding a potential security hole in
`tripe-keys', it's as well to make it clear what's actually going on.

diff --git a/progs/catsign.c b/progs/catsign.c
index 671cea6e8c7e79f42b2f6720ee4be3bc63db3bdf..accd592f3b8d38a3fe1896d065e6be7dc09b8b22 100644 (file)
--- a/progs/catsign.c
+++ b/progs/catsign.c
@@ -715,7 +715,7 @@ static int verify(int argc, char *argv[])
                       (unsigned long)s.keyid);
     exit(EXIT_FAILURE);
   }
-  if (kk && k->id != kk->id) {
+  if (kk && k != kk) {
     if (v.verb) {
       dstr_reset(&d); key_fulltag(k, &d);
       dstr_reset(&dd); key_fulltag(kk, &dd);