gpg: Replace --override-compliance-check by a real fix.

* common/compliance.c (gnupg_pk_is_allowed): Handle EdDSA.
* g10/gpg.c (oOverrideComplianceCheck): Remove.
(opts): Turn --override-compliance-check into a dummy option.
* g10/options.h (opt): Remove override_compliance_check.
* g10/sig-check.c (check_key_verify_compliance): Remove use of that
option.
--

The introduction of --override-compliance-check actually hid the real
cause for the signature verification problem in de-vs mode for the
Ed25519 key.  The real fix is to handle the EdDSA algorithm in
gnupg_pk_is_allowed.

Fixes-commit: fb26e144adfd93051501d58f5d0d4f8826ddf436
GnuPG-bug-id: 5655

1 files changed, 1 insertions, 7 deletions

diff --git a/doc/gpg.texi b/doc/gpg.texi
index 792ca9aa5..47aa0a4d0 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -3559,13 +3559,7 @@ signatures made using SHA-1, those key signatures are considered
 invalid.  This options allows to override this restriction.
 
 @item --override-compliance-check
-@opindex --override-compliance-check
-The signature verification only allows the use of keys suitable in the
-current compliance mode.  If the compliance mode has been forced by a
-global option, there might be no way to check certain signature.  This
-option allows to override this and prints an extra warning in such a
-case.  This option is ignored in --batch mode so that no accidental
-unattended verification may happen.
+This was a temporary introduced option and has no more effect.
 
 @item --no-default-keyring
 @opindex no-default-keyring