aboutsummaryrefslogtreecommitdiff
path: root/src/gpg.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/gpg.c')
-rw-r--r--src/gpg.c107
1 files changed, 59 insertions, 48 deletions
diff --git a/src/gpg.c b/src/gpg.c
index 8979e9c..814be6f 100644
--- a/src/gpg.c
+++ b/src/gpg.c
@@ -149,2 +149,53 @@ create_gpg_homedir ()
static int
+checksig (gpgme_signature_t sig, const char *uid, struct file_triplet *trp)
+{
+ switch (gpg_err_code (sig->status))
+ {
+ case GPG_ERR_NO_ERROR:
+ if (debug_level)
+ logmsg (LOG_NOTICE, _("Good signature from %s"), uid);
+ trp->uploader = uploader_find_frp (trp->uploader_list, sig->fpr);
+ if (!trp->uploader)
+ {
+ logmsg (LOG_ERR,
+ _("good signature from %s, "
+ "but the uploader info for %s not found"),
+ uid, sig->fpr);
+ return 1;
+ }
+ break;
+
+ case GPG_ERR_BAD_SIGNATURE:
+ UPDATE_STATS (STAT_BAD_SIGNATURE);
+ logmsg (LOG_ERR, _("BAD signature from %s"), uid);
+ return 0;
+
+ case GPG_ERR_NO_PUBKEY:
+ UPDATE_STATS (STAT_ACCESS_VIOLATIONS);
+ logmsg (LOG_ERR, _("No public key"));
+ return 0;
+
+ case GPG_ERR_NO_DATA:
+ UPDATE_STATS (STAT_BAD_TRIPLETS);
+ logmsg (LOG_ERR, _("No signature"));
+ return 0;
+
+ case GPG_ERR_SIG_EXPIRED:
+ UPDATE_STATS (STAT_BAD_SIGNATURE);
+ logmsg (LOG_ERR, _("Expired signature from %s"), uid);
+ return 0;
+
+ case GPG_ERR_KEY_EXPIRED:
+ UPDATE_STATS (STAT_BAD_SIGNATURE);
+ logmsg (LOG_ERR, _("Key expired (%s)"), uid);
+ return 0;
+
+ default:
+ logmsg (LOG_ERR, _("Unknown signature error"));
+ return 0;
+ }
+ return -1;
+}
+
+static int
gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig,
@@ -159,3 +210,4 @@ gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig,
gpgme_key_t key;
-
+ int rc;
+
if (gpgme_get_key (ctx, sig->fpr, &key, 0) == GPG_ERR_NO_ERROR)
@@ -164,48 +216,6 @@ gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig,
uid = sig->fpr;
-
- switch (gpg_err_code (sig->status))
- {
- case GPG_ERR_NO_ERROR:
- if (debug_level)
- logmsg (LOG_NOTICE, _("Good signature from %s"), uid);
- trp->uploader = uploader_find_frp (trp->uploader_list, sig->fpr);
- if (!trp->uploader)
- {
- logmsg (LOG_ERR,
- _("good signature from %s, "
- "but the uploader info for %s not found"),
- uid, sig->fpr);
- return 1;
- }
- break;
-
- case GPG_ERR_BAD_SIGNATURE:
- UPDATE_STATS (STAT_BAD_SIGNATURE);
- logmsg (LOG_ERR, _("BAD signature from %s"), uid);
- return 0;
-
- case GPG_ERR_NO_PUBKEY:
- UPDATE_STATS (STAT_ACCESS_VIOLATIONS);
- logmsg (LOG_ERR, _("No public key"));
- return 0;
-
- case GPG_ERR_NO_DATA:
- UPDATE_STATS (STAT_BAD_TRIPLETS);
- logmsg (LOG_ERR, _("No signature"));
- return 0;
-
- case GPG_ERR_SIG_EXPIRED:
- UPDATE_STATS (STAT_BAD_SIGNATURE);
- logmsg (LOG_ERR, _("Expired signature from %s"), uid);
- return 0;
-
- case GPG_ERR_KEY_EXPIRED:
- UPDATE_STATS (STAT_BAD_SIGNATURE);
- logmsg (LOG_ERR, _("Key expired (%s)"), uid);
- return 0;
-
- default:
- logmsg (LOG_ERR, _("Unknown signature error"));
- return 0;
- }
+ rc = checksig (sig, uid, trp);
+ gpgme_key_unref (key);
+ if (rc != -1)
+ return rc;
}
@@ -219,3 +229,3 @@ verify_directive_signature (struct file_triplet *trp)
gpgme_ctx_t ctx;
- gpgme_data_t key_data, directive_data, plain;
+ gpgme_data_t key_data, directive_data, plain = NULL;
gpgme_error_t ec;
@@ -271,2 +281,3 @@ verify_directive_signature (struct file_triplet *trp)
+ gpgme_data_release (plain);
gpgme_data_release (directive_data);

Return to:

Send suggestions and report system problems to the System administrator.