diff options
Diffstat (limited to 'src/gpg.c')
-rw-r--r-- | src/gpg.c | 43 |
1 files changed, 27 insertions, 16 deletions
@@ -144,28 +144,14 @@ create_gpg_homedir () logmsg (LOG_DEBUG, _("GNUPG home directory: %s"), temp_homedir); setenv ("GNUPGHOME", temp_homedir, 1); return 0; } static int -gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig, - struct file_triplet *trp) +checksig (gpgme_signature_t sig, const char *uid, struct file_triplet *trp) { - if (!sig) - return 0; - - for (; sig; sig = sig->next) - { - const char *uid; - gpgme_key_t key; - - if (gpgme_get_key (ctx, sig->fpr, &key, 0) == GPG_ERR_NO_ERROR) - uid = key->uids->uid; - else - uid = sig->fpr; - switch (gpg_err_code (sig->status)) { case GPG_ERR_NO_ERROR: if (debug_level) logmsg (LOG_NOTICE, _("Good signature from %s"), uid); trp->uploader = uploader_find_frp (trp->uploader_list, sig->fpr); @@ -205,22 +191,46 @@ gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig, return 0; default: logmsg (LOG_ERR, _("Unknown signature error")); return 0; } + return -1; +} + +static int +gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig, + struct file_triplet *trp) +{ + if (!sig) + return 0; + + for (; sig; sig = sig->next) + { + const char *uid; + gpgme_key_t key; + int rc; + + if (gpgme_get_key (ctx, sig->fpr, &key, 0) == GPG_ERR_NO_ERROR) + uid = key->uids->uid; + else + uid = sig->fpr; + rc = checksig (sig, uid, trp); + gpgme_key_unref (key); + if (rc != -1) + return rc; } return 1; } /* Verify the directive file from TRP using public key PUBKEY */ int verify_directive_signature (struct file_triplet *trp) { gpgme_ctx_t ctx; - gpgme_data_t key_data, directive_data, plain; + gpgme_data_t key_data, directive_data, plain = NULL; gpgme_error_t ec; int rc; struct uploader_info *uptr; create_gpg_homedir (); fail_if_err (gpgme_new (&ctx)); @@ -266,12 +276,13 @@ verify_directive_signature (struct file_triplet *trp) rc = 1; UPDATE_STATS (STAT_BAD_SIGNATURE); logmsg (LOG_ERR, _("%s: directive verification failed: %s"), trp->name, gpgme_strerror (ec)); } + gpgme_data_release (plain); gpgme_data_release (directive_data); gpgme_data_release (key_data); gpgme_release (ctx); return rc; } |