aboutsummaryrefslogtreecommitdiff
path: root/src/gpg.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/gpg.c')
-rw-r--r--src/gpg.c43
1 files changed, 27 insertions, 16 deletions
diff --git a/src/gpg.c b/src/gpg.c
index 8979e9c..814be6f 100644
--- a/src/gpg.c
+++ b/src/gpg.c
@@ -144,28 +144,14 @@ create_gpg_homedir ()
logmsg (LOG_DEBUG, _("GNUPG home directory: %s"), temp_homedir);
setenv ("GNUPGHOME", temp_homedir, 1);
return 0;
}
static int
-gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig,
- struct file_triplet *trp)
+checksig (gpgme_signature_t sig, const char *uid, struct file_triplet *trp)
{
- if (!sig)
- return 0;
-
- for (; sig; sig = sig->next)
- {
- const char *uid;
- gpgme_key_t key;
-
- if (gpgme_get_key (ctx, sig->fpr, &key, 0) == GPG_ERR_NO_ERROR)
- uid = key->uids->uid;
- else
- uid = sig->fpr;
-
switch (gpg_err_code (sig->status))
{
case GPG_ERR_NO_ERROR:
if (debug_level)
logmsg (LOG_NOTICE, _("Good signature from %s"), uid);
trp->uploader = uploader_find_frp (trp->uploader_list, sig->fpr);
@@ -205,22 +191,46 @@ gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig,
return 0;
default:
logmsg (LOG_ERR, _("Unknown signature error"));
return 0;
}
+ return -1;
+}
+
+static int
+gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig,
+ struct file_triplet *trp)
+{
+ if (!sig)
+ return 0;
+
+ for (; sig; sig = sig->next)
+ {
+ const char *uid;
+ gpgme_key_t key;
+ int rc;
+
+ if (gpgme_get_key (ctx, sig->fpr, &key, 0) == GPG_ERR_NO_ERROR)
+ uid = key->uids->uid;
+ else
+ uid = sig->fpr;
+ rc = checksig (sig, uid, trp);
+ gpgme_key_unref (key);
+ if (rc != -1)
+ return rc;
}
return 1;
}
/* Verify the directive file from TRP using public key PUBKEY */
int
verify_directive_signature (struct file_triplet *trp)
{
gpgme_ctx_t ctx;
- gpgme_data_t key_data, directive_data, plain;
+ gpgme_data_t key_data, directive_data, plain = NULL;
gpgme_error_t ec;
int rc;
struct uploader_info *uptr;
create_gpg_homedir ();
fail_if_err (gpgme_new (&ctx));
@@ -266,12 +276,13 @@ verify_directive_signature (struct file_triplet *trp)
rc = 1;
UPDATE_STATS (STAT_BAD_SIGNATURE);
logmsg (LOG_ERR, _("%s: directive verification failed: %s"),
trp->name, gpgme_strerror (ec));
}
+ gpgme_data_release (plain);
gpgme_data_release (directive_data);
gpgme_data_release (key_data);
gpgme_release (ctx);
return rc;
}

Return to:

Send suggestions and report system problems to the System administrator.

Generated by cgit.