aboutsummaryrefslogtreecommitdiff
path: root/src/gpg.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/gpg.c')
-rw-r--r--src/gpg.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/src/gpg.c b/src/gpg.c
index 474d94b..d4f9b71 100644
--- a/src/gpg.c
+++ b/src/gpg.c
@@ -111,49 +111,49 @@ rmdir_r (const char *name)
name, strerror (errno));
return 1;
}
return rc;
}
/* Remove temporary GPG home directory */
static void
remove_homedir ()
{
if (debug_level > 1)
logmsg (LOG_DEBUG, _("removing GNUPG home directory: %s"), temp_homedir);
if (rmdir_r (temp_homedir))
logmsg (LOG_CRIT, _("failed to remove GPG directory %s"), temp_homedir);
}
/* Create a temporary GPG home directory */
static int
create_gpg_homedir ()
{
if (temp_homedir)
return 0;
- temp_homedir = xstrdup ("/tmp/wydawca-XXXXXX");
+ temp_homedir = grecs_strdup ("/tmp/wydawca-XXXXXX");
if (!mkdtemp (temp_homedir))
{
logmsg (LOG_CRIT, _("cannot create GPG home directory (%s): %s"),
temp_homedir, strerror (errno));
return 1;
}
atexit (remove_homedir);
if (debug_level > 1)
logmsg (LOG_DEBUG, _("GNUPG home directory: %s"), temp_homedir);
setenv ("GNUPGHOME", temp_homedir, 1);
return 0;
}
static int
gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig,
struct file_triplet *trp)
{
if (!sig)
return 0;
for (; sig; sig = sig->next)
{
const char *uid;
gpgme_key_t key;
@@ -216,83 +216,84 @@ gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig,
int
verify_directive_signature (struct file_triplet *trp)
{
gpgme_ctx_t ctx;
gpgme_data_t key_data, directive_data, plain;
gpgme_error_t ec;
int rc;
struct uploader_info *uptr;
create_gpg_homedir ();
fail_if_err (gpgme_new (&ctx));
for (uptr = trp->uploader_list; uptr; uptr = uptr->next)
{
gpgme_import_result_t res;
gpgme_import_status_t pstat;
fail_if_err (gpgme_data_new_from_mem (&key_data,
uptr->gpg_key,
strlen (uptr->gpg_key),
0));
fail_if_err (gpgme_op_import (ctx, key_data));
res = gpgme_op_import_result (ctx);
pstat = res->imports;
- uptr->fpr = xstrdup (pstat->fpr);
+ uptr->fpr = grecs_strdup (pstat->fpr);
if (debug_level > 2)
logmsg (LOG_DEBUG, _("imported key: user = %s, fingerprint = %s"),
uptr->name, uptr->fpr);
}
fail_if_err (gpgme_data_new_from_file (&directive_data,
trp->file[file_directive].name, 1));
gpgme_data_new (&plain);
ec = gpgme_op_verify (ctx, directive_data, NULL, plain);
if (ec == GPG_ERR_NO_ERROR)
{
gpgme_verify_result_t result;
result = gpgme_op_verify_result (ctx);
if (!gpg_verify_signature (ctx, result->signatures, trp))
{
UPDATE_STATS (STAT_BAD_SIGNATURE);
notify (trp->spool->notification, trp, ev_bad_directive_signature);
rc = 1;
}
else
rc = 0;
}
else
{
rc = 1;
UPDATE_STATS (STAT_BAD_SIGNATURE);
logmsg (LOG_ERR, _("%s: directive verification failed: %s"),
trp->name, gpgme_strerror (ec));
}
gpgme_data_release (directive_data);
gpgme_data_release (key_data);
-
+ gpgme_release (ctx);
+
return rc;
}
/* Verify the detached signature of TRP.
NOTE: It is assumed that the public key is already registered (by
a previous call to verify_directive_signature). */
int
verify_detached_signature (struct file_triplet *trp)
{
gpgme_engine_info_t info;
const char *argv[5];
const struct spool *spool;
ASGN_SPOOL (spool, trp, return 1);
fail_if_err (gpgme_get_engine_info (&info));
while (info && info->protocol != GPGME_PROTOCOL_OpenPGP)
info = info->next;
if (!info)
{
logmsg (LOG_CRIT,
_("cannot find path to gpg binary (attempting to verify "
"the detached signature for %s"), trp->name);
return 1;

Return to:

Send suggestions and report system problems to the System administrator.