diff options
Diffstat (limited to 'src/gpg.c')
-rw-r--r-- | src/gpg.c | 7 |
1 files changed, 4 insertions, 3 deletions
@@ -111,49 +111,49 @@ rmdir_r (const char *name) name, strerror (errno)); return 1; } return rc; } /* Remove temporary GPG home directory */ static void remove_homedir () { if (debug_level > 1) logmsg (LOG_DEBUG, _("removing GNUPG home directory: %s"), temp_homedir); if (rmdir_r (temp_homedir)) logmsg (LOG_CRIT, _("failed to remove GPG directory %s"), temp_homedir); } /* Create a temporary GPG home directory */ static int create_gpg_homedir () { if (temp_homedir) return 0; - temp_homedir = xstrdup ("/tmp/wydawca-XXXXXX"); + temp_homedir = grecs_strdup ("/tmp/wydawca-XXXXXX"); if (!mkdtemp (temp_homedir)) { logmsg (LOG_CRIT, _("cannot create GPG home directory (%s): %s"), temp_homedir, strerror (errno)); return 1; } atexit (remove_homedir); if (debug_level > 1) logmsg (LOG_DEBUG, _("GNUPG home directory: %s"), temp_homedir); setenv ("GNUPGHOME", temp_homedir, 1); return 0; } static int gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig, struct file_triplet *trp) { if (!sig) return 0; for (; sig; sig = sig->next) { const char *uid; gpgme_key_t key; @@ -216,83 +216,84 @@ gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig, int verify_directive_signature (struct file_triplet *trp) { gpgme_ctx_t ctx; gpgme_data_t key_data, directive_data, plain; gpgme_error_t ec; int rc; struct uploader_info *uptr; create_gpg_homedir (); fail_if_err (gpgme_new (&ctx)); for (uptr = trp->uploader_list; uptr; uptr = uptr->next) { gpgme_import_result_t res; gpgme_import_status_t pstat; fail_if_err (gpgme_data_new_from_mem (&key_data, uptr->gpg_key, strlen (uptr->gpg_key), 0)); fail_if_err (gpgme_op_import (ctx, key_data)); res = gpgme_op_import_result (ctx); pstat = res->imports; - uptr->fpr = xstrdup (pstat->fpr); + uptr->fpr = grecs_strdup (pstat->fpr); if (debug_level > 2) logmsg (LOG_DEBUG, _("imported key: user = %s, fingerprint = %s"), uptr->name, uptr->fpr); } fail_if_err (gpgme_data_new_from_file (&directive_data, trp->file[file_directive].name, 1)); gpgme_data_new (&plain); ec = gpgme_op_verify (ctx, directive_data, NULL, plain); if (ec == GPG_ERR_NO_ERROR) { gpgme_verify_result_t result; result = gpgme_op_verify_result (ctx); if (!gpg_verify_signature (ctx, result->signatures, trp)) { UPDATE_STATS (STAT_BAD_SIGNATURE); notify (trp->spool->notification, trp, ev_bad_directive_signature); rc = 1; } else rc = 0; } else { rc = 1; UPDATE_STATS (STAT_BAD_SIGNATURE); logmsg (LOG_ERR, _("%s: directive verification failed: %s"), trp->name, gpgme_strerror (ec)); } gpgme_data_release (directive_data); gpgme_data_release (key_data); - + gpgme_release (ctx); + return rc; } /* Verify the detached signature of TRP. NOTE: It is assumed that the public key is already registered (by a previous call to verify_directive_signature). */ int verify_detached_signature (struct file_triplet *trp) { gpgme_engine_info_t info; const char *argv[5]; const struct spool *spool; ASGN_SPOOL (spool, trp, return 1); fail_if_err (gpgme_get_engine_info (&info)); while (info && info->protocol != GPGME_PROTOCOL_OpenPGP) info = info->next; if (!info) { logmsg (LOG_CRIT, _("cannot find path to gpg binary (attempting to verify " "the detached signature for %s"), trp->name); return 1; |