diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2012-12-23 00:54:27 +0200 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2012-12-23 00:54:27 +0200 |
commit | 0077bc419d34a0341f978fc0e2d5cba8d35d4b28 (patch) | |
tree | f5cb831a306e99dce9a8c5af1b4be55cf7dbb658 /src/gpg.c | |
parent | 67a64a6a7809c183516740696e15ab88f82d7ef0 (diff) | |
download | wydawca-0077bc419d34a0341f978fc0e2d5cba8d35d4b28.tar.gz wydawca-0077bc419d34a0341f978fc0e2d5cba8d35d4b28.tar.bz2 |
Fix memory leaks, provide config statements for disabling inotify.
* src/config.c: New statement "inotify" (global and
spool-specific).
* src/gpg.c (gpg_verify_signature): Free key when
no longer needed.
(verify_directive_signature): Fix memory leak.
* src/job.c (job_queue_runner): Free the unlinked job.
* src/triplet.c (triplet_lookup): Free key.name.
* src/verify.c (fill_project_name): Return immediately if
trp->blurb is not null.
* src/watcher.c (create_watcher): Ignore spool if its
inotify_enable is false.
(watcher_init): Return immediately if inotify_enable is
false.
* src/wydawca.c (inotify_enable): New global.
* src/wydawca.h: Likewise.
Diffstat (limited to 'src/gpg.c')
-rw-r--r-- | src/gpg.c | 107 |
1 files changed, 59 insertions, 48 deletions
@@ -147,6 +147,57 @@ create_gpg_homedir () } static int +checksig (gpgme_signature_t sig, const char *uid, struct file_triplet *trp) +{ + switch (gpg_err_code (sig->status)) + { + case GPG_ERR_NO_ERROR: + if (debug_level) + logmsg (LOG_NOTICE, _("Good signature from %s"), uid); + trp->uploader = uploader_find_frp (trp->uploader_list, sig->fpr); + if (!trp->uploader) + { + logmsg (LOG_ERR, + _("good signature from %s, " + "but the uploader info for %s not found"), + uid, sig->fpr); + return 1; + } + break; + + case GPG_ERR_BAD_SIGNATURE: + UPDATE_STATS (STAT_BAD_SIGNATURE); + logmsg (LOG_ERR, _("BAD signature from %s"), uid); + return 0; + + case GPG_ERR_NO_PUBKEY: + UPDATE_STATS (STAT_ACCESS_VIOLATIONS); + logmsg (LOG_ERR, _("No public key")); + return 0; + + case GPG_ERR_NO_DATA: + UPDATE_STATS (STAT_BAD_TRIPLETS); + logmsg (LOG_ERR, _("No signature")); + return 0; + + case GPG_ERR_SIG_EXPIRED: + UPDATE_STATS (STAT_BAD_SIGNATURE); + logmsg (LOG_ERR, _("Expired signature from %s"), uid); + return 0; + + case GPG_ERR_KEY_EXPIRED: + UPDATE_STATS (STAT_BAD_SIGNATURE); + logmsg (LOG_ERR, _("Key expired (%s)"), uid); + return 0; + + default: + logmsg (LOG_ERR, _("Unknown signature error")); + return 0; + } + return -1; +} + +static int gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig, struct file_triplet *trp) { @@ -157,57 +208,16 @@ gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig, { const char *uid; gpgme_key_t key; - + int rc; + if (gpgme_get_key (ctx, sig->fpr, &key, 0) == GPG_ERR_NO_ERROR) uid = key->uids->uid; else uid = sig->fpr; - - switch (gpg_err_code (sig->status)) - { - case GPG_ERR_NO_ERROR: - if (debug_level) - logmsg (LOG_NOTICE, _("Good signature from %s"), uid); - trp->uploader = uploader_find_frp (trp->uploader_list, sig->fpr); - if (!trp->uploader) - { - logmsg (LOG_ERR, - _("good signature from %s, " - "but the uploader info for %s not found"), - uid, sig->fpr); - return 1; - } - break; - - case GPG_ERR_BAD_SIGNATURE: - UPDATE_STATS (STAT_BAD_SIGNATURE); - logmsg (LOG_ERR, _("BAD signature from %s"), uid); - return 0; - - case GPG_ERR_NO_PUBKEY: - UPDATE_STATS (STAT_ACCESS_VIOLATIONS); - logmsg (LOG_ERR, _("No public key")); - return 0; - - case GPG_ERR_NO_DATA: - UPDATE_STATS (STAT_BAD_TRIPLETS); - logmsg (LOG_ERR, _("No signature")); - return 0; - - case GPG_ERR_SIG_EXPIRED: - UPDATE_STATS (STAT_BAD_SIGNATURE); - logmsg (LOG_ERR, _("Expired signature from %s"), uid); - return 0; - - case GPG_ERR_KEY_EXPIRED: - UPDATE_STATS (STAT_BAD_SIGNATURE); - logmsg (LOG_ERR, _("Key expired (%s)"), uid); - return 0; - - default: - logmsg (LOG_ERR, _("Unknown signature error")); - return 0; - } + rc = checksig (sig, uid, trp); + gpgme_key_unref (key); + if (rc != -1) + return rc; } return 1; } @@ -217,7 +227,7 @@ int verify_directive_signature (struct file_triplet *trp) { gpgme_ctx_t ctx; - gpgme_data_t key_data, directive_data, plain; + gpgme_data_t key_data, directive_data, plain = NULL; gpgme_error_t ec; int rc; struct uploader_info *uptr; @@ -269,6 +279,7 @@ verify_directive_signature (struct file_triplet *trp) trp->name, gpgme_strerror (ec)); } + gpgme_data_release (plain); gpgme_data_release (directive_data); gpgme_data_release (key_data); gpgme_release (ctx); |