core: Tell gpg that we want to verify signed data

* src/engine-gpg.c (gpg_verify): Add "--verify" to command line.
--

Since GnuPG 2.1.16 --verify writes the signed data to the file specified
by --output. Explicitly telling gpg that we want to verify signed data
frees gpg from guessing what we want and avoids the corresponding
warning "no command supplied.  Trying to guess what you mean ..."

GnuPG-bug-id: 6907
This commit is contained in:
Ingo Klöcker 2023-12-22 10:33:01 +01:00
parent 0b3c8709f7
commit 1dc44b7c5b
No known key found for this signature in database
GPG Key ID: F5A5D1692277A1E9

View File

@ -3775,6 +3775,8 @@ gpg_verify (void *engine, gpgme_verify_flags_t flags, gpgme_data_t sig,
{ {
/* Normal or cleartext signature. */ /* Normal or cleartext signature. */
const char *output = gpgme_data_get_file_name (plaintext); const char *output = gpgme_data_get_file_name (plaintext);
if (have_gpg_version (gpg, "2.1.16"))
err = add_arg (gpg, "--verify");
err = add_arg (gpg, "--output"); err = add_arg (gpg, "--output");
if (!err && output) if (!err && output)
err = add_arg (gpg, output); err = add_arg (gpg, output);