diff options
| author | Werner Koch <[email protected]> | 2018-04-12 18:26:00 +0000 | 
|---|---|---|
| committer | Werner Koch <[email protected]> | 2018-04-12 18:26:00 +0000 | 
| commit | 478d1650bbef84958ccce439fac982ef57b16cd0 (patch) | |
| tree | 059d83c2ec65cd870f91530231e34510e9529f54 /src/verify.c | |
| parent | tests: Avoid segv in run-verify due to Policy URLs (diff) | |
| download | gpgme-478d1650bbef84958ccce439fac982ef57b16cd0.tar.gz gpgme-478d1650bbef84958ccce439fac982ef57b16cd0.zip | |
core: For a failed verification return the sig's fingerprint.
* src/verify.c (parse_new_sig): Parse the new ERRSIG fpr.
--
This works only when the signatures features an ISSUER_FPR sub-packet
and with GnuPG >= 2.2.7.  If that is not the case the keyid is kept in
the FPR field.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'src/verify.c')
| -rw-r--r-- | src/verify.c | 21 | 
1 files changed, 19 insertions, 2 deletions
| diff --git a/src/verify.c b/src/verify.c index ee730a34..4eab902b 100644 --- a/src/verify.c +++ b/src/verify.c @@ -284,6 +284,7 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args,    gpgme_signature_t sig;    char *end = strchr (args, ' ');    char *tail; +  int got_fpr = 0;    if (end)      { @@ -370,7 +371,23 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args,        if (!*end)  	goto parse_err_sig_fail; -      sig->status = strtoul (end, NULL, 10); +      gpg_err_set_errno (0); +      sig->status = strtoul (end, &tail, 10); +      if (errno || end == tail || (*tail && *tail != ' ')) +	goto parse_err_sig_fail; +      if (!*tail) +        goto parse_err_sig_ok; +      end = tail; +      while (*end == ' ') +	end++; + +      /* Parse the new fingerprint (from the ISSUER_FPR subpacket).  */ +      if (!*end || (*end == '-' && (end[1] == ' ' || !end[1]))) +        goto parse_err_sig_ok;  /* Okay (just trailing spaces).  */ +      sig->fpr = strdup (end); +      if (!sig->fpr) +	return gpg_error_from_syserror (); +      got_fpr = 1;        goto parse_err_sig_ok;      parse_err_sig_fail: @@ -382,7 +399,7 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args,        return gpg_error (GPG_ERR_GENERAL);      } -  if (*args) +  if (*args && !got_fpr)      {        sig->fpr = strdup (args);        if (!sig->fpr) | 
