[git] GPGME - branch, master, updated. gpgme-1.10.0-187-g478d165

by Werner Koch cvs at cvs.gnupg.org
Thu Apr 12 20:33:26 CEST 2018 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".

The branch, master has been updated
       via  478d1650bbef84958ccce439fac982ef57b16cd0 (commit)
      from  ee8fad3ea0cbc82f31c86b3483abd8549df62b69 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 478d1650bbef84958ccce439fac982ef57b16cd0
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Apr 12 20:26:00 2018 +0200

    core: For a failed verification return the sig's fingerprint.
    
    * src/verify.c (parse_new_sig): Parse the new ERRSIG fpr.
    --
    
    This works only when the signatures features an ISSUER_FPR sub-packet
    and with GnuPG >= 2.2.7.  If that is not the case the keyid is kept in
    the FPR field.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/src/verify.c b/src/verify.c
index ee730a3..4eab902 100644
--- a/src/verify.c
+++ b/src/verify.c
@@ -284,6 +284,7 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args,
   gpgme_signature_t sig;
   char *end = strchr (args, ' ');
   char *tail;
+  int got_fpr = 0;
 
   if (end)
     {
@@ -370,7 +371,23 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args,
       if (!*end)
 	goto parse_err_sig_fail;
 
-      sig->status = strtoul (end, NULL, 10);
+      gpg_err_set_errno (0);
+      sig->status = strtoul (end, &tail, 10);
+      if (errno || end == tail || (*tail && *tail != ' '))
+	goto parse_err_sig_fail;
+      if (!*tail)
+        goto parse_err_sig_ok;
+      end = tail;
+      while (*end == ' ')
+	end++;
+
+      /* Parse the new fingerprint (from the ISSUER_FPR subpacket).  */
+      if (!*end || (*end == '-' && (end[1] == ' ' || !end[1])))
+        goto parse_err_sig_ok;  /* Okay (just trailing spaces).  */
+      sig->fpr = strdup (end);
+      if (!sig->fpr)
+	return gpg_error_from_syserror ();
+      got_fpr = 1;
       goto parse_err_sig_ok;
 
     parse_err_sig_fail:
@@ -382,7 +399,7 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args,
       return gpg_error (GPG_ERR_GENERAL);
     }
 
-  if (*args)
+  if (*args && !got_fpr)
     {
       sig->fpr = strdup (args);
       if (!sig->fpr)

-----------------------------------------------------------------------

Summary of changes:
 src/verify.c | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
GnuPG Made Easy
http://git.gnupg.org

More information about the Gnupg-commits mailing list