]> git.saurik.com Git - apt.git/blobdiff - methods/gpgv.cc
projects / apt.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
CMake: test/libapt: Use a prebuilt GTest library if available
[apt.git] / methods / gpgv.cc
diff --git a/methods/gpgv.cc b/methods/gpgv.cc
index 2fed53a39c2147f2ef14b657ef9ae764810fb6c1..d073c733eae7e5a4544a4cc592edd53a2bbb06a2 100644 (file)
--- a/methods/gpgv.cc
+++ b/methods/gpgv.cc
@@ -39,6 +39,7 @@ using std::vector;
 #define GNUPGEXPSIG "[GNUPG:] EXPSIG"
 #define GNUPGREVKEYSIG "[GNUPG:] REVKEYSIG"
 #define GNUPGNODATA "[GNUPG:] NODATA"
+#define APTKEYWARNING "[APTKEY:] WARNING"
 
 struct Digest {
    enum class State {
@@ -238,6 +239,8 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
 
          ValidSigners.push_back(sig);
       }
+      else if (strncmp(buffer, APTKEYWARNING, sizeof(APTKEYWARNING)-1) == 0)
+         Warning("%s", buffer + sizeof(APTKEYWARNING));
    }
    fclose(pipein);
    free(buffer);
@@ -255,16 +258,32 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
         if (std::find(ValidSigners.begin(), ValidSigners.end(), k) == ValidSigners.end())
            continue;
         // we look for GOODSIG here as well as an expired sig is a valid sig as well (but not a good one)
+        std::string const goodfingerprint = "GOODSIG " + k;
         std::string const goodlongkeyid = "GOODSIG " + k.substr(24, 16);
-        foundGood = std::find(GoodSigners.begin(), GoodSigners.end(), goodlongkeyid) != GoodSigners.end();
+        foundGood = std::find(GoodSigners.begin(), GoodSigners.end(), goodfingerprint) != GoodSigners.end();
         if (Debug == true)
-           std::clog << "Key " << k << " is valid sig, is " << goodlongkeyid << " also a good one? " << (foundGood ? "yes" : "no") << std::endl;
+           std::clog << "Key " << k << " is valid sig, is " << goodfingerprint << " also a good one? " << (foundGood ? "yes" : "no") << std::endl;
+        std::string goodsig;
+        if (foundGood == false)
+        {
+           foundGood = std::find(GoodSigners.begin(), GoodSigners.end(), goodlongkeyid) != GoodSigners.end();
+           if (Debug == true)
+              std::clog << "Key " << k << " is valid sig, is " << goodlongkeyid << " also a good one? " << (foundGood ? "yes" : "no") << std::endl;
+           goodsig = goodlongkeyid;
+        }
+        else
+           goodsig = goodfingerprint;
         if (foundGood == false)
            continue;
         std::copy(GoodSigners.begin(), GoodSigners.end(), std::back_insert_iterator<std::vector<std::string> >(NoPubKeySigners));
         GoodSigners.clear();
-        GoodSigners.push_back(goodlongkeyid);
-        NoPubKeySigners.erase(std::remove(NoPubKeySigners.begin(), NoPubKeySigners.end(), goodlongkeyid), NoPubKeySigners.end());
+        GoodSigners.push_back(goodsig);
+        NoPubKeySigners.erase(
+           std::remove(NoPubKeySigners.begin(),
+              std::remove(NoPubKeySigners.begin(), NoPubKeySigners.end(), goodfingerprint),
+              goodlongkeyid),
+           NoPubKeySigners.end()
+        );
         break;
       }
       if (foundGood == false)
APT (for Cydia)