From: Michael Tremer Date: Mon, 12 Jul 2021 11:01:45 +0000 (+0000) Subject: archive: Set verify status after successful signature check X-Git-Tag: 0.9.28~1044 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4033ec604392ec0547ef5833c242a6192b7e1fad;p=pakfire.git archive: Set verify status after successful signature check Signed-off-by: Michael Tremer --- diff --git a/src/libpakfire/archive.c b/src/libpakfire/archive.c index df35160fb..f0e04a0b7 100644 --- a/src/libpakfire/archive.c +++ b/src/libpakfire/archive.c @@ -1264,9 +1264,6 @@ static int pakfire_archive_verify_signature(struct pakfire_archive* archive, str if (!result || !result->signatures) goto ERROR; - // XXX This is some old code and does not entirely do what is desired, yet - int status = 0; - // Walk through all signatures for (gpgme_signature_t sig = result->signatures; sig; sig = sig->next) { // Log some information about this signature @@ -1280,28 +1277,28 @@ static int pakfire_archive_verify_signature(struct pakfire_archive* archive, str switch (gpg_err_code(sig->status)) { // All good case GPG_ERR_NO_ERROR: - status = PAKFIRE_ARCHIVE_VERIFY_OK; + archive->verify = PAKFIRE_ARCHIVE_VERIFY_OK; break; // Key has expired (still good) case GPG_ERR_KEY_EXPIRED: - status = PAKFIRE_ARCHIVE_VERIFY_KEY_EXPIRED; + archive->verify = PAKFIRE_ARCHIVE_VERIFY_KEY_EXPIRED; break; // Signature has expired (bad) case GPG_ERR_SIG_EXPIRED: - status = PAKFIRE_ARCHIVE_VERIFY_SIG_EXPIRED; + archive->verify = PAKFIRE_ARCHIVE_VERIFY_SIG_EXPIRED; break; // We don't have the key case GPG_ERR_NO_PUBKEY: - status = PAKFIRE_ARCHIVE_VERIFY_KEY_UNKNOWN; + archive->verify = PAKFIRE_ARCHIVE_VERIFY_KEY_UNKNOWN; break; // Bad signature (or any other errors) case GPG_ERR_BAD_SIGNATURE: default: - status = PAKFIRE_ARCHIVE_VERIFY_INVALID; + archive->verify = PAKFIRE_ARCHIVE_VERIFY_INVALID; break; } }