summaryrefslogtreecommitdiff
path: root/methods/gpgv.cc
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2016-04-29 00:31:49 +0200
committerJulian Andres Klode <jak@debian.org>2016-05-10 20:53:16 +0200
commitf5b1b479cfcebcac2f4ac1b9266c1d871d3cd988 (patch)
treee06c24611909b807cc1599094f325293ff9949c8 /methods/gpgv.cc
parentbddb663c5d46072c1dbd72a69c1745d598e9c0eb (diff)
don't show NO_PUBKEY warning if repo is signed by another key
Daniel Kahn Gillmor highlights in the bugreport that security isn't improving by having the user import additional keys – especially as importing keys securely is hard. The bugreport was initially about dropping the warning to a notice, but in given the previously mentioned observation and the fact that we weren't printing a warning (or a notice) for expired or revoked keys providing a signature we drop it completely as the code to display a message if this was the only key is in another path – and is considered critical. Closes: 618445 (Backported from commit fb7b11ebb852fa255053ecab605bc9cfe9de0603)
Diffstat (limited to 'methods/gpgv.cc')
-rw-r--r--methods/gpgv.cc8
1 files changed, 4 insertions, 4 deletions
diff --git a/methods/gpgv.cc b/methods/gpgv.cc
index 60a7d4719..473465ba6 100644
--- a/methods/gpgv.cc
+++ b/methods/gpgv.cc
@@ -196,14 +196,14 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
}
else if (strncmp(buffer, GNUPGGOODSIG, sizeof(GNUPGGOODSIG)-1) == 0)
{
- char *sig = buffer + sizeof(GNUPGPREFIX);
- char *p = sig + sizeof("GOODSIG");
+ char *sig = buffer + sizeof(GNUPGGOODSIG);
+ char *p = sig;
while (*p && isxdigit(*p))
p++;
*p = 0;
if (Debug == true)
- std::clog << "Got GOODSIG, key ID:" << sig << std::endl;
- GoodSigners.push_back(string(sig));
+ std::clog << "Got GOODSIG, key ID: " << sig << std::endl;
+ GoodSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
}
else if (strncmp(buffer, GNUPGVALIDSIG, sizeof(GNUPGVALIDSIG)-1) == 0)
{