summaryrefslogtreecommitdiff
path: root/methods/gpgv.cc
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2016-04-29 10:16:42 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2016-05-01 10:50:24 +0200
commit46e00c9062d09a642973e83a334483db1f310397 (patch)
tree6c498258c3e0ffb7e330c82506bb94e9f749b41a /methods/gpgv.cc
parent5419a6ce20967902102358a07632ae3688788d62 (diff)
downloadapt-46e00c9062d09a642973e83a334483db1f310397.tar.gz
support multiple fingerprints in signed-by
A keyring file can include multiple keys, so its only fair for transitions and such to support multiple fingerprints as well.
Diffstat (limited to 'methods/gpgv.cc')
-rw-r--r--methods/gpgv.cc30
1 files changed, 17 insertions, 13 deletions
diff --git a/methods/gpgv.cc b/methods/gpgv.cc
index 3e0b133a3..b9fb09a8f 100644
--- a/methods/gpgv.cc
+++ b/methods/gpgv.cc
@@ -249,25 +249,29 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
{
if (Debug == true)
std::clog << "GoodSigs needs to be limited to keyid " << key << std::endl;
- std::vector<std::string>::iterator const foundItr = std::find(ValidSigners.begin(), ValidSigners.end(), key);
- bool const found = (foundItr != ValidSigners.end());
- std::copy(GoodSigners.begin(), GoodSigners.end(), std::back_insert_iterator<std::vector<std::string> >(NoPubKeySigners));
- if (found)
+ bool foundGood = false;
+ for (auto const &k: VectorizeString(key, ','))
{
+ if (std::find(ValidSigners.begin(), ValidSigners.end(), k) == ValidSigners.end())
+ continue;
// we look for GOODSIG here as well as an expired sig is a valid sig as well (but not a good one)
- std::string const goodlongkeyid = "GOODSIG " + key.substr(24, 16);
- bool const foundGood = std::find(GoodSigners.begin(), GoodSigners.end(), goodlongkeyid) != GoodSigners.end();
+ std::string const goodlongkeyid = "GOODSIG " + k.substr(24, 16);
+ foundGood = std::find(GoodSigners.begin(), GoodSigners.end(), goodlongkeyid) != GoodSigners.end();
if (Debug == true)
- std::clog << "Key " << key << " is valid sig, is " << goodlongkeyid << " also a good one? " << (foundGood ? "yes" : "no") << std::endl;
+ std::clog << "Key " << k << " is valid sig, is " << goodlongkeyid << " also a good one? " << (foundGood ? "yes" : "no") << std::endl;
+ if (foundGood == false)
+ continue;
+ std::copy(GoodSigners.begin(), GoodSigners.end(), std::back_insert_iterator<std::vector<std::string> >(NoPubKeySigners));
GoodSigners.clear();
- if (foundGood)
- {
- GoodSigners.push_back(goodlongkeyid);
- NoPubKeySigners.erase(std::remove(NoPubKeySigners.begin(), NoPubKeySigners.end(), goodlongkeyid), NoPubKeySigners.end());
- }
+ GoodSigners.push_back(goodlongkeyid);
+ NoPubKeySigners.erase(std::remove(NoPubKeySigners.begin(), NoPubKeySigners.end(), goodlongkeyid), NoPubKeySigners.end());
+ break;
}
- else
+ if (foundGood == false)
+ {
+ std::copy(GoodSigners.begin(), GoodSigners.end(), std::back_insert_iterator<std::vector<std::string> >(NoPubKeySigners));
GoodSigners.clear();
+ }
}
int status;