I think that there is a more simple way to catch multiple signatures see below.
Other than that, I like this patch.
Signed-off-by: Tacitus Aedifex <aedifex@xxxxxxx>
---
gpg-interface.c | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/gpg-interface.c b/gpg-interface.c
index db17d65f8..a4dba3361 100644
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -93,6 +93,7 @@ static void parse_gpg_output(struct signature_check *sigc)
{
const char *buf = sigc->gpg_status;
int i;
+ int multi_sig = 0;
/* Iterate over all search strings */
for (i = 0; i < ARRAY_SIZE(sigcheck_gpg_status); i++) {
@@ -115,6 +116,23 @@ static void parse_gpg_output(struct signature_check *sigc)
next = strchrnul(found, '\n');
sigc->signer = xmemdupz(found, next - found);
}
+ } else
+ multi_sig++;
+
+ /*
+ * GOODSIG, BADSIG, etc. can occure only once for each signature.
+ * Therefore, if we had more than one then we're dealing with
+ * multiple signatures. We don't support them currently and they are
+ * rather hard to create, so something is likely probably not right
+ * and we should reject them altogether.
+ */
+ if (multi_sig > 1) {
+ sigc->result = 'E';
+ /* clear partial data to avoid confusion */
+ if (sigc->signer)
+ FREE_AND_NULL(sigc->signer);
+ if (sigc->key)
+ FREE_AND_NULL(sigc->key);
}
}
}
--
2.18.0.129.ge333175
--
