[Rpm-maint] [rpm-software-management/rpm] Add pgpVerifySignature2 (PR #2453)

Panu Matilainen notifications at github.com
Fri Mar 24 13:41:04 UTC 2023


@pmatilai commented on this pull request.



> @@ -276,7 +276,18 @@ rpmRC rpmKeyringVerifySig(rpmKeyring keyring, pgpDigParams sig, DIGEST_CTX ctx)
 	    pgpkey = key->pgpkey;
 
 	/* We call verify even if key not found for a signature sanity check */
-	rc = pgpVerifySignature(pgpkey, sig, ctx);
+        char *errormsg = NULL;
+	rc = pgpVerifySignature2(pgpkey, sig, ctx, &errormsg);
+        if (errormsg) {
+            if (rc) {
+                rpmlog(RPMLOG_ERR, "Error verifying signature: %s",
+                       errormsg);
+            } else {
+                rpmlog(RPMLOG_WARNING, "Warning verifying signature: %s",

rpmlog() prefixes ERR and WARNING with `error:` and `warning:` respectively so these will appear a bit redundant, eg `error: Error verifying signature: <explanation>`

Not that I have any particularly bright ideas for better messages.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2453#pullrequestreview-1356726502
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/pull/2453/review/1356726502 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20230324/8bcd34b2/attachment.html>


More information about the Rpm-maint mailing list