changeset: 6804:8963e77577ad
user: Kevin McCarthy <[email protected]>
date: Sat Oct 01 16:21:59 2016 -0700
link: http://dev.mutt.org/hg/mutt/rev/8963e77577ad
Ensure signatures exist when verifying multipart/signed emails. (closes #3881).
TAKAHASHI Tamotsu reported that when gpg2 isn't in PATH, the
gpgme_op_verify() won't return an error, but instead will return a
result with no signatures.
verify_one() was only returning an error if a signature actually
failed, so in this case the function was defaulting to returning
success.
Other callers of gpgme_op_verify() check to make sure the
result->signatures exist before processing signatures. Add a check
for verify_one() too.
diffs (34 lines):
diff -r e0c0a2820b8b -r 8963e77577ad crypt-gpgme.c
--- a/crypt-gpgme.c Sat Oct 01 13:58:35 2016 -0700
+++ b/crypt-gpgme.c Sat Oct 01 16:21:59 2016 -0700
@@ -1561,6 +1561,7 @@
{ /* Verification succeeded, see what the result is. */
int res, idx;
int anybad = 0;
+ gpgme_verify_result_t verify_result;
if (signature_key)
{
@@ -1568,15 +1569,19 @@
signature_key = NULL;
}
- for(idx=0; (res = show_one_sig_status (ctx, idx, s)) != -1; idx++)
+ verify_result = gpgme_op_verify_result (ctx);
+ if (verify_result && verify_result->signatures)
+ {
+ for (idx=0; (res = show_one_sig_status (ctx, idx, s)) != -1; idx++)
{
if (res == 1)
anybad = 1;
else if (res == 2)
anywarn = 2;
}
- if (!anybad)
- badsig = 0;
+ if (!anybad)
+ badsig = 0;
+ }
}
if (!badsig)
