diff options
| author | Robert McQueen <rob@endlessm.com> | 2017-07-30 17:44:35 +0100 |
|---|---|---|
| committer | Atomic Bot <atomic-devel@projectatomic.io> | 2017-07-31 14:37:09 +0000 |
| commit | e8a9172daad5f27ba5805fd4e4abba1b419dffc0 (patch) | |
| tree | b7f9db6fa86424cafc49c10d447b99c8210b0a7b /src/libostree/ostree-gpg-verify-result.c | |
| parent | 156cf23576df15cfd06d8138f7fc4443bfee5058 (diff) | |
| download | ostree-e8a9172daad5f27ba5805fd4e4abba1b419dffc0.tar.gz | |
gpg-verify-result: try to display the primary key ID from signatures
The fingerprint associated with each signature can be different to
the primary key ID (the normal one that people use to identify a
GPG key) if the signature is from a signing subkey. Try to find the
primary key and print this ID in preference to the subkey signature.
https://github.com/ostreedev/ostree/issues/608
Closes: #1036
Approved by: cgwalters
Diffstat (limited to 'src/libostree/ostree-gpg-verify-result.c')
| -rw-r--r-- | src/libostree/ostree-gpg-verify-result.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/src/libostree/ostree-gpg-verify-result.c b/src/libostree/ostree-gpg-verify-result.c index 059b3d56..7cee6c28 100644 --- a/src/libostree/ostree-gpg-verify-result.c +++ b/src/libostree/ostree-gpg-verify-result.c @@ -334,7 +334,8 @@ ostree_gpg_verify_result_get (OstreeGpgVerifyResult *result, * (OSTREE_GPG_SIGNATURE_ATTR_KEY_MISSING). */ for (ii = 0; ii < n_attrs; ii++) { - if (attrs[ii] == OSTREE_GPG_SIGNATURE_ATTR_USER_NAME || + if (attrs[ii] == OSTREE_GPG_SIGNATURE_ATTR_FINGERPRINT || + attrs[ii] == OSTREE_GPG_SIGNATURE_ATTR_USER_NAME || attrs[ii] == OSTREE_GPG_SIGNATURE_ATTR_USER_EMAIL) { (void) gpgme_get_key (result->context, signature->fpr, &key, 0); @@ -378,7 +379,11 @@ ostree_gpg_verify_result_get (OstreeGpgVerifyResult *result, break; case OSTREE_GPG_SIGNATURE_ATTR_FINGERPRINT: - child = g_variant_new_string (signature->fpr); + if (key != NULL && key->subkeys != NULL) + v_string = key->subkeys->fpr; + else + v_string = signature->fpr; + child = g_variant_new_string (v_string); break; case OSTREE_GPG_SIGNATURE_ATTR_TIMESTAMP: |