summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2012-07-09 10:28:03 +0200
committerDan McGee <dan@archlinux.org>2012-09-18 15:35:53 +0200
commitf7558856b174ea8a7fab099a05c2e7c6397851a2 (patch)
treefe5ed31bff1bf2d44c965a7549cc6144c9b98c58
parent89319b5bfd6a592ce99cb07729f66bbc2cbfed5c (diff)
downloadpacman-f7558856b174ea8a7fab099a05c2e7c6397851a2.tar.gz
pacman-f7558856b174ea8a7fab099a05c2e7c6397851a2.tar.xz
signing.c: warn if time went backwards
GPG signatures have a timestamp which is checked and if it's in the future, verification will fail. Dan: slight wording change. Signed-off-by: Florian Pritz <bluewind@xinu.at>
-rw-r--r--lib/libalpm/signing.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 7177d655..82d7292a 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -515,6 +515,11 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path,
string_validity(gpgsig->validity),
gpgme_strerror(gpgsig->validity_reason));
+ if((time_t)gpgsig->timestamp > time(NULL)) {
+ _alpm_log(handle, ALPM_LOG_WARNING,
+ _("System time is greater than signature timestamp.\n"));
+ }
+
result = siglist->results + sigcount;
err = gpgme_get_key(ctx, gpgsig->fpr, &key, 0);
if(gpg_err_code(err) == GPG_ERR_EOF) {