signing.c: warn if time went backwards

GPG signatures have a timestamp which is checked and if it's in the future, verification will fail. Dan: slight wording change. Signed-off-by: Florian Pritz <bluewind@xinu.at>
author: Florian Pritz <bluewind@xinu.at> 2012-07-09 10:28:03 +0200
committer: Dan McGee <dan@archlinux.org> 2012-09-18 15:35:53 +0200
commit: f7558856b174ea8a7fab099a05c2e7c6397851a2 (patch)
tree: fe5ed31bff1bf2d44c965a7549cc6144c9b98c58 /lib/libalpm/signing.c
parent: 89319b5bfd6a592ce99cb07729f66bbc2cbfed5c (diff)
download: pacman-f7558856b174ea8a7fab099a05c2e7c6397851a2.tar.gz
pacman-f7558856b174ea8a7fab099a05c2e7c6397851a2.tar.xz
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 7177d655..82d7292a 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -515,6 +515,11 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path,
 				string_validity(gpgsig->validity),
 				gpgme_strerror(gpgsig->validity_reason));
 
+		if((time_t)gpgsig->timestamp > time(NULL)) {
+			_alpm_log(handle, ALPM_LOG_WARNING,
+					_("System time is greater than signature timestamp.\n"));
+		}
+
 		result = siglist->results + sigcount;
 		err = gpgme_get_key(ctx, gpgsig->fpr, &key, 0);
 		if(gpg_err_code(err) == GPG_ERR_EOF) {
author	Florian Pritz <bluewind@xinu.at>	2012-07-09 10:28:03 +0200
committer	Dan McGee <dan@archlinux.org>	2012-09-18 15:35:53 +0200
commit	f7558856b174ea8a7fab099a05c2e7c6397851a2 (patch)
tree	fe5ed31bff1bf2d44c965a7549cc6144c9b98c58 /lib/libalpm/signing.c
parent	89319b5bfd6a592ce99cb07729f66bbc2cbfed5c (diff)
download	pacman-f7558856b174ea8a7fab099a05c2e7c6397851a2.tar.gz pacman-f7558856b174ea8a7fab099a05c2e7c6397851a2.tar.xz