From f7558856b174ea8a7fab099a05c2e7c6397851a2 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Mon, 9 Jul 2012 10:28:03 +0200 Subject: signing.c: warn if time went backwards GPG signatures have a timestamp which is checked and if it's in the future, verification will fail. Dan: slight wording change. Signed-off-by: Florian Pritz --- lib/libalpm/signing.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'lib/libalpm/signing.c') diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 7177d655..82d7292a 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -515,6 +515,11 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path, string_validity(gpgsig->validity), gpgme_strerror(gpgsig->validity_reason)); + if((time_t)gpgsig->timestamp > time(NULL)) { + _alpm_log(handle, ALPM_LOG_WARNING, + _("System time is greater than signature timestamp.\n")); + } + result = siglist->results + sigcount; err = gpgme_get_key(ctx, gpgsig->fpr, &key, 0); if(gpg_err_code(err) == GPG_ERR_EOF) { -- cgit v1.2.3-24-g4f1b