ident.c: add support for IPv6

diff --git a/gpg-interface.c b/gpg-interface.c
index 3c9624c4331d0bc73bfcce90d5dad50561e41659..3dc2fe397e32d79713780596f0ef4666c14b5955 100644 (file)
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -7,6 +7,9 @@
 static char *configured_signing_key;
 static const char *gpg_program = "gpg";
 
+#define PGP_SIGNATURE "-----BEGIN PGP SIGNATURE-----"
+#define PGP_MESSAGE "-----BEGIN PGP MESSAGE-----"
+
 void signature_check_clear(struct signature_check *sigc)
 {
        free(sigc->payload);
@@ -57,6 +60,61 @@ void parse_gpg_output(struct signature_check *sigc)
        }
 }
 
+int check_signature(const char *payload, size_t plen, const char *signature,
+       size_t slen, struct signature_check *sigc)
+{
+       struct strbuf gpg_output = STRBUF_INIT;
+       struct strbuf gpg_status = STRBUF_INIT;
+       int status;
+
+       sigc->result = 'N';
+
+       status = verify_signed_buffer(payload, plen, signature, slen,
+                                     &gpg_output, &gpg_status);
+       if (status && !gpg_output.len)
+               goto out;
+       sigc->payload = xmemdupz(payload, plen);
+       sigc->gpg_output = strbuf_detach(&gpg_output, NULL);
+       sigc->gpg_status = strbuf_detach(&gpg_status, NULL);
+       parse_gpg_output(sigc);
+
+ out:
+       strbuf_release(&gpg_status);
+       strbuf_release(&gpg_output);
+
+       return sigc->result != 'G' && sigc->result != 'U';
+}
+
+void print_signature_buffer(const struct signature_check *sigc, unsigned flags)
+{
+       const char *output = flags & GPG_VERIFY_RAW ?
+               sigc->gpg_status : sigc->gpg_output;
+
+       if (flags & GPG_VERIFY_VERBOSE && sigc->payload)
+               fputs(sigc->payload, stdout);
+
+       if (output)
+               fputs(output, stderr);
+}
+
+/*
+ * Look at GPG signed content (e.g. a signed tag object), whose
+ * payload is followed by a detached signature on it.  Return the
+ * offset where the embedded detached signature begins, or the end of
+ * the data when there is no such signature.
+ */
+size_t parse_signature(const char *buf, unsigned long size)
+{
+       char *eol;
+       size_t len = 0;
+       while (len < size && !starts_with(buf + len, PGP_SIGNATURE) &&
+                       !starts_with(buf + len, PGP_MESSAGE)) {
+               eol = memchr(buf + len, '\n', size - len);
+               len += eol ? eol - (buf + len) + 1 : size - len;
+       }
+       return len;
+}
+
 void set_signing_key(const char *key)
 {
        free(configured_signing_key);
@@ -91,12 +149,11 @@ const char *get_signing_key(void)
  */
 int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key)
 {
-       struct child_process gpg;
+       struct child_process gpg = CHILD_PROCESS_INIT;
        const char *args[4];
        ssize_t len;
        size_t i, j, bottom;
 
-       memset(&gpg, 0, sizeof(gpg));
        gpg.argv = args;
        gpg.in = -1;
        gpg.out = -1;
@@ -152,7 +209,7 @@ int verify_signed_buffer(const char *payload, size_t payload_size,
                         const char *signature, size_t signature_size,
                         struct strbuf *gpg_output, struct strbuf *gpg_status)
 {
-       struct child_process gpg;
+       struct child_process gpg = CHILD_PROCESS_INIT;
        const char *args_gpg[] = {NULL, "--status-fd=1", "--verify", "FILE", "-", NULL};
        char path[PATH_MAX];
        int fd, ret;
@@ -169,7 +226,6 @@ int verify_signed_buffer(const char *payload, size_t payload_size,
                             path, strerror(errno));
        close(fd);
 
-       memset(&gpg, 0, sizeof(gpg));
        gpg.argv = args_gpg;
        gpg.in = -1;
        gpg.out = -1;