From f7558856b174ea8a7fab099a05c2e7c6397851a2 Mon Sep 17 00:00:00 2001
From: Florian Pritz <bluewind@xinu.at>
Date: Mon, 9 Jul 2012 10:28:03 +0200
Subject: signing.c: warn if time went backwards

GPG signatures have a timestamp which is checked and if it's in the
future, verification will fail.

Dan: slight wording change.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
---
 lib/libalpm/signing.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'lib')

diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 7177d655..82d7292a 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -515,6 +515,11 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path,
 				string_validity(gpgsig->validity),
 				gpgme_strerror(gpgsig->validity_reason));
 
+		if((time_t)gpgsig->timestamp > time(NULL)) {
+			_alpm_log(handle, ALPM_LOG_WARNING,
+					_("System time is greater than signature timestamp.\n"));
+		}
+
 		result = siglist->results + sigcount;
 		err = gpgme_get_key(ctx, gpgsig->fpr, &key, 0);
 		if(gpg_err_code(err) == GPG_ERR_EOF) {
-- 
cgit v1.2.3-70-g09d2