]> the.earth.li Git - onak.git/blobdiff - onak-conf.c
projects / onak.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add support for full signature verification
[onak.git] / onak-conf.c
diff --git a/onak-conf.c b/onak-conf.c
index a67c950432e2c05322eff4de91f43a37b01059ad..6d67a74610c81b06f1677badca51a10e1f1a7378 100644 (file)
--- a/onak-conf.c
+++ b/onak-conf.c
@@ -313,6 +313,21 @@ static bool parseconfigline(char *line)
                                config.clean_policies &=
                                        ~ONAK_CLEAN_LARGE_PACKETS;
                        }
+               } else if (MATCH("verification", "require_other_sig")) {
+#if HAVE_CRYPTO
+                       if (parsebool(value, config.clean_policies &
+                                       ONAK_CLEAN_NEED_OTHER_SIG)) {
+                               config.clean_policies |=
+                                       ONAK_CLEAN_NEED_OTHER_SIG;
+                       } else {
+                               config.clean_policies &=
+                                       ~ONAK_CLEAN_NEED_OTHER_SIG;
+                       }
+#else
+                       logthing(LOGTHING_ERROR,
+                                       "Compiled without crypto support, "
+                                       "require_other_sig not available.");
+#endif
                } else if (MATCH("verification", "update_only")) {
                        if (parsebool(value, config.clean_policies &
                                        ONAK_CLEAN_UPDATE_ONLY)) {
@@ -322,6 +337,21 @@ static bool parseconfigline(char *line)
                                config.clean_policies &=
                                        ~ONAK_CLEAN_UPDATE_ONLY;
                        }
+               } else if (MATCH("verification", "verify_signatures")) {
+#if HAVE_CRYPTO
+                       if (parsebool(value, config.clean_policies &
+                                       ONAK_CLEAN_VERIFY_SIGNATURES)) {
+                               config.clean_policies |=
+                                       ONAK_CLEAN_VERIFY_SIGNATURES;
+                       } else {
+                               config.clean_policies &=
+                                       ~ONAK_CLEAN_VERIFY_SIGNATURES;
+                       }
+#else
+                       logthing(LOGTHING_ERROR,
+                                       "Compiled without crypto support, "
+                                       "verify_signatures not available.");
+#endif
                } else {
                        return false;
                }
OpenPGP key server