@ -509,6 +509,18 @@ func hashAndVerifyForKeyID(sig *packet.Signature, payload string, committer *Use
return nil
return nil
}
}
for _ , key := range keys {
for _ , key := range keys {
var primaryKeys [ ] * GPGKey
if key . PrimaryKeyID != "" {
primaryKeys , err = GetGPGKeysByKeyID ( key . PrimaryKeyID )
if err != nil {
log . Error ( "GetGPGKeysByKeyID: %v" , err )
return & CommitVerification {
CommittingUser : committer ,
Verified : false ,
Reason : "gpg.error.failed_retrieval_gpg_keys" ,
}
}
}
activated := false
activated := false
if len ( email ) != 0 {
if len ( email ) != 0 {
for _ , e := range key . Emails {
for _ , e := range key . Emails {
@ -518,6 +530,20 @@ func hashAndVerifyForKeyID(sig *packet.Signature, payload string, committer *Use
break
break
}
}
}
}
if ! activated {
for _ , pkey := range primaryKeys {
for _ , e := range pkey . Emails {
if e . IsActivated && strings . EqualFold ( e . Email , email ) {
activated = true
email = e . Email
break
}
}
if activated {
break
}
}
}
} else {
} else {
for _ , e := range key . Emails {
for _ , e := range key . Emails {
if e . IsActivated {
if e . IsActivated {
@ -526,7 +552,22 @@ func hashAndVerifyForKeyID(sig *packet.Signature, payload string, committer *Use
break
break
}
}
}
}
if ! activated {
for _ , pkey := range primaryKeys {
for _ , e := range pkey . Emails {
if e . IsActivated {
activated = true
email = e . Email
break
}
}
if activated {
break
}
}
}
}
}
if ! activated {
if ! activated {
continue
continue
}
}
@ -614,7 +655,6 @@ func ParseCommitWithSignature(c *git.Commit) *CommitVerification {
if keyID == "" && sig . IssuerFingerprint != nil && len ( sig . IssuerFingerprint ) > 0 {
if keyID == "" && sig . IssuerFingerprint != nil && len ( sig . IssuerFingerprint ) > 0 {
keyID = fmt . Sprintf ( "%X" , sig . IssuerFingerprint [ 12 : 20 ] )
keyID = fmt . Sprintf ( "%X" , sig . IssuerFingerprint [ 12 : 20 ] )
}
}
defaultReason := NoKeyFound
defaultReason := NoKeyFound
// First check if the sig has a keyID and if so just look at that
// First check if the sig has a keyID and if so just look at that