Added gpg validity check. Tweak to rpm spec file.

fwknop.spec

@@ -24,9 +24,9 @@ URL:		http://www.cipherdyne.org/fwknop/
 Source0:	fwknop-%{version}.tar.gz
 BuildRoot:	%(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
 
-BuildRequires:	gpg, gpgme-devel, libpcap-devel, gdbm-devel
+BuildRequires:	gpg, gpgme-devel, libpcap-devel, gdbm-devel, iptables
 
-Requires:	libfko
+Requires:	libfko, iptables
 
 
 %package -n libfko

lib/fko_context.h

@@ -41,6 +41,7 @@ struct fko_gpg_sig {
     struct fko_gpg_sig *next;
     gpgme_sigsum_t      summary;
     gpgme_error_t       status;
+    gpgme_validity_t    validity;
     char               *fpr;
 };
 

lib/gpgme_funcs.c

@@ -137,6 +137,7 @@ process_sigs(fko_ctx_t fko_ctx, gpgme_verify_result_t vres)
         */
         fgs->summary    = sig->summary;
         fgs->status     = sig->status;
+        fgs->validity   = sig->validity;
 
         /* Grab the signature fingerprint.
         */
@@ -168,7 +169,7 @@ process_sigs(fko_ctx_t fko_ctx, gpgme_verify_result_t vres)
     */
     fgs = fko_ctx->gpg_sigs;
 
-    if(fgs->status != GPG_ERR_NO_ERROR) {
+    if(fgs->status != GPG_ERR_NO_ERROR || fgs->validity < 3) {
         fko_ctx->gpg_err = fgs->status;
 
         return(FKO_ERROR_GPGME_BAD_SIGNATURE);