diff options
author | Dan McGee <dan@archlinux.org> | 2008-12-07 13:01:28 -0600 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2011-03-23 02:22:00 -0500 |
commit | 88746ec067c00a9e81f4323aa857a5bcf37258ad (patch) | |
tree | 1d21b4adb24e5a45940e4b65295231199f146ba2 | |
parent | 39da0198cd132bbb72be234b584bc62c88db33b6 (diff) | |
download | pacman-88746ec067c00a9e81f4323aa857a5bcf37258ad.tar.xz |
Read in .sig files when opening a package file
If a .sig file sits side-by-side on the filesystem with a package archive,
read it in during the package struct creation process so we can verify it at
a later time if necessary.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
-rw-r--r-- | lib/libalpm/be_package.c | 49 |
1 files changed, 48 insertions, 1 deletions
diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index fbd2c0c7..e8d26aa7 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -251,11 +251,57 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full) RET_ERR(PM_ERR_WRONG_ARGS, NULL); } - if(stat(pkgfile, &st) != 0) { + /* attempt to stat the package file, ensure it exists */ + if(stat(pkgfile, &st) == 0) { + char *pgpfile; + + newpkg = _alpm_pkg_new(); + if(newpkg == NULL) { + RET_ERR(PM_ERR_MEMORY, NULL); + } + newpkg->filename = strdup(pkgfile); + newpkg->size = st.st_size; + + /* look around for a PGP signature file; load if available */ + MALLOC(pgpfile, strlen(pkgfile) + 5, RET_ERR(PM_ERR_MEMORY, NULL)); + sprintf(pgpfile, "%s.sig", pkgfile); + if(access(pgpfile, R_OK) == 0) { + FILE *f; + long bytes; + size_t bytes_read; + f = fopen(pgpfile, "rb"); + fseek(f, 0L, SEEK_END); + bytes = ftell(f); + fseek(f, 0L, SEEK_SET); + /* don't read the file in if it is obviously not the size of a sig */ + if(bytes == 72) { + CALLOC(newpkg->pgpsig.rawdata, bytes, sizeof(char), + RET_ERR(PM_ERR_MEMORY, NULL)); + bytes_read = fread(newpkg->pgpsig.rawdata, sizeof(char), bytes, f); + if(bytes_read == (size_t)bytes) { + newpkg->pgpsig.rawlen = bytes; + _alpm_log(PM_LOG_DEBUG, + "loaded package .sig file, location %s\n", pgpfile); + } else { + _alpm_log(PM_LOG_WARNING, _("Failed reading PGP signature file for %s"), + pkgfile); + } + } else { + _alpm_log(PM_LOG_WARNING, _("PGP signature file for %s was abnormal" + " (had length %ld), skipping\n"), pkgfile, bytes); + } + fclose(f); + } else { + _alpm_log(PM_LOG_DEBUG, "no package signature file found\n"); + } + FREE(pgpfile); + } else { + /* couldn't stat the pkgfile, return an error */ RET_ERR(PM_ERR_PKG_OPEN, NULL); } if((archive = archive_read_new()) == NULL) { + alpm_pkg_free(newpkg); RET_ERR(PM_ERR_LIBARCHIVE, NULL); } @@ -264,6 +310,7 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full) if (archive_read_open_filename(archive, pkgfile, ARCHIVE_DEFAULT_BYTES_PER_BLOCK) != ARCHIVE_OK) { + alpm_pkg_free(newpkg); RET_ERR(PM_ERR_PKG_OPEN, NULL); } |