summaryrefslogtreecommitdiffstats
path: root/lib/libalpm/be_package.c
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2011-06-27 16:29:49 -0500
committerDan McGee <dan@archlinux.org>2011-07-05 10:13:20 -0500
commit7af0ab1cde9398c938a7a221aca5787934a16121 (patch)
tree5c4327bd4c425c05514bd350d5fdda02b361e936 /lib/libalpm/be_package.c
parent1ce7f39ad73c5c96870c6036014afad3d49a8edf (diff)
downloadpacman-7af0ab1cde9398c938a7a221aca5787934a16121.tar.xz
signing: move to new signing verification and return scheme
This gives us more granularity than the former Never/Optional/Always trifecta. The frontend still uses these values temporarily but that will be changed in a future patch. * Use 'siglevel' consistenly in method names, 'level' as variable name * The level becomes an enum bitmask value for flexibility * Signature check methods now return a array of status codes rather than a simple integer success/failure value. This allows callers to determine whether things such as an unknown signature are valid. * Specific signature error codes mostly disappear in favor of the above returned status code; pm_errno is now set only to PKG_INVALID_SIG or DB_INVALID_SIG as appropriate. Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'lib/libalpm/be_package.c')
-rw-r--r--lib/libalpm/be_package.c20
1 files changed, 9 insertions, 11 deletions
diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
index af213241..46bdaed0 100644
--- a/lib/libalpm/be_package.c
+++ b/lib/libalpm/be_package.c
@@ -233,7 +233,7 @@ static int parse_descfile(alpm_handle_t *handle, struct archive *a, alpm_pkg_t *
*/
alpm_pkg_t *_alpm_pkg_load_internal(alpm_handle_t *handle, const char *pkgfile,
int full, const char *md5sum, const char *base64_sig,
- pgp_verify_t check_sig)
+ alpm_siglevel_t level)
{
int ret;
int config = 0;
@@ -271,14 +271,12 @@ alpm_pkg_t *_alpm_pkg_load_internal(alpm_handle_t *handle, const char *pkgfile,
}
_alpm_log(handle, ALPM_LOG_DEBUG, "base64_sig: %s\n", base64_sig);
- if(check_sig != PM_PGP_VERIFY_NEVER) {
- _alpm_log(handle, ALPM_LOG_DEBUG, "checking signature for %s\n", pkgfile);
- ret = _alpm_gpgme_checksig(handle, pkgfile, base64_sig);
- if((check_sig == PM_PGP_VERIFY_ALWAYS && ret != 0) ||
- (check_sig == PM_PGP_VERIFY_OPTIONAL && ret == 1)) {
- alpm_pkg_free(newpkg);
- RET_ERR(handle, ALPM_ERR_SIG_INVALID, NULL);
- }
+ if(level & ALPM_SIG_PACKAGE &&
+ _alpm_check_pgp_helper(handle, pkgfile, base64_sig,
+ level & ALPM_SIG_PACKAGE_OPTIONAL, level & ALPM_SIG_PACKAGE_MARGINAL_OK,
+ level & ALPM_SIG_PACKAGE_UNKNOWN_OK, ALPM_ERR_PKG_INVALID_SIG)) {
+ _alpm_pkg_free(newpkg);
+ return NULL;
}
/* next- try to create an archive object to read in the package */
@@ -396,12 +394,12 @@ error:
}
int SYMEXPORT alpm_pkg_load(alpm_handle_t *handle, const char *filename, int full,
- pgp_verify_t check_sig, alpm_pkg_t **pkg)
+ alpm_siglevel_t level, alpm_pkg_t **pkg)
{
CHECK_HANDLE(handle, return -1);
ASSERT(pkg != NULL, RET_ERR(handle, ALPM_ERR_WRONG_ARGS, -1));
- *pkg = _alpm_pkg_load_internal(handle, filename, full, NULL, NULL, check_sig);
+ *pkg = _alpm_pkg_load_internal(handle, filename, full, NULL, NULL, level);
if(*pkg == NULL) {
/* pm_errno is set by pkg_load */
return -1;