From 07502f2d82393854f36f5c3ff608458e74fcb747 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Fri, 1 Jul 2011 16:50:32 -0500 Subject: Allow frontend access to signature verification information Show output in -Qip for each package signature, which includes the UID string from the key ("Joe User ") and the validity of said key. Example output: Signatures : Valid signature from "Dan McGee " Unknown signature from "" Invalid signature from "Dan McGee " Also add a backend alpm_sigresult_cleanup() function since memory allocation took place on this object, and we need some way of freeing it. Signed-off-by: Dan McGee --- lib/libalpm/alpm.h | 2 ++ lib/libalpm/signing.c | 22 ++++++++++++++++++++-- 2 files changed, 22 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index 049eae2f..c7cab043 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -745,6 +745,8 @@ int alpm_pkg_check_pgp_signature(alpm_pkg_t *pkg, alpm_sigresult_t *result); int alpm_db_check_pgp_signature(alpm_db_t *db, alpm_sigresult_t *result); +int alpm_sigresult_cleanup(alpm_sigresult_t *result); + /* * Groups */ diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 49d075ef..cfa9a02c 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -310,6 +310,7 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path, gpgsig = gpgsig->next, sigcount++) { alpm_list_t *summary_list, *summary; alpm_sigstatus_t status; + gpgme_key_t key; _alpm_log(handle, ALPM_LOG_DEBUG, "fingerprint: %s\n", gpgsig->fpr); summary_list = list_sigsum(gpgsig->summary); @@ -449,8 +450,7 @@ int _alpm_check_pgp_helper(alpm_handle_t *handle, const char *path, } } - free(result.status); - free(result.uid); + alpm_sigresult_cleanup(&result); return ret; } @@ -485,4 +485,22 @@ int SYMEXPORT alpm_db_check_pgp_signature(alpm_db_t *db, return _alpm_gpgme_checksig(db->handle, _alpm_db_path(db), NULL, result); } +int SYMEXPORT alpm_sigresult_cleanup(alpm_sigresult_t *result) +{ + ASSERT(result != NULL, return -1); + /* Because it is likely result is on the stack, uid and status may have bogus + * values in the struct. Only look at them if count is greater than 0. */ + if(result->count > 0) { + free(result->status); + if(result->uid) { + int i; + for(i = 0; i < result->count; i++) { + free(result->uid[i]); + } + free(result->uid); + } + } + return 0; +} + /* vim: set ts=2 sw=2 noet: */ -- cgit v1.2.3-70-g09d2