diff options
author | Dan McGee <dan@archlinux.org> | 2011-04-21 23:39:01 -0500 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2011-04-24 10:48:34 -0500 |
commit | 4d63ebe2fbe932412a7b8340af49bf30c8e17a91 (patch) | |
tree | 83555011c2e8205a4243ac389647af50e964761e /src/pacman/sync.c | |
parent | 1cf79eb8c8c7894d238cd906613dc1cd5b7ced1a (diff) |
Perform package verification at package load time
Both md5sum verification and PGP verification can and should be done at
package load time. This allows verification to happen as early as
possible for packages provided by filename and loaded in the frontend,
and moves more stuff out of sync_commit that doesn't really belong
there. This should also set the stage for simplified parallel loading of
packages later down the road.
Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'src/pacman/sync.c')
-rw-r--r-- | src/pacman/sync.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/pacman/sync.c b/src/pacman/sync.c index 5529288b..5fb8c346 100644 --- a/src/pacman/sync.c +++ b/src/pacman/sync.c @@ -211,7 +211,8 @@ static int sync_cleancache(int level) /* attempt to load the package, prompt removal on failures as we may have * files here that aren't valid packages. we also don't need a full * load of the package, just the metadata. */ - if(alpm_pkg_load(path, 0, &localpkg) != 0 || localpkg == NULL) { + if(alpm_pkg_load(path, 0, PM_PGP_VERIFY_NEVER, &localpkg) != 0 + || localpkg == NULL) { if(yesno(_("File %s does not seem to be a valid package, remove it?"), path)) { if(localpkg) { alpm_pkg_free(localpkg); |