diff options
author | Dan McGee <dan@archlinux.org> | 2011-06-27 16:29:49 -0500 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2011-07-05 10:13:20 -0500 |
commit | 7af0ab1cde9398c938a7a221aca5787934a16121 (patch) | |
tree | 5c4327bd4c425c05514bd350d5fdda02b361e936 /src/pacman | |
parent | 1ce7f39ad73c5c96870c6036014afad3d49a8edf (diff) |
signing: move to new signing verification and return scheme
This gives us more granularity than the former Never/Optional/Always
trifecta. The frontend still uses these values temporarily but that will
be changed in a future patch.
* Use 'siglevel' consistenly in method names, 'level' as variable name
* The level becomes an enum bitmask value for flexibility
* Signature check methods now return a array of status codes rather than
a simple integer success/failure value. This allows callers to
determine whether things such as an unknown signature are valid.
* Specific signature error codes mostly disappear in favor of the above
returned status code; pm_errno is now set only to PKG_INVALID_SIG or
DB_INVALID_SIG as appropriate.
Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'src/pacman')
-rw-r--r-- | src/pacman/conf.c | 38 | ||||
-rw-r--r-- | src/pacman/conf.h | 2 | ||||
-rw-r--r-- | src/pacman/query.c | 2 | ||||
-rw-r--r-- | src/pacman/sync.c | 2 | ||||
-rw-r--r-- | src/pacman/upgrade.c | 4 |
5 files changed, 25 insertions, 23 deletions
diff --git a/src/pacman/conf.c b/src/pacman/conf.c index f2df260e..3af3fa5b 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -52,7 +52,7 @@ config_t *config_new(void) newconfig->op = PM_OP_MAIN; newconfig->logmask = ALPM_LOG_ERROR | ALPM_LOG_WARNING; newconfig->configfile = strdup(CONFFILE); - newconfig->sigverify = PM_PGP_VERIFY_UNKNOWN; + newconfig->siglevel = ALPM_SIG_USE_DEFAULT; return newconfig; } @@ -222,17 +222,18 @@ int config_set_arch(const char *arch) return 0; } -static pgp_verify_t option_verifysig(const char *value) +static alpm_siglevel_t option_verifysig(const char *value) { - pgp_verify_t level; + alpm_siglevel_t level; if(strcmp(value, "Always") == 0) { - level = PM_PGP_VERIFY_ALWAYS; + level = ALPM_SIG_PACKAGE | ALPM_SIG_DATABASE; } else if(strcmp(value, "Optional") == 0) { - level = PM_PGP_VERIFY_OPTIONAL; + level = ALPM_SIG_PACKAGE | ALPM_SIG_PACKAGE_OPTIONAL | + ALPM_SIG_DATABASE | ALPM_SIG_DATABASE_OPTIONAL; } else if(strcmp(value, "Never") == 0) { - level = PM_PGP_VERIFY_NEVER; + level = 0; } else { - level = PM_PGP_VERIFY_UNKNOWN; + return -1; } pm_printf(ALPM_LOG_DEBUG, "config: VerifySig = %s (%d)\n", value, level); return level; @@ -359,9 +360,9 @@ static int _parse_options(const char *key, char *value, } FREELIST(methods); } else if(strcmp(key, "VerifySig") == 0) { - pgp_verify_t level = option_verifysig(value); - if(level != PM_PGP_VERIFY_UNKNOWN) { - config->sigverify = level; + alpm_siglevel_t level = option_verifysig(value); + if(level != -1) { + config->siglevel = level; } else { pm_printf(ALPM_LOG_ERROR, _("config file %s, line %d: directive '%s' has invalid value '%s'\n"), @@ -484,8 +485,8 @@ static int setup_libalpm(void) alpm_option_set_cachedirs(handle, config->cachedirs); } - if(config->sigverify != PM_PGP_VERIFY_UNKNOWN) { - alpm_option_set_default_sigverify(handle, config->sigverify); + if(config->siglevel != ALPM_SIG_USE_DEFAULT) { + alpm_option_set_default_siglevel(handle, config->siglevel); } if(config->xfercommand) { @@ -518,7 +519,7 @@ struct section_t { char *name; int is_options; /* db section option gathering */ - pgp_verify_t sigverify; + alpm_siglevel_t siglevel; alpm_list_t *servers; }; @@ -545,7 +546,7 @@ static int finish_section(struct section_t *section, int parse_options) } /* if we are not looking at options sections only, register a db */ - db = alpm_db_register_sync(config->handle, section->name, section->sigverify); + db = alpm_db_register_sync(config->handle, section->name, section->siglevel); if(db == NULL) { pm_printf(ALPM_LOG_ERROR, _("could not register '%s' database (%s)\n"), section->name, alpm_strerror(alpm_errno(config->handle))); @@ -568,7 +569,7 @@ static int finish_section(struct section_t *section, int parse_options) cleanup: alpm_list_free(section->servers); section->servers = NULL; - section->sigverify = 0; + section->siglevel = ALPM_SIG_USE_DEFAULT; free(section->name); section->name = NULL; return ret; @@ -726,9 +727,9 @@ static int _parseconfig(const char *file, struct section_t *section, } section->servers = alpm_list_add(section->servers, strdup(value)); } else if(strcmp(key, "VerifySig") == 0) { - pgp_verify_t level = option_verifysig(value); - if(level != PM_PGP_VERIFY_UNKNOWN) { - section->sigverify = level; + alpm_siglevel_t level = option_verifysig(value); + if(level != -1) { + section->siglevel = level; } else { pm_printf(ALPM_LOG_ERROR, _("config file %s, line %d: directive '%s' has invalid value '%s'\n"), @@ -763,6 +764,7 @@ int parseconfig(const char *file) int ret; struct section_t section; memset(§ion, 0, sizeof(struct section_t)); + section.siglevel = ALPM_SIG_USE_DEFAULT; /* the config parse is a two-pass affair. We first parse the entire thing for * the [options] section so we can get all default and path options set. * Next, we go back and parse everything but [options]. */ diff --git a/src/pacman/conf.h b/src/pacman/conf.h index 64b911ab..bce42ab5 100644 --- a/src/pacman/conf.h +++ b/src/pacman/conf.h @@ -71,7 +71,7 @@ typedef struct __config_t { unsigned short noask; unsigned int ask; alpm_transflag_t flags; - pgp_verify_t sigverify; + alpm_siglevel_t siglevel; /* conf file options */ /* I Love Candy! */ diff --git a/src/pacman/query.c b/src/pacman/query.c index 045dc7f0..5dff03ff 100644 --- a/src/pacman/query.c +++ b/src/pacman/query.c @@ -551,7 +551,7 @@ int pacman_query(alpm_list_t *targets) char *strname = alpm_list_getdata(i); if(config->op_q_isfile) { - alpm_pkg_load(config->handle, strname, 1, PM_PGP_VERIFY_OPTIONAL, &pkg); + alpm_pkg_load(config->handle, strname, 1, 0, &pkg); } else { pkg = alpm_db_get_pkg(db_local, strname); } diff --git a/src/pacman/sync.c b/src/pacman/sync.c index ad6d5e5c..5f67236d 100644 --- a/src/pacman/sync.c +++ b/src/pacman/sync.c @@ -220,7 +220,7 @@ static int sync_cleancache(int level) /* attempt to load the package, prompt removal on failures as we may have * files here that aren't valid packages. we also don't need a full * load of the package, just the metadata. */ - if(alpm_pkg_load(config->handle, path, 0, PM_PGP_VERIFY_NEVER, &localpkg) != 0 + if(alpm_pkg_load(config->handle, path, 0, 0, &localpkg) != 0 || localpkg == NULL) { if(yesno(_("File %s does not seem to be a valid package, remove it?"), path)) { diff --git a/src/pacman/upgrade.c b/src/pacman/upgrade.c index 95b17cc1..11d00e73 100644 --- a/src/pacman/upgrade.c +++ b/src/pacman/upgrade.c @@ -42,7 +42,7 @@ int pacman_upgrade(alpm_list_t *targets) { alpm_list_t *i, *data = NULL; - pgp_verify_t check_sig = alpm_option_get_default_sigverify(config->handle); + alpm_siglevel_t level = alpm_option_get_default_siglevel(config->handle); int retval = 0; if(targets == NULL) { @@ -76,7 +76,7 @@ int pacman_upgrade(alpm_list_t *targets) char *targ = alpm_list_getdata(i); alpm_pkg_t *pkg; - if(alpm_pkg_load(config->handle, targ, 1, check_sig, &pkg) != 0) { + if(alpm_pkg_load(config->handle, targ, 1, level, &pkg) != 0) { pm_fprintf(stderr, ALPM_LOG_ERROR, "'%s': %s\n", targ, alpm_strerror(alpm_errno(config->handle))); trans_release(); |