diff options
author | Dan McGee <dan@archlinux.org> | 2011-06-27 16:29:49 -0500 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2011-07-05 10:13:20 -0500 |
commit | 7af0ab1cde9398c938a7a221aca5787934a16121 (patch) | |
tree | 5c4327bd4c425c05514bd350d5fdda02b361e936 /src/util | |
parent | 1ce7f39ad73c5c96870c6036014afad3d49a8edf (diff) |
signing: move to new signing verification and return scheme
This gives us more granularity than the former Never/Optional/Always
trifecta. The frontend still uses these values temporarily but that will
be changed in a future patch.
* Use 'siglevel' consistenly in method names, 'level' as variable name
* The level becomes an enum bitmask value for flexibility
* Signature check methods now return a array of status codes rather than
a simple integer success/failure value. This allows callers to
determine whether things such as an unknown signature are valid.
* Specific signature error codes mostly disappear in favor of the above
returned status code; pm_errno is now set only to PKG_INVALID_SIG or
DB_INVALID_SIG as appropriate.
Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/cleanupdelta.c | 3 | ||||
-rw-r--r-- | src/util/pactree.c | 3 | ||||
-rw-r--r-- | src/util/testdb.c | 3 | ||||
-rw-r--r-- | src/util/testpkg.c | 3 |
4 files changed, 8 insertions, 4 deletions
diff --git a/src/util/cleanupdelta.c b/src/util/cleanupdelta.c index 08d8a557..a45efdcc 100644 --- a/src/util/cleanupdelta.c +++ b/src/util/cleanupdelta.c @@ -71,11 +71,12 @@ static void checkdbs(const char *dbpath, alpm_list_t *dbnames) { char syncdbpath[PATH_MAX]; alpm_db_t *db = NULL; alpm_list_t *i; + const alpm_siglevel_t level = ALPM_SIG_DATABASE | ALPM_SIG_DATABASE_OPTIONAL; for(i = dbnames; i; i = alpm_list_next(i)) { char *dbname = alpm_list_getdata(i); snprintf(syncdbpath, PATH_MAX, "%s/sync/%s", dbpath, dbname); - db = alpm_db_register_sync(handle, dbname, PM_PGP_VERIFY_OPTIONAL); + db = alpm_db_register_sync(handle, dbname, level); if(db == NULL) { fprintf(stderr, "error: could not register sync database (%s)\n", alpm_strerror(alpm_errno(handle))); diff --git a/src/util/pactree.c b/src/util/pactree.c index 7b87ac13..9b678631 100644 --- a/src/util/pactree.c +++ b/src/util/pactree.c @@ -124,6 +124,7 @@ static int register_syncs(void) { FILE *fp; char *ptr, *section = NULL; char line[LINE_MAX]; + const alpm_siglevel_t level = ALPM_SIG_DATABASE | ALPM_SIG_DATABASE_OPTIONAL; fp = fopen(CONFFILE, "r"); if(!fp) { @@ -147,7 +148,7 @@ static int register_syncs(void) { section = strndup(&line[1], strlen(line) - 2); if(section && strcmp(section, "options") != 0) { - alpm_db_register_sync(handle, section, PM_PGP_VERIFY_OPTIONAL); + alpm_db_register_sync(handle, section, level); } } } diff --git a/src/util/testdb.c b/src/util/testdb.c index 642890b6..ee169df2 100644 --- a/src/util/testdb.c +++ b/src/util/testdb.c @@ -148,10 +148,11 @@ static int check_syncdbs(alpm_list_t *dbnames) { int ret = 0; alpm_db_t *db = NULL; alpm_list_t *i, *pkglist, *syncpkglist = NULL; + const alpm_siglevel_t level = ALPM_SIG_DATABASE | ALPM_SIG_DATABASE_OPTIONAL; for(i = dbnames; i; i = alpm_list_next(i)) { char *dbname = alpm_list_getdata(i); - db = alpm_db_register_sync(handle, dbname, PM_PGP_VERIFY_OPTIONAL); + db = alpm_db_register_sync(handle, dbname, level); if(db == NULL) { fprintf(stderr, "error: could not register sync database (%s)\n", alpm_strerror(alpm_errno(handle))); diff --git a/src/util/testpkg.c b/src/util/testpkg.c index 03234ed5..ac2dde28 100644 --- a/src/util/testpkg.c +++ b/src/util/testpkg.c @@ -43,6 +43,7 @@ int main(int argc, char *argv[]) alpm_handle_t *handle; enum _alpm_errno_t err; alpm_pkg_t *pkg = NULL; + const alpm_siglevel_t level = ALPM_SIG_PACKAGE | ALPM_SIG_PACKAGE_OPTIONAL; if(argc != 2) { fprintf(stderr, "usage: %s <package file>\n", BASENAME); @@ -58,7 +59,7 @@ int main(int argc, char *argv[]) /* let us get log messages from libalpm */ alpm_option_set_logcb(handle, output_cb); - if(alpm_pkg_load(handle, argv[1], 1, PM_PGP_VERIFY_OPTIONAL, &pkg) == -1 + if(alpm_pkg_load(handle, argv[1], 1, level, &pkg) == -1 || pkg == NULL) { err = alpm_errno(handle); switch(err) { |