From 66d99957114e98ce41052fcd33200d8fbfbd9f26 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Fri, 22 Jul 2011 10:48:13 -0500 Subject: Revamp signing checks This ensures we are actually making correct use of the information gpgme is returning to us. Marginal being allowed was obvious before, but Unknown should deal with trust level, and not the presence or lack thereof of a public key to validate the signature with. Return status and validity information in two separate values so check methods and the frontend can use them independently. For now, we treat expired keys as valid, while expired signatures are invalid. Signed-off-by: Dan McGee --- src/pacman/util.c | 42 +++++++++++++++++++++++++++++++----------- 1 file changed, 31 insertions(+), 11 deletions(-) (limited to 'src/pacman') diff --git a/src/pacman/util.c b/src/pacman/util.c index 7065abdc..8765da7f 100644 --- a/src/pacman/util.c +++ b/src/pacman/util.c @@ -678,7 +678,7 @@ void signature_display(const char *title, alpm_sigresult_t *result) int i; for(i = 0; i < result->count; i++) { char sigline[PATH_MAX]; - const char *validity, *name; + const char *status, *validity, *name; /* Don't re-indent the first result */ if(i != 0) { int j; @@ -688,22 +688,42 @@ void signature_display(const char *title, alpm_sigresult_t *result) } switch(result->status[i]) { case ALPM_SIGSTATUS_VALID: - validity = _("Valid signature"); + status = _("Valid"); break; - case ALPM_SIGSTATUS_MARGINAL: - validity = _("Marginal signature"); + case ALPM_SIGSTATUS_KEY_EXPIRED: + status = _("Key expired"); break; - case ALPM_SIGSTATUS_UNKNOWN: - validity = _("Unknown signature"); + case ALPM_SIGSTATUS_SIG_EXPIRED: + status = _("Expired"); break; - case ALPM_SIGSTATUS_BAD: - validity = _("Invalid signature"); + case ALPM_SIGSTATUS_INVALID: + status = _("Invalid"); break; + case ALPM_SIGSTATUS_KEY_UNKNOWN: + status = _("Key unknown"); + break; + default: + status = _("Signature error"); + break; + } + switch(result->validity[i]) { + case ALPM_SIGVALIDITY_FULL: + validity = _("fully trusted"); + break; + case ALPM_SIGVALIDITY_MARGINAL: + validity = _("marginal trusted"); + break; + case ALPM_SIGVALIDITY_NEVER: + validity = _("never trusted"); + break; + case ALPM_SIGVALIDITY_UNKNOWN: default: - validity = _("Signature error"); + validity = _("unknown trust"); + break; } - name = result->uid[i] ? result->uid[i] : _(""); - snprintf(sigline, PATH_MAX, _("%s from \"%s\""), validity, name); + name = result->uid[i] ? result->uid[i] : _("{Key Unknown}"); + snprintf(sigline, PATH_MAX, _("%s, %s from \"%s\""), + status, validity, name); indentprint(sigline, len); printf("\n"); } -- cgit v1.2.3-70-g09d2