Just a heads-up: I proposed a more complex scheme that, if adopted, will require this patch to be revised considerably (I actually sent the damn email a week ago, but due to idiocy on my part and on that of Gmail, I only noticed the problem today).
-Kerrick Staley On Sat, Jun 11, 2011 at 11:15 PM, Pang Yan Han <[email protected]> wrote: > The --verifylvl option allows the user to change pacman's signature > verification level. It can take in one of "always", "optional", "never", or > their capitalized counterparts. > > Signed-off-by: Pang Yan Han <[email protected]> > --- > doc/pacman.8.txt | 7 +++++++ > src/pacman/conf.c | 9 +++++++++ > src/pacman/conf.h | 4 +++- > src/pacman/pacman.c | 6 ++++++ > 4 files changed, 25 insertions(+), 1 deletions(-) > > diff --git a/doc/pacman.8.txt b/doc/pacman.8.txt > index 531c992..96f4c12 100644 > --- a/doc/pacman.8.txt > +++ b/doc/pacman.8.txt > @@ -165,6 +165,13 @@ Options > Bypass any and all ``Are you sure?'' messages. It's not a good idea to > do > this unless you want to run pacman from a script. > > +*\--verifylvl* <level>:: > + Sets pacman's signature verification level to <level>. Valid values > for level > + are "always", "optional", "never" and their capitalized counterparts. > This > + can be used to override the "VerifySig" option in > linkman:pacman.conf[5]. > + If an invalid level is given, pacman will fallback to using the level > given > + in the "VerifySig" option in linkman:pacman.conf[5]. > + > Transaction Options (apply to '-S', '-R' and '-U') > -------------------------------------------------- > *-d, \--nodeps*:: > diff --git a/src/pacman/conf.c b/src/pacman/conf.c > index 13707d0..cf507d9 100644 > --- a/src/pacman/conf.c > +++ b/src/pacman/conf.c > @@ -74,6 +74,7 @@ int config_free(config_t *oldconfig) > free(oldconfig->dbpath); > free(oldconfig->logfile); > free(oldconfig->gpgdir); > + free(oldconfig->verifylvl); > FREELIST(oldconfig->cachedirs); > free(oldconfig->xfercommand); > free(oldconfig->print_format); > @@ -481,6 +482,14 @@ static int setup_libalpm(void) > alpm_option_set_cachedirs(handle, config->cachedirs); > } > > + /* Override signature verification level from command line */ > + if(config->verifylvl) { > + pgp_verify_t verifylvl = option_verifysig(config->verifylvl); > + if(verifylvl != PM_PGP_VERIFY_UNKNOWN) { > + config->sigverify = verifylvl; > + } > + } > + > if(config->sigverify != PM_PGP_VERIFY_UNKNOWN) { > alpm_option_set_default_sigverify(handle, config->sigverify); > } > diff --git a/src/pacman/conf.h b/src/pacman/conf.h > index 4c44bfd..7d98729 100644 > --- a/src/pacman/conf.h > +++ b/src/pacman/conf.h > @@ -45,6 +45,7 @@ typedef struct __config_t { > char *dbpath; > char *logfile; > char *gpgdir; > + char *verifylvl; > alpm_list_t *cachedirs; > > unsigned short op_q_isfile; > @@ -123,7 +124,8 @@ enum { > OP_ASEXPLICIT, > OP_ARCH, > OP_PRINTFORMAT, > - OP_GPGDIR > + OP_GPGDIR, > + OP_VERIFYLVL > }; > > /* clean method */ > diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c > index afc79f6..0c200db 100644 > --- a/src/pacman/pacman.c > +++ b/src/pacman/pacman.c > @@ -205,6 +205,8 @@ static void usage(int op, const char * const myname) > addlist(_(" --gpgdir <path> set an alternate home > directory for GnuPG\n")); > addlist(_(" --logfile <path> set an alternate log > file\n")); > addlist(_(" --noconfirm do not ask for any > confirmation\n")); > + addlist(_(" --verifylvl <lvl>\n" > + " set an alternate signature > verification level\n")); > } > list = alpm_list_msort(list, alpm_list_count(list), options_cmp); > for (i = list; i; i = alpm_list_next(i)) { > @@ -431,6 +433,9 @@ static int parsearg_global(int opt) > config->logfile = strndup(optarg, PATH_MAX); > break; > case OP_NOCONFIRM: config->noconfirm = 1; break; > + case OP_VERIFYLVL: > + config->verifylvl = strdup(optarg); > + break; > case 'b': > check_optarg(); > config->dbpath = strdup(optarg); > @@ -628,6 +633,7 @@ static int parseargs(int argc, char *argv[]) > {"arch", required_argument, 0, OP_ARCH}, > {"print-format", required_argument, 0, OP_PRINTFORMAT}, > {"gpgdir", required_argument, 0, OP_GPGDIR}, > + {"verifylvl", required_argument, 0, OP_VERIFYLVL}, > {0, 0, 0, 0} > }; > > -- > 1.7.6.rc0 > > >
