[pacman-dev] [PATCH 3/3] sync.c: check signatures for local package files when available

[Rémy Oudompheng]

Signed-off-by: Rémy Oudompheng <r...@archlinux.org>
---
Note that no global option exists to control whether
this check is optional or not.

On branch 'master'

 lib/libalpm/sync.c |   19 ++++++++++++++-----
 1 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c
index 5428e40..a97a67b 100644
--- a/lib/libalpm/sync.c
+++ b/lib/libalpm/sync.c
@@ -828,16 +828,25 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, 
alpm_list_t **data)
        for(i = trans->add; i; i = i->next, current++) {
                pmpkg_t *spkg = i->data;
                int percent = (current * 100) / numtargs;
-               if(spkg->origin == PKG_FROM_FILE) {
-                       continue; /* pkg_load() has been already called, this 
package is valid */
-               }
+               const char *filename = alpm_pkg_get_filename(spkg);
+               const pmpgpsig_t *pgpsig = alpm_pkg_get_pgpsig(spkg);
                PROGRESS(trans, PM_TRANS_PROGRESS_INTEGRITY_START, "", percent,
                                numtargs, current);
 
-               const char *filename = alpm_pkg_get_filename(spkg);
+               if(spkg->origin == PKG_FROM_FILE) {
+                       if (!pgpsig->encdata && !pgpsig->rawdata)
+                               continue;
+                       int ret = _alpm_file_checksig(filename, pgpsig);
+                       if (ret != 0) {
+                               errors++;
+                               *data = alpm_list_add(*data, strdup(filename));
+                       }
+                       /* no checksum verification for package files */
+                       continue;
+               }
+
                char *filepath = _alpm_filecache_find(filename);
                const char *md5sum = alpm_pkg_get_md5sum(spkg);
-               const pmpgpsig_t *pgpsig = alpm_pkg_get_pgpsig(spkg);
 
                /* check md5sum first */
                if(test_md5sum(trans, filepath, md5sum) != 0) {
-- 
1.7.4.4