All,
This patch fixes API inconsistencies:
A) All references to PGP were removed within names, because such
reference is unnecessary. All references to GnuPG's home directory
were changed to 'gpgdir' (as opposed to e.g. 'signaturedir'), because
this directory is specific to GnuPG.
B) makepkg and repo-add now use -S/--sign for signing packages. I
didn't find an issue with --nosign and --key.
C) Config file directives were not changed because they make enough
sense as-is. Unlike functions and flags, you don't have to memorize
directives, because they are already given in the config file when you
edit it.
D) A bug was fixed: repo-add previously used the user's GPG directory
when verifying the signature on an old database. It now uses pacman's
directory for this purpose. I added a flag --gpgdir to allow
configuration of this directory.
The patch conflicts with Pang Yan Han's patches. Yan Han, could you
please merge the two patch sets?
Can the patch be reviewed quickly and either accepted or rejected with
suggestions for correction? I realize it should be broken into smaller
patches, but I'm inexperienced with git, and I didn't want to wait
until tomorrow to submit the changes.
The patch is signed-off by: Kerrick Staley <[email protected]>
-Kerrick Staley
diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h
index 5af843c..62a8f09 100644
--- a/lib/libalpm/alpm.h
+++ b/lib/libalpm/alpm.h
@@ -63,12 +63,12 @@ typedef enum _pmpkgreason_t {
/**
* GPG signature verification options
*/
-typedef enum _pgp_verify_t {
- PM_PGP_VERIFY_UNKNOWN,
- PM_PGP_VERIFY_NEVER,
- PM_PGP_VERIFY_OPTIONAL,
- PM_PGP_VERIFY_ALWAYS
-} pgp_verify_t;
+typedef enum pmverifysig_t {
+ PM_VERIFYSIG_UNKNOWN,
+ PM_VERIFYSIG_NEVER,
+ PM_VERIFYSIG_OPTIONAL,
+ PM_VERIFYSIG_ALWAYS
+} pmverifysig_t;
/*
* Structures
@@ -198,9 +198,9 @@ int alpm_option_set_logfile(const char *logfile);
const char *alpm_option_get_lockfile(void);
/** Returns the signature directory path. */
-const char *alpm_option_get_signaturedir(void);
+const char *alpm_option_get_gpgdir(void);
/** Sets the signature directory path. */
-int alpm_option_set_signaturedir(const char *signaturedir);
+int alpm_option_set_gpgdir(const char *gpgdir);
/** Returns whether to use syslog (0 is FALSE, TRUE otherwise). */
int alpm_option_get_usesyslog(void);
@@ -263,8 +263,8 @@ int alpm_option_set_usedelta(int usedelta);
int alpm_option_get_checkspace(void);
int alpm_option_set_checkspace(int checkspace);
-pgp_verify_t alpm_option_get_default_sigverify(void);
-int alpm_option_set_default_sigverify(pgp_verify_t level);
+pmverifysig_t alpm_option_get_default_verifysig(void);
+int alpm_option_set_default_verifysig(pmverifysig_t level);
/** @} */
@@ -389,7 +389,7 @@ int alpm_db_set_pkgreason(pmdb_t *db, const char *name, pmpkgreason_t reason);
* @param pkg address of the package pointer
* @return 0 on success, -1 on error (pm_errno is set accordingly)
*/
-int alpm_pkg_load(const char *filename, int full, pgp_verify_t check_sig,
+int alpm_pkg_load(const char *filename, int full, pmverifysig_t check_sig,
pmpkg_t **pkg);
/** Free a package.
@@ -626,10 +626,10 @@ alpm_list_t *alpm_pkg_unused_deltas(pmpkg_t *pkg);
* Signatures
*/
-int alpm_pkg_check_pgp_signature(pmpkg_t *pkg);
+int alpm_pkg_check_signature(pmpkg_t *pkg);
-int alpm_db_check_pgp_signature(pmdb_t *db);
-int alpm_db_set_pgp_verify(pmdb_t *db, pgp_verify_t verify);
+int alpm_db_check_signature(pmdb_t *db);
+int alpm_db_set_verifysig(pmdb_t *db, pmverifysig_t verify);
/*
* Deltas
diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
index 9e59d69..173bd4b 100644
--- a/lib/libalpm/be_package.c
+++ b/lib/libalpm/be_package.c
@@ -227,7 +227,7 @@ static int parse_descfile(struct archive *a, pmpkg_t *newpkg)
* @return An information filled pmpkg_t struct
*/
pmpkg_t *_alpm_pkg_load_internal(const char *pkgfile, int full,
- const char *md5sum, const char *base64_sig, pgp_verify_t check_sig)
+ const char *md5sum, const char *base64_sig, pmverifysig_t check_sig)
{
int ret;
int config = 0;
@@ -266,11 +266,11 @@ pmpkg_t *_alpm_pkg_load_internal(const char *pkgfile, int full,
}
_alpm_log(PM_LOG_DEBUG, "base64_sig: %s\n", base64_sig);
- if(check_sig != PM_PGP_VERIFY_NEVER) {
+ if(check_sig != PM_VERIFYSIG_NEVER) {
_alpm_log(PM_LOG_DEBUG, "checking signature for %s\n", pkgfile);
ret = _alpm_gpgme_checksig(pkgfile, base64_sig);
- if((check_sig == PM_PGP_VERIFY_ALWAYS && ret != 0) ||
- (check_sig == PM_PGP_VERIFY_OPTIONAL && ret == 1)) {
+ if((check_sig == PM_VERIFYSIG_ALWAYS && ret != 0) ||
+ (check_sig == PM_VERIFYSIG_OPTIONAL && ret == 1)) {
RET_ERR(PM_ERR_SIG_INVALID, NULL);
}
}
@@ -381,7 +381,7 @@ error:
}
int SYMEXPORT alpm_pkg_load(const char *filename, int full,
- pgp_verify_t check_sig, pmpkg_t **pkg)
+ pmverifysig_t check_sig, pmpkg_t **pkg)
{
ALPM_LOG_FUNC;
diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c
index 9d85a45..782fe01 100644
--- a/lib/libalpm/be_sync.c
+++ b/lib/libalpm/be_sync.c
@@ -85,7 +85,7 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db)
size_t len;
int ret = -1;
mode_t oldmask;
- pgp_verify_t check_sig;
+ pmverifysig_t check_sig;
ALPM_LOG_FUNC;
@@ -132,9 +132,9 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db)
ret = _alpm_download(fileurl, syncpath, force, 0, 0);
- if(ret == 0 && (check_sig == PM_PGP_VERIFY_ALWAYS ||
- check_sig == PM_PGP_VERIFY_OPTIONAL)) {
- int errors_ok = (check_sig == PM_PGP_VERIFY_OPTIONAL);
+ if(ret == 0 && (check_sig == PM_VERIFYSIG_ALWAYS ||
+ check_sig == PM_VERIFYSIG_OPTIONAL)) {
+ int errors_ok = (check_sig == PM_VERIFYSIG_OPTIONAL);
/* if we downloaded a DB, we want the .sig from the same server */
snprintf(fileurl, len, "%s/%s.db.sig", server, db->treename);
diff --git a/lib/libalpm/db.c b/lib/libalpm/db.c
index 3133614..5c4142d 100644
--- a/lib/libalpm/db.c
+++ b/lib/libalpm/db.c
@@ -225,10 +225,10 @@ int SYMEXPORT alpm_db_remove_server(pmdb_t *db, const char *url)
}
/** Set the verify gpg signature option for a database.
* @param db database pointer
- * @param verify enum pgp_verify_t
+ * @param verify enum pmverifysig_t
* @return 0 on success, -1 on error (pm_errno is set accordingly)
*/
-int SYMEXPORT alpm_db_set_pgp_verify(pmdb_t *db, pgp_verify_t verify)
+int SYMEXPORT alpm_db_set_verifysig(pmdb_t *db, pmverifysig_t verify)
{
ALPM_LOG_FUNC;
diff --git a/lib/libalpm/db.h b/lib/libalpm/db.h
index 399e2d5..e7dd057 100644
--- a/lib/libalpm/db.h
+++ b/lib/libalpm/db.h
@@ -63,7 +63,7 @@ struct __pmdb_t {
pmpkghash_t *pkgcache;
alpm_list_t *grpcache;
alpm_list_t *servers;
- pgp_verify_t pgp_verify;
+ pmverifysig_t pgp_verify;
struct db_operations *ops;
};
diff --git a/lib/libalpm/dload.c b/lib/libalpm/dload.c
index d024c73..42234db 100644
--- a/lib/libalpm/dload.c
+++ b/lib/libalpm/dload.c
@@ -351,11 +351,11 @@ char SYMEXPORT *alpm_fetch_pkgurl(const char *url)
_alpm_log(PM_LOG_DEBUG, "successfully downloaded %s\n", url);
/* attempt to download the signature */
- if(ret == 0 && (handle->sigverify == PM_PGP_VERIFY_ALWAYS ||
- handle->sigverify == PM_PGP_VERIFY_OPTIONAL)) {
+ if(ret == 0 && (handle->sigverify == PM_VERIFYSIG_ALWAYS ||
+ handle->sigverify == PM_VERIFYSIG_OPTIONAL)) {
char *sig_url;
size_t len;
- int errors_ok = (handle->sigverify == PM_PGP_VERIFY_OPTIONAL);
+ int errors_ok = (handle->sigverify == PM_VERIFYSIG_OPTIONAL);
len = strlen(url) + 5;
CALLOC(sig_url, len, sizeof(char), RET_ERR(PM_ERR_MEMORY, NULL));
diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c
index 2d6766a..afbfda7 100644
--- a/lib/libalpm/handle.c
+++ b/lib/libalpm/handle.c
@@ -48,7 +48,7 @@ pmhandle_t *_alpm_handle_new()
CALLOC(handle, 1, sizeof(pmhandle_t), RET_ERR(PM_ERR_MEMORY, NULL));
- handle->sigverify = PM_PGP_VERIFY_OPTIONAL;
+ handle->sigverify = PM_VERIFYSIG_OPTIONAL;
return handle;
}
@@ -84,7 +84,7 @@ void _alpm_handle_free(pmhandle_t *handle)
FREE(handle->logfile);
FREE(handle->lockfile);
FREE(handle->arch);
- FREE(handle->signaturedir);
+ FREE(handle->gpgdir);
FREELIST(handle->dbs_sync);
FREELIST(handle->noupgrade);
FREELIST(handle->noextract);
@@ -175,13 +175,13 @@ const char SYMEXPORT *alpm_option_get_lockfile()
return handle->lockfile;
}
-const char SYMEXPORT *alpm_option_get_signaturedir()
+const char SYMEXPORT *alpm_option_get_gpgdir()
{
if(handle == NULL) {
pm_errno = PM_ERR_HANDLE_NULL;
return NULL;
}
- return handle->signaturedir;
+ return handle->gpgdir;
}
int SYMEXPORT alpm_option_get_usesyslog()
@@ -470,21 +470,21 @@ int SYMEXPORT alpm_option_set_logfile(const char *logfile)
return 0;
}
-int SYMEXPORT alpm_option_set_signaturedir(const char *signaturedir)
+int SYMEXPORT alpm_option_set_gpgdir(const char *gpgdir)
{
ALPM_LOG_FUNC;
- if(!signaturedir) {
+ if(!gpgdir) {
pm_errno = PM_ERR_WRONG_ARGS;
return -1;
}
- if(handle->signaturedir) {
- FREE(handle->signaturedir);
+ if(handle->gpgdir) {
+ FREE(handle->gpgdir);
}
- handle->signaturedir = strdup(signaturedir);
+ handle->gpgdir = strdup(gpgdir);
- _alpm_log(PM_LOG_DEBUG, "option 'signaturedir' = %s\n", handle->signaturedir);
+ _alpm_log(PM_LOG_DEBUG, "option 'gpgdir' = %s\n", handle->gpgdir);
return 0;
}
@@ -629,17 +629,17 @@ int SYMEXPORT alpm_option_set_checkspace(int checkspace)
return 0;
}
-int SYMEXPORT alpm_option_set_default_sigverify(pgp_verify_t level)
+int SYMEXPORT alpm_option_set_default_verifysig(pmverifysig_t level)
{
ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, -1));
- ASSERT(level != PM_PGP_VERIFY_UNKNOWN, RET_ERR(PM_ERR_WRONG_ARGS, -1));
+ ASSERT(level != PM_VERIFYSIG_UNKNOWN, RET_ERR(PM_ERR_WRONG_ARGS, -1));
handle->sigverify = level;
return 0;
}
-pgp_verify_t SYMEXPORT alpm_option_get_default_sigverify()
+pmverifysig_t SYMEXPORT alpm_option_get_default_verifysig()
{
- ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, PM_PGP_VERIFY_UNKNOWN));
+ ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, PM_VERIFYSIG_UNKNOWN));
return handle->sigverify;
}
diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h
index aa00b6f..6f799c2 100644
--- a/lib/libalpm/handle.h
+++ b/lib/libalpm/handle.h
@@ -58,7 +58,7 @@ typedef struct _pmhandle_t {
char *dbpath; /* Base path to pacman's DBs */
char *logfile; /* Name of the log file */
char *lockfile; /* Name of the lock file */
- char *signaturedir; /* Directory where GnuPG files are stored */
+ char *gpgdir; /* Directory where GnuPG files are stored */
alpm_list_t *cachedirs; /* Paths to pacman cache directories */
/* package lists */
@@ -72,7 +72,7 @@ typedef struct _pmhandle_t {
char *arch; /* Architecture of packages we should allow */
int usedelta; /* Download deltas if possible */
int checkspace; /* Check disk space before installing */
- pgp_verify_t sigverify; /* Default signature verification level */
+ pmverifysig_t sigverify; /* Default signature verification level */
} pmhandle_t;
/* global handle variable */
diff --git a/lib/libalpm/package.h b/lib/libalpm/package.h
index debb239..f3b3d26 100644
--- a/lib/libalpm/package.h
+++ b/lib/libalpm/package.h
@@ -141,7 +141,7 @@ void _alpm_pkg_free(pmpkg_t *pkg);
void _alpm_pkg_free_trans(pmpkg_t *pkg);
pmpkg_t *_alpm_pkg_load_internal(const char *filename, int full,
- const char *md5sum, const char *base64_sig, pgp_verify_t check_sig);
+ const char *md5sum, const char *base64_sig, pmverifysig_t check_sig);
int _alpm_pkg_cmp(const void *p1, const void *p2);
int _alpm_pkg_compare_versions(pmpkg_t *local_pkg, pmpkg_t *pkg);
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 9bb9d0a..8df15cf 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -118,7 +118,7 @@ static int gpgme_init(void)
return 0;
}
- if(!alpm_option_get_signaturedir()) {
+ if(!alpm_option_get_gpgdir()) {
RET_ERR(PM_ERR_SIG_MISSINGDIR, 1);
}
@@ -144,7 +144,7 @@ static int gpgme_init(void)
/* set and check engine information */
err = gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP, NULL,
- alpm_option_get_signaturedir());
+ alpm_option_get_gpgdir());
CHECK_ERR();
err = gpgme_get_engine_info(&enginfo);
CHECK_ERR();
@@ -369,15 +369,15 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig)
*
* @return signature verification level
*/
-pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db)
+pmverifysig_t _alpm_db_get_sigverify_level(pmdb_t *db)
{
ALPM_LOG_FUNC;
- ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, PM_PGP_VERIFY_UNKNOWN));
+ ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, PM_VERIFYSIG_UNKNOWN));
- if(db->pgp_verify != PM_PGP_VERIFY_UNKNOWN) {
+ if(db->pgp_verify != PM_VERIFYSIG_UNKNOWN) {
return db->pgp_verify;
} else {
- return alpm_option_get_default_sigverify();
+ return alpm_option_get_default_verifysig();
}
}
@@ -386,7 +386,7 @@ pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db)
* @param pkg the package to check
* @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred)
*/
-int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg)
+int SYMEXPORT alpm_pkg_check_signature(pmpkg_t *pkg)
{
ALPM_LOG_FUNC;
ASSERT(pkg != NULL, return 0);
@@ -399,7 +399,7 @@ int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg)
* @param db the database to check
* @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred)
*/
-int SYMEXPORT alpm_db_check_pgp_signature(pmdb_t *db)
+int SYMEXPORT alpm_db_check_signature(pmdb_t *db)
{
ALPM_LOG_FUNC;
ASSERT(db != NULL, return 0);
diff --git a/lib/libalpm/signing.h b/lib/libalpm/signing.h
index 8d8c164..65eb3d4 100644
--- a/lib/libalpm/signing.h
+++ b/lib/libalpm/signing.h
@@ -22,7 +22,7 @@
#include "alpm.h"
int _alpm_gpgme_checksig(const char *path, const char *base64_sig);
-pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db);
+pmverifysig_t _alpm_db_get_sigverify_level(pmdb_t *db);
#endif /* _ALPM_SIGNING_H */
diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c
index 8dd51aa..13cb008 100644
--- a/lib/libalpm/sync.c
+++ b/lib/libalpm/sync.c
@@ -866,7 +866,7 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data)
int percent = (current * 100) / numtargs;
const char *filename;
char *filepath;
- pgp_verify_t check_sig;
+ pmverifysig_t check_sig;
PROGRESS(trans, PM_TRANS_PROGRESS_INTEGRITY_START, "", percent,
numtargs, current);
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index b0d0c23..95f541f 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -1625,7 +1625,7 @@ usage() {
printf "$(gettext " --nocheck Do not run the check() function in the %s")\n" "$BUILDSCRIPT"
echo "$(gettext " --nosign Do not create a signature for the package")"
echo "$(gettext " --pkg <list> Only build listed packages from a split package")"
- echo "$(gettext " --sign Sign the resulting package with gpg")"
+ echo "$(gettext " -S, --sign Sign the resulting package with gpg")"
echo "$(gettext " --skipinteg Do not fail when integrity checks are missing")"
echo "$(gettext " --source Generate a source-only tarball without downloaded sources")"
echo
@@ -1659,7 +1659,7 @@ fi
ARGLIST=("$@")
# Parse Command Line Options.
-OPT_SHORT="AcCdefFghiLmop:rRsV"
+OPT_SHORT="AcCdefFghiLmop:rRsSV"
OPT_LONG="allsource,asroot,ignorearch,check,clean,cleancache,nodeps"
OPT_LONG+=",noextract,force,forcever:,geninteg,help,holdver"
OPT_LONG+=",install,key:,log,nocolor,nobuild,nocheck,nosign,pkg:,rmdeps"
@@ -1708,7 +1708,7 @@ while true; do
-r|--rmdeps) RMDEPS=1 ;;
-R|--repackage) REPKG=1 ;;
--skipinteg) SKIPINTEG=1 ;;
- --sign) SIGNPKG='y' ;;
+ -S|--sign) SIGNPKG='y' ;;
--source) SOURCEONLY=1 ;;
-s|--syncdeps) DEP_BIN=1 ;;
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in
index 820db36..f00b519 100644
--- a/scripts/repo-add.sh.in
+++ b/scripts/repo-add.sh.in
@@ -26,6 +26,8 @@ export TEXTDOMAINDIR='@localedir@'
myver='@PACKAGE_VERSION@'
confdir='@sysconfdir@'
+GPGDIR='@sysconfdir@/pacman.d/gnupg'
+
QUIET=0
DELTA=0
WITHFILES=0
@@ -80,8 +82,9 @@ specified on the command line from the given repo database. Multiple\n\
packages to remove can be specified on the command line.\n\n")"
printf "$(gettext "Options:\n")"
fi
+ printf "$(gettext " --gpgdir <dir> use the specified GnuPG home directory\n")"
printf "$(gettext " -q, --quiet minimize output\n")"
- printf "$(gettext " -s, --sign sign database with GnuPG after update\n")"
+ printf "$(gettext " -S, --sign sign database with GnuPG after update\n")"
printf "$(gettext " -k, --key <key> use the specified key to sign the database\n")"
printf "$(gettext " -v, --verify verify database's signature before update\n")"
printf "$(gettext "\n\
@@ -231,7 +234,12 @@ verify_signature() {
warning "$(gettext "No existing signature found, skipping verification.")"
return
fi
- gpg --verify "$dbfile.sig" || ret=$?
+ # unlike signing, verification of old database is done with pacman's keyring
+ if ! gpg --homedir "$GPGDIR" --list-keys &>/dev/null; then
+ error "$(gettext "${GPGDIR} is not a properly initialized GnuPG home directory.")"
+ exit 1
+ fi
+ gpg --homedir "$GPGDIR" --verify "$dbfile.sig" || ret=$?
if (( ! ret )); then
msg2 "$(gettext "Database signature file verified.")"
else
@@ -552,7 +560,16 @@ while [[ $# > 0 ]]; do
-q|--quiet) QUIET=1;;
-d|--delta) DELTA=1;;
-f|--files) WITHFILES=1;;
- -s|--sign)
+ --gpgdir)
+ check_gpg
+ shift
+ GPGDIR="$1"
+ if ! gpg --homedir "$GPGDIR" --list-keys &>/dev/null; then
+ error "$(gettext "${GPGDIR} is not a properly initialized GnuPG home directory.")"
+ exit 1
+ fi
+ ;;
+ -S|--sign)
check_gpg
SIGN=1
if ! gpg --list-key ${GPGKEY} &>/dev/null; then
diff --git a/src/pacman/conf.c b/src/pacman/conf.c
index 370ec51..0dbbfea 100644
--- a/src/pacman/conf.c
+++ b/src/pacman/conf.c
@@ -214,17 +214,17 @@ int config_set_arch(const char *arch)
}
}
-static pgp_verify_t option_verifysig(const char *value)
+static pmverifysig_t option_verifysig(const char *value)
{
- pgp_verify_t level;
+ pmverifysig_t level;
if(strcmp(value, "Always") == 0) {
- level = PM_PGP_VERIFY_ALWAYS;
+ level = PM_VERIFYSIG_ALWAYS;
} else if(strcmp(value, "Optional") == 0) {
- level = PM_PGP_VERIFY_OPTIONAL;
+ level = PM_VERIFYSIG_OPTIONAL;
} else if(strcmp(value, "Never") == 0) {
- level = PM_PGP_VERIFY_NEVER;
+ level = PM_VERIFYSIG_NEVER;
} else {
- level = PM_PGP_VERIFY_UNKNOWN;
+ level = PM_VERIFYSIG_UNKNOWN;
}
pm_printf(PM_LOG_DEBUG, "config: VerifySig = %s (%d)\n", value, level);
return level;
@@ -359,9 +359,9 @@ static int _parse_options(const char *key, char *value,
} else if(strcmp(key, "CleanMethod") == 0) {
setrepeatingoption(value, "CleanMethod", option_add_cleanmethod);
} else if(strcmp(key, "VerifySig") == 0) {
- pgp_verify_t level = option_verifysig(value);
- if(level != PM_PGP_VERIFY_UNKNOWN) {
- alpm_option_set_default_sigverify(level);
+ pmverifysig_t level = option_verifysig(value);
+ if(level != PM_VERIFYSIG_UNKNOWN) {
+ alpm_option_set_default_verifysig(level);
} else {
pm_printf(PM_LOG_ERROR,
_("config file %s, line %d: directive '%s' has invalid value '%s'\n"),
@@ -466,7 +466,7 @@ static int setlibpaths(void)
/* Set GnuPG's home directory. This is not relative to rootdir, even if
* rootdir is defined. Reasoning: gpgdir contains configuration data. */
if(config->gpgdir) {
- ret = alpm_option_set_signaturedir(config->gpgdir);
+ ret = alpm_option_set_gpgdir(config->gpgdir);
if(ret != 0) {
pm_printf(PM_LOG_ERROR, _("problem setting gpgdir '%s' (%s)\n"),
config->gpgdir, alpm_strerrorlast());
@@ -634,9 +634,9 @@ static int _parseconfig(const char *file, int parse_options,
goto cleanup;
}
} else if(strcmp(key, "VerifySig") == 0) {
- pgp_verify_t level = option_verifysig(value);
- if(level != PM_PGP_VERIFY_UNKNOWN) {
- ret = alpm_db_set_pgp_verify(db, level);
+ pmverifysig_t level = option_verifysig(value);
+ if(level != PM_VERIFYSIG_UNKNOWN) {
+ ret = alpm_db_set_verifysig(db, level);
if(ret != 0) {
pm_printf(PM_LOG_ERROR, _("could not add set verify option for database '%s': %s (%s)\n"),
alpm_db_get_name(db), value, alpm_strerrorlast());
diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c
index 008a806..61c295a 100644
--- a/src/pacman/pacman.c
+++ b/src/pacman/pacman.c
@@ -813,7 +813,7 @@ int main(int argc, char *argv[])
/* define paths to reasonable defaults */
alpm_option_set_root(ROOTDIR);
alpm_option_set_dbpath(DBPATH);
- alpm_option_set_signaturedir(GPGDIR);
+ alpm_option_set_gpgdir(GPGDIR);
alpm_option_set_logfile(LOGFILE);
/* Priority of options:
diff --git a/src/pacman/query.c b/src/pacman/query.c
index d1105b4..87f06c4 100644
--- a/src/pacman/query.c
+++ b/src/pacman/query.c
@@ -551,7 +551,7 @@ int pacman_query(alpm_list_t *targets)
char *strname = alpm_list_getdata(i);
if(config->op_q_isfile) {
- alpm_pkg_load(strname, 1, PM_PGP_VERIFY_OPTIONAL, &pkg);
+ alpm_pkg_load(strname, 1, PM_VERIFYSIG_OPTIONAL, &pkg);
} else {
pkg = alpm_db_get_pkg(db_local, strname);
}
diff --git a/src/pacman/sync.c b/src/pacman/sync.c
index 884504f..8e2c236 100644
--- a/src/pacman/sync.c
+++ b/src/pacman/sync.c
@@ -219,7 +219,7 @@ static int sync_cleancache(int level)
/* attempt to load the package, prompt removal on failures as we may have
* files here that aren't valid packages. we also don't need a full
* load of the package, just the metadata. */
- if(alpm_pkg_load(path, 0, PM_PGP_VERIFY_NEVER, &localpkg) != 0
+ if(alpm_pkg_load(path, 0, PM_VERIFYSIG_NEVER, &localpkg) != 0
|| localpkg == NULL) {
if(yesno(_("File %s does not seem to be a valid package, remove it?"),
path)) {
diff --git a/src/pacman/upgrade.c b/src/pacman/upgrade.c
index 0ffc94c..7a955e2 100644
--- a/src/pacman/upgrade.c
+++ b/src/pacman/upgrade.c
@@ -42,7 +42,7 @@
int pacman_upgrade(alpm_list_t *targets)
{
alpm_list_t *i, *data = NULL;
- pgp_verify_t check_sig = alpm_option_get_default_sigverify();
+ pmverifysig_t check_sig = alpm_option_get_default_verifysig();
int retval = 0;
if(targets == NULL) {
diff --git a/src/util/testpkg.c b/src/util/testpkg.c
index ad6ec30..4568262 100644
--- a/src/util/testpkg.c
+++ b/src/util/testpkg.c
@@ -55,7 +55,7 @@ int main(int argc, char *argv[])
/* let us get log messages from libalpm */
alpm_option_set_logcb(output_cb);
- if(alpm_pkg_load(argv[1], 1, PM_PGP_VERIFY_OPTIONAL, &pkg) == -1
+ if(alpm_pkg_load(argv[1], 1, PM_VERIFYSIG_OPTIONAL, &pkg) == -1
|| pkg == NULL) {
switch(pm_errno) {
case PM_ERR_PKG_OPEN:
