On Sat, Nov 03, 2012 at 01:28:22AM +1000, Allan McRae wrote:
> When installing a package with "pacman -U" that has a detached
> signature, check if the needed key is in the keyring and download
> if necessary.
>
> Signed-off-by: Allan McRae <[email protected]>
> ---
What ever happened to our musings about adding another SigLevel-ish
option for handling this sort of thing? Are we satisfied with just
letting the global value dictate this behavior?
> lib/libalpm/be_package.c | 40 ++++++++++++++++++++++++++++++++++++++++
> lib/libalpm/signing.c | 5 +++++
> 2 files changed, 45 insertions(+)
>
> diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
> index 8c5b2d1..710a063 100644
> --- a/lib/libalpm/be_package.c
> +++ b/lib/libalpm/be_package.c
> @@ -519,6 +519,46 @@ int SYMEXPORT alpm_pkg_load(alpm_handle_t *handle, const
> char *filename, int ful
> CHECK_HANDLE(handle, return -1);
> ASSERT(pkg != NULL, RET_ERR(handle, ALPM_ERR_WRONG_ARGS, -1));
>
> + char *sigpath = _alpm_sigpath(handle, filename);
> + if(sigpath && !_alpm_access(handle, NULL, sigpath, R_OK)) {
> + if(level & ALPM_SIG_PACKAGE) {
> + struct stat info;
nitpick: we use 'st' in a lot of places to denote the name of a stat
struct. I don't feel incredibly strongly about this, but consistency is
nice.
> + alpm_list_t *keys = NULL;
> + int fail = 0;
> + size_t len;
If you're going to use this as a quick reference to a stat field, mark
it const (or just get rid of it and reference info.st_size).
> + unsigned char *sig;
> + FILE *fp;
> +
> + stat(sigpath, &info);
Check for stat failure?
> + len = info.st_size;
> + sig = malloc(len);
Check for null return?
> + fp = fopen(sigpath, "rb");
Check for null fp?
> + fread(sig, len, 1, fp);
> + fclose(fp);
> +
> + if(_alpm_extract_keyid(sig, len, &keys) == 0) {
> + alpm_list_t *k;
> + for(k = keys; k; k = k->next) {
> + char *key = k->data;
> + if(_alpm_key_in_keychain(handle, key)
> == 0) {
> + if(_alpm_key_import(handle,
> key) == -1) {
> + fail = 1;
> + }
> + }
> + }
> + FREELIST(keys);
> + }
> +
> + free(sig);
> +
> + if(fail) {
> + _alpm_log(handle, ALPM_LOG_ERROR, _("required
> key missing from keyring\n"));
> + return -1;
> + }
> + }
> + }
> + free(sigpath);
> +
> if(_alpm_pkg_validate_internal(handle, filename, NULL, level, NULL,
> &validation) == -1) {
> /* pm_errno is set by pkg_validate */
> diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
> index 703e3ea..4f03853 100644
> --- a/lib/libalpm/signing.c
> +++ b/lib/libalpm/signing.c
> @@ -192,6 +192,11 @@ int _alpm_key_in_keychain(alpm_handle_t *handle, const
> char *fpr)
> gpgme_key_t key;
> int ret = -1;
>
> + if(init_gpgme(handle)) {
> + /* pm_errno was set in gpgme_init() */
> + goto error;
> + }
> +
> memset(&ctx, 0, sizeof(ctx));
> err = gpgme_new(&ctx);
> CHECK_ERR();
> --
> 1.8.0
>
>
