Re: [pacman-dev] [PATCH] Improve error message when package is missing required signature

Sun, 19 May 2013 17:33:55 -0700 

On 20/05/13 10:33, Andrew Gregory wrote:
> On 05/19/13 at 10:44pm, Allan McRae wrote:
>> When attempting to install a package (either via -S or -U) and the
>> signature is missing, the current error message "invalid or corrupted
>> package (PGP signature)" is very unclear.  Instead inform the user
>> that the package is missing the required signature.
>>
>> Partial fix for FS#34741.
>>
>> Signed-off-by: Allan McRae <[email protected]>
>> ---
>>  lib/libalpm/alpm.h       | 1 +
>>  lib/libalpm/be_package.c | 6 +++++-
>>  lib/libalpm/error.c      | 2 ++
>>  3 files changed, 8 insertions(+), 1 deletion(-)
>>
>> diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h
>> index 2277a69..806cd95 100644
>> --- a/lib/libalpm/alpm.h
>> +++ b/lib/libalpm/alpm.h
>> @@ -1267,6 +1267,7 @@ typedef enum _alpm_errno_t {
>>      ALPM_ERR_PKG_INVALID,
>>      ALPM_ERR_PKG_INVALID_CHECKSUM,
>>      ALPM_ERR_PKG_INVALID_SIG,
>> +    ALPM_ERR_PKG_MISSING_SIG,
>>      ALPM_ERR_PKG_OPEN,
>>      ALPM_ERR_PKG_CANT_REMOVE,
>>      ALPM_ERR_PKG_INVALID_NAME,
>> diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
>> index cfe5fb3..ea48b6e 100644
>> --- a/lib/libalpm/be_package.c
>> +++ b/lib/libalpm/be_package.c
>> @@ -323,9 +323,13 @@ int _alpm_pkg_validate_internal(alpm_handle_t *handle,
>>      }
>>  
>>      /* even if we don't have a sig, run the check code if level tells us to 
>> */
>> -    if(has_sig || level & ALPM_SIG_PACKAGE) {
>> +    if(level & ALPM_SIG_PACKAGE) {
> 
> I'm pretty sure we don't want to change this.  If we have a sig we
> don't do md5/sha256 checks.  So if we have a sig we need to do this
> regardless of what level is set to.

Setting "has_sig = 1" only occurs in a "if(level & ALPM_SIG_PACKAGE)"
block.  So testing both is redundant.

>>              const char *sig = syncpkg ? syncpkg->base64_sig : NULL;
>>              _alpm_log(handle, ALPM_LOG_DEBUG, "sig data: %s\n", sig ? sig : 
>> "<from .sig>");
>> +            if(!sig) {
>> +                    handle->pm_errno = ALPM_ERR_PKG_MISSING_SIG;
>> +                    return -1;
>> +            }
>>              if(_alpm_check_pgp_helper(handle, pkgfile, sig,
>>                                      level & ALPM_SIG_PACKAGE_OPTIONAL, 
>> level & ALPM_SIG_PACKAGE_MARGINAL_OK,
>>                                      level & ALPM_SIG_PACKAGE_UNKNOWN_OK, 
>> sigdata)) {
>> diff --git a/lib/libalpm/error.c b/lib/libalpm/error.c
>> index a59f4fe..8622180 100644
>> --- a/lib/libalpm/error.c
>> +++ b/lib/libalpm/error.c
>> @@ -111,6 +111,8 @@ const char SYMEXPORT *alpm_strerror(alpm_errno_t err)
>>                      return _("invalid or corrupted package (checksum)");
>>              case ALPM_ERR_PKG_INVALID_SIG:
>>                      return _("invalid or corrupted package (PGP 
>> signature)");
>> +            case ALPM_ERR_PKG_MISSING_SIG:
>> +                    return _("package missing required signature");
>>              case ALPM_ERR_PKG_OPEN:
>>                      return _("cannot open package file");
>>              case ALPM_ERR_PKG_CANT_REMOVE:
>> -- 
>> 1.8.2.3
> 
> 
>

Reply via email to