On Sat, Nov 03, 2012 at 01:28:22AM +1000, Allan McRae wrote:
When installing a package with "pacman -U" that has a detached signature, check if the needed key is in the keyring and download if necessary.
Signed-off-by: Allan McRae <allan@archlinux.org> ---
What ever happened to our musings about adding another SigLevel-ish option for handling this sort of thing? Are we satisfied with just letting the global value dictate this behavior?
lib/libalpm/be_package.c | 40 ++++++++++++++++++++++++++++++++++++++++ lib/libalpm/signing.c | 5 +++++ 2 files changed, 45 insertions(+)
diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index 8c5b2d1..710a063 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -519,6 +519,46 @@ int SYMEXPORT alpm_pkg_load(alpm_handle_t *handle, const char *filename, int ful CHECK_HANDLE(handle, return -1); ASSERT(pkg != NULL, RET_ERR(handle, ALPM_ERR_WRONG_ARGS, -1));
+ char *sigpath = _alpm_sigpath(handle, filename); + if(sigpath && !_alpm_access(handle, NULL, sigpath, R_OK)) { + if(level & ALPM_SIG_PACKAGE) { + struct stat info;
nitpick: we use 'st' in a lot of places to denote the name of a stat struct. I don't feel incredibly strongly about this, but consistency is nice.
+ alpm_list_t *keys = NULL; + int fail = 0; + size_t len;
If you're going to use this as a quick reference to a stat field, mark it const (or just get rid of it and reference info.st_size).
+ unsigned char *sig; + FILE *fp; + + stat(sigpath, &info);
Check for stat failure?
+ len = info.st_size; + sig = malloc(len);
Check for null return?
+ fp = fopen(sigpath, "rb");
Check for null fp?
+ fread(sig, len, 1, fp); + fclose(fp); + + if(_alpm_extract_keyid(sig, len, &keys) == 0) { + alpm_list_t *k; + for(k = keys; k; k = k->next) { + char *key = k->data; + if(_alpm_key_in_keychain(handle, key) == 0) { + if(_alpm_key_import(handle, key) == -1) { + fail = 1; + } + } + } + FREELIST(keys); + } + + free(sig); + + if(fail) { + _alpm_log(handle, ALPM_LOG_ERROR, _("required key missing from keyring\n")); + return -1; + } + } + } + free(sigpath); + if(_alpm_pkg_validate_internal(handle, filename, NULL, level, NULL, &validation) == -1) { /* pm_errno is set by pkg_validate */ diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 703e3ea..4f03853 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -192,6 +192,11 @@ int _alpm_key_in_keychain(alpm_handle_t *handle, const char *fpr) gpgme_key_t key; int ret = -1;
+ if(init_gpgme(handle)) { + /* pm_errno was set in gpgme_init() */ + goto error; + } + memset(&ctx, 0, sizeof(ctx)); err = gpgme_new(&ctx); CHECK_ERR(); -- 1.8.0