Been sitting on the TODO list for a while, and figured I'd give it a shot. This simply moves the md5sum check to after the signature check, then adds a variable to indicate that signature check was okay. Yes, my first attempt to submit, and it's a simple one, but you gotta start somewhere. If it fails miserably, feel free to tear it apart. I'll respond to feedback and hopefully move on to submit more in the future... Signed-off-by: Peter Tseng <archlinux@leftylink.com> --- lib/libalpm/sync.c | 19 +++++++++++-------- 1 files changed, 11 insertions(+), 8 deletions(-) diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c index 5428e40..2b1c6cb 100644 --- a/lib/libalpm/sync.c +++ b/lib/libalpm/sync.c @@ -828,6 +828,7 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data) for(i = trans->add; i; i = i->next, current++) { pmpkg_t *spkg = i->data; int percent = (current * 100) / numtargs; + int sig_check_ok = 0; if(spkg->origin == PKG_FROM_FILE) { continue; /* pkg_load() has been already called, this package is valid */ } @@ -839,14 +840,7 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data) const char *md5sum = alpm_pkg_get_md5sum(spkg); const pmpgpsig_t *pgpsig = alpm_pkg_get_pgpsig(spkg); - /* check md5sum first */ - if(test_md5sum(trans, filepath, md5sum) != 0) { - errors++; - *data = alpm_list_add(*data, strdup(filename)); - FREE(filepath); - continue; - } - /* check PGP signature next */ + /* check PGP signature first */ pmdb_t *sdb = alpm_pkg_get_db(spkg); if(sdb->pgp_verify != PM_PGP_VERIFY_NEVER) { @@ -857,8 +851,17 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data) *data = alpm_list_add(*data, strdup(filename)); FREE(filepath); continue; + } else { + sig_check_ok = 1; } } + /* check md5sum next */ + if(!sig_check_ok && test_md5sum(trans, filepath, md5sum) != 0) { + errors++; + *data = alpm_list_add(*data, strdup(filename)); + FREE(filepath); + continue; + } /* load the package file and replace pkgcache entry with it in the target list */ /* TODO: alpm_pkg_get_db() will not work on this target anymore */ _alpm_log(PM_LOG_DEBUG, "replacing pkgcache entry with package file for target %s\n", spkg->name); -- 1.7.4.1