The varied naming scheme that was previously used for signature verification levels was unified. All relevant symbols are now named SigLevel or something similar. Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/alpm.h | 26 +++++++++++++------------- lib/libalpm/be_package.c | 12 ++++++------ lib/libalpm/be_sync.c | 10 +++++----- lib/libalpm/db.c | 11 ++++++----- lib/libalpm/db.h | 2 +- lib/libalpm/dload.c | 6 +++--- lib/libalpm/handle.c | 14 +++++++------- lib/libalpm/handle.h | 2 +- lib/libalpm/package.h | 2 +- lib/libalpm/signing.c | 15 ++++++++------- lib/libalpm/signing.h | 2 +- lib/libalpm/sync.c | 6 +++--- src/pacman/conf.c | 32 ++++++++++++++++---------------- src/pacman/query.c | 2 +- src/pacman/sync.c | 2 +- src/pacman/upgrade.c | 4 ++-- src/util/testpkg.c | 2 +- test/pacman/util.py | 2 +- 18 files changed, 77 insertions(+), 75 deletions(-) diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index 5af843c..5fdeac2 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -63,12 +63,12 @@ typedef enum _pmpkgreason_t { /** * GPG signature verification options */ -typedef enum _pgp_verify_t { - PM_PGP_VERIFY_UNKNOWN, - PM_PGP_VERIFY_NEVER, - PM_PGP_VERIFY_OPTIONAL, - PM_PGP_VERIFY_ALWAYS -} pgp_verify_t; +typedef enum pmsiglevel_t { + PM_SIGLEVEL_UNKNOWN, + PM_SIGLEVEL_NEVER, + PM_SIGLEVEL_OPTIONAL, + PM_SIGLEVEL_ALWAYS +} pmsiglevel_t; /* * Structures @@ -263,8 +263,8 @@ int alpm_option_set_usedelta(int usedelta); int alpm_option_get_checkspace(void); int alpm_option_set_checkspace(int checkspace); -pgp_verify_t alpm_option_get_default_sigverify(void); -int alpm_option_set_default_sigverify(pgp_verify_t level); +pmsiglevel_t alpm_option_get_default_siglevel(void); +int alpm_option_set_default_siglevel(pmsiglevel_t level); /** @} */ @@ -384,12 +384,12 @@ int alpm_db_set_pkgreason(pmdb_t *db, const char *name, pmpkgreason_t reason); * @param filename location of the package tarball * @param full whether to stop the load after metadata is read or continue * through the full archive - * @param check_sig what level of package signature checking to perform on the + * @param siglevel what level of package signature checking to perform on the * package; note that this must be a '.sig' file type verification * @param pkg address of the package pointer * @return 0 on success, -1 on error (pm_errno is set accordingly) */ -int alpm_pkg_load(const char *filename, int full, pgp_verify_t check_sig, +int alpm_pkg_load(const char *filename, int full, pmsiglevel_t siglevel, pmpkg_t **pkg); /** Free a package. @@ -626,10 +626,10 @@ alpm_list_t *alpm_pkg_unused_deltas(pmpkg_t *pkg); * Signatures */ -int alpm_pkg_check_pgp_signature(pmpkg_t *pkg); +int alpm_pkg_check_signature(pmpkg_t *pkg); -int alpm_db_check_pgp_signature(pmdb_t *db); -int alpm_db_set_pgp_verify(pmdb_t *db, pgp_verify_t verify); +int alpm_db_check_signature(pmdb_t *db); +int alpm_db_set_siglevel(pmdb_t *db, pmsiglevel_t level); /* * Deltas diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index 9e59d69..106ac61 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -227,7 +227,7 @@ static int parse_descfile(struct archive *a, pmpkg_t *newpkg) * @return An information filled pmpkg_t struct */ pmpkg_t *_alpm_pkg_load_internal(const char *pkgfile, int full, - const char *md5sum, const char *base64_sig, pgp_verify_t check_sig) + const char *md5sum, const char *base64_sig, pmsiglevel_t siglevel) { int ret; int config = 0; @@ -266,11 +266,11 @@ pmpkg_t *_alpm_pkg_load_internal(const char *pkgfile, int full, } _alpm_log(PM_LOG_DEBUG, "base64_sig: %s\n", base64_sig); - if(check_sig != PM_PGP_VERIFY_NEVER) { + if(siglevel != PM_SIGLEVEL_NEVER) { _alpm_log(PM_LOG_DEBUG, "checking signature for %s\n", pkgfile); ret = _alpm_gpgme_checksig(pkgfile, base64_sig); - if((check_sig == PM_PGP_VERIFY_ALWAYS && ret != 0) || - (check_sig == PM_PGP_VERIFY_OPTIONAL && ret == 1)) { + if((siglevel == PM_SIGLEVEL_ALWAYS && ret != 0) || + (siglevel == PM_SIGLEVEL_OPTIONAL && ret == 1)) { RET_ERR(PM_ERR_SIG_INVALID, NULL); } } @@ -381,14 +381,14 @@ error: } int SYMEXPORT alpm_pkg_load(const char *filename, int full, - pgp_verify_t check_sig, pmpkg_t **pkg) + pmsiglevel_t siglevel, pmpkg_t **pkg) { ALPM_LOG_FUNC; /* Sanity checks */ ASSERT(pkg != NULL, RET_ERR(PM_ERR_WRONG_ARGS, -1)); - *pkg = _alpm_pkg_load_internal(filename, full, NULL, NULL, check_sig); + *pkg = _alpm_pkg_load_internal(filename, full, NULL, NULL, siglevel); if(*pkg == NULL) { /* pm_errno is set by pkg_load */ return -1; diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c index 758e5f9..ce9b790 100644 --- a/lib/libalpm/be_sync.c +++ b/lib/libalpm/be_sync.c @@ -85,7 +85,7 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db) size_t len; int ret = -1; mode_t oldmask; - pgp_verify_t check_sig; + pmsiglevel_t siglevel; ALPM_LOG_FUNC; @@ -117,7 +117,7 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db) } } - check_sig = _alpm_db_get_sigverify_level(db); + siglevel = _alpm_db_get_siglevel(db); for(i = db->servers; i; i = i->next) { const char *server = i->data; @@ -132,9 +132,9 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db) ret = _alpm_download(fileurl, syncpath, force, 0, 0); - if(ret == 0 && (check_sig == PM_PGP_VERIFY_ALWAYS || - check_sig == PM_PGP_VERIFY_OPTIONAL)) { - int errors_ok = (check_sig == PM_PGP_VERIFY_OPTIONAL); + if(ret == 0 && (siglevel == PM_SIGLEVEL_ALWAYS || + siglevel == PM_SIGLEVEL_OPTIONAL)) { + int errors_ok = (siglevel == PM_SIGLEVEL_OPTIONAL); /* if we downloaded a DB, we want the .sig from the same server */ snprintf(fileurl, len, "%s/%s.db.sig", server, db->treename); diff --git a/lib/libalpm/db.c b/lib/libalpm/db.c index 0cc4ff2..5f96967 100644 --- a/lib/libalpm/db.c +++ b/lib/libalpm/db.c @@ -223,21 +223,22 @@ int SYMEXPORT alpm_db_remove_server(pmdb_t *db, const char *url) return 1; } + /** Set the verify gpg signature option for a database. * @param db database pointer - * @param verify enum pgp_verify_t + * @param verify enum pmsiglevel_t * @return 0 on success, -1 on error (pm_errno is set accordingly) */ -int SYMEXPORT alpm_db_set_pgp_verify(pmdb_t *db, pgp_verify_t verify) +int SYMEXPORT alpm_db_set_siglevel(pmdb_t *db, pmsiglevel_t level) { ALPM_LOG_FUNC; /* Sanity checks */ ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, -1)); - db->pgp_verify = verify; - _alpm_log(PM_LOG_DEBUG, "adding VerifySig option to database '%s': %d\n", - db->treename, verify); + db->siglevel = level; + _alpm_log(PM_LOG_DEBUG, "adding SigLevel option to database '%s': %d\n", + db->treename, level); return 0; } diff --git a/lib/libalpm/db.h b/lib/libalpm/db.h index 399e2d5..2e9a3a2 100644 --- a/lib/libalpm/db.h +++ b/lib/libalpm/db.h @@ -63,7 +63,7 @@ struct __pmdb_t { pmpkghash_t *pkgcache; alpm_list_t *grpcache; alpm_list_t *servers; - pgp_verify_t pgp_verify; + pmsiglevel_t siglevel; struct db_operations *ops; }; diff --git a/lib/libalpm/dload.c b/lib/libalpm/dload.c index 6d9b007..dfc93bf 100644 --- a/lib/libalpm/dload.c +++ b/lib/libalpm/dload.c @@ -354,11 +354,11 @@ char SYMEXPORT *alpm_fetch_pkgurl(const char *url) _alpm_log(PM_LOG_DEBUG, "successfully downloaded %s\n", url); /* attempt to download the signature */ - if(ret == 0 && (handle->sigverify == PM_PGP_VERIFY_ALWAYS || - handle->sigverify == PM_PGP_VERIFY_OPTIONAL)) { + if(ret == 0 && (handle->siglevel == PM_SIGLEVEL_ALWAYS || + handle->siglevel == PM_SIGLEVEL_OPTIONAL)) { char *sig_url; size_t len; - int errors_ok = (handle->sigverify == PM_PGP_VERIFY_OPTIONAL); + int errors_ok = (handle->siglevel == PM_SIGLEVEL_OPTIONAL); len = strlen(url) + 5; CALLOC(sig_url, len, sizeof(char), RET_ERR(PM_ERR_MEMORY, NULL)); diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c index 39b3b60..8d33caa 100644 --- a/lib/libalpm/handle.c +++ b/lib/libalpm/handle.c @@ -46,7 +46,7 @@ pmhandle_t *_alpm_handle_new() CALLOC(handle, 1, sizeof(pmhandle_t), RET_ERR(PM_ERR_MEMORY, NULL)); - handle->sigverify = PM_PGP_VERIFY_OPTIONAL; + handle->siglevel = PM_SIGLEVEL_OPTIONAL; return handle; } @@ -627,18 +627,18 @@ int SYMEXPORT alpm_option_set_checkspace(int checkspace) return 0; } -int SYMEXPORT alpm_option_set_default_sigverify(pgp_verify_t level) +int SYMEXPORT alpm_option_set_default_siglevel(pmsiglevel_t level) { ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, -1)); - ASSERT(level != PM_PGP_VERIFY_UNKNOWN, RET_ERR(PM_ERR_WRONG_ARGS, -1)); - handle->sigverify = level; + ASSERT(level != PM_SIGLEVEL_UNKNOWN, RET_ERR(PM_ERR_WRONG_ARGS, -1)); + handle->siglevel = level; return 0; } -pgp_verify_t SYMEXPORT alpm_option_get_default_sigverify() +pmsiglevel_t SYMEXPORT alpm_option_get_default_siglevel() { - ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, PM_PGP_VERIFY_UNKNOWN)); - return handle->sigverify; + ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, PM_SIGLEVEL_UNKNOWN)); + return handle->siglevel; } /* vim: set ts=2 sw=2 noet: */ diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h index aa00b6f..672cab4 100644 --- a/lib/libalpm/handle.h +++ b/lib/libalpm/handle.h @@ -72,7 +72,7 @@ typedef struct _pmhandle_t { char *arch; /* Architecture of packages we should allow */ int usedelta; /* Download deltas if possible */ int checkspace; /* Check disk space before installing */ - pgp_verify_t sigverify; /* Default signature verification level */ + pmsiglevel_t siglevel; /* Default signature verification level */ } pmhandle_t; /* global handle variable */ diff --git a/lib/libalpm/package.h b/lib/libalpm/package.h index debb239..84f15dd 100644 --- a/lib/libalpm/package.h +++ b/lib/libalpm/package.h @@ -141,7 +141,7 @@ void _alpm_pkg_free(pmpkg_t *pkg); void _alpm_pkg_free_trans(pmpkg_t *pkg); pmpkg_t *_alpm_pkg_load_internal(const char *filename, int full, - const char *md5sum, const char *base64_sig, pgp_verify_t check_sig); + const char *md5sum, const char *base64_sig, pmsiglevel_t siglevel); int _alpm_pkg_cmp(const void *p1, const void *p2); int _alpm_pkg_compare_versions(pmpkg_t *local_pkg, pmpkg_t *pkg); diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 9bb9d0a..a57d86a 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -365,19 +365,20 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig) /** * Determines the necessity of checking for a valid PGP signature + * Automatically takes global setting into account. * @param db the sync database to query * * @return signature verification level */ -pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db) +pmsiglevel_t _alpm_db_get_siglevel(pmdb_t *db) { ALPM_LOG_FUNC; - ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, PM_PGP_VERIFY_UNKNOWN)); + ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, PM_SIGLEVEL_UNKNOWN)); - if(db->pgp_verify != PM_PGP_VERIFY_UNKNOWN) { - return db->pgp_verify; + if(db->siglevel != PM_SIGLEVEL_UNKNOWN) { + return db->siglevel; } else { - return alpm_option_get_default_sigverify(); + return alpm_option_get_default_siglevel(); } } @@ -386,7 +387,7 @@ pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db) * @param pkg the package to check * @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred) */ -int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg) +int SYMEXPORT alpm_pkg_check_signature(pmpkg_t *pkg) { ALPM_LOG_FUNC; ASSERT(pkg != NULL, return 0); @@ -399,7 +400,7 @@ int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg) * @param db the database to check * @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred) */ -int SYMEXPORT alpm_db_check_pgp_signature(pmdb_t *db) +int SYMEXPORT alpm_db_check_signature(pmdb_t *db) { ALPM_LOG_FUNC; ASSERT(db != NULL, return 0); diff --git a/lib/libalpm/signing.h b/lib/libalpm/signing.h index 8d8c164..c33a0d1 100644 --- a/lib/libalpm/signing.h +++ b/lib/libalpm/signing.h @@ -22,7 +22,7 @@ #include "alpm.h" int _alpm_gpgme_checksig(const char *path, const char *base64_sig); -pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db); +pmsiglevel_t _alpm_db_get_siglevel(pmdb_t *db); #endif /* _ALPM_SIGNING_H */ diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c index 8dd51aa..2fe644c 100644 --- a/lib/libalpm/sync.c +++ b/lib/libalpm/sync.c @@ -866,7 +866,7 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data) int percent = (current * 100) / numtargs; const char *filename; char *filepath; - pgp_verify_t check_sig; + pmsiglevel_t siglevel; PROGRESS(trans, PM_TRANS_PROGRESS_INTEGRITY_START, "", percent, numtargs, current); @@ -877,13 +877,13 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data) filename = alpm_pkg_get_filename(spkg); filepath = _alpm_filecache_find(filename); pmdb_t *sdb = alpm_pkg_get_db(spkg); - check_sig = _alpm_db_get_sigverify_level(sdb); + siglevel = _alpm_db_get_siglevel(sdb); /* load the package file and replace pkgcache entry with it in the target list */ /* TODO: alpm_pkg_get_db() will not work on this target anymore */ _alpm_log(PM_LOG_DEBUG, "replacing pkgcache entry with package file for target %s\n", spkg->name); pmpkg_t *pkgfile =_alpm_pkg_load_internal(filepath, 1, spkg->md5sum, - spkg->base64_sig, check_sig); + spkg->base64_sig, siglevel); if(!pkgfile) { errors++; *data = alpm_list_add(*data, strdup(filename)); diff --git a/src/pacman/conf.c b/src/pacman/conf.c index 370ec51..d8f2ac3 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -214,19 +214,19 @@ int config_set_arch(const char *arch) } } -static pgp_verify_t option_verifysig(const char *value) +static pmsiglevel_t option_siglevel(const char *value) { - pgp_verify_t level; + pmsiglevel_t level; if(strcmp(value, "Always") == 0) { - level = PM_PGP_VERIFY_ALWAYS; + level = PM_SIGLEVEL_ALWAYS; } else if(strcmp(value, "Optional") == 0) { - level = PM_PGP_VERIFY_OPTIONAL; + level = PM_SIGLEVEL_OPTIONAL; } else if(strcmp(value, "Never") == 0) { - level = PM_PGP_VERIFY_NEVER; + level = PM_SIGLEVEL_NEVER; } else { - level = PM_PGP_VERIFY_UNKNOWN; + level = PM_SIGLEVEL_UNKNOWN; } - pm_printf(PM_LOG_DEBUG, "config: VerifySig = %s (%d)\n", value, level); + pm_printf(PM_LOG_DEBUG, "config: SigLevel = %s (%d)\n", value, level); return level; } @@ -358,10 +358,10 @@ static int _parse_options(const char *key, char *value, pm_printf(PM_LOG_DEBUG, "config: xfercommand: %s\n", value); } else if(strcmp(key, "CleanMethod") == 0) { setrepeatingoption(value, "CleanMethod", option_add_cleanmethod); - } else if(strcmp(key, "VerifySig") == 0) { - pgp_verify_t level = option_verifysig(value); - if(level != PM_PGP_VERIFY_UNKNOWN) { - alpm_option_set_default_sigverify(level); + } else if(strcmp(key, "SigLevel") == 0) { + pmsiglevel_t level = option_siglevel(value); + if(level != PM_SIGLEVEL_UNKNOWN) { + alpm_option_set_default_siglevel(level); } else { pm_printf(PM_LOG_ERROR, _("config file %s, line %d: directive '%s' has invalid value '%s'\n"), @@ -633,12 +633,12 @@ static int _parseconfig(const char *file, int parse_options, ret = 1; goto cleanup; } - } else if(strcmp(key, "VerifySig") == 0) { - pgp_verify_t level = option_verifysig(value); - if(level != PM_PGP_VERIFY_UNKNOWN) { - ret = alpm_db_set_pgp_verify(db, level); + } else if(strcmp(key, "SigLevel") == 0) { + pmsiglevel_t level = option_siglevel(value); + if(level != PM_SIGLEVEL_UNKNOWN) { + ret = alpm_db_set_siglevel(db, level); if(ret != 0) { - pm_printf(PM_LOG_ERROR, _("could not add set verify option for database '%s': %s (%s)\n"), + pm_printf(PM_LOG_ERROR, _("could not set SigLevel option for database '%s': %s (%s)\n"), alpm_db_get_name(db), value, alpm_strerrorlast()); goto cleanup; } diff --git a/src/pacman/query.c b/src/pacman/query.c index d1105b4..3b09afe 100644 --- a/src/pacman/query.c +++ b/src/pacman/query.c @@ -551,7 +551,7 @@ int pacman_query(alpm_list_t *targets) char *strname = alpm_list_getdata(i); if(config->op_q_isfile) { - alpm_pkg_load(strname, 1, PM_PGP_VERIFY_OPTIONAL, &pkg); + alpm_pkg_load(strname, 1, PM_SIGLEVEL_OPTIONAL, &pkg); } else { pkg = alpm_db_get_pkg(db_local, strname); } diff --git a/src/pacman/sync.c b/src/pacman/sync.c index 884504f..b2b8dab 100644 --- a/src/pacman/sync.c +++ b/src/pacman/sync.c @@ -219,7 +219,7 @@ static int sync_cleancache(int level) /* attempt to load the package, prompt removal on failures as we may have * files here that aren't valid packages. we also don't need a full * load of the package, just the metadata. */ - if(alpm_pkg_load(path, 0, PM_PGP_VERIFY_NEVER, &localpkg) != 0 + if(alpm_pkg_load(path, 0, PM_SIGLEVEL_NEVER, &localpkg) != 0 || localpkg == NULL) { if(yesno(_("File %s does not seem to be a valid package, remove it?"), path)) { diff --git a/src/pacman/upgrade.c b/src/pacman/upgrade.c index 0ffc94c..d9afc09 100644 --- a/src/pacman/upgrade.c +++ b/src/pacman/upgrade.c @@ -42,7 +42,7 @@ int pacman_upgrade(alpm_list_t *targets) { alpm_list_t *i, *data = NULL; - pgp_verify_t check_sig = alpm_option_get_default_sigverify(); + pmsiglevel_t siglevel = alpm_option_get_default_siglevel(); int retval = 0; if(targets == NULL) { @@ -76,7 +76,7 @@ int pacman_upgrade(alpm_list_t *targets) char *targ = alpm_list_getdata(i); pmpkg_t *pkg; - if(alpm_pkg_load(targ, 1, check_sig, &pkg) != 0) { + if(alpm_pkg_load(targ, 1, siglevel, &pkg) != 0) { pm_fprintf(stderr, PM_LOG_ERROR, "'%s': %s\n", targ, alpm_strerrorlast()); trans_release(); diff --git a/src/util/testpkg.c b/src/util/testpkg.c index ad6ec30..2c74a47 100644 --- a/src/util/testpkg.c +++ b/src/util/testpkg.c @@ -55,7 +55,7 @@ int main(int argc, char *argv[]) /* let us get log messages from libalpm */ alpm_option_set_logcb(output_cb); - if(alpm_pkg_load(argv[1], 1, PM_PGP_VERIFY_OPTIONAL, &pkg) == -1 + if(alpm_pkg_load(argv[1], 1, PM_SIGLEVEL_OPTIONAL, &pkg) == -1 || pkg == NULL) { switch(pm_errno) { case PM_ERR_PKG_OPEN: diff --git a/test/pacman/util.py b/test/pacman/util.py index ddd955a..0834856 100755 --- a/test/pacman/util.py +++ b/test/pacman/util.py @@ -132,7 +132,7 @@ def mkcfgfile(filename, root, option, db): if key != "local": value = db[key] data.append("[%s]\n" \ - "VerifySig = %s\n" \ + "SigLevel = %s\n" \ "Server = file://%s" \ % (value.treename, value.getverify(), \ os.path.join(root, SYNCREPO, value.treename))) -- 1.7.5.2