The chosen level is the global signature check level defined by alpm_option_set_default_sigverify(). Signed-off-by: Rémy Oudompheng <remy@archlinux.org> --- There is some code moving around here. lib/libalpm/sync.c | 34 ++++++++++++++++++++++------------ 1 files changed, 22 insertions(+), 12 deletions(-) diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c index 7958c66..0a864c9 100644 --- a/lib/libalpm/sync.c +++ b/lib/libalpm/sync.c @@ -830,27 +830,30 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data) for(i = trans->add; i; i = i->next, current++) { pmpkg_t *spkg = i->data; int percent = (current * 100) / numtargs; - if(spkg->origin == PKG_FROM_FILE) { - continue; /* pkg_load() has been already called, this package is valid */ - } PROGRESS(trans, PM_TRANS_PROGRESS_INTEGRITY_START, "", percent, numtargs, current); const char *filename = alpm_pkg_get_filename(spkg); - char *filepath = _alpm_filecache_find(filename); - const char *md5sum = alpm_pkg_get_md5sum(spkg); + char *filepath; const pmpgpsig_t *pgpsig = alpm_pkg_get_pgpsig(spkg); pgp_verify_t check_sig; - /* check md5sum first */ - if(test_md5sum(trans, filepath, md5sum) != 0) { - goto integrity_check_fail; - } - /* check PGP signature next */ - pmdb_t *sdb = alpm_pkg_get_db(spkg); + if(spkg->origin == PKG_FROM_FILE) { + check_sig = alpm_option_get_default_sigverify(); + filepath = strdup(filename); + } else { + pmdb_t *sdb = alpm_pkg_get_db(spkg); + check_sig = _alpm_db_get_sigverify_level(sdb); + filepath = _alpm_filecache_find(filename); - check_sig = _alpm_db_get_sigverify_level(sdb); + /* check md5sum if package comes from a database */ + const char *md5sum = alpm_pkg_get_md5sum(spkg); + if(test_md5sum(trans, filepath, md5sum) != 0) { + goto integrity_check_fail; + } + } + /* check PGP signature next */ if(check_sig != PM_PGP_VERIFY_NEVER) { int ret = _alpm_gpgme_checksig(filepath, pgpsig); if((check_sig == PM_PGP_VERIFY_ALWAYS && ret != 0) || @@ -858,6 +861,13 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data) goto integrity_check_fail; } } + + /* don't replace spkg if it already comes from a file */ + if (spkg->origin == PKG_FROM_FILE) { + FREE(filepath); + continue; + } + /* load the package file and replace pkgcache entry with it in the target list */ /* TODO: alpm_pkg_get_db() will not work on this target anymore */ _alpm_log(PM_LOG_DEBUG, "replacing pkgcache entry with package file for target %s\n", spkg->name); -- 1.7.4.4